refactor(auth): rename auth_userkey to auth_jwt
Some checks failed
ci / ci (push) Failing after 0s

Rebranded the auth_userkey plugin to auth_jwt, including changes to namespace, class names, and configuration settings to reflect the new jwt-based authentication mechanism. Updated copyright notices and contact information accordingly. This refactoring also includes the introduction of JWT token management using the Firebase JWT library, replacing the user quick keys.
This commit is contained in:
Kumi 2024-06-25 12:00:04 +02:00
parent 9c9266a826
commit 9a87e9a496
Signed by: kumi
GPG key ID: ECBCC9082395383F
20 changed files with 371 additions and 400 deletions

View file

@ -3,7 +3,7 @@ language: php
notifications:
email:
recipients:
- dmitriim@catalyst-au.net
- kumitterer@kumi.systems
sudo: false

View file

@ -181,8 +181,6 @@ This plugin was developed by Catalyst IT Australia:
https://www.catalyst-au.net/
![Catalyst IT](/pix/catalyst-logo.png?raw=true)
# Contributing and Support
Issues, and pull requests using github are welcome and encouraged!

View file

@ -17,15 +17,15 @@
/**
* User key auth method.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
use auth_userkey\core_userkey_manager;
use auth_userkey\userkey_manager_interface;
use auth_jwt\core_jwt_manager;
use auth_jwt\jwt_manager_interface;
require_once($CFG->libdir . "/externallib.php");
require_once($CFG->libdir.'/authlib.php');
@ -34,7 +34,7 @@ require_once($CFG->dirroot . '/user/lib.php');
/**
* User key authentication plugin.
*/
class auth_plugin_userkey extends auth_plugin_base {
class auth_plugin_jwt extends auth_plugin_base {
/**
* Default mapping field.
@ -44,9 +44,9 @@ class auth_plugin_userkey extends auth_plugin_base {
/**
* User key manager.
*
* @var userkey_manager_interface
* @var jwt_manager_interface
*/
protected $userkeymanager;
protected $jwtmanager;
/**
* Defaults for config form.
@ -68,9 +68,9 @@ class auth_plugin_userkey extends auth_plugin_base {
* Constructor.
*/
public function __construct() {
$this->authtype = 'userkey';
$this->config = get_config('auth_userkey');
$this->userkeymanager = new core_userkey_manager($this->config);
$this->authtype = 'jwt';
$this->config = get_config('auth_jwt');
$this->jwtmanager = new core_jwt_manager($this->config);
}
/**
@ -113,7 +113,7 @@ class auth_plugin_userkey extends auth_plugin_base {
*/
protected function redirect($url) {
if (CLI_SCRIPT || AJAX_SCRIPT) {
throw new moodle_exception('redirecterrordetected', 'auth_userkey', '', $url);
throw new moodle_exception('redirecterrordetected', 'auth_jwt', '', $url);
}
redirect($url);
@ -132,11 +132,11 @@ class auth_plugin_userkey extends auth_plugin_base {
}
/**
* Logs a user in using userkey and redirects after.
* Logs a user in using jwt and redirects after.
*
* @throws \moodle_exception If something went wrong.
*/
public function user_login_userkey() {
public function user_login_jwt() {
global $SESSION, $CFG, $USER;
$keyvalue = required_param('key', PARAM_ALPHANUM);
@ -149,7 +149,7 @@ class auth_plugin_userkey extends auth_plugin_base {
}
try {
$key = $this->userkeymanager->validate_key($keyvalue);
$key = $this->jwtmanager->validate_key($keyvalue);
} catch (moodle_exception $exception) {
// If user is logged in and key is not valid, we'd like to logout a user.
if (isloggedin()) {
@ -164,18 +164,18 @@ class auth_plugin_userkey extends auth_plugin_base {
require_logout();
} else {
// Don't process further if the user is already logged in.
$this->userkeymanager->delete_keys($key->userid);
$this->jwtmanager->delete_keys($key->userid);
$this->redirect($redirecturl);
}
}
$this->userkeymanager->delete_keys($key->userid);
$this->jwtmanager->delete_keys($key->userid);
$user = get_complete_user_data('id', $key->userid);
complete_user_login($user);
// Identify this session as using user key auth method.
$SESSION->userkey = true;
$SESSION->jwt = true;
$this->redirect($redirecturl);
}
@ -208,14 +208,14 @@ class auth_plugin_userkey extends auth_plugin_base {
}
/**
* Set userkey manager.
* Set jwt manager.
*
* This function is the only way to inject dependency, because of the way auth plugins work.
*
* @param \auth_userkey\userkey_manager_interface $keymanager
* @param \auth_jwt\jwt_manager_interface $keymanager
*/
public function set_userkey_manager(userkey_manager_interface $keymanager) {
$this->userkeymanager = $keymanager;
public function set_jwt_manager(jwt_manager_interface $keymanager) {
$this->jwtmanager = $keymanager;
}
/**
@ -282,7 +282,7 @@ class auth_plugin_userkey extends auth_plugin_base {
$user = $data;
unset($user['ip']);
$user['auth'] = 'userkey';
$user['auth'] = 'jwt';
$user['confirmed'] = 1;
$user['mnethostid'] = $CFG->mnet_localhost_id;
@ -324,7 +324,7 @@ class auth_plugin_userkey extends auth_plugin_base {
$userdata = $data;
unset($userdata['ip']);
$userdata['auth'] = 'userkey';
$userdata['auth'] = 'jwt';
$changed = false;
foreach ($userdata as $key => $value) {
@ -449,7 +449,7 @@ class auth_plugin_userkey extends auth_plugin_base {
$user = $this->get_user($data);
$ips = $this->get_allowed_ips($data);
return $this->userkeymanager->create_key($user->id, $ips);
return $this->jwtmanager->create_key($user->id, $ips);
}
/**
@ -465,9 +465,9 @@ class auth_plugin_userkey extends auth_plugin_base {
global $CFG;
$userdata = $this->validate_user_data($data);
$userkey = $this->generate_user_key($userdata);
$jwt = $this->generate_user_key($userdata);
return $CFG->wwwroot . '/auth/userkey/login.php?key=' . $userkey;
return $CFG->wwwroot . '/auth/jwt/login.php?key=' . $jwt;
}
/**
@ -605,7 +605,7 @@ class auth_plugin_userkey extends auth_plugin_base {
protected function should_logout_redirect() {
global $SESSION;
if (!isset($SESSION->userkey)) {
if (!isset($SESSION->jwt)) {
return false;
}
@ -639,19 +639,19 @@ class auth_plugin_userkey extends auth_plugin_base {
/**
* Log out user and redirect.
*/
public function user_logout_userkey() {
public function user_logout_jwt() {
global $CFG, $USER;
$redirect = required_param('return', PARAM_LOCALURL);
// We redirect when user's session in Moodle already has expired
// or the user is still logged in using "userkey" auth type.
if (!isloggedin() || $USER->auth == 'userkey') {
// or the user is still logged in using "jwt" auth type.
if (!isloggedin() || $USER->auth == 'jwt') {
require_logout();
$this->redirect($redirect);
} else {
// If logged in with different auth type, then display an error.
throw new moodle_exception('incorrectlogout', 'auth_userkey', $CFG->wwwroot);
throw new moodle_exception('incorrectlogout', 'auth_jwt', $CFG->wwwroot);
}
}
}

