Rebranded the auth_userkey plugin to auth_jwt, including changes to namespace, class names, and configuration settings to reflect the new jwt-based authentication mechanism. Updated copyright notices and contact information accordingly. This refactoring also includes the introduction of JWT token management using the Firebase JWT library, replacing the user quick keys.
This commit is contained in:
parent
9c9266a826
commit
9a87e9a496
20 changed files with 371 additions and 400 deletions
|
@ -3,7 +3,7 @@ language: php
|
||||||
notifications:
|
notifications:
|
||||||
email:
|
email:
|
||||||
recipients:
|
recipients:
|
||||||
- dmitriim@catalyst-au.net
|
- kumitterer@kumi.systems
|
||||||
|
|
||||||
sudo: false
|
sudo: false
|
||||||
|
|
||||||
|
|
|
@ -181,8 +181,6 @@ This plugin was developed by Catalyst IT Australia:
|
||||||
|
|
||||||
https://www.catalyst-au.net/
|
https://www.catalyst-au.net/
|
||||||
|
|
||||||
![Catalyst IT](/pix/catalyst-logo.png?raw=true)
|
|
||||||
|
|
||||||
# Contributing and Support
|
# Contributing and Support
|
||||||
|
|
||||||
Issues, and pull requests using github are welcome and encouraged!
|
Issues, and pull requests using github are welcome and encouraged!
|
||||||
|
|
62
auth.php
62
auth.php
|
@ -17,15 +17,15 @@
|
||||||
/**
|
/**
|
||||||
* User key auth method.
|
* User key auth method.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
defined('MOODLE_INTERNAL') || die();
|
defined('MOODLE_INTERNAL') || die();
|
||||||
|
|
||||||
use auth_userkey\core_userkey_manager;
|
use auth_jwt\core_jwt_manager;
|
||||||
use auth_userkey\userkey_manager_interface;
|
use auth_jwt\jwt_manager_interface;
|
||||||
|
|
||||||
require_once($CFG->libdir . "/externallib.php");
|
require_once($CFG->libdir . "/externallib.php");
|
||||||
require_once($CFG->libdir.'/authlib.php');
|
require_once($CFG->libdir.'/authlib.php');
|
||||||
|
@ -34,7 +34,7 @@ require_once($CFG->dirroot . '/user/lib.php');
|
||||||
/**
|
/**
|
||||||
* User key authentication plugin.
|
* User key authentication plugin.
|
||||||
*/
|
*/
|
||||||
class auth_plugin_userkey extends auth_plugin_base {
|
class auth_plugin_jwt extends auth_plugin_base {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default mapping field.
|
* Default mapping field.
|
||||||
|
@ -44,9 +44,9 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
/**
|
/**
|
||||||
* User key manager.
|
* User key manager.
|
||||||
*
|
*
|
||||||
* @var userkey_manager_interface
|
* @var jwt_manager_interface
|
||||||
*/
|
*/
|
||||||
protected $userkeymanager;
|
protected $jwtmanager;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Defaults for config form.
|
* Defaults for config form.
|
||||||
|
@ -68,9 +68,9 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
* Constructor.
|
* Constructor.
|
||||||
*/
|
*/
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
$this->authtype = 'userkey';
|
$this->authtype = 'jwt';
|
||||||
$this->config = get_config('auth_userkey');
|
$this->config = get_config('auth_jwt');
|
||||||
$this->userkeymanager = new core_userkey_manager($this->config);
|
$this->jwtmanager = new core_jwt_manager($this->config);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -113,7 +113,7 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
*/
|
*/
|
||||||
protected function redirect($url) {
|
protected function redirect($url) {
|
||||||
if (CLI_SCRIPT || AJAX_SCRIPT) {
|
if (CLI_SCRIPT || AJAX_SCRIPT) {
|
||||||
throw new moodle_exception('redirecterrordetected', 'auth_userkey', '', $url);
|
throw new moodle_exception('redirecterrordetected', 'auth_jwt', '', $url);
|
||||||
}
|
}
|
||||||
|
|
||||||
redirect($url);
|
redirect($url);
|
||||||
|
@ -132,11 +132,11 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Logs a user in using userkey and redirects after.
|
* Logs a user in using jwt and redirects after.
|
||||||
*
|
*
|
||||||
* @throws \moodle_exception If something went wrong.
|
* @throws \moodle_exception If something went wrong.
|
||||||
*/
|
*/
|
||||||
public function user_login_userkey() {
|
public function user_login_jwt() {
|
||||||
global $SESSION, $CFG, $USER;
|
global $SESSION, $CFG, $USER;
|
||||||
|
|
||||||
$keyvalue = required_param('key', PARAM_ALPHANUM);
|
$keyvalue = required_param('key', PARAM_ALPHANUM);
|
||||||
|
@ -149,7 +149,7 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$key = $this->userkeymanager->validate_key($keyvalue);
|
$key = $this->jwtmanager->validate_key($keyvalue);
|
||||||
} catch (moodle_exception $exception) {
|
} catch (moodle_exception $exception) {
|
||||||
// If user is logged in and key is not valid, we'd like to logout a user.
|
// If user is logged in and key is not valid, we'd like to logout a user.
|
||||||
if (isloggedin()) {
|
if (isloggedin()) {
|
||||||
|
@ -164,18 +164,18 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
require_logout();
|
require_logout();
|
||||||
} else {
|
} else {
|
||||||
// Don't process further if the user is already logged in.
|
// Don't process further if the user is already logged in.
|
||||||
$this->userkeymanager->delete_keys($key->userid);
|
$this->jwtmanager->delete_keys($key->userid);
|
||||||
$this->redirect($redirecturl);
|
$this->redirect($redirecturl);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->userkeymanager->delete_keys($key->userid);
|
$this->jwtmanager->delete_keys($key->userid);
|
||||||
|
|
||||||
$user = get_complete_user_data('id', $key->userid);
|
$user = get_complete_user_data('id', $key->userid);
|
||||||
complete_user_login($user);
|
complete_user_login($user);
|
||||||
|
|
||||||
// Identify this session as using user key auth method.
|
// Identify this session as using user key auth method.
|
||||||
$SESSION->userkey = true;
|
$SESSION->jwt = true;
|
||||||
|
|
||||||
$this->redirect($redirecturl);
|
$this->redirect($redirecturl);
|
||||||
}
|
}
|
||||||
|
@ -208,14 +208,14 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Set userkey manager.
|
* Set jwt manager.
|
||||||
*
|
*
|
||||||
* This function is the only way to inject dependency, because of the way auth plugins work.
|
* This function is the only way to inject dependency, because of the way auth plugins work.
|
||||||
*
|
*
|
||||||
* @param \auth_userkey\userkey_manager_interface $keymanager
|
* @param \auth_jwt\jwt_manager_interface $keymanager
|
||||||
*/
|
*/
|
||||||
public function set_userkey_manager(userkey_manager_interface $keymanager) {
|
public function set_jwt_manager(jwt_manager_interface $keymanager) {
|
||||||
$this->userkeymanager = $keymanager;
|
$this->jwtmanager = $keymanager;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -282,7 +282,7 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
|
|
||||||
$user = $data;
|
$user = $data;
|
||||||
unset($user['ip']);
|
unset($user['ip']);
|
||||||
$user['auth'] = 'userkey';
|
$user['auth'] = 'jwt';
|
||||||
$user['confirmed'] = 1;
|
$user['confirmed'] = 1;
|
||||||
$user['mnethostid'] = $CFG->mnet_localhost_id;
|
$user['mnethostid'] = $CFG->mnet_localhost_id;
|
||||||
|
|
||||||
|
@ -324,7 +324,7 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
|
|
||||||
$userdata = $data;
|
$userdata = $data;
|
||||||
unset($userdata['ip']);
|
unset($userdata['ip']);
|
||||||
$userdata['auth'] = 'userkey';
|
$userdata['auth'] = 'jwt';
|
||||||
|
|
||||||
$changed = false;
|
$changed = false;
|
||||||
foreach ($userdata as $key => $value) {
|
foreach ($userdata as $key => $value) {
|
||||||
|
@ -449,7 +449,7 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
$user = $this->get_user($data);
|
$user = $this->get_user($data);
|
||||||
$ips = $this->get_allowed_ips($data);
|
$ips = $this->get_allowed_ips($data);
|
||||||
|
|
||||||
return $this->userkeymanager->create_key($user->id, $ips);
|
return $this->jwtmanager->create_key($user->id, $ips);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -465,9 +465,9 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
global $CFG;
|
global $CFG;
|
||||||
|
|
||||||
$userdata = $this->validate_user_data($data);
|
$userdata = $this->validate_user_data($data);
|
||||||
$userkey = $this->generate_user_key($userdata);
|
$jwt = $this->generate_user_key($userdata);
|
||||||
|
|
||||||
return $CFG->wwwroot . '/auth/userkey/login.php?key=' . $userkey;
|
return $CFG->wwwroot . '/auth/jwt/login.php?key=' . $jwt;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -605,7 +605,7 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
protected function should_logout_redirect() {
|
protected function should_logout_redirect() {
|
||||||
global $SESSION;
|
global $SESSION;
|
||||||
|
|
||||||
if (!isset($SESSION->userkey)) {
|
if (!isset($SESSION->jwt)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -639,19 +639,19 @@ class auth_plugin_userkey extends auth_plugin_base {
|
||||||
/**
|
/**
|
||||||
* Log out user and redirect.
|
* Log out user and redirect.
|
||||||
*/
|
*/
|
||||||
public function user_logout_userkey() {
|
public function user_logout_jwt() {
|
||||||
global $CFG, $USER;
|
global $CFG, $USER;
|
||||||
|
|
||||||
$redirect = required_param('return', PARAM_LOCALURL);
|
$redirect = required_param('return', PARAM_LOCALURL);
|
||||||
|
|
||||||
// We redirect when user's session in Moodle already has expired
|
// We redirect when user's session in Moodle already has expired
|
||||||
// or the user is still logged in using "userkey" auth type.
|
// or the user is still logged in using "jwt" auth type.
|
||||||
if (!isloggedin() || $USER->auth == 'userkey') {
|
if (!isloggedin() || $USER->auth == 'jwt') {
|
||||||
require_logout();
|
require_logout();
|
||||||
$this->redirect($redirect);
|
$this->redirect($redirect);
|
||||||
} else {
|
} else {
|
||||||
// If logged in with different auth type, then display an error.
|
// If logged in with different auth type, then display an error.
|
||||||
throw new moodle_exception('incorrectlogout', 'auth_userkey', $CFG->wwwroot);
|
throw new moodle_exception('incorrectlogout', 'auth_jwt', $CFG->wwwroot);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,21 +14,19 @@
|
||||||
// You should have received a copy of the GNU General Public License
|
// You should have received a copy of the GNU General Public License
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
namespace auth_userkey;
|
namespace auth_jwt;
|
||||||
|
|
||||||
|
use \Firebase\JWT\JWT;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Key manager class.
|
* Key manager class.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
class core_userkey_manager implements userkey_manager_interface {
|
class core_jwt_manager
|
||||||
|
{
|
||||||
/**
|
|
||||||
* This script script required by core create_user_key().
|
|
||||||
*/
|
|
||||||
const CORE_USER_KEY_MANAGER_SCRIPT = 'auth/userkey';
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Default life time of the user key in seconds.
|
* Default life time of the user key in seconds.
|
||||||
|
@ -47,7 +45,8 @@ class core_userkey_manager implements userkey_manager_interface {
|
||||||
*
|
*
|
||||||
* @param \stdClass $config
|
* @param \stdClass $config
|
||||||
*/
|
*/
|
||||||
public function __construct(\stdClass $config) {
|
public function __construct(\stdClass $config)
|
||||||
|
{
|
||||||
$this->config = $config;
|
$this->config = $config;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -59,41 +58,26 @@ class core_userkey_manager implements userkey_manager_interface {
|
||||||
*
|
*
|
||||||
* @return string Generated key.
|
* @return string Generated key.
