diff --git a/admin/tool/mobile/classes/api.php b/admin/tool/mobile/classes/api.php index 34fc568708e97..32234db4a719b 100644 --- a/admin/tool/mobile/classes/api.php +++ b/admin/tool/mobile/classes/api.php @@ -53,7 +53,7 @@ class api { const LOGIN_KEY_TTL = 60; /** @var string URL of the Moodle Apps Portal */ const MOODLE_APPS_PORTAL_URL = 'https://apps.moodle.com'; - /** @var int seconds a QR login key will expire. */ + /** @var int default value in seconds a QR login key will expire. */ const LOGIN_QR_KEY_TTL = 600; /** @var int QR code disabled value */ const QR_CODE_DISABLED = 0; @@ -383,17 +383,19 @@ public static function get_autologin_key() { * Creates a QR login key for the current user, this key is restricted by time and ip address. * This key is used for automatically login the user in the site when the user scans a QR code in the Moodle app. * + * @param stdClass $mobilesettings mobile app plugin settings * @return string the key * @since Moodle 3.9 */ - public static function get_qrlogin_key() { + public static function get_qrlogin_key(stdClass $mobilesettings) { global $USER; // Delete previous keys. delete_user_key('tool_mobile', $USER->id); // Create a new key. $iprestriction = getremoteaddr(null); - $validuntil = time() + self::LOGIN_QR_KEY_TTL; + $qrkeyttl = !empty($mobilesettings->qrkeyttl) ? $mobilesettings->qrkeyttl : self::LOGIN_QR_KEY_TTL; + $validuntil = time() + $qrkeyttl; return create_user_key('tool_mobile', $USER->id, null, $iprestriction, $validuntil); } @@ -687,7 +689,7 @@ public static function generate_login_qrcode(stdClass $mobilesettings) { $data = $urlscheme . '://' . $CFG->wwwroot; if ($mobilesettings->qrcodetype == static::QR_CODE_LOGIN) { - $qrloginkey = static::get_qrlogin_key(); + $qrloginkey = static::get_qrlogin_key($mobilesettings); $data .= '?qrlogin=' . $qrloginkey . '&userid=' . $USER->id; } diff --git a/admin/tool/mobile/lang/en/tool_mobile.php b/admin/tool/mobile/lang/en/tool_mobile.php index 9b907927b5ceb..101d48b172935 100644 --- a/admin/tool/mobile/lang/en/tool_mobile.php +++ b/admin/tool/mobile/lang/en/tool_mobile.php @@ -114,13 +114,15 @@ $string['pluginnotenabledorconfigured'] = 'Plugin not enabled or configured.'; $string['qrcodedisabled'] = 'Access via QR code disabled'; $string['qrcodeformobileappaccess'] = 'QR code for mobile app access'; -$string['qrcodeformobileapploginabout'] = 'Scan the QR code with your mobile app and you will be automatically logged in. The QR code will expire in {$a} minutes.'; +$string['qrcodeformobileapploginabout'] = 'Scan the QR code with your mobile app and you will be automatically logged in. The QR code will expire in {$a}.'; $string['qrcodeformobileappurlabout'] = 'Scan the QR code with your mobile app to fill in the site URL in your app.'; $string['qrsiteadminsnotallowed'] = 'For security reasons login via QR code is not allowed for site administrators or if you are logged in as another user.'; $string['qrcodetype'] = 'QR code access'; $string['qrcodetype_desc'] = 'A QR code can be provided for mobile app users to scan. This can be used to fill in the site URL, or where the site is secured using HTTPS, to automatically log the user in without having to enter their username and password.'; $string['qrcodetypeurl'] = 'QR code with site URL'; $string['qrcodetypelogin'] = 'QR code with automatic login'; +$string['qrkeyttl'] = 'QR authentication key duration'; +$string['qrkeyttl_desc'] = 'Length of time for which a QR code for authentication is valid. Empty values are not allowed, in that case the default value for the setting will be used.'; $string['readingthisemailgettheapp'] = 'Reading this in an email? Download the mobile app and receive notifications on your mobile