From 9a87e9a496a37bbcb1ebaf3ae1b900e772b06583 Mon Sep 17 00:00:00 2001 From: Kumi Date: Tue, 25 Jun 2024 12:00:04 +0200 Subject: [PATCH] refactor(auth): rename auth_userkey to auth_jwt Rebranded the auth_userkey plugin to auth_jwt, including changes to namespace, class names, and configuration settings to reflect the new jwt-based authentication mechanism. Updated copyright notices and contact information accordingly. This refactoring also includes the introduction of JWT token management using the Firebase JWT library, replacing the user quick keys. --- .travis.yml | 2 +- README.md | 2 - auth.php | 62 ++-- ...erkey_manager.php => core_jwt_manager.php} | 99 +++---- ...nterface.php => jwt_manager_interface.php} | 14 +- classes/privacy/provider.php | 6 +- db/access.php | 6 +- db/services.php | 16 +- db/upgrade.php | 10 +- externallib.php | 24 +- lang/en/{auth_userkey.php => auth_jwt.php} | 12 +- login.php | 12 +- logout.php | 12 +- pix/catalyst-logo.png | Bin 5294 -> 0 bytes settings.php | 48 ++-- tests/auth_plugin_test.php | 266 +++++++++--------- tests/core_userkey_manager_test.php | 80 +++--- tests/externallib_test.php | 84 +++--- tests/fake_userkey_manager.php | 10 +- version.php | 6 +- 20 files changed, 371 insertions(+), 400 deletions(-) rename classes/{core_userkey_manager.php => core_jwt_manager.php} (51%) rename classes/{userkey_manager_interface.php => jwt_manager_interface.php} (85%) rename lang/en/{auth_userkey.php => auth_jwt.php} (89%) delete mode 100644 pix/catalyst-logo.png diff --git a/.travis.yml b/.travis.yml index 6bf89c8..3ccee73 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,7 +3,7 @@ language: php notifications: email: recipients: - - dmitriim@catalyst-au.net + - kumitterer@kumi.systems sudo: false diff --git a/README.md b/README.md index 5d4dedb..e9a3578 100644 --- a/README.md +++ b/README.md @@ -181,8 +181,6 @@ This plugin was developed by Catalyst IT Australia: https://www.catalyst-au.net/ -![Catalyst IT](/pix/catalyst-logo.png?raw=true) - # Contributing and Support Issues, and pull requests using github are welcome and encouraged! diff --git a/auth.php b/auth.php index 69943d4..c891d3d 100644 --- a/auth.php +++ b/auth.php @@ -17,15 +17,15 @@ /** * User key auth method. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ defined('MOODLE_INTERNAL') || die(); -use auth_userkey\core_userkey_manager; -use auth_userkey\userkey_manager_interface; +use auth_jwt\core_jwt_manager; +use auth_jwt\jwt_manager_interface; require_once($CFG->libdir . "/externallib.php"); require_once($CFG->libdir.'/authlib.php'); @@ -34,7 +34,7 @@ require_once($CFG->dirroot . '/user/lib.php'); /** * User key authentication plugin. */ -class auth_plugin_userkey extends auth_plugin_base { +class auth_plugin_jwt extends auth_plugin_base { /** * Default mapping field. @@ -44,9 +44,9 @@ class auth_plugin_userkey extends auth_plugin_base { /** * User key manager. * - * @var userkey_manager_interface + * @var jwt_manager_interface */ - protected $userkeymanager; + protected $jwtmanager; /** * Defaults for config form. @@ -68,9 +68,9 @@ class auth_plugin_userkey extends auth_plugin_base { * Constructor. */ public function __construct() { - $this->authtype = 'userkey'; - $this->config = get_config('auth_userkey'); - $this->userkeymanager = new core_userkey_manager($this->config); + $this->authtype = 'jwt'; + $this->config = get_config('auth_jwt'); + $this->jwtmanager = new core_jwt_manager($this->config); } /** @@ -113,7 +113,7 @@ class auth_plugin_userkey extends auth_plugin_base { */ protected function redirect($url) { if (CLI_SCRIPT || AJAX_SCRIPT) { - throw new moodle_exception('redirecterrordetected', 'auth_userkey', '', $url); + throw new moodle_exception('redirecterrordetected', 'auth_jwt', '', $url); } redirect($url); @@ -132,11 +132,11 @@ class auth_plugin_userkey extends auth_plugin_base { } /** - * Logs a user in using userkey and redirects after. + * Logs a user in using jwt and redirects after. * * @throws \moodle_exception If something went wrong. */ - public function user_login_userkey() { + public function user_login_jwt() { global $SESSION, $CFG, $USER; $keyvalue = required_param('key', PARAM_ALPHANUM); @@ -149,7 +149,7 @@ class auth_plugin_userkey extends auth_plugin_base { } try { - $key = $this->userkeymanager->validate_key($keyvalue); + $key = $this->jwtmanager->validate_key($keyvalue); } catch (moodle_exception $exception) { // If user is logged in and key is not valid, we'd like to logout a user. if (isloggedin()) { @@ -164,18 +164,18 @@ class auth_plugin_userkey extends auth_plugin_base { require_logout(); } else { // Don't process further if the user is already logged in. - $this->userkeymanager->delete_keys($key->userid); + $this->jwtmanager->delete_keys($key->userid); $this->redirect($redirecturl); } } - $this->userkeymanager->delete_keys($key->userid); + $this->jwtmanager->delete_keys($key->userid); $user = get_complete_user_data('id', $key->userid); complete_user_login($user); // Identify this session as using user key auth method. - $SESSION->userkey = true; + $SESSION->jwt = true; $this->redirect($redirecturl); } @@ -208,14 +208,14 @@ class auth_plugin_userkey extends auth_plugin_base { } /** - * Set userkey manager. + * Set jwt manager. * * This function is the only way to inject dependency, because of the way auth plugins work. * - * @param \auth_userkey\userkey_manager_interface $keymanager + * @param \auth_jwt\jwt_manager_interface $keymanager */ - public function set_userkey_manager(userkey_manager_interface $keymanager) { - $this->userkeymanager = $keymanager; + public function set_jwt_manager(jwt_manager_interface $keymanager) { + $this->jwtmanager = $keymanager; } /** @@ -282,7 +282,7 @@ class auth_plugin_userkey extends auth_plugin_base { $user = $data; unset($user['ip']); - $user['auth'] = 'userkey'; + $user['auth'] = 'jwt'; $user['confirmed'] = 1; $user['mnethostid'] = $CFG->mnet_localhost_id; @@ -324,7 +324,7 @@ class auth_plugin_userkey extends auth_plugin_base { $userdata = $data; unset($userdata['ip']); - $userdata['auth'] = 'userkey'; + $userdata['auth'] = 'jwt'; $changed = false; foreach ($userdata as $key => $value) { @@ -449,7 +449,7 @@ class auth_plugin_userkey extends auth_plugin_base { $user = $this->get_user($data); $ips = $this->get_allowed_ips($data); - return $this->userkeymanager->create_key($user->id, $ips); + return $this->jwtmanager->create_key($user->id, $ips); } /** @@ -465,9 +465,9 @@ class auth_plugin_userkey extends auth_plugin_base { global $CFG; $userdata = $this->validate_user_data($data); - $userkey = $this->generate_user_key($userdata); + $jwt = $this->generate_user_key($userdata); - return $CFG->wwwroot . '/auth/userkey/login.php?key=' . $userkey; + return $CFG->wwwroot . '/auth/jwt/login.php?key=' . $jwt; } /** @@ -605,7 +605,7 @@ class auth_plugin_userkey extends auth_plugin_base { protected function should_logout_redirect() { global $SESSION; - if (!isset($SESSION->userkey)) { + if (!isset($SESSION->jwt)) { return false; } @@ -639,19 +639,19 @@ class auth_plugin_userkey extends auth_plugin_base { /** * Log out user and redirect. */ - public function user_logout_userkey() { + public function user_logout_jwt() { global $CFG, $USER; $redirect = required_param('return', PARAM_LOCALURL); // We redirect when user's session in Moodle already has expired - // or the user is still logged in using "userkey" auth type. - if (!isloggedin() || $USER->auth == 'userkey') { + // or the user is still logged in using "jwt" auth type. + if (!isloggedin() || $USER->auth == 'jwt') { require_logout(); $this->redirect($redirect); } else { // If logged in with different auth type, then display an error. - throw new moodle_exception('incorrectlogout', 'auth_userkey', $CFG->wwwroot); + throw new moodle_exception('incorrectlogout', 'auth_jwt', $CFG->wwwroot); } } } diff --git a/classes/core_userkey_manager.php b/classes/core_jwt_manager.php similarity index 51% rename from classes/core_userkey_manager.php rename to classes/core_jwt_manager.php index bb05ed5..1736233 100644 --- a/classes/core_userkey_manager.php +++ b/classes/core_jwt_manager.php @@ -14,21 +14,19 @@ // You should have received a copy of the GNU General Public License // along with Moodle. If not, see . -namespace auth_userkey; +namespace auth_jwt; + +use \Firebase\JWT\JWT; /** * Key manager class. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -class core_userkey_manager implements userkey_manager_interface { - - /** - * This script script required by core create_user_key(). - */ - const CORE_USER_KEY_MANAGER_SCRIPT = 'auth/userkey'; +class core_jwt_manager +{ /** * Default life time of the user key in seconds. @@ -47,7 +45,8 @@ class core_userkey_manager implements userkey_manager_interface { * * @param \stdClass $config */ - public function __construct(\stdClass $config) { + public function __construct(\stdClass $config) + { $this->config = $config; } @@ -59,41 +58,26 @@ class core_userkey_manager implements userkey_manager_interface { * * @return string Generated key. */ - public function create_key($userid, $allowedips = null) { - $this->delete_keys($userid); - + public function create_key($userid, $allowedips = null) + { if (isset($this->config->keylifetime) && (int)$this->config->keylifetime > 0) { $validuntil = time() + $this->config->keylifetime; } else { $validuntil = time() + self::DEFAULT_KEY_LIFE_TIME_IN_SECONDS; } - $iprestriction = null; + $payload = [ + 'userid' => $userid, + 'exp' => $validuntil + ]; - if (isset($this->config->iprestriction) && !empty($this->config->iprestriction)) { - if ($allowedips) { - $iprestriction = $allowedips; - } else { - $iprestriction = getremoteaddr(null); - } + if ($allowedips) { + $payload['allowedips'] = $allowedips; } - return create_user_key( - self::CORE_USER_KEY_MANAGER_SCRIPT, - $userid, - $userid, - $iprestriction, - $validuntil - ); - } + $secret = $this->config->jwtsecret; - /** - * Delete all keys for a specific user. - * - * @param int $userid User ID. - */ - public function delete_keys($userid) { - delete_user_key(self::CORE_USER_KEY_MANAGER_SCRIPT, $userid); + return JWT::encode($payload, $secret); } /** @@ -105,28 +89,23 @@ class core_userkey_manager implements userkey_manager_interface { * * @throws \moodle_exception If provided key is not valid. */ - public function validate_key($keyvalue) { - global $DB; + public function validate_key($keyvalue) + { + $secret = $this->config->jwtsecret; - $options = array( - 'script' => self::CORE_USER_KEY_MANAGER_SCRIPT, - 'value' => $keyvalue - ); - - if (!$key = $DB->get_record('user_private_key', $options)) { + try { + $decoded = JWT::decode($keyvalue, $secret, ['HS256']); + } catch (\Exception $e) { throw new \moodle_exception('invalidkey'); } - if (!empty($key->validuntil) && $key->validuntil < time()) { + if (!empty($decoded->exp) && $decoded->exp < time()) { throw new \moodle_exception('expiredkey'); } - $this->validate_ip_address($key); + $this->validate_ip_address($decoded); - if (!$user = $DB->get_record('user', array('id' => $key->userid))) { - throw new \moodle_exception('invaliduserid'); - } - return $key; + return $decoded; } /** @@ -136,30 +115,24 @@ class core_userkey_manager implements userkey_manager_interface { * * @throws \moodle_exception If provided key is not valid. */ - protected function validate_ip_address($key) { - if (!$key->iprestriction) { + protected function validate_ip_address($key) + { + if (empty($key->allowedips)) { return true; } $remoteaddr = getremoteaddr(null); if (empty($remoteaddr)) { - throw new \moodle_exception('noip', 'auth_userkey'); + throw new \moodle_exception('noip', 'auth_jwt'); } - if (address_in_subnet($remoteaddr, $key->iprestriction)) { - return true; - } - - if (isset($this->config->ipwhitelist)) { - $ips = explode(';', $this->config->ipwhitelist); - foreach ($ips as $ip) { - if (address_in_subnet($remoteaddr, $ip)) { - return true; - } + foreach ($key->allowedips as $allowedip) { + if (address_in_subnet($remoteaddr, $allowedip)) { + return true; } } - throw new \moodle_exception('ipmismatch', 'error', '', null, "Remote address: $remoteaddr\nKey IP: $key->iprestriction"); + throw new \moodle_exception('ipmismatch', 'error', '', null, "Remote address: $remoteaddr\nKey IP: " . implode(', ', $key->allowedips)); } } diff --git a/classes/userkey_manager_interface.php b/classes/jwt_manager_interface.php similarity index 85% rename from classes/userkey_manager_interface.php rename to classes/jwt_manager_interface.php index 3274df8..4116014 100644 --- a/classes/userkey_manager_interface.php +++ b/classes/jwt_manager_interface.php @@ -17,19 +17,20 @@ /** * Key manager interface. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -namespace auth_userkey; +namespace auth_jwt; /** - * Interface userkey_manager_interface describes key manager behaviour. + * Interface jwt_manager_interface describes key manager behaviour. * - * @package auth_userkey + * @package auth_jwt */ -interface userkey_manager_interface { +interface jwt_manager_interface +{ /** * Create a user key. * @@ -57,5 +58,4 @@ interface userkey_manager_interface { * @throws \moodle_exception If provided key is not valid. */ public function validate_key($keyvalue); - } diff --git a/classes/privacy/provider.php b/classes/privacy/provider.php index 8ad305b..5fa50c2 100644 --- a/classes/privacy/provider.php +++ b/classes/privacy/provider.php @@ -17,13 +17,13 @@ /** * Privacy provider. * - * @package auth_userkey - * @author Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @author Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @copyright 2020 Catalyst IT * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -namespace auth_userkey\privacy; +namespace auth_jwt\privacy; use core_privacy\local\metadata\null_provider; use core_privacy\local\legacy_polyfill; diff --git a/db/access.php b/db/access.php index d1519c4..38bec22 100644 --- a/db/access.php +++ b/db/access.php @@ -17,15 +17,15 @@ /** * User key auth method caps. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ defined('MOODLE_INTERNAL') || die(); $capabilities = array( - 'auth/userkey:generatekey' => array( + 'auth/jwt:generatekey' => array( 'riskbitmask' => RISK_PERSONAL | RISK_SPAM | RISK_XSS , 'captype' => 'write', diff --git a/db/services.php b/db/services.php index 9271a46..0b9eb6f 100644 --- a/db/services.php +++ b/db/services.php @@ -15,29 +15,29 @@ // along with Moodle. If not, see . /** - * Web services for auth_userkey. + * Web services for auth_jwt. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ defined('MOODLE_INTERNAL') || die; $functions = array( - 'auth_userkey_request_login_url' => array( - 'classname' => 'auth_userkey_external', + 'auth_jwt_request_login_url' => array( + 'classname' => 'auth_jwt_external', 'methodname' => 'request_login_url', - 'classpath' => 'auth/userkey/externallib.php', + 'classpath' => 'auth/jwt/externallib.php', 'description' => 'Return one time key based login URL', 'type' => 'write', - 'capabilities' => 'auth/userkey:generatekey', + 'capabilities' => 'auth/jwt:generatekey', ) ); $services = array( 'User key authentication web service' => array( - 'functions' => array ('auth_userkey_request_login_url'), + 'functions' => array ('auth_jwt_request_login_url'), 'restrictedusers' => 1, 'enabled' => 1, ) diff --git a/db/upgrade.php b/db/upgrade.php index 70c844b..fd2c612 100644 --- a/db/upgrade.php +++ b/db/upgrade.php @@ -17,8 +17,8 @@ /** * Upgrade script. * - * @package auth_userkey - * @copyright 2018 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2018 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ @@ -28,13 +28,13 @@ * @param string $oldversion Old version of the plugin. * @return bool */ -function xmldb_auth_userkey_upgrade($oldversion) { +function xmldb_auth_jwt_upgrade($oldversion) { global $DB; if ($oldversion < 2018050200) { // Confirm all previously created users. - $DB->execute("UPDATE {user} SET confirmed=? WHERE auth=?", array(1, 'userkey')); - upgrade_plugin_savepoint(true, 2018050200, 'auth', 'userkey'); + $DB->execute("UPDATE {user} SET confirmed=? WHERE auth=?", array(1, 'jwt')); + upgrade_plugin_savepoint(true, 2018050200, 'auth', 'jwt'); } return true; diff --git a/externallib.php b/externallib.php index a25bb94..1d1a8f5 100644 --- a/externallib.php +++ b/externallib.php @@ -15,10 +15,10 @@ // along with Moodle. If not, see . /** - * Webservices for auth_userkey. + * Webservices for auth_jwt. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ @@ -26,16 +26,16 @@ defined('MOODLE_INTERNAL') || die(); require_once($CFG->libdir . "/externallib.php"); require_once($CFG->dirroot . "/webservice/lib.php"); -require_once($CFG->dirroot . "/auth/userkey/auth.php"); +require_once($CFG->dirroot . "/auth/jwt/auth.php"); /** - * Webservices for auth_userkey. + * Webservices for auth_jwt. * - * @package auth_userkey + * @package auth_jwt * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -class auth_userkey_external extends external_api { +class auth_jwt_external extends external_api { /** * Return request_login_url webservice parameters. @@ -46,7 +46,7 @@ class auth_userkey_external extends external_api { return new external_function_parameters( array( 'user' => new external_single_structure( - get_auth_plugin('userkey')->get_request_login_url_user_parameters() + get_auth_plugin('jwt')->get_request_login_url_user_parameters() ) ) ); @@ -64,14 +64,14 @@ class auth_userkey_external extends external_api { */ public static function request_login_url($user) { - if (!is_enabled_auth('userkey')) { - throw new webservice_access_exception(get_string('pluginisdisabled', 'auth_userkey')); + if (!is_enabled_auth('jwt')) { + throw new webservice_access_exception(get_string('pluginisdisabled', 'auth_jwt')); } $context = context_system::instance(); - require_capability('auth/userkey:generatekey', $context); + require_capability('auth/jwt:generatekey', $context); - $auth = get_auth_plugin('userkey'); + $auth = get_auth_plugin('jwt'); $loginurl = $auth->get_login_url($user); return array( diff --git a/lang/en/auth_userkey.php b/lang/en/auth_jwt.php similarity index 89% rename from lang/en/auth_userkey.php rename to lang/en/auth_jwt.php index 4b87032..ab5afcc 100644 --- a/lang/en/auth_userkey.php +++ b/lang/en/auth_jwt.php @@ -15,17 +15,17 @@ // along with Moodle. If not, see . /** - * Strings for auth_userkey. + * Strings for auth_jwt. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ defined('MOODLE_INTERNAL') || die; $string['pluginname'] = 'User key authentication'; -$string['auth_userkeydescription'] = 'Log in to Moodle using one time user key.'; +$string['auth_jwtdescription'] = 'Log in to Moodle using one time user key.'; $string['mappingfield'] = 'Mapping field'; $string['mappingfield_desc'] = 'This user field will be used to find relevant user in the LMS.'; $string['iprestriction'] = 'IP restriction'; @@ -46,8 +46,8 @@ $string['redirecturl'] = 'Logout redirect URL'; $string['redirecturl_desc'] = 'Optionally you can redirect users to this URL after they logged out from LMS.'; $string['incorrectredirecturl'] = 'You should provide valid URL'; $string['incorrectssourl'] = 'You should provide valid URL'; -$string['userkey:generatekey'] = 'Generate login user key'; -$string['pluginisdisabled'] = 'The userkey authentication plugin is disabled.'; +$string['jwt:generatekey'] = 'Generate login user key'; +$string['pluginisdisabled'] = 'The jwt authentication plugin is disabled.'; $string['ssourl'] = 'URL of SSO host'; $string['ssourl_desc'] = 'URL of the SSO host to redirect users to. If defined users will be redirected here on login instead of the Moodle Login page'; $string['redirecterrordetected'] = 'Unsupported redirect to {$a} detected, execution terminated.'; diff --git a/login.php b/login.php index 883b154..005172d 100644 --- a/login.php +++ b/login.php @@ -15,17 +15,17 @@ // along with Moodle. If not, see . /** - * Login page for auth_userkey. + * Login page for auth_jwt. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ require_once(dirname(__FILE__) . '/../../config.php'); -if (!is_enabled_auth('userkey')) { - throw new moodle_exception(get_string('pluginisdisabled', 'auth_userkey')); +if (!is_enabled_auth('jwt')) { + throw new moodle_exception(get_string('pluginisdisabled', 'auth_jwt')); } -get_auth_plugin('userkey')->user_login_userkey(); +get_auth_plugin('jwt')->user_login_jwt(); diff --git a/logout.php b/logout.php index 19e5f9a..8a27a7c 100644 --- a/logout.php +++ b/logout.php @@ -15,17 +15,17 @@ // along with Moodle. If not, see . /** - * Logout page for auth_userkey. + * Logout page for auth_jwt. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ require_once(dirname(__FILE__) . '/../../config.php'); -if (!is_enabled_auth('userkey')) { - throw new moodle_exception(get_string('pluginisdisabled', 'auth_userkey')); +if (!is_enabled_auth('jwt')) { + throw new moodle_exception(get_string('pluginisdisabled', 'auth_jwt')); } -get_auth_plugin('userkey')->user_logout_userkey(); +get_auth_plugin('jwt')->user_logout_jwt(); diff --git a/pix/catalyst-logo.png b/pix/catalyst-logo.png deleted file mode 100644 index c7d1a50f00a9436d32d89efda5b8988f058b3020..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5294 zcmZ9QcRX9~`~UMUZEbHwt)kT!rS_&qjhMB!+IyyAMiZ2l+N&sP7O~YHDM|^UsIlc=LCl_Sn;#9@vqoY|t$QyE^g%iZO|-sffb%*d8gBZ?QEmxioWe zZBoC&BBE}_qI<~oj>j9F(25VOU@ht7%XdGWJ1iaFS=99;ozg-mq>v`MZL)w_r2X8! z)Qb6cWwQK@k$X^oQjeaQ=(0g7g*#(NW9M7Zd#4M#vqY(ff`W!XxRnI5IN+4x3>-AY zfCHEX1iFj;e@yu}1JcTW-_i8R=zZ0oc&N@Ntr$j}UBt98UoJ|ovR)p|E<)NpZlFJn zl14=;ra6f)!xH;;$Iso5h^;^SS6}F%#MiL(TJ_n}{T8}ub$?xh%tG}>NtEUyq~Du5 z)HN^99JduFe-WNjZQpl5`u^;mZ|k`vhEGlXQpClqe#00wJm)URwo7s0t70bId>1(R7L{U zD9+ zY))6XWQ-sA!gEZ$F>Q&N$uedCpA8+n6B@brp>#>(R?uLt+ZeCXe=aHn6y$Y!Q;CPF z_ob6t1RCxG4k8$u2^Lu|MWy^L>RbC$fq^Rc{7=6bC4MxQ`tPO(oAR_HCnY#$)wF*= zg{nNZ-mZVv$E6t;*{`0WoHLixHpKKvF)7h(0t zS@3DzCrTkkG2Ct(saP#p|b@{{9a2uijmo<{GDOm;fu%mTYTbgg!utM^qu5d_?93CEqm3lw?sX6@66{V%;guplx%b@P?U%l5=^z=O3ED=*&14zj6$9T?T zh>nhSQg9G|*w8^WpdX3oIQ&g!X{D8vjc$v{SR1TPi5bncLl^K6~=tn%XW zAHt(LIcP7RgYFE|gml8ZF@>LQ^A0pbU26r)uuqvgoSx>eIy!A%(rW7`M~0tk>QLTW zvww3)&Z2Hu!0vM?wq)w+tlJPB%4_&jpa6VK=#O`{HQCRUxm?vuBI}OQvAUs@;#SJd z-Lny~JYYVBeK@uwV|L6=C`=Kg)w{VZ#pXf0g?Cr0{PiY9D@RCmk|vvLIE`GhVP-Su zab4CmElIgNjX6QSn;w1-y;`S%jPSQnSF6yvq)+A)@p%@G4Ik3*r>yv$+MYx^&B>kU zQ(&h4YE2sKB`C##u!PV@C4?_cbgqedsAUCl>iA^0#|aflh^W1vF%aLpzwHgriGwqO z!bh0Z-Rz>#j0az)uA4NA9mz0FK~VIfWpdfG1$txH)CU-b02D4T+!8-8k=+A8fd@;n+Q!VD9 za$r5q#?f3O^}_|QU&T!tiVMFzey)4XKi#!K;dhK9we z)$@(RP&%S|;N1O93gPLbwphY}Cajf8e|S}SJC~VX^7W*k0fV|>{2d~iL=WcZJps`xa^~%byo>Gqm)n`BNSf1n(bp{fX&g` zcDK&4Ptj)~oMVEO--5bhjBqY<8E)x^Y`B#}{o27qRgEvPdEf6qxFy@(AhkQ!M})!Z zp$|LznG$X_Xk0?!2Z6tNq&M`I1J&P@=wH%ZfuWs|Ht?wNw(eRXYVQ( zw!wZtH+95JC)|9Xe5W^>BEa<0Lz8_XbsbNi^H;BKv!z2hSP0w%Pdj_z#H5yvdC?^L zqsOuwC1b*K=^oNVJf0h_I63$<U4AY-L;BC}9{EEm7*Z#I$tfPbO zTZBJB46lqLud%hsb%ss-{N|ic@qMI4T50A_X9Wo%SU8+-d4*VO!@D{m%937Utip4+>StSVUW7)<-E^6aHUa!oMWby2e(tmpEQik zEVKphI2{C21CUP=Q-f6_}zwqs>a>~<~5Y@Wq3WmDR9g!lovXeo8e zY`+QeftBvQjLM5oe|%O(48&`A@VSxO5Iy~^P-G?&3VeX- zg|Rai#&oHrJ+PeM*xT&wElSH}KIGinRLNC7bgy@!dk<^z?vmR-lIWcEMAlbo?~_YP ze7pDj?dY23-TAwQRnFR?Q63JdvjerY>v8CJsY38D01grRTD}huThSZ_tb9} z;sNzw-OOt%ZCA-sKmKtV)9>nvO%UDTwR|RLU}Y3Zl|H9jz{HYi^cLaY(xZG4L=)Nx z$QHemjCi-Jv8BhdC}gxFry|3d-YE<{6743H<`vk^mZwM6s3-Zndh>0Pkm3}nPQ7rJ zeT;XQ`^)k`Nn<{21+Wxl@ezs15dpF}@>-(iOG3Runt^!9sML*BAt+n^u5I$V8S zOz1(XGa%i*{6j_mh-Mzlix{;c>|qnq#B4_F1RrhdFOu*z2BZ1ywiFOD5e(dXEG# z^snY#7Zgi6G_&OL6&$5a)MbBG$%kpmc1~YeDfb04y`w2qz2TQJk!1Igm~R#83V3`b zm(p-k=T}X?HA*l2W3g)`n1%mo_K&_ z&UDU#i0+!@^Qhd7P>EQ3i#TMwoQmD`Js5~Uq*P9*tp7n>?|;i5{h&-O?S-!6ofwsf z7*jKOMRMKC zn`%r8yu(t=GjejwjngRt(mP)pd(WLELbBaV7u=HP{-w>d$0iPijcJ#X#ujdY9eF znOOF7)mC+;CKSYQC`(nz)|0y1(EbIa?0dgQas1Mq6Z-`BP$;x0(90rBBWIPoCH z69J_HR(MLWREA>fnTMsft5iwRe~{?DctF73mi66K?(E=suL59WNz>7G^_mwXh6cT> z0rm3c{Estn_b3Y#!ifirJ3CI5yxGy_E4usr55HggrvIAW@W|z7N+l2UlppIT-U!gD z*8w7h2YbUrzH_@Yo@x5JPxQ2Xcz0wt5+qJ@sN3+2*@uQM47pznSYU{!f>nlYs|qZf zTlIr}tZZxdkZGNZi%MTnLpcJhG@KqDZfjIn?Gk2$LW`$E0>ISj*5qX4?`DlBYQaQSYd)dG z;w6!#Ehx89&;BDmV71f@_#-_%`$cB?`L)*+xtpAEd%Osing#KEfQvmJ&Nkx>b-+q8 znHj6){dHYMluRXgkD$gI{vM$U>W0$ET@^dSZfofHzS_}$DM(rK^gOKlDpTH_FI%)s z?C4cQX3Y6knWmpIzN0CZ!0>VSqv(uQB&#jkW3?I@jN*#dV<5XWr!tJ`-n2dDPJI7b ztXNi=ZKam%;5~y&DMUxum2|r-QFt$Cw@GL8PKTTDJyfv7oy?%S*w&y&je~wUdnq+J z&M(JC+c7?&a_I{Ib9An#x#6&u9%0QH@0w=Rlv@)}$u@&B-sG*F5sh0OV2Vh{>fZ;_;}-T^+Z9+5^}Qd%tnM_>e31!&uD1jWMYU zfIi+tIp#5T+PV_}u{FhCXnxz`TqK^wX_WyH0J@hY+=LOpF6ZR}58uSfKM%l`^kji( zq~dkx8NgY+~N7);25Iim2~uNZA@BYz5PbOGX|J^P(36{h-J zr?q55EZ_ZnBkt1c9L_`;FZfxJ(=a#%-c<@@4fV*a2`^M8zL9EJpnGqGxA-lhvB9H~ z>vU`D`|RyAD}};*CW>GNM(R@pm*aMo2pU1CG>Xyfn=|(aJvZ*&w&rjJw!fEzI;R9eM#4L6)~?zof+ViA0W$1KzbVL0x+b`*l66P z_+dqNoA{YPA_3EK?oT{;HOa9Z)%9n_>r8mC`vg5Rk}Dm)fATZ9`&gxdSsst)J+g;} zZPx=Y(Bo8>*kX%JMmc(4*hhZEzaQ@5Ei89LMAsA9q#?aamlvNoZ_P#9tgT&!9K0-~ zyx`p2f>A-@io1@_4*R5)VX_b>7lIr#7`})kD(%fJUFOYFQp6RU>pad)&CloPMqF&8 z7fn4ZeZsayJM%AoNq66CESoj8y@-mAZb?c)<-@JggcCR$n5ypFcrPj|nIG#AI-1Xz z*TW|5Gt{t$bY77T<4nB32DkL7h|dguINE;bw6mC_U+_I!*XwL1y0ny=ZjmFKQlr-) z(!^ zyZzn5Yz@*f5SP<^txqN;A6w1u0=VuTWAFUEb@!Fh5>Ws>w1&^Y-`4r)s`-JwEF{s~ zyr~LyaF+9|-9qto>>D!Q9{hOtD z9c61?`uT#AcH-R#6=VG%cvnvMg0x4p8dw6K+r%F@g^`8&{aY} mz;HnC=E?|+@;_6G?j_~eB)MBZSOjSE05)|!wOSSX$o~TnXEQSZ diff --git a/settings.php b/settings.php index 5443a03..7121759 100644 --- a/settings.php +++ b/settings.php @@ -17,8 +17,8 @@ /** * Admin settings and defaults * - * @package auth_userkey - * @copyright 2017 Stephen Bourget + * @package auth_jwt + * @copyright 2017 Stephen Bourget, 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ @@ -26,42 +26,42 @@ defined('MOODLE_INTERNAL') || die; if ($ADMIN->fulltree) { $yesno = array(get_string('no'), get_string('yes')); - $fields = get_auth_plugin('userkey')->get_allowed_mapping_fields(); + $fields = get_auth_plugin('jwt')->get_allowed_mapping_fields(); - $settings->add(new admin_setting_configselect('auth_userkey/mappingfield', - new lang_string('mappingfield', 'auth_userkey'), - new lang_string('mappingfield_desc', 'auth_userkey'), 0, $fields)); + $settings->add(new admin_setting_configselect('auth_jwt/mappingfield', + new lang_string('mappingfield', 'auth_jwt'), + new lang_string('mappingfield_desc', 'auth_jwt'), 0, $fields)); - $settings->add(new admin_setting_configtext('auth_userkey/keylifetime', get_string('keylifetime', 'auth_userkey'), - get_string('keylifetime_desc', 'auth_userkey', 'auth'), + $settings->add(new admin_setting_configtext('auth_jwt/keylifetime', get_string('keylifetime', 'auth_jwt'), + get_string('keylifetime_desc', 'auth_jwt', 'auth'), '60', PARAM_INT)); - $settings->add(new admin_setting_configselect('auth_userkey/iprestriction', - new lang_string('iprestriction', 'auth_userkey'), - new lang_string('iprestriction_desc', 'auth_userkey'), 0, $yesno)); + $settings->add(new admin_setting_configselect('auth_jwt/iprestriction', + new lang_string('iprestriction', 'auth_jwt'), + new lang_string('iprestriction_desc', 'auth_jwt'), 0, $yesno)); - $settings->add(new admin_setting_configtext('auth_userkey/ipwhitelist', get_string('ipwhitelist', 