|
||||||
*/
|
*/
|
||||||
public function create_key($userid, $allowedips = null) {
|
public function create_key($userid, $allowedips = null)
|
||||||
$this->delete_keys($userid);
|
{
|
||||||
|
|
||||||
if (isset($this->config->keylifetime) && (int)$this->config->keylifetime > 0) {
|
if (isset($this->config->keylifetime) && (int)$this->config->keylifetime > 0) {
|
||||||
$validuntil = time() + $this->config->keylifetime;
|
$validuntil = time() + $this->config->keylifetime;
|
||||||
} else {
|
} else {
|
||||||
$validuntil = time() + self::DEFAULT_KEY_LIFE_TIME_IN_SECONDS;
|
$validuntil = time() + self::DEFAULT_KEY_LIFE_TIME_IN_SECONDS;
|
||||||
}
|
}
|
||||||
|
|
||||||
$iprestriction = null;
|
$payload = [
|
||||||
|
'userid' => $userid,
|
||||||
|
'exp' => $validuntil
|
||||||
|
];
|
||||||
|
|
||||||
if (isset($this->config->iprestriction) && !empty($this->config->iprestriction)) {
|
|
||||||
if ($allowedips) {
|
if ($allowedips) {
|
||||||
$iprestriction = $allowedips;
|
$payload['allowedips'] = $allowedips;
|
||||||
} else {
|
|
||||||
$iprestriction = getremoteaddr(null);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return create_user_key(
|
$secret = $this->config->jwtsecret;
|
||||||
self::CORE_USER_KEY_MANAGER_SCRIPT,
|
|
||||||
$userid,
|
|
||||||
$userid,
|
|
||||||
$iprestriction,
|
|
||||||
$validuntil
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
return JWT::encode($payload, $secret);
|
||||||
* Delete all keys for a specific user.
|
|
||||||
*
|
|
||||||
* @param int $userid User ID.
|
|
||||||
*/
|
|
||||||
public function delete_keys($userid) {
|
|
||||||
delete_user_key(self::CORE_USER_KEY_MANAGER_SCRIPT, $userid);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -105,28 +89,23 @@ class core_userkey_manager implements userkey_manager_interface {
|
||||||
*
|
*
|
||||||
* @throws \moodle_exception If provided key is not valid.
|
* @throws \moodle_exception If provided key is not valid.
|
||||||
*/
|
*/
|
||||||
public function validate_key($keyvalue) {
|
public function validate_key($keyvalue)
|
||||||
global $DB;
|
{
|
||||||
|
$secret = $this->config->jwtsecret;
|
||||||
|
|
||||||
$options = array(
|
try {
|
||||||
'script' => self::CORE_USER_KEY_MANAGER_SCRIPT,
|
$decoded = JWT::decode($keyvalue, $secret, ['HS256']);
|
||||||
'value' => $keyvalue
|
} catch (\Exception $e) {
|
||||||
);
|
|
||||||
|
|
||||||
if (!$key = $DB->get_record('user_private_key', $options)) {
|
|
||||||
throw new \moodle_exception('invalidkey');
|
throw new \moodle_exception('invalidkey');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!empty($key->validuntil) && $key->validuntil < time()) {
|
if (!empty($decoded->exp) && $decoded->exp < time()) {
|
||||||
throw new \moodle_exception('expiredkey');
|
throw new \moodle_exception('expiredkey');
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->validate_ip_address($key);
|
$this->validate_ip_address($decoded);
|
||||||
|
|
||||||
if (!$user = $DB->get_record('user', array('id' => $key->userid))) {
|
return $decoded;
|
||||||
throw new \moodle_exception('invaliduserid');
|
|
||||||
}
|
|
||||||
return $key;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -136,30 +115,24 @@ class core_userkey_manager implements userkey_manager_interface {
|
||||||
*
|
*
|
||||||
* @throws \moodle_exception If provided key is not valid.
|
* @throws \moodle_exception If provided key is not valid.
|
||||||
*/
|
*/
|
||||||
protected function validate_ip_address($key) {
|
protected function validate_ip_address($key)
|
||||||
if (!$key->iprestriction) {
|
{
|
||||||
|
if (empty($key->allowedips)) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
$remoteaddr = getremoteaddr(null);
|
$remoteaddr = getremoteaddr(null);
|
||||||
|
|
||||||
if (empty($remoteaddr)) {
|
if (empty($remoteaddr)) {
|
||||||
throw new \moodle_exception('noip', 'auth_userkey');
|
throw new \moodle_exception('noip', 'auth_jwt');
|
||||||
}
|
}
|
||||||
|
|
||||||
if (address_in_subnet($remoteaddr, $key->iprestriction)) {
|
foreach ($key->allowedips as $allowedip) {
|
||||||
return true;
|
if (address_in_subnet($remoteaddr, $allowedip)) {
|
||||||
}
|
|
||||||
|
|
||||||
if (isset($this->config->ipwhitelist)) {
|
|
||||||
$ips = explode(';', $this->config->ipwhitelist);
|
|
||||||
foreach ($ips as $ip) {
|
|
||||||
if (address_in_subnet($remoteaddr, $ip)) {
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
throw new \moodle_exception('ipmismatch', 'error', '', null, "Remote address: $remoteaddr\nKey IP: $key->iprestriction");
|
throw new \moodle_exception('ipmismatch', 'error', '', null, "Remote address: $remoteaddr\nKey IP: " . implode(', ', $key->allowedips));
|
||||||
}
|
}
|
||||||
}
|
}
|
|
@ -17,19 +17,20 @@
|
||||||
/**
|
/**
|
||||||
* Key manager interface.
|
* Key manager interface.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
namespace auth_userkey;
|
namespace auth_jwt;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Interface userkey_manager_interface describes key manager behaviour.
|
* Interface jwt_manager_interface describes key manager behaviour.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
*/
|
*/
|
||||||
interface userkey_manager_interface {
|
interface jwt_manager_interface
|
||||||
|
{
|
||||||
/**
|
/**
|
||||||
* Create a user key.
|
* Create a user key.
|
||||||
*
|
*
|
||||||
|
@ -57,5 +58,4 @@ interface userkey_manager_interface {
|
||||||
* @throws \moodle_exception If provided key is not valid.
|
* @throws \moodle_exception If provided key is not valid.
|
||||||
*/
|
*/
|
||||||
public function validate_key($keyvalue);
|
public function validate_key($keyvalue);
|
||||||
|
|
||||||
}
|
}
|
|
@ -17,13 +17,13 @@
|
||||||
/**
|
/**
|
||||||
* Privacy provider.
|
* Privacy provider.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @author Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @author Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @copyright 2020 Catalyst IT
|
* @copyright 2020 Catalyst IT
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
namespace auth_userkey\privacy;
|
namespace auth_jwt\privacy;
|
||||||
|
|
||||||
use core_privacy\local\metadata\null_provider;
|
use core_privacy\local\metadata\null_provider;
|
||||||
use core_privacy\local\legacy_polyfill;
|
use core_privacy\local\legacy_polyfill;
|
||||||
|
|
|
@ -17,15 +17,15 @@
|
||||||
/**
|
/**
|
||||||
* User key auth method caps.
|
* User key auth method caps.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
defined('MOODLE_INTERNAL') || die();
|
defined('MOODLE_INTERNAL') || die();
|
||||||
|
|
||||||
$capabilities = array(
|
$capabilities = array(
|
||||||
'auth/userkey:generatekey' => array(
|
'auth/jwt:generatekey' => array(
|
||||||
'riskbitmask' => RISK_PERSONAL | RISK_SPAM | RISK_XSS ,
|
'riskbitmask' => RISK_PERSONAL | RISK_SPAM | RISK_XSS ,
|
||||||
|
|
||||||
'captype' => 'write',
|
'captype' => 'write',
|
||||||
|
|
|
@ -15,29 +15,29 @@
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Web services for auth_userkey.
|
* Web services for auth_jwt.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
defined('MOODLE_INTERNAL') || die;
|
defined('MOODLE_INTERNAL') || die;
|
||||||
|
|
||||||
$functions = array(
|
$functions = array(
|
||||||
'auth_userkey_request_login_url' => array(
|
'auth_jwt_request_login_url' => array(
|
||||||
'classname' => 'auth_userkey_external',
|
'classname' => 'auth_jwt_external',
|
||||||
'methodname' => 'request_login_url',
|
'methodname' => 'request_login_url',
|
||||||
'classpath' => 'auth/userkey/externallib.php',
|
'classpath' => 'auth/jwt/externallib.php',
|
||||||
'description' => 'Return one time key based login URL',
|
'description' => 'Return one time key based login URL',
|
||||||
'type' => 'write',
|
'type' => 'write',
|
||||||
'capabilities' => 'auth/userkey:generatekey',
|
'capabilities' => 'auth/jwt:generatekey',
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
|
||||||
$services = array(
|
$services = array(
|
||||||
'User key authentication web service' => array(
|
'User key authentication web service' => array(
|
||||||
'functions' => array ('auth_userkey_request_login_url'),
|
'functions' => array ('auth_jwt_request_login_url'),
|
||||||
'restrictedusers' => 1,
|
'restrictedusers' => 1,
|
||||||
'enabled' => 1,
|
'enabled' => 1,
|
||||||
)
|
)
|
||||||
|
|
|
@ -17,8 +17,8 @@
|
||||||
/**
|
/**
|
||||||
* Upgrade script.
|
* Upgrade script.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2018 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2018 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
@ -28,13 +28,13 @@
|
||||||
* @param string $oldversion Old version of the plugin.
|
* @param string $oldversion Old version of the plugin.
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
function xmldb_auth_userkey_upgrade($oldversion) {
|
function xmldb_auth_jwt_upgrade($oldversion) {
|
||||||
global $DB;
|
global $DB;
|
||||||
|
|
||||||
if ($oldversion < 2018050200) {
|
if ($oldversion < 2018050200) {
|
||||||
// Confirm all previously created users.
|
// Confirm all previously created users.
|
||||||
$DB->execute("UPDATE {user} SET confirmed=? WHERE auth=?", array(1, 'userkey'));
|
$DB->execute("UPDATE {user} SET confirmed=? WHERE auth=?", array(1, 'jwt'));
|
||||||
upgrade_plugin_savepoint(true, 2018050200, 'auth', 'userkey');
|
upgrade_plugin_savepoint(true, 2018050200, 'auth', 'jwt');
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
|
|
|
@ -15,10 +15,10 @@
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Webservices for auth_userkey.
|
* Webservices for auth_jwt.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
@ -26,16 +26,16 @@ defined('MOODLE_INTERNAL') || die();
|
||||||
|
|
||||||
require_once($CFG->libdir . "/externallib.php");
|
require_once($CFG->libdir . "/externallib.php");
|
||||||
require_once($CFG->dirroot . "/webservice/lib.php");
|
require_once($CFG->dirroot . "/webservice/lib.php");
|
||||||
require_once($CFG->dirroot . "/auth/userkey/auth.php");
|
require_once($CFG->dirroot . "/auth/jwt/auth.php");
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Webservices for auth_userkey.
|
* Webservices for auth_jwt.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
class auth_userkey_external extends external_api {
|
class auth_jwt_external extends external_api {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return request_login_url webservice parameters.
|
* Return request_login_url webservice parameters.
|
||||||
|
@ -46,7 +46,7 @@ class auth_userkey_external extends external_api {
|
||||||
return new external_function_parameters(
|
return new external_function_parameters(
|
||||||
array(
|
array(
|
||||||
'user' => new external_single_structure(
|
'user' => new external_single_structure(
|
||||||
get_auth_plugin('userkey')->get_request_login_url_user_parameters()
|
get_auth_plugin('jwt')->get_request_login_url_user_parameters()
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
|
@ -64,14 +64,14 @@ class auth_userkey_external extends external_api {
|
||||||
*/
|
*/
|
||||||
public static function request_login_url($user) {
|
public static function request_login_url($user) {
|
||||||
|
|
||||||
if (!is_enabled_auth('userkey')) {
|
if (!is_enabled_auth('jwt')) {
|
||||||
throw new webservice_access_exception(get_string('pluginisdisabled', 'auth_userkey'));
|
throw new webservice_access_exception(get_string('pluginisdisabled', 'auth_jwt'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$context = context_system::instance();
|
$context = context_system::instance();
|
||||||
require_capability('auth/userkey:generatekey', $context);
|
require_capability('auth/jwt:generatekey', $context);
|
||||||
|
|
||||||
$auth = get_auth_plugin('userkey');
|
$auth = get_auth_plugin('jwt');
|
||||||
$loginurl = $auth->get_login_url($user);
|
$loginurl = $auth->get_login_url($user);
|
||||||
|
|
||||||
return array(
|
return array(
|
||||||
|
|
|
@ -15,17 +15,17 @@
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Strings for auth_userkey.