View file

@ -14,21 +14,19 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace auth_userkey;
namespace auth_jwt;
use \Firebase\JWT\JWT;
/**
* Key manager class.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class core_userkey_manager implements userkey_manager_interface {
/**
* This script script required by core create_user_key().
*/
const CORE_USER_KEY_MANAGER_SCRIPT = 'auth/userkey';
class core_jwt_manager
{
/**
* Default life time of the user key in seconds.
@ -47,7 +45,8 @@ class core_userkey_manager implements userkey_manager_interface {
*
* @param \stdClass $config
*/
public function __construct(\stdClass $config) {
public function __construct(\stdClass $config)
{
$this->config = $config;
}
@ -59,41 +58,26 @@ class core_userkey_manager implements userkey_manager_interface {
*
* @return string Generated key.
*/
public function create_key($userid, $allowedips = null) {
$this->delete_keys($userid);
public function create_key($userid, $allowedips = null)
{
if (isset($this->config->keylifetime) && (int)$this->config->keylifetime > 0) {
$validuntil = time() + $this->config->keylifetime;
} else {
$validuntil = time() + self::DEFAULT_KEY_LIFE_TIME_IN_SECONDS;
}
$iprestriction = null;
$payload = [
'userid' => $userid,
'exp' => $validuntil
];
if (isset($this->config->iprestriction) && !empty($this->config->iprestriction)) {
if ($allowedips) {
$iprestriction = $allowedips;
} else {
$iprestriction = getremoteaddr(null);
}
$payload['allowedips'] = $allowedips;
}
return create_user_key(
self::CORE_USER_KEY_MANAGER_SCRIPT,
$userid,
$userid,
$iprestriction,
$validuntil
);
}
$secret = $this->config->jwtsecret;
/**
* Delete all keys for a specific user.
*
* @param int $userid User ID.
*/
public function delete_keys($userid) {
delete_user_key(self::CORE_USER_KEY_MANAGER_SCRIPT, $userid);
return JWT::encode($payload, $secret);
}
/**
@ -105,28 +89,23 @@ class core_userkey_manager implements userkey_manager_interface {
*
* @throws \moodle_exception If provided key is not valid.
*/
public function validate_key($keyvalue) {
global $DB;
public function validate_key($keyvalue)
{
$secret = $this->config->jwtsecret;
$options = array(
'script' => self::CORE_USER_KEY_MANAGER_SCRIPT,
'value' => $keyvalue
);
if (!$key = $DB->get_record('user_private_key', $options)) {
try {
$decoded = JWT::decode($keyvalue, $secret, ['HS256']);
} catch (\Exception $e) {
throw new \moodle_exception('invalidkey');
}
if (!empty($key->validuntil) && $key->validuntil < time()) {
if (!empty($decoded->exp) && $decoded->exp < time()) {
throw new \moodle_exception('expiredkey');
}
$this->validate_ip_address($key);
$this->validate_ip_address($decoded);
if (!$user = $DB->get_record('user', array('id' => $key->userid))) {
throw new \moodle_exception('invaliduserid');
}
return $key;
return $decoded;
}
/**
@ -136,30 +115,24 @@ class core_userkey_manager implements userkey_manager_interface {
*
* @throws \moodle_exception If provided key is not valid.
*/
protected function validate_ip_address($key) {
if (!$key->iprestriction) {
protected function validate_ip_address($key)
{
if (empty($key->allowedips)) {
return true;
}
$remoteaddr = getremoteaddr(null);
if (empty($remoteaddr)) {
throw new \moodle_exception('noip', 'auth_userkey');
throw new \moodle_exception('noip', 'auth_jwt');
}
if (address_in_subnet($remoteaddr, $key->iprestriction)) {
return true;
}
if (isset($this->config->ipwhitelist)) {
$ips = explode(';', $this->config->ipwhitelist);
foreach ($ips as $ip) {
if (address_in_subnet($remoteaddr, $ip)) {
foreach ($key->allowedips as $allowedip) {
if (address_in_subnet($remoteaddr, $allowedip)) {
return true;
}
}
}
throw new \moodle_exception('ipmismatch', 'error', '', null, "Remote address: $remoteaddr\nKey IP: $key->iprestriction");
throw new \moodle_exception('ipmismatch', 'error', '', null, "Remote address: $remoteaddr\nKey IP: " . implode(', ', $key->allowedips));
}
}

View file

@ -17,19 +17,20 @@
/**
* Key manager interface.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_userkey;
namespace auth_jwt;
/**
* Interface userkey_manager_interface describes key manager behaviour.
* Interface jwt_manager_interface describes key manager behaviour.
*
* @package auth_userkey
* @package auth_jwt
*/
interface userkey_manager_interface {
interface jwt_manager_interface
{
/**
* Create a user key.
*
@ -57,5 +58,4 @@ interface userkey_manager_interface {
* @throws \moodle_exception If provided key is not valid.
*/
public function validate_key($keyvalue);
}

View file

@ -17,13 +17,13 @@
/**
* Privacy provider.
*
* @package auth_userkey
* @author Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @author Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @copyright 2020 Catalyst IT
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace auth_userkey\privacy;
namespace auth_jwt\privacy;
use core_privacy\local\metadata\null_provider;
use core_privacy\local\legacy_polyfill;

View file

@ -17,15 +17,15 @@
/**
* User key auth method caps.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die();
$capabilities = array(
'auth/userkey:generatekey' => array(
'auth/jwt:generatekey' => array(
'riskbitmask' => RISK_PERSONAL | RISK_SPAM | RISK_XSS ,
'captype' => 'write',

View file

@ -15,29 +15,29 @@
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Web services for auth_userkey.
* Web services for auth_jwt.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die;
$functions = array(
'auth_userkey_request_login_url' => array(
'classname' => 'auth_userkey_external',
'auth_jwt_request_login_url' => array(
'classname' => 'auth_jwt_external',
'methodname' => 'request_login_url',
'classpath' => 'auth/userkey/externallib.php',
'classpath' => 'auth/jwt/externallib.php',
'description' => 'Return one time key based login URL',
'type' => 'write',
'capabilities' => 'auth/userkey:generatekey',
'capabilities' => 'auth/jwt:generatekey',
)
);
$services = array(
'User key authentication web service' => array(
'functions' => array ('auth_userkey_request_login_url'),
'functions' => array ('auth_jwt_request_login_url'),
'restrictedusers' => 1,
'enabled' => 1,
)

View file

@ -17,8 +17,8 @@
/**
* Upgrade script.
*
* @package auth_userkey
* @copyright 2018 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2018 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
@ -28,13 +28,13 @@
* @param string $oldversion Old version of the plugin.
* @return bool
*/
function xmldb_auth_userkey_upgrade($oldversion) {
function xmldb_auth_jwt_upgrade($oldversion) {
global $DB;
if ($oldversion < 2018050200) {
// Confirm all previously created users.
$DB->execute("UPDATE {user} SET confirmed=? WHERE auth=?", array(1, 'userkey'));
upgrade_plugin_savepoint(true, 2018050200, 'auth', 'userkey');
$DB->execute("UPDATE {user} SET confirmed=? WHERE auth=?", array(1, 'jwt'));
upgrade_plugin_savepoint(true, 2018050200, 'auth', 'jwt');
}
return true;

View file

@ -15,10 +15,10 @@
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Webservices for auth_userkey.
* Webservices for auth_jwt.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
@ -26,16 +26,16 @@ defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir . "/externallib.php");
require_once($CFG->dirroot . "/webservice/lib.php");
require_once($CFG->dirroot . "/auth/userkey/auth.php");
require_once($CFG->dirroot . "/auth/jwt/auth.php");
/**
* Webservices for auth_userkey.
* Webservices for auth_jwt.
*
* @package auth_userkey
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class auth_userkey_external extends external_api {
class auth_jwt_external extends external_api {
/**
* Return request_login_url webservice parameters.
@ -46,7 +46,7 @@ class auth_userkey_external extends external_api {
return new external_function_parameters(
array(
'user' => new external_single_structure(
get_auth_plugin('userkey')->get_request_login_url_user_parameters()
get_auth_plugin('jwt')->get_request_login_url_user_parameters()
)
)
);
@ -64,14 +64,14 @@ class auth_userkey_external extends external_api {
*/
public static function request_login_url($user) {
if (!is_enabled_auth('userkey')) {
throw new webservice_access_exception(get_string('pluginisdisabled', 'auth_userkey'));
if (!is_enabled_auth('jwt')) {
throw new webservice_access_exception(get_string('pluginisdisabled', 'auth_jwt'));
}
$context = context_system::instance();
require_capability('auth/userkey:generatekey', $context);
require_capability('auth/jwt:generatekey', $context);
$auth = get_auth_plugin('userkey');
$auth = get_auth_plugin('jwt');
$loginurl = $auth->get_login_url($user);
return array(