'auth_userkey'), - get_string('ipwhitelist_desc', 'auth_userkey', 'auth'), + $settings->add(new admin_setting_configtext('auth_jwt/ipwhitelist', get_string('ipwhitelist', 'auth_jwt'), + get_string('ipwhitelist_desc', 'auth_jwt', 'auth'), '', PARAM_TEXT)); - $settings->add(new admin_setting_configtext('auth_userkey/redirecturl', get_string('redirecturl', 'auth_userkey'), - get_string('redirecturl_desc', 'auth_userkey', 'auth'), + $settings->add(new admin_setting_configtext('auth_jwt/redirecturl', get_string('redirecturl', 'auth_jwt'), + get_string('redirecturl_desc', 'auth_jwt', 'auth'), '', PARAM_URL)); - $settings->add(new admin_setting_configtext('auth_userkey/ssourl', get_string('ssourl', 'auth_userkey'), - get_string('ssourl_desc', 'auth_userkey', 'auth'), + $settings->add(new admin_setting_configtext('auth_jwt/ssourl', get_string('ssourl', 'auth_jwt'), + get_string('ssourl_desc', 'auth_jwt', 'auth'), '', PARAM_URL)); - $settings->add(new admin_setting_configselect('auth_userkey/createuser', - new lang_string('createuser', 'auth_userkey'), - new lang_string('createuser_desc', 'auth_userkey'), 0, $yesno)); + $settings->add(new admin_setting_configselect('auth_jwt/createuser', + new lang_string('createuser', 'auth_jwt'), + new lang_string('createuser_desc', 'auth_jwt'), 0, $yesno)); - $settings->add(new admin_setting_configselect('auth_userkey/updateuser', - new lang_string('updateuser', 'auth_userkey'), - new lang_string('updateuser_desc', 'auth_userkey'), 0, $yesno)); + $settings->add(new admin_setting_configselect('auth_jwt/updateuser', + new lang_string('updateuser', 'auth_jwt'), + new lang_string('updateuser_desc', 'auth_jwt'), 0, $yesno)); // Display locking / mapping of profile fields. - $authplugin = get_auth_plugin('userkey'); + $authplugin = get_auth_plugin('jwt'); display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, get_string('auth_fieldlocks_help', 'auth'), false, false); } diff --git a/tests/auth_plugin_test.php b/tests/auth_plugin_test.php index d295794..cb178ba 100644 --- a/tests/auth_plugin_test.php +++ b/tests/auth_plugin_test.php @@ -14,28 +14,28 @@ // You should have received a copy of the GNU General Public License // along with Moodle. If not, see . -namespace auth_userkey; +namespace auth_jwt; use advanced_testcase; -use auth_plugin_userkey; +use auth_plugin_jwt; use stdClass; use invalid_parameter_exception; use moodle_exception; use external_value; /** - * Tests for auth_plugin_userkey class. + * Tests for auth_plugin_jwt class. * - * @covers \auth_plugin_userkey + * @covers \auth_plugin_jwt * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ class auth_plugin_test extends advanced_testcase { /** - * An instance of auth_plugin_userkey class. - * @var auth_plugin_userkey + * An instance of auth_plugin_jwt class. + * @var auth_plugin_jwt */ protected $auth; @@ -58,15 +58,15 @@ class auth_plugin_test extends advanced_testcase { global $CFG; require_once($CFG->libdir . "/externallib.php"); - require_once($CFG->dirroot . '/auth/userkey/tests/fake_userkey_manager.php'); - require_once($CFG->dirroot . '/auth/userkey/auth.php'); + require_once($CFG->dirroot . '/auth/jwt/tests/fake_jwt_manager.php'); + require_once($CFG->dirroot . '/auth/jwt/auth.php'); require_once($CFG->dirroot . '/user/lib.php'); parent::setUp(); $this->resetAfterTest(); $CFG->getremoteaddrconf = GETREMOTEADDR_SKIP_HTTP_X_FORWARDED_FOR; - $this->auth = new auth_plugin_userkey(); + $this->auth = new auth_plugin_jwt(); $this->user = self::getDataGenerator()->create_user(); } @@ -102,7 +102,7 @@ class auth_plugin_test extends advanced_testcase { $record->timecreated = time(); } - $record->script = 'auth/userkey'; + $record->script = 'auth/jwt'; $DB->insert_record('user_private_key', $record); } @@ -112,7 +112,7 @@ class auth_plugin_test extends advanced_testcase { */ public function test_users_can_not_login_using_login_form() { $user = new stdClass(); - $user->auth = 'userkey'; + $user->auth = 'jwt'; $user->username = 'username'; $user->password = 'correctpassword'; @@ -162,20 +162,20 @@ class auth_plugin_test extends advanced_testcase { $this->auth->logoutpage_hook(); $this->assertEquals('', $redirect); - $SESSION->userkey = true; - $this->auth = new auth_plugin_userkey(); + $SESSION->jwt = true; + $this->auth = new auth_plugin_jwt(); $this->auth->logoutpage_hook(); $this->assertEquals('', $redirect); - unset($SESSION->userkey); - set_config('redirecturl', 'http://example.com', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + unset($SESSION->jwt); + set_config('redirecturl', 'http://example.com', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->auth->logoutpage_hook(); $this->assertEquals('', $redirect); - $SESSION->userkey = true; - set_config('redirecturl', 'http://example.com', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + $SESSION->jwt = true; + set_config('redirecturl', 'http://example.com', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->auth->logoutpage_hook(); $this->assertEquals('http://example.com', $redirect); } @@ -184,8 +184,8 @@ class auth_plugin_test extends advanced_testcase { * Test that configured mapping field gets returned correctly. */ public function test_get_mapping_field() { - set_config('mappingfield', 'username', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('mappingfield', 'username', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $expected = 'username'; $actual = $this->auth->get_mapping_field(); @@ -209,8 +209,8 @@ class auth_plugin_test extends advanced_testcase { */ public function test_throwing_exception_if_mapping_field_username_is_not_provided() { $user = array(); - set_config('mappingfield', 'username', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('mappingfield', 'username', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->expectException(invalid_parameter_exception::class); $this->expectExceptionMessage('Invalid parameter value detected (Required field "username" is not set or empty.)'); @@ -223,8 +223,8 @@ class auth_plugin_test extends advanced_testcase { */ public function test_throwing_exception_if_mapping_field_idnumber_is_not_provided() { $user = array(); - set_config('mappingfield', 'idnumber', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('mappingfield', 'idnumber', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->expectException(invalid_parameter_exception::class); $this->expectExceptionMessage('Invalid parameter value detected (Required field "idnumber" is not set or empty.)'); @@ -251,8 +251,8 @@ class auth_plugin_test extends advanced_testcase { public function test_throwing_exception_if_iprestriction_is_enabled_but_ip_is_missing_in_data() { $user = array(); $user['email'] = 'exists@test.com'; - set_config('iprestriction', true, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('iprestriction', true, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->expectException(invalid_parameter_exception::class); $this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)'); @@ -272,10 +272,10 @@ class auth_plugin_test extends advanced_testcase { self::getDataGenerator()->create_user($user); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); - $expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg'; + $expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg'; $actual = $this->auth->get_login_url($user); $this->assertEquals($expected, $actual); @@ -293,10 +293,10 @@ class auth_plugin_test extends advanced_testcase { self::getDataGenerator()->create_user($user); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); - $expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg'; + $expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg'; $actual = $this->auth->get_login_url($user); $this->assertEquals($expected, $actual); @@ -315,10 +315,10 @@ class auth_plugin_test extends advanced_testcase { self::getDataGenerator()->create_user($user); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); - $expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg'; + $expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg'; $actual = $this->auth->get_login_url($user); $this->assertEquals($expected, $actual); @@ -330,11 +330,11 @@ class auth_plugin_test extends advanced_testcase { public function test_return_correct_login_url_and_create_new_user() { global $CFG, $DB; - set_config('createuser', true, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('createuser', true, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); $user = new stdClass(); $user->username = 'username'; @@ -343,7 +343,7 @@ class auth_plugin_test extends advanced_testcase { $user->lastname = 'name'; $user->ip = '192.168.1.1'; - $expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg'; + $expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg'; $actual = $this->auth->get_login_url($user); $this->assertEquals($expected, $actual); @@ -353,7 +353,7 @@ class auth_plugin_test extends advanced_testcase { $this->assertEquals($user->firstname, $userrecord->firstname); $this->assertEquals($user->lastname, $userrecord->lastname); $this->assertEquals(1, $userrecord->confirmed); - $this->assertEquals('userkey', $userrecord->auth); + $this->assertEquals('jwt', $userrecord->auth); } /** @@ -362,11 +362,11 @@ class auth_plugin_test extends advanced_testcase { public function test_missing_data_to_create_user() { global $CFG, $DB; - set_config('createuser', true, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('createuser', true, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); $user = new stdClass(); $user->email = 'username@test.com'; @@ -382,11 +382,11 @@ class auth_plugin_test extends advanced_testcase { * Test that when we attempt to create a new user duplicate usernames are caught. */ public function test_create_refuse_duplicate_username() { - set_config('createuser', true, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('createuser', true, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); $originaluser = new stdClass(); $originaluser->username = 'username'; @@ -411,12 +411,12 @@ class auth_plugin_test extends advanced_testcase { * Test that when we attempt to create a new user duplicate emails are caught. */ public function test_create_refuse_duplicate_email() { - set_config('createuser', true, 'auth_userkey'); - set_config('mappingfield', 'username', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('createuser', true, 'auth_jwt'); + set_config('mappingfield', 'username', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); $originaluser = new stdClass(); $originaluser->username = 'username'; @@ -443,11 +443,11 @@ class auth_plugin_test extends advanced_testcase { public function test_return_correct_login_url_and_update_user() { global $CFG, $DB; - set_config('updateuser', true, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('updateuser', true, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); $originaluser = new stdClass(); $originaluser->username = 'username'; @@ -466,7 +466,7 @@ class auth_plugin_test extends advanced_testcase { $user->lastname = 'namechanged'; $user->ip = '192.168.1.1'; - $expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg'; + $expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg'; $actual = $this->auth->get_login_url($user); $this->assertEquals($expected, $actual); @@ -476,19 +476,19 @@ class auth_plugin_test extends advanced_testcase { $this->assertEquals($user->firstname, $userrecord->firstname); $this->assertEquals($user->lastname, $userrecord->lastname); $this->assertEquals($originaluser->city, $userrecord->city); - $this->assertEquals('userkey', $userrecord->auth); + $this->assertEquals('jwt', $userrecord->auth); } /** * Test that when we attempt to update a user duplicate emails are caught. */ public function test_update_refuse_duplicate_email() { - set_config('updateuser', true, 'auth_userkey'); - set_config('mappingfield', 'username', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('updateuser', true, 'auth_jwt'); + set_config('mappingfield', 'username', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); self::getDataGenerator()->create_user(['email' => 'trytoduplicate@test.com']); self::getDataGenerator()->create_user(['username' => 'username']); @@ -511,11 +511,11 @@ class auth_plugin_test extends advanced_testcase { * Test that when we attempt to update a user duplicate usernames are caught. */ public function test_update_refuse_duplicate_username() { - set_config('updateuser', true, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('updateuser', true, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); - $userkeymanager = new fake_userkey_manager(); - $this->auth->set_userkey_manager($userkeymanager); + $jwtmanager = new fake_jwt_manager(); + $this->auth->set_jwt_manager($jwtmanager); self::getDataGenerator()->create_user(['username' => 'trytoduplicate']); self::getDataGenerator()->create_user(['email' => 'username@test.com']); @@ -546,9 +546,9 @@ class auth_plugin_test extends advanced_testcase { $user = self::getDataGenerator()->create_user($user); - create_user_key('auth/userkey', $user->id); - create_user_key('auth/userkey', $user->id); - create_user_key('auth/userkey', $user->id); + create_user_key('auth/jwt', $user->id); + create_user_key('auth/jwt', $user->id); + create_user_key('auth/jwt', $user->id); $keys = $DB->get_records('user_private_key', array('userid' => $user->id)); $this->assertEquals(3, count($keys)); @@ -560,7 +560,7 @@ class auth_plugin_test extends advanced_testcase { $actualkey = $DB->get_record('user_private_key', array('userid' => $user->id)); - $expected = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; + $expected = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value; $this->assertEquals($expected, $actual); } @@ -596,8 +596,8 @@ class auth_plugin_test extends advanced_testcase { $this->assertEquals($expected, $actual); // Check username. - set_config('mappingfield', 'username', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('mappingfield', 'username', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $expected = array( 'username' => new external_value( @@ -610,8 +610,8 @@ class auth_plugin_test extends advanced_testcase { $this->assertEquals($expected, $actual); // Check idnumber. - set_config('mappingfield', 'idnumber', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('mappingfield', 'idnumber', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $expected = array( 'idnumber' => new external_value( @@ -624,8 +624,8 @@ class auth_plugin_test extends advanced_testcase { $this->assertEquals($expected, $actual); // Check some junk field name. - set_config('mappingfield', 'junkfield', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('mappingfield', 'junkfield', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $expected = array(); @@ -633,15 +633,15 @@ class auth_plugin_test extends advanced_testcase { $this->assertEquals($expected, $actual); // Check IP if iprestriction disabled. - set_config('iprestriction', false, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('iprestriction', false, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $expected = array(); $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); // Check IP if iprestriction enabled. - set_config('iprestriction', true, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('iprestriction', true, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $expected = array( 'ip' => new external_value( PARAM_HOST, @@ -652,8 +652,8 @@ class auth_plugin_test extends advanced_testcase { $this->assertEquals($expected, $actual); // Check IP if createuser enabled. - set_config('createuser', true, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('createuser', true, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $expected = array( 'ip' => new external_value(PARAM_HOST, 'User IP address'), 'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL), @@ -663,11 +663,11 @@ class auth_plugin_test extends advanced_testcase { ); $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); - set_config('createuser', false, 'auth_userkey'); + set_config('createuser', false, 'auth_jwt'); // Check IP if updateuser enabled. - set_config('updateuser', true, 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('updateuser', true, 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $expected = array( 'ip' => new external_value(PARAM_HOST, 'User IP address'), 'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL), @@ -677,7 +677,7 @@ class auth_plugin_test extends advanced_testcase { ); $actual = $this->auth->get_request_login_url_user_parameters(); $this->assertEquals($expected, $actual); - set_config('updateuser', false, 'auth_userkey'); + set_config('updateuser', false, 'auth_jwt'); } /** @@ -707,7 +707,7 @@ class auth_plugin_test extends advanced_testcase { $this->expectException(moodle_exception::class); $this->expectExceptionMessage('A required parameter (key) was missing'); - $this->auth->user_login_userkey(); + $this->auth->user_login_jwt(); } /** @@ -718,7 +718,7 @@ class auth_plugin_test extends advanced_testcase { $this->expectExceptionMessage('Incorrect key'); $_POST['key'] = 'InvalidKey'; - $this->auth->user_login_userkey(); + $this->auth->user_login_jwt(); } /** @@ -731,7 +731,7 @@ class auth_plugin_test extends advanced_testcase { $this->expectExceptionMessage('Expired key'); $_POST['key'] = 'TestKey'; - $this->auth->user_login_userkey(); + $this->auth->user_login_jwt(); } /** @@ -746,14 +746,14 @@ class auth_plugin_test extends advanced_testcase { $this->expectException(moodle_exception::class); $this->expectExceptionMessage('Client IP address mismatch'); - $this->auth->user_login_userkey(); + $this->auth->user_login_jwt(); } /** * Test that IP address mismatch exception gets thrown if incorrect IP and outside whitelist. */ public function test_ipmismatch_exception_thrown_if_ip_is_outside_whitelist() { - set_config('ipwhitelist', '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16', 