|
* Strings for auth_jwt.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
defined('MOODLE_INTERNAL') || die;
|
defined('MOODLE_INTERNAL') || die;
|
||||||
|
|
||||||
$string['pluginname'] = 'User key authentication';
|
$string['pluginname'] = 'User key authentication';
|
||||||
$string['auth_userkeydescription'] = 'Log in to Moodle using one time user key.';
|
$string['auth_jwtdescription'] = 'Log in to Moodle using one time user key.';
|
||||||
$string['mappingfield'] = 'Mapping field';
|
$string['mappingfield'] = 'Mapping field';
|
||||||
$string['mappingfield_desc'] = 'This user field will be used to find relevant user in the LMS.';
|
$string['mappingfield_desc'] = 'This user field will be used to find relevant user in the LMS.';
|
||||||
$string['iprestriction'] = 'IP restriction';
|
$string['iprestriction'] = 'IP restriction';
|
||||||
|
@ -46,8 +46,8 @@ $string['redirecturl'] = 'Logout redirect URL';
|
||||||
$string['redirecturl_desc'] = 'Optionally you can redirect users to this URL after they logged out from LMS.';
|
$string['redirecturl_desc'] = 'Optionally you can redirect users to this URL after they logged out from LMS.';
|
||||||
$string['incorrectredirecturl'] = 'You should provide valid URL';
|
$string['incorrectredirecturl'] = 'You should provide valid URL';
|
||||||
$string['incorrectssourl'] = 'You should provide valid URL';
|
$string['incorrectssourl'] = 'You should provide valid URL';
|
||||||
$string['userkey:generatekey'] = 'Generate login user key';
|
$string['jwt:generatekey'] = 'Generate login user key';
|
||||||
$string['pluginisdisabled'] = 'The userkey authentication plugin is disabled.';
|
$string['pluginisdisabled'] = 'The jwt authentication plugin is disabled.';
|
||||||
$string['ssourl'] = 'URL of SSO host';
|
$string['ssourl'] = 'URL of SSO host';
|
||||||
$string['ssourl_desc'] = 'URL of the SSO host to redirect users to. If defined users will be redirected here on login instead of the Moodle Login page';
|
$string['ssourl_desc'] = 'URL of the SSO host to redirect users to. If defined users will be redirected here on login instead of the Moodle Login page';
|
||||||
$string['redirecterrordetected'] = 'Unsupported redirect to {$a} detected, execution terminated.';
|
$string['redirecterrordetected'] = 'Unsupported redirect to {$a} detected, execution terminated.';
|
12
login.php
12
login.php
|
@ -15,17 +15,17 @@
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Login page for auth_userkey.
|
* Login page for auth_jwt.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
require_once(dirname(__FILE__) . '/../../config.php');
|
require_once(dirname(__FILE__) . '/../../config.php');
|
||||||
|
|
||||||
if (!is_enabled_auth('userkey')) {
|
if (!is_enabled_auth('jwt')) {
|
||||||
throw new moodle_exception(get_string('pluginisdisabled', 'auth_userkey'));
|
throw new moodle_exception(get_string('pluginisdisabled', 'auth_jwt'));
|
||||||
}
|
}
|
||||||
|
|
||||||
get_auth_plugin('userkey')->user_login_userkey();
|
get_auth_plugin('jwt')->user_login_jwt();
|
||||||
|
|
12
logout.php
12
logout.php
|
@ -15,17 +15,17 @@
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Logout page for auth_userkey.
|
* Logout page for auth_jwt.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
require_once(dirname(__FILE__) . '/../../config.php');
|
require_once(dirname(__FILE__) . '/../../config.php');
|
||||||
|
|
||||||
if (!is_enabled_auth('userkey')) {
|
if (!is_enabled_auth('jwt')) {
|
||||||
throw new moodle_exception(get_string('pluginisdisabled', 'auth_userkey'));
|
throw new moodle_exception(get_string('pluginisdisabled', 'auth_jwt'));
|
||||||
}
|
}
|
||||||
|
|
||||||
get_auth_plugin('userkey')->user_logout_userkey();
|
get_auth_plugin('jwt')->user_logout_jwt();
|
||||||
|
|
Binary file not shown.
Before Width: | Height: | Size: 5.2 KiB |
48
settings.php
48
settings.php
|
@ -17,8 +17,8 @@
|
||||||
/**
|
/**
|
||||||
* Admin settings and defaults
|
* Admin settings and defaults
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2017 Stephen Bourget
|
* @copyright 2017 Stephen Bourget, 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
@ -26,42 +26,42 @@ defined('MOODLE_INTERNAL') || die;
|
||||||
|
|
||||||
if ($ADMIN->fulltree) {
|
if ($ADMIN->fulltree) {
|
||||||
$yesno = array(get_string('no'), get_string('yes'));
|
$yesno = array(get_string('no'), get_string('yes'));
|
||||||
$fields = get_auth_plugin('userkey')->get_allowed_mapping_fields();
|
$fields = get_auth_plugin('jwt')->get_allowed_mapping_fields();
|
||||||
|
|
||||||
$settings->add(new admin_setting_configselect('auth_userkey/mappingfield',
|
$settings->add(new admin_setting_configselect('auth_jwt/mappingfield',
|
||||||
new lang_string('mappingfield', 'auth_userkey'),
|
new lang_string('mappingfield', 'auth_jwt'),
|
||||||
new lang_string('mappingfield_desc', 'auth_userkey'), 0, $fields));
|
new lang_string('mappingfield_desc', 'auth_jwt'), 0, $fields));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configtext('auth_userkey/keylifetime', get_string('keylifetime', 'auth_userkey'),
|
$settings->add(new admin_setting_configtext('auth_jwt/keylifetime', get_string('keylifetime', 'auth_jwt'),
|
||||||
get_string('keylifetime_desc', 'auth_userkey', 'auth'),
|
get_string('keylifetime_desc', 'auth_jwt', 'auth'),
|
||||||
'60', PARAM_INT));
|
'60', PARAM_INT));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configselect('auth_userkey/iprestriction',
|
$settings->add(new admin_setting_configselect('auth_jwt/iprestriction',
|
||||||
new lang_string('iprestriction', 'auth_userkey'),
|
new lang_string('iprestriction', 'auth_jwt'),
|
||||||
new lang_string('iprestriction_desc', 'auth_userkey'), 0, $yesno));
|
new lang_string('iprestriction_desc', 'auth_jwt'), 0, $yesno));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configtext('auth_userkey/ipwhitelist', get_string('ipwhitelist', 'auth_userkey'),
|
$settings->add(new admin_setting_configtext('auth_jwt/ipwhitelist', get_string('ipwhitelist', 'auth_jwt'),
|
||||||
get_string('ipwhitelist_desc', 'auth_userkey', 'auth'),
|
get_string('ipwhitelist_desc', 'auth_jwt', 'auth'),
|
||||||
'', PARAM_TEXT));
|
'', PARAM_TEXT));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configtext('auth_userkey/redirecturl', get_string('redirecturl', 'auth_userkey'),
|
$settings->add(new admin_setting_configtext('auth_jwt/redirecturl', get_string('redirecturl', 'auth_jwt'),
|
||||||
get_string('redirecturl_desc', 'auth_userkey', 'auth'),
|
get_string('redirecturl_desc', 'auth_jwt', 'auth'),
|
||||||
'', PARAM_URL));
|
'', PARAM_URL));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configtext('auth_userkey/ssourl', get_string('ssourl', 'auth_userkey'),
|
$settings->add(new admin_setting_configtext('auth_jwt/ssourl', get_string('ssourl', 'auth_jwt'),
|
||||||
get_string('ssourl_desc', 'auth_userkey', 'auth'),
|
get_string('ssourl_desc', 'auth_jwt', 'auth'),
|
||||||
'', PARAM_URL));
|
'', PARAM_URL));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configselect('auth_userkey/createuser',
|
$settings->add(new admin_setting_configselect('auth_jwt/createuser',
|
||||||
new lang_string('createuser', 'auth_userkey'),
|
new lang_string('createuser', 'auth_jwt'),
|
||||||
new lang_string('createuser_desc', 'auth_userkey'), 0, $yesno));
|
new lang_string('createuser_desc', 'auth_jwt'), 0, $yesno));
|
||||||
|
|
||||||
$settings->add(new admin_setting_configselect('auth_userkey/updateuser',
|
$settings->add(new admin_setting_configselect('auth_jwt/updateuser',
|
||||||
new lang_string('updateuser', 'auth_userkey'),
|
new lang_string('updateuser', 'auth_jwt'),
|
||||||
new lang_string('updateuser_desc', 'auth_userkey'), 0, $yesno));
|
new lang_string('updateuser_desc', 'auth_jwt'), 0, $yesno));
|
||||||
|
|
||||||
// Display locking / mapping of profile fields.
|
// Display locking / mapping of profile fields.
|
||||||
$authplugin = get_auth_plugin('userkey');
|
$authplugin = get_auth_plugin('jwt');
|
||||||
display_auth_lock_options($settings, $authplugin->authtype,
|
display_auth_lock_options($settings, $authplugin->authtype,
|
||||||
$authplugin->userfields, get_string('auth_fieldlocks_help', 'auth'), false, false);
|
$authplugin->userfields, get_string('auth_fieldlocks_help', 'auth'), false, false);
|
||||||
}
|
}
|
||||||
|
|
|
@ -14,28 +14,28 @@
|
||||||
// You should have received a copy of the GNU General Public License
|
// You should have received a copy of the GNU General Public License
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
namespace auth_userkey;
|
namespace auth_jwt;
|
||||||
|
|
||||||
use advanced_testcase;
|
use advanced_testcase;
|
||||||
use auth_plugin_userkey;
|
use auth_plugin_jwt;
|
||||||
use stdClass;
|
use stdClass;
|
||||||
use invalid_parameter_exception;
|
use invalid_parameter_exception;
|
||||||
use moodle_exception;
|
use moodle_exception;
|
||||||
use external_value;
|
use external_value;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for auth_plugin_userkey class.
|
* Tests for auth_plugin_jwt class.
|
||||||
*
|
*
|
||||||
* @covers \auth_plugin_userkey
|
* @covers \auth_plugin_jwt
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
class auth_plugin_test extends advanced_testcase {
|
class auth_plugin_test extends advanced_testcase {
|
||||||
/**
|
/**
|
||||||
* An instance of auth_plugin_userkey class.
|
* An instance of auth_plugin_jwt class.