View file

@ -15,17 +15,17 @@
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Strings for auth_userkey.
* Strings for auth_jwt.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
defined('MOODLE_INTERNAL') || die;
$string['pluginname'] = 'User key authentication';
$string['auth_userkeydescription'] = 'Log in to Moodle using one time user key.';
$string['auth_jwtdescription'] = 'Log in to Moodle using one time user key.';
$string['mappingfield'] = 'Mapping field';
$string['mappingfield_desc'] = 'This user field will be used to find relevant user in the LMS.';
$string['iprestriction'] = 'IP restriction';
@ -46,8 +46,8 @@ $string['redirecturl'] = 'Logout redirect URL';
$string['redirecturl_desc'] = 'Optionally you can redirect users to this URL after they logged out from LMS.';
$string['incorrectredirecturl'] = 'You should provide valid URL';
$string['incorrectssourl'] = 'You should provide valid URL';
$string['userkey:generatekey'] = 'Generate login user key';
$string['pluginisdisabled'] = 'The userkey authentication plugin is disabled.';
$string['jwt:generatekey'] = 'Generate login user key';
$string['pluginisdisabled'] = 'The jwt authentication plugin is disabled.';
$string['ssourl'] = 'URL of SSO host';
$string['ssourl_desc'] = 'URL of the SSO host to redirect users to. If defined users will be redirected here on login instead of the Moodle Login page';
$string['redirecterrordetected'] = 'Unsupported redirect to {$a} detected, execution terminated.';

View file

@ -15,17 +15,17 @@
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Login page for auth_userkey.
* Login page for auth_jwt.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require_once(dirname(__FILE__) . '/../../config.php');
if (!is_enabled_auth('userkey')) {
throw new moodle_exception(get_string('pluginisdisabled', 'auth_userkey'));
if (!is_enabled_auth('jwt')) {
throw new moodle_exception(get_string('pluginisdisabled', 'auth_jwt'));
}
get_auth_plugin('userkey')->user_login_userkey();
get_auth_plugin('jwt')->user_login_jwt();

View file

@ -15,17 +15,17 @@
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
/**
* Logout page for auth_userkey.
* Logout page for auth_jwt.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require_once(dirname(__FILE__) . '/../../config.php');
if (!is_enabled_auth('userkey')) {
throw new moodle_exception(get_string('pluginisdisabled', 'auth_userkey'));
if (!is_enabled_auth('jwt')) {
throw new moodle_exception(get_string('pluginisdisabled', 'auth_jwt'));
}
get_auth_plugin('userkey')->user_logout_userkey();
get_auth_plugin('jwt')->user_logout_jwt();

Binary file not shown.

Before

Width:  |  Height:  |  Size: 5.2 KiB

View file

@ -17,8 +17,8 @@
/**
* Admin settings and defaults
*
* @package auth_userkey
* @copyright 2017 Stephen Bourget
* @package auth_jwt
* @copyright 2017 Stephen Bourget, 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
@ -26,42 +26,42 @@ defined('MOODLE_INTERNAL') || die;
if ($ADMIN->fulltree) {
$yesno = array(get_string('no'), get_string('yes'));
$fields = get_auth_plugin('userkey')->get_allowed_mapping_fields();
$fields = get_auth_plugin('jwt')->get_allowed_mapping_fields();
$settings->add(new admin_setting_configselect('auth_userkey/mappingfield',
new lang_string('mappingfield', 'auth_userkey'),
new lang_string('mappingfield_desc', 'auth_userkey'), 0, $fields));
$settings->add(new admin_setting_configselect('auth_jwt/mappingfield',
new lang_string('mappingfield', 'auth_jwt'),
new lang_string('mappingfield_desc', 'auth_jwt'), 0, $fields));
$settings->add(new admin_setting_configtext('auth_userkey/keylifetime', get_string('keylifetime', 'auth_userkey'),
get_string('keylifetime_desc', 'auth_userkey', 'auth'),
$settings->add(new admin_setting_configtext('auth_jwt/keylifetime', get_string('keylifetime', 'auth_jwt'),
get_string('keylifetime_desc', 'auth_jwt', 'auth'),
'60', PARAM_INT));
$settings->add(new admin_setting_configselect('auth_userkey/iprestriction',
new lang_string('iprestriction', 'auth_userkey'),
new lang_string('iprestriction_desc', 'auth_userkey'), 0, $yesno));
$settings->add(new admin_setting_configselect('auth_jwt/iprestriction',
new lang_string('iprestriction', 'auth_jwt'),
new lang_string('iprestriction_desc', 'auth_jwt'), 0, $yesno));
$settings->add(new admin_setting_configtext('auth_userkey/ipwhitelist', get_string('ipwhitelist', 'auth_userkey'),
get_string('ipwhitelist_desc', 'auth_userkey', 'auth'),
$settings->add(new admin_setting_configtext('auth_jwt/ipwhitelist', get_string('ipwhitelist', 'auth_jwt'),
get_string('ipwhitelist_desc', 'auth_jwt', 'auth'),
'', PARAM_TEXT));
$settings->add(new admin_setting_configtext('auth_userkey/redirecturl', get_string('redirecturl', 'auth_userkey'),
get_string('redirecturl_desc', 'auth_userkey', 'auth'),
$settings->add(new admin_setting_configtext('auth_jwt/redirecturl', get_string('redirecturl', 'auth_jwt'),
get_string('redirecturl_desc', 'auth_jwt', 'auth'),
'', PARAM_URL));
$settings->add(new admin_setting_configtext('auth_userkey/ssourl', get_string('ssourl', 'auth_userkey'),
get_string('ssourl_desc', 'auth_userkey', 'auth'),
$settings->add(new admin_setting_configtext('auth_jwt/ssourl', get_string('ssourl', 'auth_jwt'),
get_string('ssourl_desc', 'auth_jwt', 'auth'),
'', PARAM_URL));
$settings->add(new admin_setting_configselect('auth_userkey/createuser',
new lang_string('createuser', 'auth_userkey'),
new lang_string('createuser_desc', 'auth_userkey'), 0, $yesno));
$settings->add(new admin_setting_configselect('auth_jwt/createuser',
new lang_string('createuser', 'auth_jwt'),
new lang_string('createuser_desc', 'auth_jwt'), 0, $yesno));
$settings->add(new admin_setting_configselect('auth_userkey/updateuser',
new lang_string('updateuser', 'auth_userkey'),
new lang_string('updateuser_desc', 'auth_userkey'), 0, $yesno));
$settings->add(new admin_setting_configselect('auth_jwt/updateuser',
new lang_string('updateuser', 'auth_jwt'),
new lang_string('updateuser_desc', 'auth_jwt'), 0, $yesno));
// Display locking / mapping of profile fields.
$authplugin = get_auth_plugin('userkey');
$authplugin = get_auth_plugin('jwt');
display_auth_lock_options($settings, $authplugin->authtype,
$authplugin->userfields, get_string('auth_fieldlocks_help', 'auth'), false, false);
}

