Introduced new settings for JWT secret and its description to the JWT authentication plugin. The settings allow administrators to configure a secret key used for signing JWT tokens. Also updated the plugin version to ensure proper synchronization with these changes. Addresses setup requirements for heightened JWT security.
This commit is contained in:
parent
828af94032
commit
6b51e0bceb
3 changed files with 79 additions and 31 deletions
|
@ -54,3 +54,5 @@ $string['redirecterrordetected'] = 'Unsupported redirect to {$a} detected, execu
|
||||||
$string['noip'] = 'Unable to fetch IP address of client.';
|
$string['noip'] = 'Unable to fetch IP address of client.';
|
||||||
$string['privacy:metadata'] = 'JWT authentication plugin does not store any personal data.';
|
$string['privacy:metadata'] = 'JWT authentication plugin does not store any personal data.';
|
||||||
$string['incorrectlogout'] = 'Incorrect logout request';
|
$string['incorrectlogout'] = 'Incorrect logout request';
|
||||||
|
$string['jwtsecret'] = 'JWT secret';
|
||||||
|
$string['jwtsecret_desc'] = 'Secret key to sign JWT tokens with.';
|
106
settings.php
106
settings.php
|
@ -25,43 +25,89 @@
|
||||||
defined('MOODLE_INTERNAL') || die;
|
defined('MOODLE_INTERNAL') || die;
|
||||||
|
|
||||||
if ($ADMIN->fulltree) {
|
if ($ADMIN->fulltree) {
|
||||||
$yesno = array(get_string('no'), get_string('yes'));
|
$yesno = array(get_string('no'), get_string('yes'));
|
||||||
$fields = get_auth_plugin('jwt')->get_allowed_mapping_fields();
|
$fields = get_auth_plugin('jwt')->get_allowed_mapping_fields();
|
||||||
|
|
||||||
$settings->add(new admin_setting_configselect('auth_jwt/mappingfield',
|
$settings->add(new admin_setting_configselect(
|
||||||
new lang_string('mappingfield', 'auth_jwt'),
|
'auth_jwt/mappingfield',
|
||||||
new lang_string('mappingfield_desc', 'auth_jwt'), 0, $fields));
|
new lang_string('mappingfield', 'auth_jwt'),
|
||||||
|
new lang_string('mappingfield_desc', 'auth_jwt'),
|
||||||
|
0,
|
||||||
|
$fields
|
||||||
|
));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configtext('auth_jwt/keylifetime', get_string('keylifetime', 'auth_jwt'),
|
$settings->add(new admin_setting_configtext(
|
||||||
get_string('keylifetime_desc', 'auth_jwt', 'auth'),
|
'auth_jwt/keylifetime',
|
||||||
'60', PARAM_INT));
|
get_string('keylifetime', 'auth_jwt'),
|
||||||
|
get_string('keylifetime_desc', 'auth_jwt', 'auth'),
|
||||||
|
'60',
|
||||||
|
PARAM_INT
|
||||||
|
));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configselect('auth_jwt/iprestriction',
|
$settings->add(new admin_setting_configselect(
|
||||||
new lang_string('iprestriction', 'auth_jwt'),
|
'auth_jwt/iprestriction',
|
||||||
new lang_string('iprestriction_desc', 'auth_jwt'), 0, $yesno));
|
new lang_string('iprestriction', 'auth_jwt'),
|
||||||
|
new lang_string('iprestriction_desc', 'auth_jwt'),
|
||||||
|
0,
|
||||||
|
$yesno
|
||||||
|
));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configtext('auth_jwt/ipwhitelist', get_string('ipwhitelist', 'auth_jwt'),
|
$settings->add(new admin_setting_configtext(
|
||||||
get_string('ipwhitelist_desc', 'auth_jwt', 'auth'),
|
'auth_jwt/ipwhitelist',
|
||||||
'', PARAM_TEXT));
|
get_string('ipwhitelist', 'auth_jwt'),
|
||||||
|
get_string('ipwhitelist_desc', 'auth_jwt', 'auth'),
|
||||||
|
'',
|
||||||
|
PARAM_TEXT
|
||||||
|