|
||||||
* @var auth_plugin_userkey
|
* @var auth_plugin_jwt
|
||||||
*/
|
*/
|
||||||
protected $auth;
|
protected $auth;
|
||||||
|
|
||||||
|
@ -58,15 +58,15 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
global $CFG;
|
global $CFG;
|
||||||
|
|
||||||
require_once($CFG->libdir . "/externallib.php");
|
require_once($CFG->libdir . "/externallib.php");
|
||||||
require_once($CFG->dirroot . '/auth/userkey/tests/fake_userkey_manager.php');
|
require_once($CFG->dirroot . '/auth/jwt/tests/fake_jwt_manager.php');
|
||||||
require_once($CFG->dirroot . '/auth/userkey/auth.php');
|
require_once($CFG->dirroot . '/auth/jwt/auth.php');
|
||||||
require_once($CFG->dirroot . '/user/lib.php');
|
require_once($CFG->dirroot . '/user/lib.php');
|
||||||
|
|
||||||
parent::setUp();
|
parent::setUp();
|
||||||
|
|
||||||
$this->resetAfterTest();
|
$this->resetAfterTest();
|
||||||
$CFG->getremoteaddrconf = GETREMOTEADDR_SKIP_HTTP_X_FORWARDED_FOR;
|
$CFG->getremoteaddrconf = GETREMOTEADDR_SKIP_HTTP_X_FORWARDED_FOR;
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
$this->user = self::getDataGenerator()->create_user();
|
$this->user = self::getDataGenerator()->create_user();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -102,7 +102,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$record->timecreated = time();
|
$record->timecreated = time();
|
||||||
}
|
}
|
||||||
|
|
||||||
$record->script = 'auth/userkey';
|
$record->script = 'auth/jwt';
|
||||||
|
|
||||||
$DB->insert_record('user_private_key', $record);
|
$DB->insert_record('user_private_key', $record);
|
||||||
}
|
}
|
||||||
|
@ -112,7 +112,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
*/
|
*/
|
||||||
public function test_users_can_not_login_using_login_form() {
|
public function test_users_can_not_login_using_login_form() {
|
||||||
$user = new stdClass();
|
$user = new stdClass();
|
||||||
$user->auth = 'userkey';
|
$user->auth = 'jwt';
|
||||||
$user->username = 'username';
|
$user->username = 'username';
|
||||||
$user->password = 'correctpassword';
|
$user->password = 'correctpassword';
|
||||||
|
|
||||||
|
@ -162,20 +162,20 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->auth->logoutpage_hook();
|
$this->auth->logoutpage_hook();
|
||||||
$this->assertEquals('', $redirect);
|
$this->assertEquals('', $redirect);
|
||||||
|
|
||||||
$SESSION->userkey = true;
|
$SESSION->jwt = true;
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
$this->auth->logoutpage_hook();
|
$this->auth->logoutpage_hook();
|
||||||
$this->assertEquals('', $redirect);
|
$this->assertEquals('', $redirect);
|
||||||
|
|
||||||
unset($SESSION->userkey);
|
unset($SESSION->jwt);
|
||||||
set_config('redirecturl', 'http://example.com', 'auth_userkey');
|
set_config('redirecturl', 'http://example.com', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
$this->auth->logoutpage_hook();
|
$this->auth->logoutpage_hook();
|
||||||
$this->assertEquals('', $redirect);
|
$this->assertEquals('', $redirect);
|
||||||
|
|
||||||
$SESSION->userkey = true;
|
$SESSION->jwt = true;
|
||||||
set_config('redirecturl', 'http://example.com', 'auth_userkey');
|
set_config('redirecturl', 'http://example.com', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
$this->auth->logoutpage_hook();
|
$this->auth->logoutpage_hook();
|
||||||
$this->assertEquals('http://example.com', $redirect);
|
$this->assertEquals('http://example.com', $redirect);
|
||||||
}
|
}
|
||||||
|
@ -184,8 +184,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
* Test that configured mapping field gets returned correctly.
|
* Test that configured mapping field gets returned correctly.
|
||||||
*/
|
*/
|
||||||
public function test_get_mapping_field() {
|
public function test_get_mapping_field() {
|
||||||
set_config('mappingfield', 'username', 'auth_userkey');
|
set_config('mappingfield', 'username', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$expected = 'username';
|
$expected = 'username';
|
||||||
$actual = $this->auth->get_mapping_field();
|
$actual = $this->auth->get_mapping_field();
|
||||||
|
@ -209,8 +209,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
*/
|
*/
|
||||||
public function test_throwing_exception_if_mapping_field_username_is_not_provided() {
|
public function test_throwing_exception_if_mapping_field_username_is_not_provided() {
|
||||||
$user = array();
|
$user = array();
|
||||||
set_config('mappingfield', 'username', 'auth_userkey');
|
set_config('mappingfield', 'username', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$this->expectException(invalid_parameter_exception::class);
|
$this->expectException(invalid_parameter_exception::class);
|
||||||
$this->expectExceptionMessage('Invalid parameter value detected (Required field "username" is not set or empty.)');
|
$this->expectExceptionMessage('Invalid parameter value detected (Required field "username" is not set or empty.)');
|
||||||
|
@ -223,8 +223,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
*/
|
*/
|
||||||
public function test_throwing_exception_if_mapping_field_idnumber_is_not_provided() {
|
public function test_throwing_exception_if_mapping_field_idnumber_is_not_provided() {
|
||||||
$user = array();
|
$user = array();
|
||||||
set_config('mappingfield', 'idnumber', 'auth_userkey');
|
set_config('mappingfield', 'idnumber', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$this->expectException(invalid_parameter_exception::class);
|
$this->expectException(invalid_parameter_exception::class);
|
||||||
$this->expectExceptionMessage('Invalid parameter value detected (Required field "idnumber" is not set or empty.)');
|
$this->expectExceptionMessage('Invalid parameter value detected (Required field "idnumber" is not set or empty.)');
|
||||||
|
@ -251,8 +251,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
public function test_throwing_exception_if_iprestriction_is_enabled_but_ip_is_missing_in_data() {
|
public function test_throwing_exception_if_iprestriction_is_enabled_but_ip_is_missing_in_data() {
|
||||||
$user = array();
|
$user = array();
|
||||||
$user['email'] = 'exists@test.com';
|
$user['email'] = 'exists@test.com';
|
||||||
set_config('iprestriction', true, 'auth_userkey');
|
set_config('iprestriction', true, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$this->expectException(invalid_parameter_exception::class);
|
$this->expectException(invalid_parameter_exception::class);
|
||||||
$this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)');
|
$this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)');
|
||||||
|
@ -272,10 +272,10 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
self::getDataGenerator()->create_user($user);
|
self::getDataGenerator()->create_user($user);
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
|
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
|
||||||
$actual = $this->auth->get_login_url($user);
|
$actual = $this->auth->get_login_url($user);
|
||||||
|
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
@ -293,10 +293,10 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
self::getDataGenerator()->create_user($user);
|
self::getDataGenerator()->create_user($user);
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
|
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
|
||||||
$actual = $this->auth->get_login_url($user);
|
$actual = $this->auth->get_login_url($user);
|
||||||
|
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
@ -315,10 +315,10 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
self::getDataGenerator()->create_user($user);
|
self::getDataGenerator()->create_user($user);
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
|
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
|
||||||
$actual = $this->auth->get_login_url($user);
|
$actual = $this->auth->get_login_url($user);
|
||||||
|
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
@ -330,11 +330,11 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
public function test_return_correct_login_url_and_create_new_user() {
|
public function test_return_correct_login_url_and_create_new_user() {
|
||||||
global $CFG, $DB;
|
global $CFG, $DB;
|
||||||
|
|
||||||
set_config('createuser', true, 'auth_userkey');
|
set_config('createuser', true, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
$user = new stdClass();
|
$user = new stdClass();
|
||||||
$user->username = 'username';
|
$user->username = 'username';
|
||||||
|
@ -343,7 +343,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$user->lastname = 'name';
|
$user->lastname = 'name';
|
||||||
$user->ip = '192.168.1.1';
|
$user->ip = '192.168.1.1';
|
||||||
|
|
||||||
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
|
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
|
||||||
$actual = $this->auth->get_login_url($user);
|
$actual = $this->auth->get_login_url($user);
|
||||||
|
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
@ -353,7 +353,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->assertEquals($user->firstname, $userrecord->firstname);
|
$this->assertEquals($user->firstname, $userrecord->firstname);
|
||||||
$this->assertEquals($user->lastname, $userrecord->lastname);
|
$this->assertEquals($user->lastname, $userrecord->lastname);
|
||||||
$this->assertEquals(1, $userrecord->confirmed);
|
$this->assertEquals(1, $userrecord->confirmed);
|
||||||
$this->assertEquals('userkey', $userrecord->auth);
|
$this->assertEquals('jwt', $userrecord->auth);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -362,11 +362,11 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
public function test_missing_data_to_create_user() {
|
public function test_missing_data_to_create_user() {
|
||||||
global $CFG, $DB;
|
global $CFG, $DB;
|
||||||
|
|
||||||
set_config('createuser', true, 'auth_userkey');
|
set_config('createuser', true, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
$user = new stdClass();
|
$user = new stdClass();
|
||||||
$user->email = 'username@test.com';
|
$user->email = 'username@test.com';
|
||||||
|
@ -382,11 +382,11 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
* Test that when we attempt to create a new user duplicate usernames are caught.
|
* Test that when we attempt to create a new user duplicate usernames are caught.
|
||||||
*/
|
*/
|
||||||
public function test_create_refuse_duplicate_username() {
|
public function test_create_refuse_duplicate_username() {
|
||||||
set_config('createuser', true, 'auth_userkey');
|
set_config('createuser', true, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
$originaluser = new stdClass();
|
$originaluser = new stdClass();
|
||||||
$originaluser->username = 'username';
|
$originaluser->username = 'username';
|
||||||
|
@ -411,12 +411,12 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
* Test that when we attempt to create a new user duplicate emails are caught.
|
* Test that when we attempt to create a new user duplicate emails are caught.
|
||||||
*/
|
*/
|
||||||
public function test_create_refuse_duplicate_email() {
|
public function test_create_refuse_duplicate_email() {
|
||||||
set_config('createuser', true, 'auth_userkey');
|
set_config('createuser', true, 'auth_jwt');
|
||||||
set_config('mappingfield', 'username', 'auth_userkey');
|
set_config('mappingfield', 'username', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
$originaluser = new stdClass();
|
$originaluser = new stdClass();
|
||||||
$originaluser->username = 'username';
|
$originaluser->username = 'username';
|
||||||
|
@ -443,11 +443,11 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
public function test_return_correct_login_url_and_update_user() {
|
public function test_return_correct_login_url_and_update_user() {
|
||||||
global $CFG, $DB;
|
global $CFG, $DB;
|
||||||
|
|
||||||
set_config('updateuser', true, 'auth_userkey');
|
set_config('updateuser', true, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
$originaluser = new stdClass();
|
$originaluser = new stdClass();
|
||||||
$originaluser->username = 'username';
|
$originaluser->username = 'username';
|
||||||
|
@ -466,7 +466,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$user->lastname = 'namechanged';
|
$user->lastname = 'namechanged';
|
||||||
$user->ip = '192.168.1.1';
|
$user->ip = '192.168.1.1';
|
||||||
|
|
||||||
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
|
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
|
||||||
$actual = $this->auth->get_login_url($user);
|
$actual = $this->auth->get_login_url($user);
|
||||||
|
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
@ -476,19 +476,19 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->assertEquals($user->firstname, $userrecord->firstname);
|
$this->assertEquals($user->firstname, $userrecord->firstname);
|
||||||
$this->assertEquals($user->lastname, $userrecord->lastname);
|
$this->assertEquals($user->lastname, $userrecord->lastname);
|
||||||
$this->assertEquals($originaluser->city, $userrecord->city);
|
$this->assertEquals($originaluser->city, $userrecord->city);
|
||||||
$this->assertEquals('userkey', $userrecord->auth);
|
$this->assertEquals('jwt', $userrecord->auth);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test that when we attempt to update a user duplicate emails are caught.
|
* Test that when we attempt to update a user duplicate emails are caught.
|
||||||
*/
|
*/
|
||||||
public function test_update_refuse_duplicate_email() {
|
public function test_update_refuse_duplicate_email() {
|
||||||
set_config('updateuser', true, 'auth_userkey');
|
set_config('updateuser', true, 'auth_jwt');
|
||||||
set_config('mappingfield', 'username', 'auth_userkey');
|
set_config('mappingfield', 'username', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
self::getDataGenerator()->create_user(['email' => 'trytoduplicate@test.com']);
|
self::getDataGenerator()->create_user(['email' => 'trytoduplicate@test.com']);
|
||||||
self::getDataGenerator()->create_user(['username' => 'username']);
|
self::getDataGenerator()->create_user(['username' => 'username']);
|
||||||
|
@ -511,11 +511,11 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
* Test that when we attempt to update a user duplicate usernames are caught.
|
* Test that when we attempt to update a user duplicate usernames are caught.