View file

@ -14,28 +14,28 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace auth_userkey;
namespace auth_jwt;
use advanced_testcase;
use auth_plugin_userkey;
use auth_plugin_jwt;
use stdClass;
use invalid_parameter_exception;
use moodle_exception;
use external_value;
/**
* Tests for auth_plugin_userkey class.
* Tests for auth_plugin_jwt class.
*
* @covers \auth_plugin_userkey
* @covers \auth_plugin_jwt
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class auth_plugin_test extends advanced_testcase {
/**
* An instance of auth_plugin_userkey class.
* @var auth_plugin_userkey
* An instance of auth_plugin_jwt class.
* @var auth_plugin_jwt
*/
protected $auth;
@ -58,15 +58,15 @@ class auth_plugin_test extends advanced_testcase {
global $CFG;
require_once($CFG->libdir . "/externallib.php");
require_once($CFG->dirroot . '/auth/userkey/tests/fake_userkey_manager.php');
require_once($CFG->dirroot . '/auth/userkey/auth.php');
require_once($CFG->dirroot . '/auth/jwt/tests/fake_jwt_manager.php');
require_once($CFG->dirroot . '/auth/jwt/auth.php');
require_once($CFG->dirroot . '/user/lib.php');
parent::setUp();
$this->resetAfterTest();
$CFG->getremoteaddrconf = GETREMOTEADDR_SKIP_HTTP_X_FORWARDED_FOR;
$this->auth = new auth_plugin_userkey();
$this->auth = new auth_plugin_jwt();
$this->user = self::getDataGenerator()->create_user();
}
@ -102,7 +102,7 @@ class auth_plugin_test extends advanced_testcase {
$record->timecreated = time();
}
$record->script = 'auth/userkey';
$record->script = 'auth/jwt';
$DB->insert_record('user_private_key', $record);
}
@ -112,7 +112,7 @@ class auth_plugin_test extends advanced_testcase {
*/
public function test_users_can_not_login_using_login_form() {
$user = new stdClass();
$user->auth = 'userkey';
$user->auth = 'jwt';
$user->username = 'username';
$user->password = 'correctpassword';
@ -162,20 +162,20 @@ class auth_plugin_test extends advanced_testcase {
$this->auth->logoutpage_hook();
$this->assertEquals('', $redirect);
$SESSION->userkey = true;
$this->auth = new auth_plugin_userkey();
$SESSION->jwt = true;
$this->auth = new auth_plugin_jwt();
$this->auth->logoutpage_hook();
$this->assertEquals('', $redirect);
unset($SESSION->userkey);
set_config('redirecturl', 'http://example.com', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
unset($SESSION->jwt);
set_config('redirecturl', 'http://example.com', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->auth->logoutpage_hook();
$this->assertEquals('', $redirect);
$SESSION->userkey = true;
set_config('redirecturl', 'http://example.com', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
$SESSION->jwt = true;
set_config('redirecturl', 'http://example.com', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->auth->logoutpage_hook();
$this->assertEquals('http://example.com', $redirect);
}
@ -184,8 +184,8 @@ class auth_plugin_test extends advanced_testcase {
* Test that configured mapping field gets returned correctly.
*/
public function test_get_mapping_field() {
set_config('mappingfield', 'username', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('mappingfield', 'username', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$expected = 'username';
$actual = $this->auth->get_mapping_field();
@ -209,8 +209,8 @@ class auth_plugin_test extends advanced_testcase {
*/
public function test_throwing_exception_if_mapping_field_username_is_not_provided() {
$user = array();
set_config('mappingfield', 'username', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('mappingfield', 'username', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->expectException(invalid_parameter_exception::class);
$this->expectExceptionMessage('Invalid parameter value detected (Required field "username" is not set or empty.)');
@ -223,8 +223,8 @@ class auth_plugin_test extends advanced_testcase {
*/
public function test_throwing_exception_if_mapping_field_idnumber_is_not_provided() {
$user = array();
set_config('mappingfield', 'idnumber', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('mappingfield', 'idnumber', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->expectException(invalid_parameter_exception::class);
$this->expectExceptionMessage('Invalid parameter value detected (Required field "idnumber" is not set or empty.)');
@ -251,8 +251,8 @@ class auth_plugin_test extends advanced_testcase {
public function test_throwing_exception_if_iprestriction_is_enabled_but_ip_is_missing_in_data() {
$user = array();
$user['email'] = 'exists@test.com';
set_config('iprestriction', true, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('iprestriction', true, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->expectException(invalid_parameter_exception::class);
$this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)');
@ -272,10 +272,10 @@ class auth_plugin_test extends advanced_testcase {
self::getDataGenerator()->create_user($user);
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
$actual = $this->auth->get_login_url($user);
$this->assertEquals($expected, $actual);
@ -293,10 +293,10 @@ class auth_plugin_test extends advanced_testcase {
self::getDataGenerator()->create_user($user);
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
$actual = $this->auth->get_login_url($user);
$this->assertEquals($expected, $actual);
@ -315,10 +315,10 @@ class auth_plugin_test extends advanced_testcase {
self::getDataGenerator()->create_user($user);
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
$actual = $this->auth->get_login_url($user);
$this->assertEquals($expected, $actual);
@ -330,11 +330,11 @@ class auth_plugin_test extends advanced_testcase {
public function test_return_correct_login_url_and_create_new_user() {
global $CFG, $DB;
set_config('createuser', true, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('createuser', true, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
$user = new stdClass();
$user->username = 'username';
@ -343,7 +343,7 @@ class auth_plugin_test extends advanced_testcase {
$user->lastname = 'name';
$user->ip = '192.168.1.1';
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
$actual = $this->auth->get_login_url($user);
$this->assertEquals($expected, $actual);
@ -353,7 +353,7 @@ class auth_plugin_test extends advanced_testcase {
$this->assertEquals($user->firstname, $userrecord->firstname);
$this->assertEquals($user->lastname, $userrecord->lastname);
$this->assertEquals(1, $userrecord->confirmed);
$this->assertEquals('userkey', $userrecord->auth);
$this->assertEquals('jwt', $userrecord->auth);
}
/**
@ -362,11 +362,11 @@ class auth_plugin_test extends advanced_testcase {
public function test_missing_data_to_create_user() {
global $CFG, $DB;
set_config('createuser', true, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('createuser', true, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
$user = new stdClass();
$user->email = 'username@test.com';
@ -382,11 +382,11 @@ class auth_plugin_test extends advanced_testcase {
* Test that when we attempt to create a new user duplicate usernames are caught.
*/
public function test_create_refuse_duplicate_username() {
set_config('createuser', true, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('createuser', true, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
$originaluser = new stdClass();
$originaluser->username = 'username';
@ -411,12 +411,12 @@ class auth_plugin_test extends advanced_testcase {
* Test that when we attempt to create a new user duplicate emails are caught.
*/
public function test_create_refuse_duplicate_email() {
set_config('createuser', true, 'auth_userkey');
set_config('mappingfield', 'username', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('createuser', true, 'auth_jwt');
set_config('mappingfield', 'username', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
$originaluser = new stdClass();
$originaluser->username = 'username';
@ -443,11 +443,11 @@ class auth_plugin_test extends advanced_testcase {