'auth_userkey'); + set_config('ipwhitelist', '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16', 'auth_jwt'); $this->create_user_private_key(['iprestriction' => '192.161.1.1']); $_POST['key'] = 'TestKey'; @@ -762,7 +762,7 @@ class auth_plugin_test extends advanced_testcase { $this->expectException(moodle_exception::class); $this->expectExceptionMessage('Client IP address mismatch'); - $this->auth->user_login_userkey(); + $this->auth->user_login_jwt(); } /** @@ -781,7 +781,7 @@ class auth_plugin_test extends advanced_testcase { $this->expectException(moodle_exception::class); $this->expectExceptionMessage('Invalid user'); - $this->auth->user_login_userkey(); + $this->auth->user_login_jwt(); } /** @@ -800,7 +800,7 @@ class auth_plugin_test extends advanced_testcase { try { // Using @ is the only way to test this. Thanks moodle! - @$this->auth->user_login_userkey(); + @$this->auth->user_login_jwt(); } catch (moodle_exception $e) { $keyexists = $DB->record_exists('user_private_key', array('value' => 'RemoveKey')); $this->assertFalse($keyexists); @@ -820,7 +820,7 @@ class auth_plugin_test extends advanced_testcase { $this->expectException(moodle_exception::class); $this->expectExceptionMessage('Unsupported redirect to http://www.example.com/moodle detected, execution terminated'); - @$this->auth->user_login_userkey(); + @$this->auth->user_login_jwt(); } /** @@ -835,11 +835,11 @@ class auth_plugin_test extends advanced_testcase { try { // Using @ is the only way to test this. Thanks moodle! - @$this->auth->user_login_userkey(); + @$this->auth->user_login_jwt(); } catch (moodle_exception $e) { $this->assertEquals($this->user->id, $USER->id); $this->assertSame(sesskey(), $USER->sesskey); - $this->assertObjectHasAttribute('userkey', $SESSION); + $this->assertObjectHasAttribute('jwt', $SESSION); } } @@ -855,7 +855,7 @@ class auth_plugin_test extends advanced_testcase { $this->expectExceptionMessage('Unsupported redirect to /course/index.php?id=12&key=134 detected, execution terminated'); // Using @ is the only way to test this. Thanks moodle! - @$this->auth->user_login_userkey(); + @$this->auth->user_login_jwt(); } /** @@ -871,7 +871,7 @@ class auth_plugin_test extends advanced_testcase { $this->expectExceptionMessage('Unsupported redirect to http://test.com/course/index.php?id=12&key=134 detected, execution terminated'); // Using @ is the only way to test this. Thanks moodle! - @$this->auth->user_login_userkey(); + @$this->auth->user_login_jwt(); } /** @@ -881,8 +881,8 @@ class auth_plugin_test extends advanced_testcase { global $SESSION; $SESSION->enrolkey_skipsso = 0; - set_config('ssourl', 'http://google.com', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('ssourl', 'http://google.com', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->expectException(moodle_exception::class); $this->expectExceptionMessage('Unsupported redirect to http://google.com detected, execution terminated.'); @@ -897,8 +897,8 @@ class auth_plugin_test extends advanced_testcase { global $SESSION; $SESSION->enrolkey_skipsso = 0; - set_config('ssourl', '', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('ssourl', '', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->assertTrue($this->auth->loginpage_hook()); } @@ -910,8 +910,8 @@ class auth_plugin_test extends advanced_testcase { global $SESSION; $SESSION->enrolkey_skipsso = 1; - set_config('ssourl', '', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('ssourl', '', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->assertTrue($this->auth->loginpage_hook()); } @@ -923,8 +923,8 @@ class auth_plugin_test extends advanced_testcase { global $SESSION; $SESSION->enrolkey_skipsso = 0; - set_config('ssourl', 'http://google.com', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('ssourl', 'http://google.com', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->expectException(moodle_exception::class); $this->expectExceptionMessage('Unsupported redirect to http://google.com detected, execution terminated.'); @@ -939,8 +939,8 @@ class auth_plugin_test extends advanced_testcase { global $SESSION; $SESSION->enrolkey_skipsso = 0; - set_config('ssourl', '', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('ssourl', '', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->assertTrue($this->auth->pre_loginpage_hook()); } @@ -952,8 +952,8 @@ class auth_plugin_test extends advanced_testcase { global $SESSION; $SESSION->enrolkey_skipsso = 1; - set_config('ssourl', '', 'auth_userkey'); - $this->auth = new auth_plugin_userkey(); + set_config('ssourl', '', 'auth_jwt'); + $this->auth = new auth_plugin_jwt(); $this->assertTrue($this->auth->pre_loginpage_hook()); } @@ -974,11 +974,11 @@ class auth_plugin_test extends advanced_testcase { try { // Using @ is the only way to test this. Thanks moodle! - @$this->auth->user_login_userkey(); + @$this->auth->user_login_jwt(); } catch (moodle_exception $e) { $this->assertEquals($this->user->id, $USER->id); $this->assertSame(sesskey(), $USER->sesskey); - $this->assertObjectHasAttribute('userkey', $SESSION); + $this->assertObjectHasAttribute('jwt', $SESSION); } } @@ -998,7 +998,7 @@ class auth_plugin_test extends advanced_testcase { try { // Using @ is the only way to test this. Thanks moodle! - @$this->auth->user_login_userkey(); + @$this->auth->user_login_jwt(); } catch (moodle_exception $e) { $this->assertEquals('Incorrect key', $e->getMessage()); $this->assertEmpty($USER->id); @@ -1021,11 +1021,11 @@ class auth_plugin_test extends advanced_testcase { try { // Using @ is the only way to test this. Thanks moodle! - @$this->auth->user_login_userkey(); + @$this->auth->user_login_jwt(); } catch (moodle_exception $e) { $this->assertEquals($this->user->id, $USER->id); $this->assertSame(sesskey(), $USER->sesskey); - $this->assertObjectNotHasAttribute('userkey', $SESSION); + $this->assertObjectNotHasAttribute('jwt', $SESSION); $keyexists = $DB->record_exists('user_private_key', array('value' => 'TestKey')); $this->assertFalse($keyexists); } @@ -1034,17 +1034,17 @@ class auth_plugin_test extends advanced_testcase { /** * Test when try to logout, but required return is not set. */ - public function test_user_logout_userkey_when_required_return_not_set() { + public function test_user_logout_jwt_when_required_return_not_set() { $this->expectException(moodle_exception::class); $this->expectExceptionMessage('A required parameter (return) was missing'); - $this->auth->user_logout_userkey(); + $this->auth->user_logout_jwt(); } /** * Test when try to logout, but user is not logged in. */ - public function test_user_logout_userkey_when_user_is_not_logged_in() { + public function test_user_logout_jwt_when_user_is_not_logged_in() { $_POST['return'] = self::REDIRECTION_PATH; $this->expectException(moodle_exception::class); @@ -1052,20 +1052,20 @@ class auth_plugin_test extends advanced_testcase { sprintf("Unsupported redirect to %s detected, execution terminated.", self::REDIRECTION_PATH) ); - $this->auth->user_logout_userkey(); + $this->auth->user_logout_jwt(); } /** * Test when try to logout, but user logged in with different auth type. */ - public function test_user_logout_userkey_when_user_logged_in_with_different_auth() { + public function test_user_logout_jwt_when_user_logged_in_with_different_auth() { global $USER; $_POST['return'] = self::REDIRECTION_PATH; $this->setUser($this->user); try { - $this->auth->user_logout_userkey(); + $this->auth->user_logout_jwt(); } catch (moodle_exception $e) { $this->assertTrue(isloggedin()); $this->assertEquals($USER->id, $this->user->id); @@ -1079,27 +1079,27 @@ class auth_plugin_test extends advanced_testcase { /** * Test when try to logout, but user logged in with different auth type. */ - public function test_user_logout_userkey_when_user_logged_in_but_return_not_set() { + public function test_user_logout_jwt_when_user_logged_in_but_return_not_set() { $this->setUser($this->user); $this->expectException(moodle_exception::class); $this->expectExceptionMessage('A required parameter (return) was missing'); - $this->auth->user_logout_userkey(); + $this->auth->user_logout_jwt(); } /** * Test successful logout. */ - public function test_user_logout_userkey_logging_out() { + public function test_user_logout_jwt_logging_out() { global $USER; $this->setUser($this->user); - $USER->auth = 'userkey'; + $USER->auth = 'jwt'; $_POST['return'] = self::REDIRECTION_PATH; try { - $this->auth->user_logout_userkey(); + $this->auth->user_logout_jwt(); } catch (moodle_exception $e) { $this->assertFalse(isloggedin()); $this->assertEquals( diff --git a/tests/core_userkey_manager_test.php b/tests/core_userkey_manager_test.php index a5d1709..73b40a9 100644 --- a/tests/core_userkey_manager_test.php +++ b/tests/core_userkey_manager_test.php @@ -14,21 +14,21 @@ // You should have received a copy of the GNU General Public License // along with Moodle. If not, see . -namespace auth_userkey; +namespace auth_jwt; /** - * Tests for core_userkey_manager