|
||||||
*/
|
*/
|
||||||
public function test_update_refuse_duplicate_username() {
|
public function test_update_refuse_duplicate_username() {
|
||||||
set_config('updateuser', true, 'auth_userkey');
|
set_config('updateuser', true, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$userkeymanager = new fake_userkey_manager();
|
$jwtmanager = new fake_jwt_manager();
|
||||||
$this->auth->set_userkey_manager($userkeymanager);
|
$this->auth->set_jwt_manager($jwtmanager);
|
||||||
|
|
||||||
self::getDataGenerator()->create_user(['username' => 'trytoduplicate']);
|
self::getDataGenerator()->create_user(['username' => 'trytoduplicate']);
|
||||||
self::getDataGenerator()->create_user(['email' => 'username@test.com']);
|
self::getDataGenerator()->create_user(['email' => 'username@test.com']);
|
||||||
|
@ -546,9 +546,9 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
$user = self::getDataGenerator()->create_user($user);
|
$user = self::getDataGenerator()->create_user($user);
|
||||||
|
|
||||||
create_user_key('auth/userkey', $user->id);
|
create_user_key('auth/jwt', $user->id);
|
||||||
create_user_key('auth/userkey', $user->id);
|
create_user_key('auth/jwt', $user->id);
|
||||||
create_user_key('auth/userkey', $user->id);
|
create_user_key('auth/jwt', $user->id);
|
||||||
$keys = $DB->get_records('user_private_key', array('userid' => $user->id));
|
$keys = $DB->get_records('user_private_key', array('userid' => $user->id));
|
||||||
|
|
||||||
$this->assertEquals(3, count($keys));
|
$this->assertEquals(3, count($keys));
|
||||||
|
@ -560,7 +560,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $user->id));
|
||||||
|
|
||||||
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
|
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
||||||
|
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
}
|
}
|
||||||
|
@ -596,8 +596,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
|
||||||
// Check username.
|
// Check username.
|
||||||
set_config('mappingfield', 'username', 'auth_userkey');
|
set_config('mappingfield', 'username', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$expected = array(
|
$expected = array(
|
||||||
'username' => new external_value(
|
'username' => new external_value(
|
||||||
|
@ -610,8 +610,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
|
||||||
// Check idnumber.
|
// Check idnumber.
|
||||||
set_config('mappingfield', 'idnumber', 'auth_userkey');
|
set_config('mappingfield', 'idnumber', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$expected = array(
|
$expected = array(
|
||||||
'idnumber' => new external_value(
|
'idnumber' => new external_value(
|
||||||
|
@ -624,8 +624,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
|
||||||
// Check some junk field name.
|
// Check some junk field name.
|
||||||
set_config('mappingfield', 'junkfield', 'auth_userkey');
|
set_config('mappingfield', 'junkfield', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$expected = array();
|
$expected = array();
|
||||||
|
|
||||||
|
@ -633,15 +633,15 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
|
||||||
// Check IP if iprestriction disabled.
|
// Check IP if iprestriction disabled.
|
||||||
set_config('iprestriction', false, 'auth_userkey');
|
set_config('iprestriction', false, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
$expected = array();
|
$expected = array();
|
||||||
$actual = $this->auth->get_request_login_url_user_parameters();
|
$actual = $this->auth->get_request_login_url_user_parameters();
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
|
||||||
// Check IP if iprestriction enabled.
|
// Check IP if iprestriction enabled.
|
||||||
set_config('iprestriction', true, 'auth_userkey');
|
set_config('iprestriction', true, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
$expected = array(
|
$expected = array(
|
||||||
'ip' => new external_value(
|
'ip' => new external_value(
|
||||||
PARAM_HOST,
|
PARAM_HOST,
|
||||||
|
@ -652,8 +652,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
|
|
||||||
// Check IP if createuser enabled.
|
// Check IP if createuser enabled.
|
||||||
set_config('createuser', true, 'auth_userkey');
|
set_config('createuser', true, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
$expected = array(
|
$expected = array(
|
||||||
'ip' => new external_value(PARAM_HOST, 'User IP address'),
|
'ip' => new external_value(PARAM_HOST, 'User IP address'),
|
||||||
'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL),
|
'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL),
|
||||||
|
@ -663,11 +663,11 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
);
|
);
|
||||||
$actual = $this->auth->get_request_login_url_user_parameters();
|
$actual = $this->auth->get_request_login_url_user_parameters();
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
set_config('createuser', false, 'auth_userkey');
|
set_config('createuser', false, 'auth_jwt');
|
||||||
|
|
||||||
// Check IP if updateuser enabled.
|
// Check IP if updateuser enabled.
|
||||||
set_config('updateuser', true, 'auth_userkey');
|
set_config('updateuser', true, 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
$expected = array(
|
$expected = array(
|
||||||
'ip' => new external_value(PARAM_HOST, 'User IP address'),
|
'ip' => new external_value(PARAM_HOST, 'User IP address'),
|
||||||
'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL),
|
'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL),
|
||||||
|
@ -677,7 +677,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
);
|
);
|
||||||
$actual = $this->auth->get_request_login_url_user_parameters();
|
$actual = $this->auth->get_request_login_url_user_parameters();
|
||||||
$this->assertEquals($expected, $actual);
|
$this->assertEquals($expected, $actual);
|
||||||
set_config('updateuser', false, 'auth_userkey');
|
set_config('updateuser', false, 'auth_jwt');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -707,7 +707,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
$this->expectExceptionMessage('A required parameter (key) was missing');
|
$this->expectExceptionMessage('A required parameter (key) was missing');
|
||||||
|
|
||||||
$this->auth->user_login_userkey();
|
$this->auth->user_login_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -718,7 +718,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->expectExceptionMessage('Incorrect key');
|
$this->expectExceptionMessage('Incorrect key');
|
||||||
|
|
||||||
$_POST['key'] = 'InvalidKey';
|
$_POST['key'] = 'InvalidKey';
|
||||||
$this->auth->user_login_userkey();
|
$this->auth->user_login_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -731,7 +731,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->expectExceptionMessage('Expired key');
|
$this->expectExceptionMessage('Expired key');
|
||||||
|
|
||||||
$_POST['key'] = 'TestKey';
|
$_POST['key'] = 'TestKey';
|
||||||
$this->auth->user_login_userkey();
|
$this->auth->user_login_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -746,14 +746,14 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
$this->expectExceptionMessage('Client IP address mismatch');
|
$this->expectExceptionMessage('Client IP address mismatch');
|
||||||
|
|
||||||
$this->auth->user_login_userkey();
|
$this->auth->user_login_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test that IP address mismatch exception gets thrown if incorrect IP and outside whitelist.
|
* Test that IP address mismatch exception gets thrown if incorrect IP and outside whitelist.
|
||||||
*/
|
*/
|
||||||
public function test_ipmismatch_exception_thrown_if_ip_is_outside_whitelist() {
|
public function test_ipmismatch_exception_thrown_if_ip_is_outside_whitelist() {
|
||||||
set_config('ipwhitelist', '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16', 'auth_userkey');
|
set_config('ipwhitelist', '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16', 'auth_jwt');
|
||||||
$this->create_user_private_key(['iprestriction' => '192.161.1.1']);
|
$this->create_user_private_key(['iprestriction' => '192.161.1.1']);
|
||||||
|
|
||||||
$_POST['key'] = 'TestKey';
|
$_POST['key'] = 'TestKey';
|
||||||
|
@ -762,7 +762,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
$this->expectExceptionMessage('Client IP address mismatch');
|
$this->expectExceptionMessage('Client IP address mismatch');
|
||||||
|
|
||||||
$this->auth->user_login_userkey();
|
$this->auth->user_login_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -781,7 +781,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
$this->expectExceptionMessage('Invalid user');
|
$this->expectExceptionMessage('Invalid user');
|
||||||
|
|
||||||
$this->auth->user_login_userkey();
|
$this->auth->user_login_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -800,7 +800,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// Using @ is the only way to test this. Thanks moodle!
|
// Using @ is the only way to test this. Thanks moodle!
|
||||||
@$this->auth->user_login_userkey();
|
@$this->auth->user_login_jwt();
|
||||||
} catch (moodle_exception $e) {
|
} catch (moodle_exception $e) {
|
||||||
$keyexists = $DB->record_exists('user_private_key', array('value' => 'RemoveKey'));
|
$keyexists = $DB->record_exists('user_private_key', array('value' => 'RemoveKey'));
|
||||||
$this->assertFalse($keyexists);
|
$this->assertFalse($keyexists);
|
||||||
|
@ -820,7 +820,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
$this->expectExceptionMessage('Unsupported redirect to http://www.example.com/moodle detected, execution terminated');
|
$this->expectExceptionMessage('Unsupported redirect to http://www.example.com/moodle detected, execution terminated');
|
||||||
|
|
||||||
@$this->auth->user_login_userkey();
|
@$this->auth->user_login_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -835,11 +835,11 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// Using @ is the only way to test this. Thanks moodle!
|
// Using @ is the only way to test this. Thanks moodle!
|
||||||
@$this->auth->user_login_userkey();
|
@$this->auth->user_login_jwt();
|
||||||
} catch (moodle_exception $e) {
|
} catch (moodle_exception $e) {
|
||||||
$this->assertEquals($this->user->id, $USER->id);
|
$this->assertEquals($this->user->id, $USER->id);
|
||||||
$this->assertSame(sesskey(), $USER->sesskey);
|
$this->assertSame(sesskey(), $USER->sesskey);
|
||||||
$this->assertObjectHasAttribute('userkey', $SESSION);
|
$this->assertObjectHasAttribute('jwt', $SESSION);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -855,7 +855,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->expectExceptionMessage('Unsupported redirect to /course/index.php?id=12&key=134 detected, execution terminated');
|
$this->expectExceptionMessage('Unsupported redirect to /course/index.php?id=12&key=134 detected, execution terminated');
|
||||||
|
|
||||||
// Using @ is the only way to test this. Thanks moodle!
|
// Using @ is the only way to test this. Thanks moodle!
|
||||||
@$this->auth->user_login_userkey();
|
@$this->auth->user_login_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -871,7 +871,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
$this->expectExceptionMessage('Unsupported redirect to http://test.com/course/index.php?id=12&key=134 detected, execution terminated');
|
$this->expectExceptionMessage('Unsupported redirect to http://test.com/course/index.php?id=12&key=134 detected, execution terminated');
|
||||||
|
|
||||||
// Using @ is the only way to test this. Thanks moodle!
|
// Using @ is the only way to test this. Thanks moodle!
|
||||||
@$this->auth->user_login_userkey();
|
@$this->auth->user_login_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -881,8 +881,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
global $SESSION;
|
global $SESSION;
|
||||||
|
|
||||||
$SESSION->enrolkey_skipsso = 0;
|
$SESSION->enrolkey_skipsso = 0;
|
||||||
set_config('ssourl', 'http://google.com', 'auth_userkey');
|
set_config('ssourl', 'http://google.com', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
$this->expectExceptionMessage('Unsupported redirect to http://google.com detected, execution terminated.');
|
$this->expectExceptionMessage('Unsupported redirect to http://google.com detected, execution terminated.');
|
||||||
|
@ -897,8 +897,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
global $SESSION;
|
global $SESSION;
|
||||||
|
|
||||||
$SESSION->enrolkey_skipsso = 0;
|
$SESSION->enrolkey_skipsso = 0;
|
||||||
set_config('ssourl', '', 'auth_userkey');
|
set_config('ssourl', '', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$this->assertTrue($this->auth->loginpage_hook());
|
$this->assertTrue($this->auth->loginpage_hook());
|
||||||
}
|
}
|
||||||
|
@ -910,8 +910,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
global $SESSION;
|
global $SESSION;
|
||||||
|
|
||||||
$SESSION->enrolkey_skipsso = 1;
|
$SESSION->enrolkey_skipsso = 1;
|
||||||
set_config('ssourl', '', 'auth_userkey');
|
set_config('ssourl', '', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$this->assertTrue($this->auth->loginpage_hook());
|
$this->assertTrue($this->auth->loginpage_hook());
|
||||||
}
|
}
|
||||||
|
@ -923,8 +923,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
global $SESSION;
|
global $SESSION;
|
||||||
|
|
||||||
$SESSION->enrolkey_skipsso = 0;
|
$SESSION->enrolkey_skipsso = 0;
|
||||||
set_config('ssourl', 'http://google.com', 'auth_userkey');
|
set_config('ssourl', 'http://google.com', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
$this->expectExceptionMessage('Unsupported redirect to http://google.com detected, execution terminated.');
|
$this->expectExceptionMessage('Unsupported redirect to http://google.com detected, execution terminated.');
|
||||||
|
@ -939,8 +939,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
global $SESSION;
|
global $SESSION;
|
||||||
|
|
||||||
$SESSION->enrolkey_skipsso = 0;
|
$SESSION->enrolkey_skipsso = 0;
|
||||||
set_config('ssourl', '', 'auth_userkey');
|
set_config('ssourl', '', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$this->assertTrue($this->auth->pre_loginpage_hook());
|
$this->assertTrue($this->auth->pre_loginpage_hook());
|
||||||
}
|
}
|
||||||
|
@ -952,8 +952,8 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
global $SESSION;
|
global $SESSION;
|
||||||
|
|
||||||
$SESSION->enrolkey_skipsso = 1;
|
$SESSION->enrolkey_skipsso = 1;
|
||||||
set_config('ssourl', '', 'auth_userkey');
|
set_config('ssourl', '', 'auth_jwt');
|
||||||
$this->auth = new auth_plugin_userkey();
|
$this->auth = new auth_plugin_jwt();
|
||||||
|
|
||||||
$this->assertTrue($this->auth->pre_loginpage_hook());
|
$this->assertTrue($this->auth->pre_loginpage_hook());
|
||||||
}
|
}
|
||||||
|
@ -974,11 +974,11 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// Using @ is the only way to test this. Thanks moodle!
