moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-05 00:46:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'MDL-58905_master' of git://github.com/dmonllao/moodle

Browse source
This commit is contained in:
Jun Pataleta 2017-05-12 14:57:49 +08:00
commit ae9da6a222
7 changed files with 59 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

10
auth/oauth2/classes/api.php
View file

@ -350,4 +350,14 @@ class api {
return $DB->delete_records(linked_login::TABLE, ['userid' => $userid]); return $DB->delete_records(linked_login::TABLE, ['userid' => $userid]);
} }
/**
* Is the plugin enabled.
*
* @return bool
*/
public static function is_enabled() {
$plugininfo = \core_plugin_manager::instance()->get_plugin_info('auth_oauth2');
return $plugininfo->is_enabled();
}
} }

4
auth/oauth2/confirm-account.php
View file

@ -34,6 +34,10 @@ $PAGE->set_context(context_system::instance());
$auth = get_auth_plugin('oauth2'); $auth = get_auth_plugin('oauth2');
if (!\auth_oauth2\api::is_enabled()) {
throw new \moodle_exception('notenabled', 'auth_oauth2');
}
$confirmed = $auth->user_confirm($username, $usersecret); $confirmed = $auth->user_confirm($username, $usersecret);
if ($confirmed == AUTH_CONFIRM_ALREADY) { if ($confirmed == AUTH_CONFIRM_ALREADY) {

4
auth/oauth2/confirm-linkedlogin.php
View file

@ -34,6 +34,10 @@ $redirect = optional_param('redirect', '', PARAM_LOCALURL); // Where to redir
$PAGE->set_url('/auth/oauth2/confirm-linkedlogin.php'); $PAGE->set_url('/auth/oauth2/confirm-linkedlogin.php');
$PAGE->set_context(context_system::instance()); $PAGE->set_context(context_system::instance());
if (!\auth_oauth2\api::is_enabled()) {
throw new \moodle_exception('notenabled', 'auth_oauth2');
}
$confirmed = \auth_oauth2\api::confirm_link_login($userid, $username, $issuerid, $token); $confirmed = \auth_oauth2\api::confirm_link_login($userid, $username, $issuerid, $token);
if ($confirmed) { if ($confirmed) {

3
auth/oauth2/lang/en/auth_oauth2.php
View file

@ -72,6 +72,7 @@ $string['emailconfirmlinksent'] = '<p>An existing account was found with this em
<p>If you have any difficulty, contact the site administrator.</p>'; <p>If you have any difficulty, contact the site administrator.</p>';
$string['info'] = 'External account'; $string['info'] = 'External account';
$string['issuer'] = 'OAuth 2 Service'; $string['issuer'] = 'OAuth 2 Service';
$string['issuernologin'] = 'This issuer can not be used to login';
$string['linkedlogins'] = 'Linked logins'; $string['linkedlogins'] = 'Linked logins';
$string['linkedloginshelp'] = 'Help with linked logins'; $string['linkedloginshelp'] = 'Help with linked logins';
$string['loginerror_userincomplete'] = 'The user information returned did not contain a username and email address. The OAuth 2 service may be configured incorrectly.'; $string['loginerror_userincomplete'] = 'The user information returned did not contain a username and email address. The OAuth 2 service may be configured incorrectly.';
@ -79,9 +80,11 @@ $string['loginerror_nouserinfo'] = 'No user information was returned. The OAuth
$string['loginerror_invaliddomain'] = 'The email address is not allowed at this site.'; $string['loginerror_invaliddomain'] = 'The email address is not allowed at this site.';
$string['loginerror_authenticationfailed'] = 'The authentication process failed.'; $string['loginerror_authenticationfailed'] = 'The authentication process failed.';
$string['loginerror_cannotcreateaccounts'] = 'An account with your email address could not be found.'; $string['loginerror_cannotcreateaccounts'] = 'An account with your email address could not be found.';
$string['noissuersavailable'] = 'None of the configured OAuth2 services allow you to link login accounts';
$string['notloggedindebug'] = 'The login attempt failed. Reason: {$a}'; $string['notloggedindebug'] = 'The login attempt failed. Reason: {$a}';
$string['notwhileloggedinas'] = 'Linked logins cannot be managed while logged in as another user.'; $string['notwhileloggedinas'] = 'Linked logins cannot be managed while logged in as another user.';
$string['oauth2:managelinkedlogins'] = 'Manage own linked login accounts'; $string['oauth2:managelinkedlogins'] = 'Manage own linked login accounts';
$string['notenabled'] = 'Sorry, OAuth 2 authentication plugin is not enabled';
$string['plugindescription'] = 'This authentication plugin displays a list of the configured identity providers on the login page. Selecting an identity provider allows users to login with their credentials from an OAuth 2 provider.'; $string['plugindescription'] = 'This authentication plugin displays a list of the configured identity providers on the login page. Selecting an identity provider allows users to login with their credentials from an OAuth 2 provider.';
$string['pluginname'] = 'OAuth 2'; $string['pluginname'] = 'OAuth 2';
$string['alreadylinked'] = 'This external account is already linked to an account on this site'; $string['alreadylinked'] = 'This external account is already linked to an account on this site';