class. + * Tests for core_jwt_manager class. * * Key validation is fully covered in auth_plugin_test.php file. * TODO: write tests for validate_key() function. * - * @covers \auth_userkey\core_userkey_manager + * @covers \auth_jwt\core_jwt_manager * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -class core_userkey_manager_test extends \advanced_testcase { +class core_jwt_manager_test extends \advanced_testcase { /** * Test user object. * @var @@ -56,12 +56,12 @@ class core_userkey_manager_test extends \advanced_testcase { } /** - * Test that core_userkey_manager implements userkey_manager_interface interface. + * Test that core_jwt_manager implements jwt_manager_interface interface. */ - public function test_implements_userkey_manager_interface() { - $manager = new core_userkey_manager($this->config); + public function test_implements_jwt_manager_interface() { + $manager = new core_jwt_manager($this->config); - $expected = 'auth_userkey\userkey_manager_interface'; + $expected = 'auth_jwt\jwt_manager_interface'; $this->assertInstanceOf($expected, $manager); } @@ -72,14 +72,14 @@ class core_userkey_manager_test extends \advanced_testcase { global $DB; $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); $this->assertEquals($value, $actualkey->value); $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); + $this->assertEquals('auth/jwt', $actualkey->script); $this->assertEquals($this->user->id, $actualkey->instance); $this->assertEquals(null, $actualkey->iprestriction); $this->assertEquals(time() + 60, $actualkey->validuntil); @@ -93,14 +93,14 @@ class core_userkey_manager_test extends \advanced_testcase { $this->config->iprestriction = true; $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); $this->assertEquals($value, $actualkey->value); $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); + $this->assertEquals('auth/jwt', $actualkey->script); $this->assertEquals($this->user->id, $actualkey->instance); $this->assertEquals('192.168.1.1', $actualkey->iprestriction); $this->assertEquals(time() + 60, $actualkey->validuntil); @@ -113,14 +113,14 @@ class core_userkey_manager_test extends \advanced_testcase { global $DB; $this->config->iprestriction = true; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id, '192.168.1.3'); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); $this->assertEquals($value, $actualkey->value); $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); + $this->assertEquals('auth/jwt', $actualkey->script); $this->assertEquals($this->user->id, $actualkey->instance); $this->assertEquals('192.168.1.3', $actualkey->iprestriction); $this->assertEquals(time() + 60, $actualkey->validuntil); @@ -134,14 +134,14 @@ class core_userkey_manager_test extends \advanced_testcase { $this->config->iprestriction = false; $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); $this->assertEquals($value, $actualkey->value); $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); + $this->assertEquals('auth/jwt', $actualkey->script); $this->assertEquals($this->user->id, $actualkey->instance); $this->assertEquals(null, $actualkey->iprestriction); $this->assertEquals(time() + 60, $actualkey->validuntil); @@ -156,7 +156,7 @@ class core_userkey_manager_test extends \advanced_testcase { $this->config->iprestriction = true; $this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16'; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id, '193.168.1.1'); $_SERVER['HTTP_CLIENT_IP'] = '193.168.1.2'; @@ -177,7 +177,7 @@ class core_userkey_manager_test extends \advanced_testcase { $this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16'; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id, '193.168.1.1'); $_SERVER['HTTP_CLIENT_IP'] = '193.168.1.1'; @@ -196,7 +196,7 @@ class core_userkey_manager_test extends \advanced_testcase { $this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16'; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id, '192.168.1.1'); $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.2'; @@ -213,14 +213,14 @@ class core_userkey_manager_test extends \advanced_testcase { $this->config->iprestriction = false; $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id, '192.168.1.1'); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); $this->assertEquals($value, $actualkey->value); $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); + $this->assertEquals('auth/jwt', $actualkey->script); $this->assertEquals($this->user->id, $actualkey->instance); $this->assertEquals(null, $actualkey->iprestriction); $this->assertEquals(time() + 60, $actualkey->validuntil); @@ -234,14 +234,14 @@ class core_userkey_manager_test extends \advanced_testcase { $this->config->iprestriction = 'string'; $_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1'; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); $this->assertEquals($value, $actualkey->value); $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); + $this->assertEquals('auth/jwt', $actualkey->script); $this->assertEquals($this->user->id, $actualkey->instance); $this->assertEquals('192.168.1.1', $actualkey->iprestriction); $this->assertEquals(time() + 60, $actualkey->validuntil); @@ -253,14 +253,14 @@ class core_userkey_manager_test extends \advanced_testcase { public function test_create_correct_key_if_keylifetime_is_not_set() { global $DB; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); $this->assertEquals($value, $actualkey->value); $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); + $this->assertEquals('auth/jwt', $actualkey->script); $this->assertEquals($this->user->id, $actualkey->instance); $this->assertEquals(null, $actualkey->iprestriction); $this->assertEquals(time() + 60, $actualkey->validuntil); @@ -274,14 +274,14 @@ class core_userkey_manager_test extends \advanced_testcase { $this->config->keylifetime = 3000; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); $this->assertEquals($value, $actualkey->value); $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); + $this->assertEquals('auth/jwt', $actualkey->script); $this->assertEquals($this->user->id, $actualkey->instance); $this->assertEquals(null, $actualkey->iprestriction); $this->assertEquals(time() + 3000, $actualkey->validuntil); @@ -296,14 +296,14 @@ class core_userkey_manager_test extends \advanced_testcase { $this->config->keylifetime = '3000'; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); $this->assertEquals($value, $actualkey->value); $this->assertEquals($this->user->id, $actualkey->userid); - $this->assertEquals('auth/userkey', $actualkey->script); + $this->assertEquals('auth/jwt', $actualkey->script); $this->assertEquals($this->user->id, $actualkey->instance); $this->assertEquals(null, $actualkey->iprestriction); $this->assertEquals(time() + 3000, $actualkey->validuntil); @@ -316,7 +316,7 @@ class core_userkey_manager_test extends \advanced_testcase { public function test_can_delete_created_key() { global $DB; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); $value = $manager->create_key($this->user->id); $keys = $DB->get_records('user_private_key', array('userid' => $this->user->id)); @@ -334,11 +334,11 @@ class core_userkey_manager_test extends \advanced_testcase { public function test_can_delete_all_existing_keys() { global $DB; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); - create_user_key('auth/userkey', $this->user->id); - create_user_key('auth/userkey', $this->user->id); - create_user_key('auth/userkey', $this->user->id); + create_user_key('auth/jwt', $this->user->id); + create_user_key('auth/jwt', $this->user->id); + create_user_key('auth/jwt', $this->user->id); $keys = $DB->get_records('user_private_key', array('userid' => $this->user->id)); $this->assertEquals(3, count($keys)); @@ -355,11 +355,11 @@ class core_userkey_manager_test extends \advanced_testcase { public function test_create_only_one_key() { global $DB; - $manager = new core_userkey_manager($this->config); + $manager = new core_jwt_manager($this->config); - create_user_key('auth/userkey', $this->user->id); - create_user_key('auth/userkey', $this->user->id); - create_user_key('auth/userkey', $this->user->id); + create_user_key('auth/jwt', $this->user->id); + create_user_key('auth/jwt', $this->user->id); + create_user_key('auth/jwt', $this->user->id); $keys = $DB->get_records('user_private_key', array('userid' => $this->user->id)); $this->assertEquals(3, count($keys)); diff --git a/tests/externallib_test.php b/tests/externallib_test.php index ce42203..a999138 100644 --- a/tests/externallib_test.php +++ b/tests/externallib_test.php @@ -14,11 +14,11 @@ // You should have received a copy of the GNU General Public License // along with Moodle. If not, see . -namespace auth_userkey; +namespace auth_jwt; use advanced_testcase; use webservice_access_exception; -use auth_userkey_external; +use auth_jwt_external; use external_api; use invalid_parameter_exception; use required_capability_exception; @@ -27,10 +27,10 @@ use context_system; /** * Tests for