|
// Using @ is the only way to test this. Thanks moodle!
|
||||||
@$this->auth->user_login_userkey();
|
@$this->auth->user_login_jwt();
|
||||||
} catch (moodle_exception $e) {
|
} catch (moodle_exception $e) {
|
||||||
$this->assertEquals($this->user->id, $USER->id);
|
$this->assertEquals($this->user->id, $USER->id);
|
||||||
$this->assertSame(sesskey(), $USER->sesskey);
|
$this->assertSame(sesskey(), $USER->sesskey);
|
||||||
$this->assertObjectHasAttribute('userkey', $SESSION);
|
$this->assertObjectHasAttribute('jwt', $SESSION);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -998,7 +998,7 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// Using @ is the only way to test this. Thanks moodle!
|
// Using @ is the only way to test this. Thanks moodle!
|
||||||
@$this->auth->user_login_userkey();
|
@$this->auth->user_login_jwt();
|
||||||
} catch (moodle_exception $e) {
|
} catch (moodle_exception $e) {
|
||||||
$this->assertEquals('Incorrect key', $e->getMessage());
|
$this->assertEquals('Incorrect key', $e->getMessage());
|
||||||
$this->assertEmpty($USER->id);
|
$this->assertEmpty($USER->id);
|
||||||
|
@ -1021,11 +1021,11 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
|
|
||||||
try {
|
try {
|
||||||
// Using @ is the only way to test this. Thanks moodle!
|
// Using @ is the only way to test this. Thanks moodle!
|
||||||
@$this->auth->user_login_userkey();
|
@$this->auth->user_login_jwt();
|
||||||
} catch (moodle_exception $e) {
|
} catch (moodle_exception $e) {
|
||||||
$this->assertEquals($this->user->id, $USER->id);
|
$this->assertEquals($this->user->id, $USER->id);
|
||||||
$this->assertSame(sesskey(), $USER->sesskey);
|
$this->assertSame(sesskey(), $USER->sesskey);
|
||||||
$this->assertObjectNotHasAttribute('userkey', $SESSION);
|
$this->assertObjectNotHasAttribute('jwt', $SESSION);
|
||||||
$keyexists = $DB->record_exists('user_private_key', array('value' => 'TestKey'));
|
$keyexists = $DB->record_exists('user_private_key', array('value' => 'TestKey'));
|
||||||
$this->assertFalse($keyexists);
|
$this->assertFalse($keyexists);
|
||||||
}
|
}
|
||||||
|
@ -1034,17 +1034,17 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
/**
|
/**
|
||||||
* Test when try to logout, but required return is not set.
|
* Test when try to logout, but required return is not set.
|
||||||
*/
|
*/
|
||||||
public function test_user_logout_userkey_when_required_return_not_set() {
|
public function test_user_logout_jwt_when_required_return_not_set() {
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
$this->expectExceptionMessage('A required parameter (return) was missing');
|
$this->expectExceptionMessage('A required parameter (return) was missing');
|
||||||
|
|
||||||
$this->auth->user_logout_userkey();
|
$this->auth->user_logout_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test when try to logout, but user is not logged in.
|
* Test when try to logout, but user is not logged in.
|
||||||
*/
|
*/
|
||||||
public function test_user_logout_userkey_when_user_is_not_logged_in() {
|
public function test_user_logout_jwt_when_user_is_not_logged_in() {
|
||||||
$_POST['return'] = self::REDIRECTION_PATH;
|
$_POST['return'] = self::REDIRECTION_PATH;
|
||||||
|
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
|
@ -1052,20 +1052,20 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
sprintf("Unsupported redirect to %s detected, execution terminated.", self::REDIRECTION_PATH)
|
sprintf("Unsupported redirect to %s detected, execution terminated.", self::REDIRECTION_PATH)
|
||||||
);
|
);
|
||||||
|
|
||||||
$this->auth->user_logout_userkey();
|
$this->auth->user_logout_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test when try to logout, but user logged in with different auth type.
|
* Test when try to logout, but user logged in with different auth type.
|
||||||
*/
|
*/
|
||||||
public function test_user_logout_userkey_when_user_logged_in_with_different_auth() {
|
public function test_user_logout_jwt_when_user_logged_in_with_different_auth() {
|
||||||
global $USER;
|
global $USER;
|
||||||
|
|
||||||
$_POST['return'] = self::REDIRECTION_PATH;
|
$_POST['return'] = self::REDIRECTION_PATH;
|
||||||
|
|
||||||
$this->setUser($this->user);
|
$this->setUser($this->user);
|
||||||
try {
|
try {
|
||||||
$this->auth->user_logout_userkey();
|
$this->auth->user_logout_jwt();
|
||||||
} catch (moodle_exception $e) {
|
} catch (moodle_exception $e) {
|
||||||
$this->assertTrue(isloggedin());
|
$this->assertTrue(isloggedin());
|
||||||
$this->assertEquals($USER->id, $this->user->id);
|
$this->assertEquals($USER->id, $this->user->id);
|
||||||
|
@ -1079,27 +1079,27 @@ class auth_plugin_test extends advanced_testcase {
|
||||||
/**
|
/**
|
||||||
* Test when try to logout, but user logged in with different auth type.
|
* Test when try to logout, but user logged in with different auth type.
|
||||||
*/
|
*/
|
||||||
public function test_user_logout_userkey_when_user_logged_in_but_return_not_set() {
|
public function test_user_logout_jwt_when_user_logged_in_but_return_not_set() {
|
||||||
$this->setUser($this->user);
|
$this->setUser($this->user);
|
||||||
|
|
||||||
$this->expectException(moodle_exception::class);
|
$this->expectException(moodle_exception::class);
|
||||||
$this->expectExceptionMessage('A required parameter (return) was missing');
|
$this->expectExceptionMessage('A required parameter (return) was missing');
|
||||||
|
|
||||||
$this->auth->user_logout_userkey();
|
$this->auth->user_logout_jwt();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test successful logout.
|
* Test successful logout.
|
||||||
*/
|
*/
|
||||||
public function test_user_logout_userkey_logging_out() {
|
public function test_user_logout_jwt_logging_out() {
|
||||||
global $USER;
|
global $USER;
|
||||||
|
|
||||||
$this->setUser($this->user);
|
$this->setUser($this->user);
|
||||||
$USER->auth = 'userkey';
|
$USER->auth = 'jwt';
|
||||||
$_POST['return'] = self::REDIRECTION_PATH;
|
$_POST['return'] = self::REDIRECTION_PATH;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$this->auth->user_logout_userkey();
|
$this->auth->user_logout_jwt();
|
||||||
} catch (moodle_exception $e) {
|
} catch (moodle_exception $e) {
|
||||||
$this->assertFalse(isloggedin());
|
$this->assertFalse(isloggedin());
|
||||||
$this->assertEquals(
|
$this->assertEquals(
|
||||||
|
|
|
@ -14,21 +14,21 @@
|
||||||
// You should have received a copy of the GNU General Public License
|
// You should have received a copy of the GNU General Public License
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
namespace auth_userkey;
|
namespace auth_jwt;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tests for core_userkey_manager class.
|
* Tests for core_jwt_manager class.
|
||||||
*
|
*
|
||||||
* Key validation is fully covered in auth_plugin_test.php file.
|
* Key validation is fully covered in auth_plugin_test.php file.
|
||||||
* TODO: write tests for validate_key() function.
|
* TODO: write tests for validate_key() function.
|
||||||
*
|
*
|
||||||
* @covers \auth_userkey\core_userkey_manager
|
* @covers \auth_jwt\core_jwt_manager
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
class core_userkey_manager_test extends \advanced_testcase {
|
class core_jwt_manager_test extends \advanced_testcase {
|
||||||
/**
|
/**
|
||||||
* Test user object.
|
* Test user object.
|
||||||
* @var
|
* @var
|
||||||
|
@ -56,12 +56,12 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Test that core_userkey_manager implements userkey_manager_interface interface.
|
* Test that core_jwt_manager implements jwt_manager_interface interface.