public function test_return_correct_login_url_and_update_user() {
global $CFG, $DB;
set_config('updateuser', true, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('updateuser', true, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
$originaluser = new stdClass();
$originaluser->username = 'username';
@ -466,7 +466,7 @@ class auth_plugin_test extends advanced_testcase {
$user->lastname = 'namechanged';
$user->ip = '192.168.1.1';
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=FaKeKeyFoRtEsTiNg';
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=FaKeKeyFoRtEsTiNg';
$actual = $this->auth->get_login_url($user);
$this->assertEquals($expected, $actual);
@ -476,19 +476,19 @@ class auth_plugin_test extends advanced_testcase {
$this->assertEquals($user->firstname, $userrecord->firstname);
$this->assertEquals($user->lastname, $userrecord->lastname);
$this->assertEquals($originaluser->city, $userrecord->city);
$this->assertEquals('userkey', $userrecord->auth);
$this->assertEquals('jwt', $userrecord->auth);
}
/**
* Test that when we attempt to update a user duplicate emails are caught.
*/
public function test_update_refuse_duplicate_email() {
set_config('updateuser', true, 'auth_userkey');
set_config('mappingfield', 'username', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('updateuser', true, 'auth_jwt');
set_config('mappingfield', 'username', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
self::getDataGenerator()->create_user(['email' => 'trytoduplicate@test.com']);
self::getDataGenerator()->create_user(['username' => 'username']);
@ -511,11 +511,11 @@ class auth_plugin_test extends advanced_testcase {
* Test that when we attempt to update a user duplicate usernames are caught.
*/
public function test_update_refuse_duplicate_username() {
set_config('updateuser', true, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('updateuser', true, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$userkeymanager = new fake_userkey_manager();
$this->auth->set_userkey_manager($userkeymanager);
$jwtmanager = new fake_jwt_manager();
$this->auth->set_jwt_manager($jwtmanager);
self::getDataGenerator()->create_user(['username' => 'trytoduplicate']);
self::getDataGenerator()->create_user(['email' => 'username@test.com']);
@ -546,9 +546,9 @@ class auth_plugin_test extends advanced_testcase {
$user = self::getDataGenerator()->create_user($user);
create_user_key('auth/userkey', $user->id);
create_user_key('auth/userkey', $user->id);
create_user_key('auth/userkey', $user->id);
create_user_key('auth/jwt', $user->id);
create_user_key('auth/jwt', $user->id);
create_user_key('auth/jwt', $user->id);
$keys = $DB->get_records('user_private_key', array('userid' => $user->id));
$this->assertEquals(3, count($keys));
@ -560,7 +560,7 @@ class auth_plugin_test extends advanced_testcase {
$actualkey = $DB->get_record('user_private_key', array('userid' => $user->id));
$expected = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
$expected = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
$this->assertEquals($expected, $actual);
}
@ -596,8 +596,8 @@ class auth_plugin_test extends advanced_testcase {
$this->assertEquals($expected, $actual);
// Check username.
set_config('mappingfield', 'username', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('mappingfield', 'username', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$expected = array(
'username' => new external_value(
@ -610,8 +610,8 @@ class auth_plugin_test extends advanced_testcase {
$this->assertEquals($expected, $actual);
// Check idnumber.
set_config('mappingfield', 'idnumber', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('mappingfield', 'idnumber', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$expected = array(
'idnumber' => new external_value(
@ -624,8 +624,8 @@ class auth_plugin_test extends advanced_testcase {
$this->assertEquals($expected, $actual);
// Check some junk field name.
set_config('mappingfield', 'junkfield', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('mappingfield', 'junkfield', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$expected = array();
@ -633,15 +633,15 @@ class auth_plugin_test extends advanced_testcase {
$this->assertEquals($expected, $actual);
// Check IP if iprestriction disabled.
set_config('iprestriction', false, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('iprestriction', false, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$expected = array();
$actual = $this->auth->get_request_login_url_user_parameters();
$this->assertEquals($expected, $actual);
// Check IP if iprestriction enabled.
set_config('iprestriction', true, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('iprestriction', true, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$expected = array(
'ip' => new external_value(
PARAM_HOST,
@ -652,8 +652,8 @@ class auth_plugin_test extends advanced_testcase {
$this->assertEquals($expected, $actual);
// Check IP if createuser enabled.
set_config('createuser', true, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('createuser', true, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$expected = array(
'ip' => new external_value(PARAM_HOST, 'User IP address'),
'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL),
@ -663,11 +663,11 @@ class auth_plugin_test extends advanced_testcase {
);
$actual = $this->auth->get_request_login_url_user_parameters();
$this->assertEquals($expected, $actual);
set_config('createuser', false, 'auth_userkey');
set_config('createuser', false, 'auth_jwt');
// Check IP if updateuser enabled.
set_config('updateuser', true, 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('updateuser', true, 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$expected = array(
'ip' => new external_value(PARAM_HOST, 'User IP address'),
'firstname' => new external_value(PARAM_NOTAGS, 'The first name(s) of the user', VALUE_OPTIONAL),
@ -677,7 +677,7 @@ class auth_plugin_test extends advanced_testcase {
);
$actual = $this->auth->get_request_login_url_user_parameters();
$this->assertEquals($expected, $actual);
set_config('updateuser', false, 'auth_userkey');
set_config('updateuser', false, 'auth_jwt');
}
/**
@ -707,7 +707,7 @@ class auth_plugin_test extends advanced_testcase {
$this->expectException(moodle_exception::class);
$this->expectExceptionMessage('A required parameter (key) was missing');
$this->auth->user_login_userkey();
$this->auth->user_login_jwt();
}
/**
@ -718,7 +718,7 @@ class auth_plugin_test extends advanced_testcase {
$this->expectExceptionMessage('Incorrect key');
$_POST['key'] = 'InvalidKey';
$this->auth->user_login_userkey();
$this->auth->user_login_jwt();
}
/**
@ -731,7 +731,7 @@ class auth_plugin_test extends advanced_testcase {
$this->expectExceptionMessage('Expired key');
$_POST['key'] = 'TestKey';
$this->auth->user_login_userkey();
$this->auth->user_login_jwt();
}
/**
@ -746,14 +746,14 @@ class auth_plugin_test extends advanced_testcase {
$this->expectException(moodle_exception::class);
$this->expectExceptionMessage('Client IP address mismatch');
$this->auth->user_login_userkey();
$this->auth->user_login_jwt();
}
/**
* Test that IP address mismatch exception gets thrown if incorrect IP and outside whitelist.
*/
public function test_ipmismatch_exception_thrown_if_ip_is_outside_whitelist() {
set_config('ipwhitelist', '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16', 'auth_userkey');
set_config('ipwhitelist', '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16', 'auth_jwt');
$this->create_user_private_key(['iprestriction' => '192.161.1.1']);
$_POST['key'] = 'TestKey';
@ -762,7 +762,7 @@ class auth_plugin_test extends advanced_testcase {
$this->expectException(moodle_exception::class);
$this->expectExceptionMessage('Client IP address mismatch');
$this->auth->user_login_userkey();
$this->auth->user_login_jwt();
}
/**
@ -781,7 +781,7 @@ class auth_plugin_test extends advanced_testcase {