device.'; $string['remoteaddons'] = 'Remote add-ons'; $string['scanqrcode'] = 'Scan QR code'; diff --git a/admin/tool/mobile/lib.php b/admin/tool/mobile/lib.php index dab02d43c355d..56eede9eff2aa 100644 --- a/admin/tool/mobile/lib.php +++ b/admin/tool/mobile/lib.php @@ -149,8 +149,9 @@ function tool_mobile_myprofile_navigation(\core_user\output\myprofile\tree $tree } else { $qrcodeimg = tool_mobile\api::generate_login_qrcode($mobilesettings); - $minutes = tool_mobile\api::LOGIN_QR_KEY_TTL / MINSECS; - $mobileqr = html_writer::tag('p', get_string('qrcodeformobileapploginabout', 'tool_mobile', $minutes)); + $qrkeyttl = !empty($mobilesettings->qrkeyttl) ? $mobilesettings->qrkeyttl : tool_mobile\api::LOGIN_QR_KEY_TTL; + $mobileqr = html_writer::tag('p', get_string('qrcodeformobileapploginabout', 'tool_mobile', + format_time($qrkeyttl))); $mobileqr .= html_writer::link('#qrcode', get_string('viewqrcode', 'tool_mobile'), ['class' => 'btn btn-primary mt-2', 'data-toggle' => 'collapse', 'role' => 'button', 'aria-expanded' => 'false']); diff --git a/admin/tool/mobile/settings.php b/admin/tool/mobile/settings.php index 4f0f17a5f9588..98f6f1265379a 100644 --- a/admin/tool/mobile/settings.php +++ b/admin/tool/mobile/settings.php @@ -117,6 +117,11 @@ new lang_string('qrcodetype', 'tool_mobile'), new lang_string('qrcodetype_desc', 'tool_mobile'), $qrcodetypedefault, $options)); + $temp->add(new admin_setting_configduration('tool_mobile/qrkeyttl', + new lang_string('qrkeyttl', 'tool_mobile'), + new lang_string('qrkeyttl_desc', 'tool_mobile'), tool_mobile\api::LOGIN_QR_KEY_TTL, MINSECS)); + $temp->hide_if('tool_mobile/qrkeyttl', 'tool_mobile/qrcodetype', 'neq', tool_mobile\api::QR_CODE_LOGIN); + $temp->add(new admin_setting_configtext('tool_mobile/forcedurlscheme', new lang_string('forcedurlscheme_key', 'tool_mobile'), new lang_string('forcedurlscheme', 'tool_mobile'), 'moodlemobile', PARAM_NOTAGS)); diff --git a/admin/tool/mobile/tests/externallib_test.php b/admin/tool/mobile/tests/externallib_test.php index e04480979feba..9bdd0297c57a2 100644 --- a/admin/tool/mobile/tests/externallib_test.php +++ b/admin/tool/mobile/tests/externallib_test.php @@ -623,7 +623,8 @@ public function test_get_tokens_for_qr_login() { $user = $this->getDataGenerator()->create_user(); $this->setUser($user); - $qrloginkey = api::get_qrlogin_key(); + $mobilesettings = get_config('tool_mobile'); + $qrloginkey = api::get_qrlogin_key($mobilesettings); // Generate new tokens, the ones we expect to receive. $service = $DB->get_record('external_services', array('shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE)); diff --git a/admin/tool/mobile/upgrade.txt b/admin/tool/mobile/upgrade.txt index d39aa5fdc0c5f..f62c60fb2bc93 100644 --- a/admin/tool/mobile/upgrade.txt +++ b/admin/tool/mobile/upgrade.txt @@ -1,6 +1,10 @@ This files describes changes in tool_mobile code. Information provided here is intended especially for developers. +=== 4.0 === + +* The function tool_mobile\api::get_qrlogin_key() now requires as parameter an object with all the mobile plugin settings. + === 3.7 === * New external function tool_mobile::tool_mobile_call_external_function allows calling multiple external functions and returns all responses. diff --git a/version.php b/version.php index 63ed53352b6e9..43c4525aa38af 100644 --- a/version.php +++ b/version.php @@ -29,7 +29,7 @@ defined('MOODLE_INTERNAL') || die(); -$version = 2022010700.00; // YYYYMMDD = weekly release date of this DEV branch. +$version = 2022010700.01; // YYYYMMDD = weekly release date of this DEV branch. // RR = release increments - 00 in DEV branches. // .XX = incremental changes. $release = '4.0dev+ (Build: 20220107)'; // Human-friendly version name