Merge branch 'MDL-53512-master' of git://github.com/lameze/moodle

moodle · Mar 22, 2016 · 67f8840 · 67f8840
2 parents 01cd5ae + 6648283
commit 67f8840
Show file tree

Hide file tree

Showing 64 changed files with 40,096 additions and 8,399 deletions.
diff --git a/lib/google/readme_moodle.txt b/lib/google/readme_moodle.txt
@@ -44,4 +44,4 @@ Repository: https://github.com/google/google-api-php-client
 Documentation: https://developers.google.com/api-client-library/php/
 Global documentation: https://developers.google.com
 
-Downloaded version: 1.1.5
+Downloaded version: 1.1.7
diff --git a/lib/google/src/Google/Auth/OAuth2.php b/lib/google/src/Google/Auth/OAuth2.php
@@ -32,6 +32,7 @@ class Google_Auth_OAuth2 extends Google_Auth_Abstract
   const AUTH_TOKEN_LIFETIME_SECS = 300; // five minutes in seconds
   const MAX_TOKEN_LIFETIME_SECS = 86400; // one day in seconds
   const OAUTH2_ISSUER = 'accounts.google.com';
+  const OAUTH2_ISSUER_HTTPS = 'https://accounts.google.com';
 
   /** @var Google_Auth_AssertionCredentials $assertionCredentials */
   private $assertionCredentials;
@@ -488,7 +489,12 @@ public function verifyIdToken($id_token = null, $audience = null)
       $audience = $this->client->getClassConfig($this, 'client_id');
     }
 
-    return $this->verifySignedJwtWithCerts($id_token, $certs, $audience, self::OAUTH2_ISSUER);
+    return $this->verifySignedJwtWithCerts(
+        $id_token,
+        $certs,
+        $audience,
+        array(self::OAUTH2_ISSUER, self::OAUTH2_ISSUER_HTTPS)
+    );
   }
 
   /**
@@ -595,13 +601,15 @@ public function verifySignedJwtWithCerts(
       );
     }
 
+    // support HTTP and HTTPS issuers
+    // @see https://developers.google.com/identity/sign-in/web/backend-auth
     $iss = $payload['iss'];
-    if ($issuer && $iss != $issuer) {
+    if ($issuer && !in_array($iss, (array) $issuer)) {
       throw new Google_Auth_Exception(
           sprintf(
-              "Invalid issuer, %s != %s: %s",
+              "Invalid issuer, %s not in %s: %s",
               $iss,
-              $issuer,
+              "[".implode(",", (array) $issuer)."]",
               $json_body
           )
       );

diff --git a/lib/google/src/Google/Cache/File.php b/lib/google/src/Google/Cache/File.php
@@ -146,7 +146,7 @@ private function getCacheDir($file, $forWrite)
     // and thus give some basic amount of scalability
     $storageDir = $this->path . '/' . substr(md5($file), 0, 2);
     if ($forWrite && ! is_dir($storageDir)) {
-      if (! mkdir($storageDir, 0755, true)) {
+      if (! mkdir($storageDir, 0700, true)) {
         $this->client->getLogger()->error(
             'File cache creation failed',
             array('dir' => $storageDir)
@@ -186,6 +186,9 @@ private function acquireLock($type, $storageFile)
       );
       return false;
     }
+    if ($type == LOCK_EX) {
+      chmod($storageFile, 0600);
+    }
     $count = 0;
     while (!flock($this->fh, $type | LOCK_NB)) {
       // Sleep for 10ms.

diff --git a/lib/google/src/Google/Client.php b/lib/google/src/Google/Client.php
@@ -21,7 +21,7 @@
 
 /**
  * The Google API Client
- * http://code.google.com/p/google-api-php-client/
+ * https://github.com/google/google-api-php-client
  */
 class Google_Client
 {

diff --git a/lib/google/src/Google/Config.php b/lib/google/src/Google/Config.php
@@ -58,6 +58,10 @@ public function __construct($ini_file_location = null)
         'Google_IO_Abstract' => array(
           'request_timeout_seconds' => 100,
         ),
+        'Google_IO_Curl' => array(
+          'disable_proxy_workaround' => false,
+          'options' => null,
+        ),
         'Google_Logger_Abstract' => array(
           'level' => 'debug',
           'log_format' => "[%datetime%] %level%: %message% %context%\n",

diff --git a/lib/google/src/Google/Http/MediaFileUpload.php b/lib/google/src/Google/Http/MediaFileUpload.php
@@ -126,35 +126,16 @@ public function getHttpResultCode()
   }
 