$this->expectException(moodle_exception::class);
$this->expectExceptionMessage('Invalid user');
$this->auth->user_login_userkey();
$this->auth->user_login_jwt();
}
/**
@ -800,7 +800,7 @@ class auth_plugin_test extends advanced_testcase {
try {
// Using @ is the only way to test this. Thanks moodle!
@$this->auth->user_login_userkey();
@$this->auth->user_login_jwt();
} catch (moodle_exception $e) {
$keyexists = $DB->record_exists('user_private_key', array('value' => 'RemoveKey'));
$this->assertFalse($keyexists);
@ -820,7 +820,7 @@ class auth_plugin_test extends advanced_testcase {
$this->expectException(moodle_exception::class);
$this->expectExceptionMessage('Unsupported redirect to http://www.example.com/moodle detected, execution terminated');
@$this->auth->user_login_userkey();
@$this->auth->user_login_jwt();
}
/**
@ -835,11 +835,11 @@ class auth_plugin_test extends advanced_testcase {
try {
// Using @ is the only way to test this. Thanks moodle!
@$this->auth->user_login_userkey();
@$this->auth->user_login_jwt();
} catch (moodle_exception $e) {
$this->assertEquals($this->user->id, $USER->id);
$this->assertSame(sesskey(), $USER->sesskey);
$this->assertObjectHasAttribute('userkey', $SESSION);
$this->assertObjectHasAttribute('jwt', $SESSION);
}
}
@ -855,7 +855,7 @@ class auth_plugin_test extends advanced_testcase {
$this->expectExceptionMessage('Unsupported redirect to /course/index.php?id=12&key=134 detected, execution terminated');
// Using @ is the only way to test this. Thanks moodle!
@$this->auth->user_login_userkey();
@$this->auth->user_login_jwt();
}
/**
@ -871,7 +871,7 @@ class auth_plugin_test extends advanced_testcase {
$this->expectExceptionMessage('Unsupported redirect to http://test.com/course/index.php?id=12&key=134 detected, execution terminated');
// Using @ is the only way to test this. Thanks moodle!
@$this->auth->user_login_userkey();
@$this->auth->user_login_jwt();
}
/**
@ -881,8 +881,8 @@ class auth_plugin_test extends advanced_testcase {
global $SESSION;
$SESSION->enrolkey_skipsso = 0;
set_config('ssourl', 'http://google.com', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('ssourl', 'http://google.com', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->expectException(moodle_exception::class);
$this->expectExceptionMessage('Unsupported redirect to http://google.com detected, execution terminated.');
@ -897,8 +897,8 @@ class auth_plugin_test extends advanced_testcase {
global $SESSION;
$SESSION->enrolkey_skipsso = 0;
set_config('ssourl', '', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('ssourl', '', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->assertTrue($this->auth->loginpage_hook());
}
@ -910,8 +910,8 @@ class auth_plugin_test extends advanced_testcase {
global $SESSION;
$SESSION->enrolkey_skipsso = 1;
set_config('ssourl', '', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('ssourl', '', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->assertTrue($this->auth->loginpage_hook());
}
@ -923,8 +923,8 @@ class auth_plugin_test extends advanced_testcase {
global $SESSION;
$SESSION->enrolkey_skipsso = 0;
set_config('ssourl', 'http://google.com', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('ssourl', 'http://google.com', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->expectException(moodle_exception::class);
$this->expectExceptionMessage('Unsupported redirect to http://google.com detected, execution terminated.');
@ -939,8 +939,8 @@ class auth_plugin_test extends advanced_testcase {
global $SESSION;
$SESSION->enrolkey_skipsso = 0;
set_config('ssourl', '', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('ssourl', '', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->assertTrue($this->auth->pre_loginpage_hook());
}
@ -952,8 +952,8 @@ class auth_plugin_test extends advanced_testcase {
global $SESSION;
$SESSION->enrolkey_skipsso = 1;
set_config('ssourl', '', 'auth_userkey');
$this->auth = new auth_plugin_userkey();
set_config('ssourl', '', 'auth_jwt');
$this->auth = new auth_plugin_jwt();
$this->assertTrue($this->auth->pre_loginpage_hook());
}
@ -974,11 +974,11 @@ class auth_plugin_test extends advanced_testcase {
try {
// Using @ is the only way to test this. Thanks moodle!
@$this->auth->user_login_userkey();
@$this->auth->user_login_jwt();
} catch (moodle_exception $e) {
$this->assertEquals($this->user->id, $USER->id);
$this->assertSame(sesskey(), $USER->sesskey);
$this->assertObjectHasAttribute('userkey', $SESSION);
$this->assertObjectHasAttribute('jwt', $SESSION);
}
}
@ -998,7 +998,7 @@ class auth_plugin_test extends advanced_testcase {
try {
// Using @ is the only way to test this. Thanks moodle!
@$this->auth->user_login_userkey();
@$this->auth->user_login_jwt();
} catch (moodle_exception $e) {
$this->assertEquals('Incorrect key', $e->getMessage());
$this->assertEmpty($USER->id);
@ -1021,11 +1021,11 @@ class auth_plugin_test extends advanced_testcase {
try {
// Using @ is the only way to test this. Thanks moodle!
@$this->auth->user_login_userkey();
@$this->auth->user_login_jwt();
} catch (moodle_exception $e) {
$this->assertEquals($this->user->id, $USER->id);
$this->assertSame(sesskey(), $USER->sesskey);
$this->assertObjectNotHasAttribute('userkey', $SESSION);
$this->assertObjectNotHasAttribute('jwt', $SESSION);
$keyexists = $DB->record_exists('user_private_key', array('value' => 'TestKey'));
$this->assertFalse($keyexists);
}
@ -1034,17 +1034,17 @@ class auth_plugin_test extends advanced_testcase {
/**
* Test when try to logout, but required return is not set.
*/
public function test_user_logout_userkey_when_required_return_not_set() {
public function test_user_logout_jwt_when_required_return_not_set() {
$this->expectException(moodle_exception::class);
$this->expectExceptionMessage('A required parameter (return) was missing');
$this->auth->user_logout_userkey();
$this->auth->user_logout_jwt();
}
/**
* Test when try to logout, but user is not logged in.
*/
public function test_user_logout_userkey_when_user_is_not_logged_in() {
public function test_user_logout_jwt_when_user_is_not_logged_in() {
$_POST['return'] = self::REDIRECTION_PATH;
$this->expectException(moodle_exception::class);
@ -1052,20 +1052,20 @@ class auth_plugin_test extends advanced_testcase {
sprintf("Unsupported redirect to %s detected, execution terminated.", self::REDIRECTION_PATH)
);
$this->auth->user_logout_userkey();
$this->auth->user_logout_jwt();
}
/**
* Test when try to logout, but user logged in with different auth type.
*/
public function test_user_logout_userkey_when_user_logged_in_with_different_auth() {
public function test_user_logout_jwt_when_user_logged_in_with_different_auth() {
global $USER;
$_POST['return'] = self::REDIRECTION_PATH;
$this->setUser($this->user);
try {
$this->auth->user_logout_userkey();
$this->auth->user_logout_jwt();
} catch (moodle_exception $e) {
$this->assertTrue(isloggedin());
$this->assertEquals($USER->id, $this->user->id);
@ -1079,27 +1079,27 @@ class auth_plugin_test extends advanced_testcase {
/**
* Test when try to logout, but user logged in with different auth type.
*/
public function test_user_logout_userkey_when_user_logged_in_but_return_not_set() {
public function test_user_logout_jwt_when_user_logged_in_but_return_not_set() {
$this->setUser($this->user);
$this->expectException(moodle_exception::class);
$this->expectExceptionMessage('A required parameter (return) was missing');
$this->auth->user_logout_userkey();
$this->auth->user_logout_jwt();
}
/**
* Test successful logout.
*/
public function test_user_logout_userkey_logging_out() {
public function test_user_logout_jwt_logging_out() {
global $USER;
$this->setUser($this->user);
$USER->auth = 'userkey';
$USER->auth = 'jwt';
$_POST['return'] = self::REDIRECTION_PATH;
try {
$this->auth->user_logout_userkey();
$this->auth->user_logout_jwt();
} catch (moodle_exception $e) {
$this->assertFalse(isloggedin());
$this->assertEquals(