2
auth/oauth2/lib.php
View file

@ -40,7 +40,7 @@ function auth_oauth2_extend_navigation_user_settings(navigation_node $useraccoun
context_course $coursecontext) { context_course $coursecontext) {
global $USER; global $USER;
if (!\core\session\manager::is_loggedinas()) { if (\auth_oauth2\api::is_enabled() && !\core\session\manager::is_loggedinas()) {
if (has_capability('auth/oauth2:managelinkedlogins', $context) && $user->id == $USER->id) { if (has_capability('auth/oauth2:managelinkedlogins', $context) && $user->id == $USER->id) {
$parent = $useraccount->parent->find('useraccount', navigation_node::TYPE_CONTAINER); $parent = $useraccount->parent->find('useraccount', navigation_node::TYPE_CONTAINER);

44
auth/oauth2/linkedlogins.php
View file

@ -35,12 +35,19 @@ $PAGE->set_heading($strheading);
require_login(); require_login();
if (!\auth_oauth2\api::is_enabled()) {
throw new \moodle_exception('notenabled', 'auth_oauth2');
}
$action = optional_param('action', '', PARAM_ALPHAEXT); $action = optional_param('action', '', PARAM_ALPHAEXT);
if ($action == 'new') { if ($action == 'new') {
require_sesskey(); require_sesskey();
$issuerid = required_param('issuerid', PARAM_INT); $issuerid = required_param('issuerid', PARAM_INT);
$issuer = \core\oauth2\api::get_issuer($issuerid); $issuer = \core\oauth2\api::get_issuer($issuerid);
if (!$issuer->is_authentication_supported() || !$issuer->get('showonloginpage') || !$issuer->get('enabled')) {
throw new \moodle_exception('issuernologin', 'auth_oauth2');
}
// We do a login dance with this issuer. // We do a login dance with this issuer.
$addparams = ['action' => 'new', 'issuerid' => $issuerid, 'sesskey' => sesskey()]; $addparams = ['action' => 'new', 'issuerid' => $issuerid, 'sesskey' => sesskey()];
@ -80,25 +87,40 @@ $renderer = $PAGE->get_renderer('auth_oauth2');
$linkedloginid = optional_param('id', '', PARAM_RAW); $linkedloginid = optional_param('id', '', PARAM_RAW);
$linkedlogin = null; $linkedlogin = null;
auth_oauth2\api::clean_orphaned_linked_logins();
$issuers = \core\oauth2\api::get_all_issuers();
$anyshowinloginpage = false;
$issuerbuttons = array();
foreach ($issuers as $issuer) {
if (!$issuer->is_authentication_supported() || !$issuer->get('showonloginpage') || !$issuer->get('enabled')) {
continue;
}
$anyshowinloginpage = true;
$addparams = ['action' => 'new', 'issuerid' => $issuer->get('id'), 'sesskey' => sesskey(), 'logout' => true];
$addurl = new moodle_url('/auth/oauth2/linkedlogins.php', $addparams);
$issuerbuttons[$issuer->get('id')] = $renderer->single_button($addurl, get_string('createnewlinkedlogin', 'auth_oauth2', s($issuer->get('name'))));
}
if (!$anyshowinloginpage) {
// Just a notification that we can't make it.
$preferencesurl = new moodle_url('/user/preferences.php');
redirect($preferencesurl, get_string('noissuersavailable', 'auth_oauth2'), null, \core\output\notification::NOTIFY_WARNING);
}
echo $OUTPUT->header(); echo $OUTPUT->header();
echo $OUTPUT->heading(get_string('linkedlogins', 'auth_oauth2')); echo $OUTPUT->heading(get_string('linkedlogins', 'auth_oauth2'));
echo $OUTPUT->doc_link('Linked_Logins', get_string('linkedloginshelp', 'auth_oauth2')); echo $OUTPUT->doc_link('Linked_Logins', get_string('linkedloginshelp', 'auth_oauth2'));
auth_oauth2\api::clean_orphaned_linked_logins();
$linkedlogins = auth_oauth2\api::get_linked_logins(); $linkedlogins = auth_oauth2\api::get_linked_logins();
echo $renderer->linked_logins_table($linkedlogins); echo $renderer->linked_logins_table($linkedlogins);
$issuers = \core\oauth2\api::get_all_issuers(); foreach ($issuerbuttons as $issuerbutton) {
echo $issuerbutton;
foreach ($issuers as $issuer) {
if (!$issuer->is_authentication_supported()) {
continue;
}
$addparams = ['action' => 'new', 'issuerid' => $issuer->get('id'), 'sesskey' => sesskey(), 'logout' => true];
$addurl = new moodle_url('/auth/oauth2/linkedlogins.php', $addparams);
echo $renderer->single_button($addurl, get_string('createnewlinkedlogin', 'auth_oauth2', s($issuer->get('name'))));
} }
echo $OUTPUT->footer(); echo $OUTPUT->footer();

4
auth/oauth2/login.php
View file

@ -29,6 +29,10 @@ $wantsurl = new moodle_url(optional_param('wantsurl', '', PARAM_URL));
require_sesskey(); require_sesskey();
if (!\auth_oauth2\api::is_enabled()) {
throw new \moodle_exception('notenabled', 'auth_oauth2');
}
$issuer = new \core\oauth2\issuer($issuerid); $issuer = new \core\oauth2\issuer($issuerid);
$returnparams = ['wantsurl' => $wantsurl, 'sesskey' => sesskey(), 'id' => $issuerid]; $returnparams = ['wantsurl' => $wantsurl, 'sesskey' => sesskey(), 'id' => $issuerid];