   /**
-   * Send the next part of the file to upload.
-   * @param [$chunk] the next set of bytes to send. If false will used $data passed
-   * at construct time.
-   */
-  public function nextChunk($chunk = false)
+  * Sends a PUT-Request to google drive and parses the response,
+  * setting the appropiate variables from the response()
+  *
+  * @param Google_Http_Request $httpRequest the Reuqest which will be send
+  *
+  * @return false|mixed false when the upload is unfinished or the decoded http response
+  *
+  */
+  private function makePutRequest(Google_Http_Request $httpRequest)
   {
-    if (false == $this->resumeUri) {
-      $this->resumeUri = $this->getResumeUri();
-    }
-
-    if (false == $chunk) {
-      $chunk = substr($this->data, $this->progress, $this->chunkSize);
-    }
-
-    $lastBytePos = $this->progress + strlen($chunk) - 1;
-    $headers = array(
-      'content-range' => "bytes $this->progress-$lastBytePos/$this->size",
-      'content-type' => $this->request->getRequestHeader('content-type'),
-      'content-length' => $this->chunkSize,
-      'expect' => '',
-    );
-
-    $httpRequest = new Google_Http_Request(
-        $this->resumeUri,
-        'PUT',
-        $headers,
-        $chunk
-    );
-
     if ($this->client->getClassConfig("Google_Http_Request", "enable_gzip_for_uploads")) {
       $httpRequest->enableGzip();
     } else {
@@ -185,8 +166,56 @@ public function nextChunk($chunk = false)
   }
 
   /**
-   * @param $meta
-   * @param $params
+   * Send the next part of the file to upload.
+   * @param [$chunk] the next set of bytes to send. If false will used $data passed
+   * at construct time.
+   */
+  public function nextChunk($chunk = false)
+  {
+    if (false == $this->resumeUri) {
+      $this->resumeUri = $this->fetchResumeUri();
+    }
+
+    if (false == $chunk) {
+      $chunk = substr($this->data, $this->progress, $this->chunkSize);
+    }
+    $lastBytePos = $this->progress + strlen($chunk) - 1;
+    $headers = array(
+      'content-range' => "bytes $this->progress-$lastBytePos/$this->size",
+      'content-type' => $this->request->getRequestHeader('content-type'),
+      'content-length' => $this->chunkSize,
+      'expect' => '',
+    );
+
+    $httpRequest = new Google_Http_Request(
+        $this->resumeUri,
+        'PUT',
+        $headers,
+        $chunk
+    );
+    return $this->makePutRequest($httpRequest);
+  }
+
+  /**
+   * Resume a previously unfinished upload
+   * @param $resumeUri the resume-URI of the unfinished, resumable upload.
+   */
+  public function resume($resumeUri)
+  {
+     $this->resumeUri = $resumeUri;
+     $headers = array(
+       'content-range' => "bytes */$this->size",
+       'content-length' => 0,
+     );
+     $httpRequest = new Google_Http_Request(
+         $this->resumeUri,
+         'PUT',
+         $headers
+     );
+     return $this->makePutRequest($httpRequest);
+  }
+
+  /**
    * @return array|bool
    * @visible for testing
    */
@@ -263,7 +292,12 @@ public function getUploadType($meta)
     return self::UPLOAD_MULTIPART_TYPE;
   }
 
-  private function getResumeUri()
+  public function getResumeUri()
+  {
+    return ( $this->resumeUri !== null ? $this->resumeUri : $this->fetchResumeUri() );
+  }
+
+  private function fetchResumeUri()
   {
     $result = null;
     $body = $this->request->getPostBody();

diff --git a/lib/google/src/Google/IO/Curl.php b/lib/google/src/Google/IO/Curl.php
@@ -32,6 +32,9 @@ class Google_IO_Curl extends Google_IO_Abstract
 
   private $options = array();
 
+  /** @var bool $disableProxyWorkaround */
+  private $disableProxyWorkaround;
+
   public function __construct(Google_Client $client)
   {
     if (!extension_loaded('curl')) {
@@ -41,6 +44,11 @@ public function __construct(Google_Client $client)
     }
 
     parent::__construct($client);
+
+    $this->disableProxyWorkaround = $this->client->getClassConfig(
+        'Google_IO_Curl',
+        'disable_proxy_workaround'
+    );
   }
 
   /**
@@ -73,8 +81,11 @@ public function executeRequest(Google_Http_Request $request)
 
     curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
     curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true);
-    // 1 is CURL_SSLVERSION_TLSv1, which is not always defined in PHP.
-    curl_setopt($curl, CURLOPT_SSLVERSION, 1);
+
+    // The SSL version will be determined by the underlying library
+    // @see https://github.com/google/google-api-php-client/pull/644
+    //curl_setopt($curl, CURLOPT_SSLVERSION, 1);
+
     curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
     curl_setopt($curl, CURLOPT_HEADER, true);
 
@@ -172,6 +183,10 @@ public function getTimeout()
    */
   protected function needsQuirk()
   {
+    if ($this->disableProxyWorkaround) {
+      return false;
+    }
+
     $ver = curl_version();
     $versionNum = $ver['version_number'];
     return $versionNum < Google_IO_Curl::NO_QUIRK_VERSION;

diff --git a/lib/google/src/Google/IO/Stream.php b/lib/google/src/Google/IO/Stream.php
@@ -87,7 +87,7 @@ public function executeRequest(Google_Http_Request $request)
     $requestSslContext = array_key_exists('ssl', $default_options) ?
         $default_options['ssl'] : array();
 
-    if (!array_key_exists("cafile", $requestSslContext)) {
+    if (!$this->client->isAppEngine() && !array_key_exists("cafile", $requestSslContext)) {
       $requestSslContext["cafile"] = dirname(__FILE__) . '/cacerts.pem';
     }