View file

@ -14,21 +14,21 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace auth_userkey;
namespace auth_jwt;
/**
* Tests for core_userkey_manager class.
* Tests for core_jwt_manager class.
*
* Key validation is fully covered in auth_plugin_test.php file.
* TODO: write tests for validate_key() function.
*
* @covers \auth_userkey\core_userkey_manager
* @covers \auth_jwt\core_jwt_manager
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class core_userkey_manager_test extends \advanced_testcase {
class core_jwt_manager_test extends \advanced_testcase {
/**
* Test user object.
* @var
@ -56,12 +56,12 @@ class core_userkey_manager_test extends \advanced_testcase {
}
/**
* Test that core_userkey_manager implements userkey_manager_interface interface.
* Test that core_jwt_manager implements jwt_manager_interface interface.
*/
public function test_implements_userkey_manager_interface() {
$manager = new core_userkey_manager($this->config);
public function test_implements_jwt_manager_interface() {
$manager = new core_jwt_manager($this->config);
$expected = 'auth_userkey\userkey_manager_interface';
$expected = 'auth_jwt\jwt_manager_interface';
$this->assertInstanceOf($expected, $manager);
}
@ -72,14 +72,14 @@ class core_userkey_manager_test extends \advanced_testcase {
global $DB;
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$this->assertEquals($value, $actualkey->value);
$this->assertEquals($this->user->id, $actualkey->userid);
$this->assertEquals('auth/userkey', $actualkey->script);
$this->assertEquals('auth/jwt', $actualkey->script);
$this->assertEquals($this->user->id, $actualkey->instance);
$this->assertEquals(null, $actualkey->iprestriction);
$this->assertEquals(time() + 60, $actualkey->validuntil);
@ -93,14 +93,14 @@ class core_userkey_manager_test extends \advanced_testcase {
$this->config->iprestriction = true;
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$this->assertEquals($value, $actualkey->value);
$this->assertEquals($this->user->id, $actualkey->userid);
$this->assertEquals('auth/userkey', $actualkey->script);
$this->assertEquals('auth/jwt', $actualkey->script);
$this->assertEquals($this->user->id, $actualkey->instance);
$this->assertEquals('192.168.1.1', $actualkey->iprestriction);
$this->assertEquals(time() + 60, $actualkey->validuntil);
@ -113,14 +113,14 @@ class core_userkey_manager_test extends \advanced_testcase {
global $DB;
$this->config->iprestriction = true;
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id, '192.168.1.3');
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$this->assertEquals($value, $actualkey->value);
$this->assertEquals($this->user->id, $actualkey->userid);
$this->assertEquals('auth/userkey', $actualkey->script);
$this->assertEquals('auth/jwt', $actualkey->script);
$this->assertEquals($this->user->id, $actualkey->instance);
$this->assertEquals('192.168.1.3', $actualkey->iprestriction);
$this->assertEquals(time() + 60, $actualkey->validuntil);
@ -134,14 +134,14 @@ class core_userkey_manager_test extends \advanced_testcase {
$this->config->iprestriction = false;
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$this->assertEquals($value, $actualkey->value);
$this->assertEquals($this->user->id, $actualkey->userid);
$this->assertEquals('auth/userkey', $actualkey->script);
$this->assertEquals('auth/jwt', $actualkey->script);
$this->assertEquals($this->user->id, $actualkey->instance);
$this->assertEquals(null, $actualkey->iprestriction);
$this->assertEquals(time() + 60, $actualkey->validuntil);
@ -156,7 +156,7 @@ class core_userkey_manager_test extends \advanced_testcase {
$this->config->iprestriction = true;
$this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16';
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id, '193.168.1.1');
$_SERVER['HTTP_CLIENT_IP'] = '193.168.1.2';
@ -177,7 +177,7 @@ class core_userkey_manager_test extends \advanced_testcase {
$this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16';
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id, '193.168.1.1');
$_SERVER['HTTP_CLIENT_IP'] = '193.168.1.1';
@ -196,7 +196,7 @@ class core_userkey_manager_test extends \advanced_testcase {
$this->config->ipwhitelist = '10.0.0.0/8;172.16.0.0/12;192.168.0.0/16';
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id, '192.168.1.1');
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.2';
@ -213,14 +213,14 @@ class core_userkey_manager_test extends \advanced_testcase {
$this->config->iprestriction = false;
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id, '192.168.1.1');
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$this->assertEquals($value, $actualkey->value);
$this->assertEquals($this->user->id, $actualkey->userid);
$this->assertEquals('auth/userkey', $actualkey->script);
$this->assertEquals('auth/jwt', $actualkey->script);
$this->assertEquals($this->user->id, $actualkey->instance);
$this->assertEquals(null, $actualkey->iprestriction);
$this->assertEquals(time() + 60, $actualkey->validuntil);
@ -234,14 +234,14 @@ class core_userkey_manager_test extends \advanced_testcase {
$this->config->iprestriction = 'string';
$_SERVER['HTTP_CLIENT_IP'] = '192.168.1.1';
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$this->assertEquals($value, $actualkey->value);
$this->assertEquals($this->user->id, $actualkey->userid);
$this->assertEquals('auth/userkey', $actualkey->script);
$this->assertEquals('auth/jwt', $actualkey->script);
$this->assertEquals($this->user->id, $actualkey->instance);
$this->assertEquals('192.168.1.1', $actualkey->iprestriction);
$this->assertEquals(time() + 60, $actualkey->validuntil);
@ -253,14 +253,14 @@ class core_userkey_manager_test extends \advanced_testcase {
public function test_create_correct_key_if_keylifetime_is_not_set() {
global $DB;
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$this->assertEquals($value, $actualkey->value);
$this->assertEquals($this->user->id, $actualkey->userid);
$this->assertEquals('auth/userkey', $actualkey->script);
$this->assertEquals('auth/jwt', $actualkey->script);
$this->assertEquals($this->user->id, $actualkey->instance);
$this->assertEquals(null, $actualkey->iprestriction);
$this->assertEquals(time() + 60, $actualkey->validuntil);
@ -274,14 +274,14 @@ class core_userkey_manager_test extends \advanced_testcase {
$this->config->keylifetime = 3000;
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$this->assertEquals($value, $actualkey->value);
$this->assertEquals($this->user->id, $actualkey->userid);
$this->assertEquals('auth/userkey', $actualkey->script);
$this->assertEquals('auth/jwt', $actualkey->script);
$this->assertEquals($this->user->id, $actualkey->instance);
$this->assertEquals(null, $actualkey->iprestriction);
$this->assertEquals(time() + 3000, $actualkey->validuntil);
@ -296,14 +296,14 @@ class core_userkey_manager_test extends \advanced_testcase {
$this->config->keylifetime = '3000';
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$this->assertEquals($value, $actualkey->value);
$this->assertEquals($this->user->id, $actualkey->userid);
$this->assertEquals('auth/userkey', $actualkey->script);
$this->assertEquals('auth/jwt', $actualkey->script);
$this->assertEquals($this->user->id, $actualkey->instance);
$this->assertEquals(null, $actualkey->iprestriction);
$this->assertEquals(time() + 3000, $actualkey->validuntil);
@ -316,7 +316,7 @@ class core_userkey_manager_test extends \advanced_testcase {
public function test_can_delete_created_key() {
global $DB;
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
$value = $manager->create_key($this->user->id);
$keys = $DB->get_records('user_private_key', array('userid' => $this->user->id));
@ -334,11 +334,11 @@ class core_userkey_manager_test extends \advanced_testcase {
public function test_can_delete_all_existing_keys() {
global $DB;
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
create_user_key('auth/userkey', $this->user->id);
create_user_key('auth/userkey', $this->user->id);
create_user_key('auth/userkey', $this->user->id);
create_user_key('auth/jwt', $this->user->id);
create_user_key('auth/jwt', $this->user->id);
create_user_key('auth/jwt', $this->user->id);
$keys = $DB->get_records('user_private_key', array('userid' => $this->user->id));
$this->assertEquals(3, count($keys));
@ -355,11 +355,11 @@ class core_userkey_manager_test extends \advanced_testcase {
public function test_create_only_one_key() {
global $DB;
$manager = new core_userkey_manager($this->config);
$manager = new core_jwt_manager($this->config);
create_user_key('auth/userkey', $this->user->id);
create_user_key('auth/userkey', $this->user->id);
create_user_key('auth/userkey', $this->user->id);
create_user_key('auth/jwt', $this->user->id);
create_user_key('auth/jwt', $this->user->id);
create_user_key('auth/jwt', $this->user->id);
$keys = $DB->get_records('user_private_key', array('userid' => $this->user->id));
$this->assertEquals(3, count($keys));