|
||||||
*/
|
*/
|
||||||
public function test_implements_userkey_manager_interface() {
|
public function test_implements_jwt_manager_interface() {
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
|
|
||||||
$expected = 'auth_userkey\userkey_manager_interface';
|
$expected = 'auth_jwt\jwt_manager_interface';
|
||||||
$this->assertInstanceOf($expected, $manager);
|
$this->assertInstanceOf($expected, $manager);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -72,14 +72,14 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
global $DB;
|
global $DB;
|
||||||
|
|
||||||
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id);
|
$value = $manager->create_key($this->user->id);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
|
|
||||||
$this->assertEquals($value, $actualkey->value);
|
$this->assertEquals($value, $actualkey->value);
|
||||||
$this->assertEquals($this->user->id, $actualkey->userid);
|
$this->assertEquals($this->user->id, $actualkey->userid);
|
||||||
$this->assertEquals('auth/userkey', $actualkey->script);
|
$this->assertEquals('auth/jwt', $actualkey->script);
|
||||||
$this->assertEquals($this->user->id, $actualkey->instance);
|
$this->assertEquals($this->user->id, $actualkey->instance);
|
||||||
$this->assertEquals(null, $actualkey->iprestriction);
|
$this->assertEquals(null, $actualkey->iprestriction);
|
||||||
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
||||||
|
@ -93,14 +93,14 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
|
|
||||||
$this->config->iprestriction = true;
|
$this->config->iprestriction = true;
|
||||||
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id);
|
$value = $manager->create_key($this->user->id);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
|
|
||||||
$this->assertEquals($value, $actualkey->value);
|
$this->assertEquals($value, $actualkey->value);
|
||||||
$this->assertEquals($this->user->id, $actualkey->userid);
|
$this->assertEquals($this->user->id, $actualkey->userid);
|
||||||
$this->assertEquals('auth/userkey', $actualkey->script);
|
$this->assertEquals('auth/jwt', $actualkey->script);
|
||||||
$this->assertEquals($this->user->id, $actualkey->instance);
|
$this->assertEquals($this->user->id, $actualkey->instance);
|
||||||
$this->assertEquals('192.168.1.1', $actualkey->iprestriction);
|
$this->assertEquals('192.168.1.1', $actualkey->iprestriction);
|
||||||
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
||||||
|
@ -113,14 +113,14 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
global $DB;
|
global $DB;
|
||||||
|
|
||||||
$this->config->iprestriction = true;
|
$this->config->iprestriction = true;
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id, '192.168.1.3');
|
$value = $manager->create_key($this->user->id, '192.168.1.3');
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
|
|
||||||
$this->assertEquals($value, $actualkey->value);
|
$this->assertEquals($value, $actualkey->value);
|
||||||
$this->assertEquals($this->user->id, $actualkey->userid);
|
$this->assertEquals($this->user->id, $actualkey->userid);
|
||||||
$this->assertEquals('auth/userkey', $actualkey->script);
|
$this->assertEquals('auth/jwt', $actualkey->script);
|
||||||
$this->assertEquals($this->user->id, $actualkey->instance);
|
$this->assertEquals($this->user->id, $actualkey->instance);
|
||||||
$this->assertEquals('192.168.1.3', $actualkey->iprestriction);
|
$this->assertEquals('192.168.1.3', $actualkey->iprestriction);
|
||||||
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
||||||
|
@ -134,14 +134,14 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
|
|
||||||
$this->config->iprestriction = false;
|
$this->config->iprestriction = false;
|
||||||
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id);
|
$value = $manager->create_key($this->user->id);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
|
|
||||||
$this->assertEquals($value, $actualkey->value);
|
$this->assertEquals($value, $actualkey->value);
|
||||||
$this->assertEquals($this->user->id, $actualkey->userid);
|
$this->assertEquals($this->user->id, $actualkey->userid);
|
||||||
$this->assertEquals('auth/userkey', $actualkey->script);
|
$this->assertEquals('auth/jwt', $actualkey->script);
|
||||||
$this->assertEquals($this->user->id, $actualkey->instance);
|
$this->assertEquals($this->user->id, $actualkey->instance);
|
||||||
$this->assertEquals(null, $actualkey->iprestriction);
|
$this->assertEquals(null, $actualkey->iprestriction);
|
||||||
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
||||||
|
@ -156,7 +156,7 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
$this->config->iprestriction = true;
|
$this->config->iprestriction = true;
|
||||||
$this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16';
|
$this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16';
|
||||||
|
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id, '193.168.1.1');
|
$value = $manager->create_key($this->user->id, '193.168.1.1');
|
||||||
|
|
||||||
$_SERVER['HTTP_CLIENT_IP'] = '193.168.1.2';
|
$_SERVER['HTTP_CLIENT_IP'] = '193.168.1.2';
|
||||||
|
@ -177,7 +177,7 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
|
|
||||||
$this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16';
|
$this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16';
|
||||||
|
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id, '193.168.1.1');
|
$value = $manager->create_key($this->user->id, '193.168.1.1');
|
||||||
|
|
||||||
$_SERVER['HTTP_CLIENT_IP'] = '193.168.1.1';
|
$_SERVER['HTTP_CLIENT_IP'] = '193.168.1.1';
|
||||||
|
@ -196,7 +196,7 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
|
|
||||||
$this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16';
|
$this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16';
|
||||||
|
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id, '192.168.1.1');
|
$value = $manager->create_key($this->user->id, '192.168.1.1');
|
||||||
|
|
||||||
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.2';
|
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.2';
|
||||||
|
@ -213,14 +213,14 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
|
|
||||||
$this->config->iprestriction = false;
|
$this->config->iprestriction = false;
|
||||||
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id, '192.168.1.1');
|
$value = $manager->create_key($this->user->id, '192.168.1.1');
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
|
|
||||||
$this->assertEquals($value, $actualkey->value);
|
$this->assertEquals($value, $actualkey->value);
|
||||||
$this->assertEquals($this->user->id, $actualkey->userid);
|
$this->assertEquals($this->user->id, $actualkey->userid);
|
||||||
$this->assertEquals('auth/userkey', $actualkey->script);
|
$this->assertEquals('auth/jwt', $actualkey->script);
|
||||||
$this->assertEquals($this->user->id, $actualkey->instance);
|
$this->assertEquals($this->user->id, $actualkey->instance);
|
||||||
$this->assertEquals(null, $actualkey->iprestriction);
|
$this->assertEquals(null, $actualkey->iprestriction);
|
||||||
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
||||||
|
@ -234,14 +234,14 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
|
|
||||||
$this->config->iprestriction = 'string';
|
$this->config->iprestriction = 'string';
|
||||||
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id);
|
$value = $manager->create_key($this->user->id);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
|
|
||||||
$this->assertEquals($value, $actualkey->value);
|
$this->assertEquals($value, $actualkey->value);
|
||||||
$this->assertEquals($this->user->id, $actualkey->userid);
|
$this->assertEquals($this->user->id, $actualkey->userid);
|
||||||
$this->assertEquals('auth/userkey', $actualkey->script);
|
$this->assertEquals('auth/jwt', $actualkey->script);
|
||||||
$this->assertEquals($this->user->id, $actualkey->instance);
|
$this->assertEquals($this->user->id, $actualkey->instance);
|
||||||
$this->assertEquals('192.168.1.1', $actualkey->iprestriction);
|
$this->assertEquals('192.168.1.1', $actualkey->iprestriction);
|
||||||
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
||||||
|
@ -253,14 +253,14 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
public function test_create_correct_key_if_keylifetime_is_not_set() {
|
public function test_create_correct_key_if_keylifetime_is_not_set() {
|
||||||
global $DB;
|
global $DB;
|
||||||
|
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id);
|
$value = $manager->create_key($this->user->id);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
|
|
||||||
$this->assertEquals($value, $actualkey->value);
|
$this->assertEquals($value, $actualkey->value);
|
||||||
$this->assertEquals($this->user->id, $actualkey->userid);
|
$this->assertEquals($this->user->id, $actualkey->userid);
|
||||||
$this->assertEquals('auth/userkey', $actualkey->script);
|
$this->assertEquals('auth/jwt', $actualkey->script);
|
||||||
$this->assertEquals($this->user->id, $actualkey->instance);
|
$this->assertEquals($this->user->id, $actualkey->instance);
|
||||||
$this->assertEquals(null, $actualkey->iprestriction);
|
$this->assertEquals(null, $actualkey->iprestriction);
|
||||||
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
$this->assertEquals(time() + 60, $actualkey->validuntil);
|
||||||
|
@ -274,14 +274,14 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
|
|
||||||
$this->config->keylifetime = 3000;
|
$this->config->keylifetime = 3000;
|
||||||
|
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id);
|
$value = $manager->create_key($this->user->id);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
|
|
||||||
$this->assertEquals($value, $actualkey->value);
|
$this->assertEquals($value, $actualkey->value);
|
||||||
$this->assertEquals($this->user->id, $actualkey->userid);
|
$this->assertEquals($this->user->id, $actualkey->userid);
|
||||||
$this->assertEquals('auth/userkey', $actualkey->script);
|
$this->assertEquals('auth/jwt', $actualkey->script);
|
||||||
$this->assertEquals($this->user->id, $actualkey->instance);
|
$this->assertEquals($this->user->id, $actualkey->instance);
|
||||||
$this->assertEquals(null, $actualkey->iprestriction);
|
$this->assertEquals(null, $actualkey->iprestriction);
|
||||||
$this->assertEquals(time() + 3000, $actualkey->validuntil);
|
$this->assertEquals(time() + 3000, $actualkey->validuntil);
|
||||||
|
@ -296,14 +296,14 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
|
|
||||||
$this->config->keylifetime = '3000';
|
$this->config->keylifetime = '3000';
|
||||||
|
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id);
|
$value = $manager->create_key($this->user->id);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
|
|
||||||
$this->assertEquals($value, $actualkey->value);
|
$this->assertEquals($value, $actualkey->value);
|
||||||
$this->assertEquals($this->user->id, $actualkey->userid);
|
$this->assertEquals($this->user->id, $actualkey->userid);
|
||||||
$this->assertEquals('auth/userkey', $actualkey->script);
|
$this->assertEquals('auth/jwt', $actualkey->script);
|
||||||
$this->assertEquals($this->user->id, $actualkey->instance);
|
$this->assertEquals($this->user->id, $actualkey->instance);
|
||||||
$this->assertEquals(null, $actualkey->iprestriction);
|
$this->assertEquals(null, $actualkey->iprestriction);
|
||||||
$this->assertEquals(time() + 3000, $actualkey->validuntil);
|
$this->assertEquals(time() + 3000, $actualkey->validuntil);
|
||||||
|
@ -316,7 +316,7 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
public function test_can_delete_created_key() {
|
public function test_can_delete_created_key() {
|
||||||
global $DB;
|
global $DB;
|
||||||
|
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
$value = $manager->create_key($this->user->id);
|
$value = $manager->create_key($this->user->id);
|
||||||
|
|
||||||
$keys = $DB->get_records('user_private_key', array('userid' => $this->user->id));
|
$keys = $DB->get_records('user_private_key', array('userid' => $this->user->id));
|
||||||
|
@ -334,11 +334,11 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
public function test_can_delete_all_existing_keys() {
|
public function test_can_delete_all_existing_keys() {
|
||||||
global $DB;
|
global $DB;
|
||||||
|
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
|
|
||||||
create_user_key('auth/userkey', $this->user->id);
|
create_user_key('auth/jwt', $this->user->id);
|
||||||
create_user_key('auth/userkey', $this->user->id);
|
create_user_key('auth/jwt', $this->user->id);
|
||||||
create_user_key('auth/userkey', $this->user->id);
|
create_user_key('auth/jwt', $this->user->id);
|
||||||
|
|
||||||
$keys = $DB->get_records('user_private_key', array('userid' => $this->user->id));
|
$keys = $DB->get_records('user_private_key', array('userid' => $this->user->id));
|
||||||
$this->assertEquals(3, count($keys));
|
$this->assertEquals(3, count($keys));
|
||||||
|
@ -355,11 +355,11 @@ class core_userkey_manager_test extends \advanced_testcase {
|
||||||
public function test_create_only_one_key() {
|
public function test_create_only_one_key() {
|
||||||
global $DB;
|
global $DB;
|
||||||
|
|
||||||
$manager = new core_userkey_manager($this->config);
|
$manager = new core_jwt_manager($this->config);
|
||||||
|
|
||||||
create_user_key('auth/userkey', $this->user->id);
|
create_user_key('auth/jwt', $this->user->id);
|
||||||
create_user_key('auth/userkey', $this->user->id);
|
create_user_key('auth/jwt', $this->user->id);
|
||||||
create_user_key('auth/userkey', $this->user->id);
|
create_user_key('auth/jwt', $this->user->id);
|
||||||
|
|
||||||
$keys = $DB->get_records('user_private_key', array('userid' => $this->user->id));
|
$keys = $DB->get_records('user_private_key', array('userid' => $this->user->id));
|
||||||
$this->assertEquals(3, count($keys));
|
$this->assertEquals(3, count($keys));
|
||||||
|
|
|
@ -14,11 +14,11 @@
|
||||||
// You should have received a copy of the GNU General Public License
|
// You should have received a copy of the GNU General Public License
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
namespace auth_userkey;
|
namespace auth_jwt;
|
||||||
|
|
||||||
use advanced_testcase;
|
use advanced_testcase;
|
||||||
use webservice_access_exception;
|
use webservice_access_exception;
|
||||||
use auth_userkey_external;
|
use auth_jwt_external;
|
||||||
use external_api;
|
use external_api;
|
||||||
use invalid_parameter_exception;
|
use invalid_parameter_exception;
|
||||||
use required_capability_exception;
|
use required_capability_exception;
|
||||||
|
@ -27,10 +27,10 @@ use context_system;
|
||||||
/**
|
/**
|
||||||
* Tests for externallib.php.
|
* Tests for externallib.php.
|
||||||
*
|
*
|
||||||
* @covers \auth_userkey_external
|
* @covers \auth_jwt_external
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
class externallib_test extends advanced_testcase {
|
class externallib_test extends advanced_testcase {
|
||||||
|
@ -48,7 +48,7 @@ class externallib_test extends advanced_testcase {
|
||||||
global $CFG;
|
global $CFG;
|
||||||
|
|
||||||
require_once($CFG->libdir . "/externallib.php");
|
require_once($CFG->libdir . "/externallib.php");
|
||||||
require_once($CFG->dirroot . '/auth/userkey/externallib.php');
|
require_once($CFG->dirroot . '/auth/jwt/externallib.php');
|
||||||
|
|
||||||
$this->resetAfterTest();
|
$this->resetAfterTest();
|
||||||
|
|
||||||
|
@ -70,11 +70,11 @@ class externallib_test extends advanced_testcase {
|
||||||
);
|
);
|
||||||
|
|
||||||
$this->expectException(webservice_access_exception::class);
|
$this->expectException(webservice_access_exception::class);
|
||||||
$this->expectExceptionMessage('Access control exception (The userkey authentication plugin is disabled.)');
|
$this->expectExceptionMessage('Access control exception (The jwt authentication plugin is disabled.)');
|
||||||
|
|
||||||
// Simulate the web service server.