externallib.php. * - * @covers \auth_userkey_external + * @covers \auth_jwt_external * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ class externallib_test extends advanced_testcase { @@ -48,7 +48,7 @@ class externallib_test extends advanced_testcase { global $CFG; require_once($CFG->libdir . "/externallib.php"); - require_once($CFG->dirroot . '/auth/userkey/externallib.php'); + require_once($CFG->dirroot . '/auth/jwt/externallib.php'); $this->resetAfterTest(); @@ -70,11 +70,11 @@ class externallib_test extends advanced_testcase { ); $this->expectException(webservice_access_exception::class); - $this->expectExceptionMessage('Access control exception (The userkey authentication plugin is disabled.)'); + $this->expectExceptionMessage('Access control exception (The jwt authentication plugin is disabled.)'); // Simulate the web service server. - $result = auth_userkey_external::request_login_url($params); - $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); + $result = auth_jwt_external::request_login_url($params); + $result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result); } /** @@ -83,7 +83,7 @@ class externallib_test extends advanced_testcase { public function test_successful_webservice_calls() { global $DB, $CFG; - $CFG->auth = "userkey"; + $CFG->auth = "jwt"; $this->setAdminUser(); // Email. @@ -92,64 +92,64 @@ class externallib_test extends advanced_testcase { ); // Simulate the web service server. - $result = auth_userkey_external::request_login_url($params); - $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); + $result = auth_jwt_external::request_login_url($params); + $result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; + $expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); $this->assertTrue(key_exists('loginurl', $result)); $this->assertEquals($expectedurl, $result['loginurl']); // Username. - set_config('mappingfield', 'username', 'auth_userkey'); + set_config('mappingfield', 'username', 'auth_jwt'); $params = array( 'username' => 'username', ); // Simulate the web service server. - $result = auth_userkey_external::request_login_url($params); - $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); + $result = auth_jwt_external::request_login_url($params); + $result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; + $expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); $this->assertTrue(key_exists('loginurl', $result)); $this->assertEquals($expectedurl, $result['loginurl']); // Idnumber. - set_config('mappingfield', 'idnumber', 'auth_userkey'); + set_config('mappingfield', 'idnumber', 'auth_jwt'); $params = array( 'idnumber' => 'idnumber', ); // Simulate the web service server. - $result = auth_userkey_external::request_login_url($params); - $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); + $result = auth_jwt_external::request_login_url($params); + $result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; + $expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); $this->assertTrue(key_exists('loginurl', $result)); $this->assertEquals($expectedurl, $result['loginurl']); // IP restriction. - set_config('iprestriction', true, 'auth_userkey'); - set_config('mappingfield', 'idnumber', 'auth_userkey'); + set_config('iprestriction', true, 'auth_jwt'); + set_config('mappingfield', 'idnumber', 'auth_jwt'); $params = array( 'idnumber' => 'idnumber', 'ip' => '192.168.1.1', ); // Simulate the web service server. - $result = auth_userkey_external::request_login_url($params); - $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); + $result = auth_jwt_external::request_login_url($params); + $result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; + $expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); $this->assertTrue(key_exists('loginurl', $result)); @@ -163,7 +163,7 @@ class externallib_test extends advanced_testcase { global $CFG; $this->setAdminUser(); - $CFG->auth = "userkey"; + $CFG->auth = "jwt"; $params = array( 'bla' => 'exists@test.com', @@ -172,7 +172,7 @@ class externallib_test extends advanced_testcase { $this->expectException(invalid_parameter_exception::class); $this->expectExceptionMessage('Invalid parameter value detected (Required field "email" is not set or empty.)'); - auth_userkey_external::request_login_url($params); + auth_jwt_external::request_login_url($params); } /** @@ -182,9 +182,9 @@ class externallib_test extends advanced_testcase { global $CFG; $this->setAdminUser(); - $CFG->auth = "userkey"; + $CFG->auth = "jwt"; - set_config('iprestriction', true, 'auth_userkey'); + set_config('iprestriction', true, 'auth_jwt'); $params = array( 'email' => 'exists@test.com', @@ -193,7 +193,7 @@ class externallib_test extends advanced_testcase { $this->expectException(invalid_parameter_exception::class); $this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)'); - auth_userkey_external::request_login_url($params); + auth_jwt_external::request_login_url($params); } /** @@ -203,7 +203,7 @@ class externallib_test extends advanced_testcase { global $CFG; $this->setAdminUser(); - $CFG->auth = "userkey"; + $CFG->auth = "jwt"; $params = array( 'email' => 'notexists@test.com', @@ -213,8 +213,8 @@ class externallib_test extends advanced_testcase { $this->expectExceptionMessage('Invalid parameter value detected (User is not exist)'); // Simulate the web service server. - $result = auth_userkey_external::request_login_url($params); - $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); + $result = auth_jwt_external::request_login_url($params); + $result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result); } /** @@ -224,7 +224,7 @@ class externallib_test extends advanced_testcase { global $CFG; $this->setUser($this->user); - $CFG->auth = "userkey"; + $CFG->auth = "jwt"; $params = array( 'email' => 'notexists@test.com', @@ -234,8 +234,8 @@ class externallib_test extends advanced_testcase { $this->expectExceptionMessage('Sorry, but you do not currently have permissions to do that (Generate login user key)'); // Simulate the web service server. - $result = auth_userkey_external::request_login_url($params); - $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); + $result = auth_jwt_external::request_login_url($params); + $result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result); } /** @@ -245,11 +245,11 @@ class externallib_test extends advanced_testcase { global $CFG, $DB; $this->setUser($this->user); - $CFG->auth = "userkey"; + $CFG->auth = "jwt"; $context = context_system::instance(); $studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST); - assign_capability('auth/userkey:generatekey', CAP_ALLOW, $studentrole->id, $context->id); + assign_capability('auth/jwt:generatekey', CAP_ALLOW, $studentrole->id, $context->id); role_assign($studentrole->id, $this->user->id, $context->id); $params = array( @@ -257,11 +257,11 @@ class externallib_test extends advanced_testcase { ); // Simulate the web service server. - $result = auth_userkey_external::request_login_url($params); - $result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result); + $result = auth_jwt_external::request_login_url($params); + $result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result); $actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id)); - $expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value; + $expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value; $this->assertTrue(is_array($result)); $this->assertTrue(key_exists('loginurl', $result)); diff --git a/tests/fake_userkey_manager.php b/tests/fake_userkey_manager.php index 5c554c2..921fac9 100644 --- a/tests/fake_userkey_manager.php +++ b/tests/fake_userkey_manager.php @@ -14,16 +14,16 @@ // You should have received a copy of the GNU General Public License // along with Moodle. If not, see . -namespace auth_userkey; +namespace auth_jwt; /** - * Fake userkey manager for testing. + * Fake jwt manager for testing. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -class fake_userkey_manager implements userkey_manager_interface { +class fake_jwt_manager implements jwt_manager_interface { /** * Create key. diff --git a/version.php b/version.php index 354bc71..1d26dff 100644 --- a/version.php +++ b/version.php @@ -17,8 +17,8 @@ /** * Version details. * - * @package auth_userkey - * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net) + * @package auth_jwt + * @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ @@ -27,6 +27,6 @@ defined('MOODLE_INTERNAL') || die; $plugin->version = 2022081901; // The current plugin version (Date: YYYYMMDDXX). $plugin->release = 2022081901; // Match release exactly to version. $plugin->requires = 2017051500; // Requires Moodle 3.3 version. -$plugin->component = 'auth_userkey'; // Full name of the plugin (used for diagnostics). +$plugin->component = 'auth_jwt'; // Full name of the plugin (used for diagnostics). $plugin->maturity = MATURITY_STABLE; $plugin->supported = [33, 401]; // A range of branch numbers of supported moodle versions.