View file

@ -14,11 +14,11 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace auth_userkey;
namespace auth_jwt;
use advanced_testcase;
use webservice_access_exception;
use auth_userkey_external;
use auth_jwt_external;
use external_api;
use invalid_parameter_exception;
use required_capability_exception;
@ -27,10 +27,10 @@ use context_system;
/**
* Tests for externallib.php.
*
* @covers \auth_userkey_external
* @covers \auth_jwt_external
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class externallib_test extends advanced_testcase {
@ -48,7 +48,7 @@ class externallib_test extends advanced_testcase {
global $CFG;
require_once($CFG->libdir . "/externallib.php");
require_once($CFG->dirroot . '/auth/userkey/externallib.php');
require_once($CFG->dirroot . '/auth/jwt/externallib.php');
$this->resetAfterTest();
@ -70,11 +70,11 @@ class externallib_test extends advanced_testcase {
);
$this->expectException(webservice_access_exception::class);
$this->expectExceptionMessage('Access control exception (The userkey authentication plugin is disabled.)');
$this->expectExceptionMessage('Access control exception (The jwt authentication plugin is disabled.)');
// Simulate the web service server.
$result = auth_userkey_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
$result = auth_jwt_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
}
/**
@ -83,7 +83,7 @@ class externallib_test extends advanced_testcase {
public function test_successful_webservice_calls() {
global $DB, $CFG;
$CFG->auth = "userkey";
$CFG->auth = "jwt";
$this->setAdminUser();
// Email.
@ -92,64 +92,64 @@ class externallib_test extends advanced_testcase {
);
// Simulate the web service server.
$result = auth_userkey_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
$result = auth_jwt_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
$this->assertTrue(is_array($result));
$this->assertTrue(key_exists('loginurl', $result));
$this->assertEquals($expectedurl, $result['loginurl']);
// Username.
set_config('mappingfield', 'username', 'auth_userkey');
set_config('mappingfield', 'username', 'auth_jwt');
$params = array(
'username' => 'username',
);
// Simulate the web service server.
$result = auth_userkey_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
$result = auth_jwt_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
$this->assertTrue(is_array($result));
$this->assertTrue(key_exists('loginurl', $result));
$this->assertEquals($expectedurl, $result['loginurl']);
// Idnumber.
set_config('mappingfield', 'idnumber', 'auth_userkey');
set_config('mappingfield', 'idnumber', 'auth_jwt');
$params = array(
'idnumber' => 'idnumber',
);
// Simulate the web service server.
$result = auth_userkey_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
$result = auth_jwt_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
$this->assertTrue(is_array($result));
$this->assertTrue(key_exists('loginurl', $result));
$this->assertEquals($expectedurl, $result['loginurl']);
// IP restriction.
set_config('iprestriction', true, 'auth_userkey');
set_config('mappingfield', 'idnumber', 'auth_userkey');
set_config('iprestriction', true, 'auth_jwt');
set_config('mappingfield', 'idnumber', 'auth_jwt');
$params = array(
'idnumber' => 'idnumber',
'ip' => '192.168.1.1',
);
// Simulate the web service server.
$result = auth_userkey_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
$result = auth_jwt_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
$this->assertTrue(is_array($result));
$this->assertTrue(key_exists('loginurl', $result));
@ -163,7 +163,7 @@ class externallib_test extends advanced_testcase {
global $CFG;
$this->setAdminUser();
$CFG->auth = "userkey";
$CFG->auth = "jwt";
$params = array(
'bla' => 'exists@test.com',
@ -172,7 +172,7 @@ class externallib_test extends advanced_testcase {
$this->expectException(invalid_parameter_exception::class);
$this->expectExceptionMessage('Invalid parameter value detected (Required field "email" is not set or empty.)');
auth_userkey_external::request_login_url($params);
auth_jwt_external::request_login_url($params);
}
/**
@ -182,9 +182,9 @@ class externallib_test extends advanced_testcase {
global $CFG;
$this->setAdminUser();
$CFG->auth = "userkey";
$CFG->auth = "jwt";
set_config('iprestriction', true, 'auth_userkey');
set_config('iprestriction', true, 'auth_jwt');
$params = array(
'email' => 'exists@test.com',
@ -193,7 +193,7 @@ class externallib_test extends advanced_testcase {
$this->expectException(invalid_parameter_exception::class);
$this->expectExceptionMessage('Invalid parameter value detected (Required parameter "ip" is not set.)');
auth_userkey_external::request_login_url($params);
auth_jwt_external::request_login_url($params);
}
/**
@ -203,7 +203,7 @@ class externallib_test extends advanced_testcase {
global $CFG;
$this->setAdminUser();
$CFG->auth = "userkey";
$CFG->auth = "jwt";
$params = array(
'email' => 'notexists@test.com',
@ -213,8 +213,8 @@ class externallib_test extends advanced_testcase {
$this->expectExceptionMessage('Invalid parameter value detected (User is not exist)');
// Simulate the web service server.
$result = auth_userkey_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
$result = auth_jwt_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
}
/**
@ -224,7 +224,7 @@ class externallib_test extends advanced_testcase {
global $CFG;
$this->setUser($this->user);
$CFG->auth = "userkey";
$CFG->auth = "jwt";
$params = array(
'email' => 'notexists@test.com',
@ -234,8 +234,8 @@ class externallib_test extends advanced_testcase {
$this->expectExceptionMessage('Sorry, but you do not currently have permissions to do that (Generate login user key)');
// Simulate the web service server.
$result = auth_userkey_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
$result = auth_jwt_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
}
/**
@ -245,11 +245,11 @@ class externallib_test extends advanced_testcase {
global $CFG, $DB;
$this->setUser($this->user);
$CFG->auth = "userkey";
$CFG->auth = "jwt";
$context = context_system::instance();
$studentrole = $DB->get_record('role', array('shortname' => 'student'), '*', MUST_EXIST);
assign_capability('auth/userkey:generatekey', CAP_ALLOW, $studentrole->id, $context->id);
assign_capability('auth/jwt:generatekey', CAP_ALLOW, $studentrole->id, $context->id);
role_assign($studentrole->id, $this->user->id, $context->id);
$params = array(
@ -257,11 +257,11 @@ class externallib_test extends advanced_testcase {
);
// Simulate the web service server.
$result = auth_userkey_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_userkey_external::request_login_url_returns(), $result);
$result = auth_jwt_external::request_login_url($params);
$result = external_api::clean_returnvalue(auth_jwt_external::request_login_url_returns(), $result);
$actualkey = $DB->get_record('user_private_key', array('userid' => $this->user->id));
$expectedurl = $CFG->wwwroot . '/auth/userkey/login.php?key=' . $actualkey->value;
$expectedurl = $CFG->wwwroot . '/auth/jwt/login.php?key=' . $actualkey->value;
$this->assertTrue(is_array($result));
$this->assertTrue(key_exists('loginurl', $result));

View file

@ -14,16 +14,16 @@
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
namespace auth_userkey;
namespace auth_jwt;
/**
* Fake userkey manager for testing.
* Fake jwt manager for testing.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
class fake_userkey_manager implements userkey_manager_interface {
class fake_jwt_manager implements jwt_manager_interface {
/**
* Create key.

View file

@ -17,8 +17,8 @@
/**
* Version details.
*
* @package auth_userkey
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net)
* @package auth_jwt
* @copyright 2016 Dmitrii Metelkin (dmitriim@catalyst-au.net), 2024 Kumi Systems e.U.
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
@ -27,6 +27,6 @@ defined('MOODLE_INTERNAL') || die;
$plugin->version = 2022081901; // The current plugin version (Date: YYYYMMDDXX).
$plugin->release = 2022081901; // Match release exactly to version.
$plugin->requires = 2017051500; // Requires Moodle 3.3 version.
$plugin->component = 'auth_userkey'; // Full name of the plugin (used for diagnostics).
$plugin->component = 'auth_jwt'; // Full name of the plugin (used for diagnostics).
$plugin->maturity = MATURITY_STABLE;
$plugin->supported = [33, 401]; // A range of branch numbers of supported moodle versions.