|
// Simulate the web service server.
|
||||||
$result = auth_userkey_external::request_login_url($params);
|
$result = auth_jwt_external::request_login_url($params);
|
||||||
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -83,7 +83,7 @@ class externallib_test extends advanced_testcase {
|
||||||
public function test_successful_webservice_calls() {
|
public function test_successful_webservice_calls() {
|
||||||
global $DB, $CFG;
|
global $DB, $CFG;
|
||||||
|
|
||||||
$CFG->auth = "userkey";
|
$CFG->auth = "jwt";
|
||||||
$this->setAdminUser();
|
$this->setAdminUser();
|
||||||
|
|
||||||
// Email.
|
// Email.
|
||||||
|
@ -92,64 +92,64 @@ class externallib_test extends advanced_testcase {
|
||||||
);
|
);
|
||||||
|
|
||||||
// Simulate the web service server.
|
// Simulate the web service server.
|
||||||
$result = auth_userkey_external::request_login_url($params);
|
$result = auth_jwt_external::request_login_url($params);
|
||||||
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
||||||
|
|
||||||
$this->assertTrue(is_array($result));
|
$this->assertTrue(is_array($result));
|
||||||
$this->assertTrue(key_exists('loginurl', $result));
|
$this->assertTrue(key_exists('loginurl', $result));
|
||||||
$this->assertEquals($expectedurl, $result['loginurl']);
|
$this->assertEquals($expectedurl, $result['loginurl']);
|
||||||
|
|
||||||
// Username.
|
// Username.
|
||||||
set_config('mappingfield', 'username', 'auth_userkey');
|
set_config('mappingfield', 'username', 'auth_jwt');
|
||||||
$params = array(
|
$params = array(
|
||||||
'username' => 'username',
|
'username' => 'username',
|
||||||
);
|
);
|
||||||
|
|
||||||
// Simulate the web service server.
|
// Simulate the web service server.
|
||||||
$result = auth_userkey_external::request_login_url($params);
|
$result = auth_jwt_external::request_login_url($params);
|
||||||
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
||||||
|
|
||||||
$this->assertTrue(is_array($result));
|
$this->assertTrue(is_array($result));
|
||||||
$this->assertTrue(key_exists('loginurl', $result));
|
$this->assertTrue(key_exists('loginurl', $result));
|
||||||
$this->assertEquals($expectedurl, $result['loginurl']);
|
$this->assertEquals($expectedurl, $result['loginurl']);
|
||||||
|
|
||||||
// Idnumber.
|
// Idnumber.
|
||||||
set_config('mappingfield', 'idnumber', 'auth_userkey');
|
set_config('mappingfield', 'idnumber', 'auth_jwt');
|
||||||
$params = array(
|
$params = array(
|
||||||
'idnumber' => 'idnumber',
|
'idnumber' => 'idnumber',
|
||||||
);
|
);
|
||||||
|
|
||||||
// Simulate the web service server.
|
// Simulate the web service server.
|
||||||
$result = auth_userkey_external::request_login_url($params);
|
$result = auth_jwt_external::request_login_url($params);
|
||||||
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
||||||
|
|
||||||
$this->assertTrue(is_array($result));
|
$this->assertTrue(is_array($result));
|
||||||
$this->assertTrue(key_exists('loginurl', $result));
|
$this->assertTrue(key_exists('loginurl', $result));
|
||||||
$this->assertEquals($expectedurl, $result['loginurl']);
|
$this->assertEquals($expectedurl, $result['loginurl']);
|
||||||
|
|
||||||
// IP restriction.
|
// IP restriction.
|
||||||
set_config('iprestriction', true, 'auth_userkey');
|
set_config('iprestriction', true, 'auth_jwt');
|
||||||
set_config('mappingfield', 'idnumber', 'auth_userkey');
|
set_config('mappingfield', 'idnumber', 'auth_jwt');
|
||||||
$params = array(
|
$params = array(
|
||||||
'idnumber' => 'idnumber',
|
'idnumber' => 'idnumber',
|
||||||
'ip' => '192.168.1.1',
|
'ip' => '192.168.1.1',
|
||||||
);
|
);
|
||||||
|
|
||||||
// Simulate the web service server.
|
// Simulate the web service server.
|
||||||
$result = auth_userkey_external::request_login_url($params);
|
$result = auth_jwt_external::request_login_url($params);
|
||||||
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
||||||
|
|
||||||
$this->assertTrue(is_array($result));
|
$this->assertTrue(is_array($result));
|
||||||
$this->assertTrue(key_exists('loginurl', $result));
|
$this->assertTrue(key_exists('loginurl', $result));
|
||||||
|
@ -163,7 +163,7 @@ class externallib_test extends advanced_testcase {
|
||||||
global $CFG;
|
global $CFG;
|
||||||
|
|
||||||
$this->setAdminUser();
|
$this->setAdminUser();
|
||||||
$CFG->auth = "userkey";
|
$CFG->auth = "jwt";
|
||||||
|
|
||||||
$params = array(
|
$params = array(
|
||||||
'bla' => 'exists@test.com',
|
'bla' => 'exists@test.com',
|
||||||
|
@ -172,7 +172,7 @@ class externallib_test extends advanced_testcase {
|
||||||
$this->expectException(invalid_parameter_exception::class);
|
$this->expectException(invalid_parameter_exception::class);
|
||||||
$this->expectExceptionMessage('Invalid parameter value detected (Required field "email" is not set or empty.)');
|
$this->expectExceptionMessage('Invalid parameter value detected (Required field "email" is not set or empty.)');
|
||||||
|
|
||||||
auth_userkey_external::request_login_url($params);
|
auth_jwt_external::request_login_url($params);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -182,9 +182,9 @@ class externallib_test extends advanced_testcase {
|
||||||
global $CFG;
|
global $CFG;
|
||||||
|
|
||||||
$this->setAdminUser();
|
$this->setAdminUser();
|
||||||
$CFG->auth = "userkey";
|
$CFG->auth = "jwt";
|
||||||
|
|
||||||
set_config('iprestriction', true, 'auth_userkey');
|
set_config('iprestriction', true, 'auth_jwt');
|
||||||
|
|
||||||
$params = array(
|
$params = array(
|
||||||
'email' => 'exists@test.com',
|
'email' => 'exists@test.com',
|
||||||
|
@ -193,7 +193,7 @@ class externallib_test extends advanced_testcase {
|
||||||
$this->expectException(invalid_parameter_exception::class);
|
$this->expectException(invalid_parameter_exception::class);
|
||||||
$this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)');
|
$this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)');
|
||||||
|
|
||||||
auth_userkey_external::request_login_url($params);
|
auth_jwt_external::request_login_url($params);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -203,7 +203,7 @@ class externallib_test extends advanced_testcase {
|
||||||
global $CFG;
|
global $CFG;
|
||||||
|
|
||||||
$this->setAdminUser();
|
$this->setAdminUser();
|
||||||
$CFG->auth = "userkey";
|
$CFG->auth = "jwt";
|
||||||
|
|
||||||
$params = array(
|
$params = array(
|
||||||
'email' => 'notexists@test.com',
|
'email' => 'notexists@test.com',
|
||||||
|
@ -213,8 +213,8 @@ class externallib_test extends advanced_testcase {
|
||||||
$this->expectExceptionMessage('Invalid parameter value detected (User is not exist)');
|
$this->expectExceptionMessage('Invalid parameter value detected (User is not exist)');
|
||||||
|
|
||||||
// Simulate the web service server.
|
// Simulate the web service server.
|
||||||
$result = auth_userkey_external::request_login_url($params);
|
$result = auth_jwt_external::request_login_url($params);
|
||||||
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -224,7 +224,7 @@ class externallib_test extends advanced_testcase {
|
||||||
global $CFG;
|
global $CFG;
|
||||||
|
|
||||||
$this->setUser($this->user);
|
$this->setUser($this->user);
|
||||||
$CFG->auth = "userkey";
|
$CFG->auth = "jwt";
|
||||||
|
|
||||||
$params = array(
|
$params = array(
|
||||||
'email' => 'notexists@test.com',
|
'email' => 'notexists@test.com',
|
||||||
|
@ -234,8 +234,8 @@ class externallib_test extends advanced_testcase {
|
||||||
$this->expectExceptionMessage('Sorry, but you do not currently have permissions to do that (Generate login user key)');
|
$this->expectExceptionMessage('Sorry, but you do not currently have permissions to do that (Generate login user key)');
|
||||||
|
|
||||||
// Simulate the web service server.
|
// Simulate the web service server.
|
||||||
$result = auth_userkey_external::request_login_url($params);
|
$result = auth_jwt_external::request_login_url($params);
|
||||||
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -245,11 +245,11 @@ class externallib_test extends advanced_testcase {
|
||||||
global $CFG, $DB;
|
global $CFG, $DB;
|
||||||
|
|
||||||
$this->setUser($this->user);
|
$this->setUser($this->user);
|
||||||
$CFG->auth = "userkey";
|
$CFG->auth = "jwt";
|
||||||
|
|
||||||
$context = context_system::instance();
|
$context = context_system::instance();
|
||||||
$studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
|
$studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
|
||||||
assign_capability('auth/userkey:generatekey', CAP_ALLOW, $studentrole->id, $context->id);
|
assign_capability('auth/jwt:generatekey', CAP_ALLOW, $studentrole->id, $context->id);
|
||||||
role_assign($studentrole->id, $this->user->id, $context->id);
|
role_assign($studentrole->id, $this->user->id, $context->id);
|
||||||
|
|
||||||
$params = array(
|
$params = array(
|
||||||
|
@ -257,11 +257,11 @@ class externallib_test extends advanced_testcase {
|
||||||
);
|
);
|
||||||
|
|
||||||
// Simulate the web service server.
|
// Simulate the web service server.
|
||||||
$result = auth_userkey_external::request_login_url($params);
|
$result = auth_jwt_external::request_login_url($params);
|
||||||
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
|
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
|
||||||
|
|
||||||
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
|
||||||
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
|
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
|
||||||
|
|
||||||
$this->assertTrue(is_array($result));
|
$this->assertTrue(is_array($result));
|
||||||
$this->assertTrue(key_exists('loginurl', $result));
|
$this->assertTrue(key_exists('loginurl', $result));
|
||||||
|
|
|
@ -14,16 +14,16 @@
|
||||||
// You should have received a copy of the GNU General Public License
|
// You should have received a copy of the GNU General Public License
|
||||||
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
|
||||||
namespace auth_userkey;
|
namespace auth_jwt;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Fake userkey manager for testing.
|
* Fake jwt manager for testing.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
class fake_userkey_manager implements userkey_manager_interface {
|
class fake_jwt_manager implements jwt_manager_interface {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create key.
|
* Create key.
|
||||||
|
|
|
@ -17,8 +17,8 @@
|
||||||
/**
|
/**
|
||||||
* Version details.
|
* Version details.
|
||||||
*
|
*
|
||||||
* @package auth_userkey
|
* @package auth_jwt
|
||||||
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
|
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
|
||||||
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
@ -27,6 +27,6 @@ defined('MOODLE_INTERNAL') || die;
|
||||||
$plugin->version = 2022081901; // The current plugin version (Date: YYYYMMDDXX).
|
$plugin->version = 2022081901; // The current plugin version (Date: YYYYMMDDXX).
|
||||||
$plugin->release = 2022081901; // Match release exactly to version.
|
$plugin->release = 2022081901; // Match release exactly to version.
|
||||||
$plugin->requires = 2017051500; // Requires Moodle 3.3 version.
|
$plugin->requires = 2017051500; // Requires Moodle 3.3 version.
|
||||||
$plugin->component = 'auth_userkey'; // Full name of the plugin (used for diagnostics).
|
$plugin->component = 'auth_jwt'; // Full name of the plugin (used for diagnostics).
|
||||||
$plugin->maturity = MATURITY_STABLE;
|
$plugin->maturity = MATURITY_STABLE;
|
||||||
$plugin->supported = [33, 401]; // A range of branch numbers of supported moodle versions.
|
$plugin->supported = [33, 401]; // A range of branch numbers of supported moodle versions.
|
||||||
|
|
Loading…
Reference in a new issue