Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Merge branch 'MDL-59512-master' of git://github.com/Dagefoerde/moodle
Loading branch information
@@ -78,6 +78,10 @@ public function definition() {
$ mform ->addRule ('clientsecret' , get_string ('maximumchars' , '' , 255 ), 'maxlength' , 255 , 'client' );
$ mform ->addHelpButton ('clientsecret' , 'issuerclientsecret' , 'tool_oauth2' );
// Use basic authentication.
$ mform ->addElement ('checkbox' , 'basicauth' , get_string ('usebasicauth' , 'tool_oauth2' ));
$ mform ->addHelpButton ('basicauth' , 'usebasicauth' , 'tool_oauth2' );
// Login scopes.
$ mform ->addElement ('text' , 'loginscopes' , get_string ('issuerloginscopes' , 'tool_oauth2' ));
$ mform ->addRule ('loginscopes' , null , 'required' , null , 'client' );
@@ -95,6 +95,8 @@
$ string ['systemaccountconnected' ] = 'System account connected' ;
$ string ['systemaccountnotconnected' ] = 'System account not connected' ;
$ string ['systemauthstatus' ] = 'System account connected' ;
$ string ['usebasicauth' ] = 'Authenticate token requests via HTTP headers' ;
$ string ['usebasicauth_help' ] = 'Utilize the HTTP Basic authentication scheme when sending client ID and password with a refresh token request. Recommended by the OAuth 2 standard, but may not be available with some issuers.' ;
$ string ['userfieldexternalfield' ] = 'External field name' ;
$ string ['userfieldexternalfield_help' ] = 'Name of the field provided by the external OAuth system.' ;
$ string ['userfieldinternalfield_help' ] = 'Name of the Moodle user field that should be mapped from the external field.' ;
@@ -70,6 +70,7 @@ public function __construct(issuer $issuer, $returnurl, $scopesrequired, $system
if (empty ($ returnurl )) {
$ returnurl = new moodle_url('/' );
}
$ this ->basicauth = $ issuer ->get ('basicauth' );
parent ::__construct ($ issuer ->get ('clientid' ), $ issuer ->get ('clientsecret' ), $ returnurl , $ scopes );
}
@@ -177,11 +178,17 @@ public function upgrade_refresh_token(system_account $systemaccount) {
$ refreshtoken = $ systemaccount ->get ('refreshtoken' );
$ params = array ('refresh_token' => $ refreshtoken ,
'client_id' => $ this ->issuer ->get ('clientid' ),
'client_secret' => $ this ->issuer ->get ('clientsecret' ),
'grant_type' => 'refresh_token'
);
if ($ this ->basicauth ) {
$ idsecret = urlencode ($ this ->issuer ->get ('clientid' )) . ':' . urlencode ($ this ->issuer ->get ('clientsecret' ));
$ this ->setHeader ('Authorization: Basic ' . base64_encode ($ idsecret ));
} else {
$ params ['client_id' ] = $ this ->issuer ->get ('clientid' );
$ params ['client_secret' ] = $ this ->issuer ->get ('clientsecret' );
}
// Requests can either use http GET or POST.
if ($ this ->use_http_get ()) {
$ response = $ this ->get ($ this ->token_url (), $ params );
@@ -72,6 +72,10 @@ protected static function define_properties() {
'type' => PARAM_BOOL ,
'default' => false
),
'basicauth' => array (
'type' => PARAM_BOOL ,
'default' => false
),
'scopessupported' => array (
'type' => PARAM_RAW ,
'null' => NULL_ALLOWED ,
@@ -3514,6 +3514,7 @@
<FIELD NAME =" scopessupported" TYPE =" text" NOTNULL =" false" SEQUENCE =" false" COMMENT =" The list of scopes this service supports." />
<FIELD NAME =" enabled" TYPE =" int" LENGTH =" 2" NOTNULL =" true" DEFAULT =" 1" SEQUENCE =" false" />
<FIELD NAME =" showonloginpage" TYPE =" int" LENGTH =" 2" NOTNULL =" true" DEFAULT =" 1" SEQUENCE =" false" />
<FIELD NAME =" basicauth" TYPE =" int" LENGTH =" 2" NOTNULL =" true" DEFAULT =" 0" SEQUENCE =" false" COMMENT =" Use HTTP Basic authentication scheme when sending client ID and password" />
<FIELD NAME =" sortorder" TYPE =" int" LENGTH =" 10" NOTNULL =" true" SEQUENCE =" false" COMMENT =" The defined sort order." />
<FIELD NAME =" requireconfirmation" TYPE =" int" LENGTH =" 2" NOTNULL =" true" DEFAULT =" 1" SEQUENCE =" false" />
</FIELDS >
@@ -2811,5 +2811,20 @@ function xmldb_main_upgrade($oldversion) {
// Automatically generated Moodle v3.4.0 release upgrade line.
// Put any upgrade step following this.
if ($ oldversion < 2017111300.011 ) {
// Define field basicauth to be added to oauth2_issuer.
$ table = new xmldb_table('oauth2_issuer' );
$ field = new xmldb_field('basicauth' , XMLDB_TYPE_INTEGER , '2' , null , XMLDB_NOTNULL , null , '0' , 'showonloginpage' );
// Conditionally launch add field basicauth.
if (!$ dbman ->field_exists ($ table , $ field )) {
$ dbman ->add_field ($ table , $ field );
}
// Main savepoint reached.
upgrade_main_savepoint (true , 2017111300.011 );
}
return true ;
}
@@ -403,6 +403,8 @@ abstract class oauth2_client extends curl {
private $ mocknextresponse = '' ;
/** @var array $upgradedcodes list of upgraded codes in this request */
private static $ upgradedcodes = [];
/** @var bool basicauth */
protected $ basicauth = false ;
/**
* Returns the auth url for OAuth 2.0 request
@@ -542,12 +544,18 @@ public function build_post_data($params) {
public function upgrade_token ($ code ) {
$ callbackurl = self ::callback_url ();
$ params = array ('code' => $ code ,
'client_id' => $ this ->clientid ,
'client_secret' => $ this ->clientsecret ,
'grant_type' => 'authorization_code' ,
'redirect_uri' => $ callbackurl ->out (false ),
);
if ($ this ->basicauth ) {
$ idsecret = urlencode ($ this ->clientid ) . ':' . urlencode ($ this ->clientsecret );
$ this ->setHeader ('Authorization: Basic ' . base64_encode ($ idsecret ));
} else {
$ params ['client_id' ] = $ this ->clientid ;
$ params ['client_secret' ] = $ this ->clientsecret ;
}
// Requests can either use http GET or POST.
if ($ this ->use_http_get ()) {
$ response = $ this ->get ($ this ->token_url (), $ params );
@@ -29,7 +29,7 @@
defined ('MOODLE_INTERNAL' ) || die ();
$ version = 2017111300.01 ; // YYYYMMDD = weekly release date of this DEV branch.
$ version = 2017111300.011 ; // YYYYMMDD = weekly release date of this DEV branch.
// RR = release increments - 00 in DEV branches.
// .XX = incremental changes.
Toggle all file notes
Toggle all file annotations