I’m developing a custom Moodle plugin that integrates with an external API to fetch data (e.g., user progress, grades, or content) and display it in a course module. As part of this, I need to handle OAuth2 authentication to interact with the API.
What I’ve Done So Far:
- Created the basic block plugin structure in Moodle.
- Successfully authenticated with the external API and obtained an OAuth2 token.
Where I’m Stuck:
I’m unsure about the best practices for securely storing and refreshing OAuth2 tokens within Moodle. Specifically:
- How should I securely store the access and refresh tokens?
- What’s the best way to schedule and handle token refreshing in Moodle?
What I Need:
I’d like guidance or examples on securely managing OAuth2 tokens in Moodle plugins. Are there any existing Moodle APIs, libraries, or patterns that I can use for this purpose?