));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configtext('auth_jwt/redirecturl', get_string('redirecturl', 'auth_jwt'),
|
$settings->add(new admin_setting_configtext(
|
||||||
get_string('redirecturl_desc', 'auth_jwt', 'auth'),
|
'auth_jwt/redirecturl',
|
||||||
'', PARAM_URL));
|
get_string('redirecturl', 'auth_jwt'),
|
||||||
|
get_string('redirecturl_desc', 'auth_jwt', 'auth'),
|
||||||
|
'',
|
||||||
|
PARAM_URL
|
||||||
|
));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configtext('auth_jwt/ssourl', get_string('ssourl', 'auth_jwt'),
|
$settings->add(new admin_setting_configtext(
|
||||||
get_string('ssourl_desc', 'auth_jwt', 'auth'),
|
'auth_jwt/ssourl',
|
||||||
'', PARAM_URL));
|
get_string('ssourl', 'auth_jwt'),
|
||||||
|
get_string('ssourl_desc', 'auth_jwt', 'auth'),
|
||||||
|
'',
|
||||||
|
PARAM_URL
|
||||||
|
));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configselect('auth_jwt/createuser',
|
$settings->add(new admin_setting_configselect(
|
||||||
new lang_string('createuser', 'auth_jwt'),
|
'auth_jwt/createuser',
|
||||||
new lang_string('createuser_desc', 'auth_jwt'), 0, $yesno));
|
new lang_string('createuser', 'auth_jwt'),
|
||||||
|
new lang_string('createuser_desc', 'auth_jwt'),
|
||||||
|
0,
|
||||||
|
$yesno
|
||||||
|
));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configselect('auth_jwt/updateuser',
|
$settings->add(new admin_setting_configselect(
|
||||||
new lang_string('updateuser', 'auth_jwt'),
|
'auth_jwt/updateuser',
|
||||||
new lang_string('updateuser_desc', 'auth_jwt'), 0, $yesno));
|
new lang_string('updateuser', 'auth_jwt'),
|
||||||
|
new lang_string('updateuser_desc', 'auth_jwt'),
|
||||||
|
0,
|
||||||
|
$yesno
|
||||||
|
));
|
||||||
|
|
||||||
// Display locking / mapping of profile fields.
|
$settings->add(new admin_setting_configtext(
|
||||||
$authplugin = get_auth_plugin('jwt');
|
'auth_jwt/jwtsecret',
|
||||||
display_auth_lock_options($settings, $authplugin->authtype,
|
get_string('jwtsecret', 'auth_jwt'),
|
||||||
$authplugin->userfields, get_string('auth_fieldlocks_help', 'auth'), false, false);
|
get_string('jwtsecret_desc', 'auth_jwt', 'auth'),
|
||||||
|
'',
|
||||||
|
PARAM_TEXT
|
||||||
|
));
|
||||||
|
|
||||||
|
// Display locking / mapping of profile fields.
|
||||||
|
$authplugin = get_auth_plugin('jwt');
|
||||||
|
display_auth_lock_options(
|
||||||
|
$settings,
|
||||||
|
$authplugin->authtype,
|
||||||
|
$authplugin->userfields,
|
||||||
|
get_string('auth_fieldlocks_help', 'auth'),
|
||||||
|
false,
|
||||||
|
false
|
||||||
|
);
|
||||||
}
|
}
|
||||||
|
|
|
@ -24,7 +24,7 @@
|
||||||
|
|
||||||
defined('MOODLE_INTERNAL') || die;
|
defined('MOODLE_INTERNAL') || die;
|
||||||
|
|
||||||
$plugin->version = 2022081901; // The current plugin version (Date: YYYYMMDDXX).
|
$plugin->version = 2024062500; // The current plugin version (Date: YYYYMMDDXX).
|
||||||
$plugin->release = 2022081901; // Match release exactly to version.
|
$plugin->release = 2022081901; // Match release exactly to version.
|
||||||
$plugin->requires = 2017051500; // Requires Moodle 3.3 version.
|
$plugin->requires = 2017051500; // Requires Moodle 3.3 version.
|
||||||
$plugin->component = 'auth_jwt'; // Full name of the plugin (used for diagnostics).
|
$plugin->component = 'auth_jwt'; // Full name of the plugin (used for diagnostics).
|
||||||
|
|
Loading…
Reference in a new issue