Commit graph

188 commits

Author SHA1 Message Date
a757e87eff
fix(auth): relax parameter validation in JWT login
Some checks failed
ci / ci (push) Failing after 0s
Changed the validation for the 'key' parameter from ALPHANUM to RAW in the JWT login method. This allows more flexible key formats, accommodating a wider range of authentication schemes. Ensure existing keys are compatible with the broader validation.
2024-06-25 22:00:16 +02:00
92ed01adc5
fix(jwt): log decode errors for better debugging
Some checks failed
ci / ci (push) Failing after 0s
Added error logging to capture JWT decode exceptions, aiding in pinpointing issues during authentication. This change improves troubleshooting and enhances the overall robustness of the JWT handling process.
2024-06-25 19:37:22 +02:00
5ae53cfc14
fix: update JWT decode method to use Key object
Some checks failed
ci / ci (push) Failing after 0s
Modified the JWT::decode method to use the Key object for decoding JWTs. This enhances security by explicitly specifying the algorithm used (HS256) and aligns with recent updates in the Firebase JWT library.
2024-06-25 19:33:02 +02:00
6b51e0bceb
feat(auth_jwt): add JWT secret key configuration
Some checks failed
ci / ci (push) Failing after 0s
Introduced new settings for JWT secret and its description to the JWT authentication plugin. The settings allow administrators to configure a secret key used for signing JWT tokens.

Also updated the plugin version to ensure proper synchronization with these changes.

Addresses setup requirements for heightened JWT security.
2024-06-25 19:26:41 +02:00
828af94032
fix(jwt): specify algorithm in encode and remove in decode
Some checks failed
ci / ci (push) Failing after 0s
Updated JWT::encode to explicitly use the HS256 algorithm for greater security. Removed redundant algorithm specification in JWT::decode for improved consistency and simplicity. This ensures the JWT operations follow expected standards and enhances maintainability.
2024-06-25 19:23:13 +02:00
dbcf9bebc3
refactor(auth_jwt): update terminology from user key to JWT
Some checks failed
ci / ci (push) Failing after 0s
Aligned terminology with JWT standards by changing references from "user key" to "JWT" for better clarity and consistency. This enhances understanding for developers and users familiar with JWT (JSON Web Token) authentication, ensuring the plugin's description and functionality are clear.
2024-06-25 18:24:00 +02:00
863cb55ee3
fix: correct path to autoload file using __DIR__ constant
Some checks failed
ci / ci (push) Failing after 0s
Switched from relative path to using __DIR__ constant for requiring vendor/autoload.php. This ensures correct file inclusion regardless of the script's execution context, preventing potential loading issues.
2024-06-25 18:10:19 +02:00
9f7053ae3d
feat: integrate Firebase PHP-JWT library
Some checks failed
ci / ci (push) Failing after 0s
Added composer configuration files to manage dependencies. Installed and configured the Firebase PHP-JWT library to handle JWT encoding and decoding. This enhancement aims to streamline JWT operations within the project.

Also updated .gitignore to exclude Composer artifacts.
2024-06-25 18:04:16 +02:00
9a87e9a496
refactor(auth): rename auth_userkey to auth_jwt
Some checks failed
ci / ci (push) Failing after 0s
Rebranded the auth_userkey plugin to auth_jwt, including changes to namespace, class names, and configuration settings to reflect the new jwt-based authentication mechanism. Updated copyright notices and contact information accordingly. This refactoring also includes the introduction of JWT token management using the Firebase JWT library, replacing the user quick keys.
2024-06-25 12:00:04 +02:00
Dmitrii Metelkin
9c9266a826
Merge pull request #101 from StudiUM/fix-unit-tests
Fix unit tests in auth_plugin_test.php
2023-12-07 08:59:09 +11:00
Gurvan Giboire
87a5ef0110 fix upper case self 2023-12-06 08:07:24 -05:00
Gurvan Giboire
31d230dfe6 Fix unit tests in auth_plugin_test.php 2023-12-05 11:50:56 -05:00
David Silva
cd7159628a
Issue #97: Fix for open redirect in logout function (#99)
* Fix for open redirect in logout function

* modified to PARAM_LOCALURL
2023-11-11 21:25:34 +11:00
Tonto Baffour
c370cb1bee
Update README.md (#94)
* Update README.md

userkey authentication plugin must be enabled before usage

* Update README.md

enable plugin configuration steps added

* Update README.md

removed unneeded step 9

* Update README.md

numbering order changed
2023-08-17 08:13:17 +10:00
Dmitrii Metelkin
e60e6d4705 Version bump 2022-08-19 11:52:45 +10:00
Dmitrii Metelkin
5524e1c469
Merge pull request #83 from catalyst/more-ci
More ci fixes
2022-08-19 11:46:26 +10:00
Dmitrii Metelkin
4ab1cdc81d Update @covers annotation 2022-08-19 11:37:34 +10:00
Dmitrii Metelkin
992ecf4c5f Fix minor CI complains 2022-08-19 11:18:20 +10:00
Dmitrii Metelkin
a3014530ac Add @covers to all tests 2022-08-19 11:16:11 +10:00
Dmitrii Metelkin
39949b5950
Merge pull request #82 from catalyst/bumpversion
Bump supported version
2022-08-19 11:11:35 +10:00
Dmitrii Metelkin
41f1744ab5 Bump supported version 2022-08-19 11:02:20 +10:00
Dmitrii Metelkin
61b624aa80
Merge pull request #81 from catalyst/move-tests
Move test files
2022-08-19 10:59:18 +10:00
Dmitrii Metelkin
55fdbb0ea0 Move test files 2022-08-19 10:57:38 +10:00
Dmitrii Metelkin
46f9c4b8d1
Merge pull request #80 from catalyst/fix-ci
Fix ci
2022-08-19 10:48:37 +10:00
Dmitrii Metelkin
d8cd368159 Remove whitespace 2022-08-19 10:38:16 +10:00
Dmitrii Metelkin
b2d2adad55 Fix doc issues 2022-08-19 10:26:23 +10:00
Dmitrii Metelkin
78ec637899 Replace deprecated annotations 2022-08-19 10:08:02 +10:00
Dmitrii Metelkin
0341b05f99 Replace deprecated print_error calls 2022-08-19 10:06:19 +10:00
Dmitrii Metelkin
b07d17fbee Remove whitespace 2022-08-19 09:19:01 +10:00
Dmitrii Metelkin
596bb69e71
Merge pull request #69 from miguelurtado/patch-1
Display locking profile fields
2022-08-19 08:56:41 +10:00
Dmitrii Metelkin
2366e41799
Merge pull request #75 from catalyst/reusing-workflows
Add reusable workflows
2022-06-03 16:55:07 +10:00
Dmitrii Metelkin
c2cb337a88 Support only till 3.10 2022-06-03 16:54:50 +10:00
Dmitrii Metelkin
e8acf6b503 Fix declaration issue in unit tests 2022-06-03 16:44:24 +10:00
Dmitrii Metelkin
b2693a7b6f Use the letest version of workflows 2022-06-03 16:36:36 +10:00
Dmitrii Metelkin
a873d6f20d
Merge pull request #74 from ni-ght/Enhancement-added-"Using"-step-to-"README.md"-Authorise-the-"web-service"-user
Update README.md
2022-01-17 14:48:41 +11:00
Anupama Dharmajan
f77ac17111 Fix codechecker errors 2022-01-17 08:44:01 +11:00
Anupama Dharmajan
502564a88c Update readme file and bump version number 2022-01-17 08:14:52 +11:00
Anupama Dharmajan
0b39d5fc00 Add reusable workflows 2022-01-17 08:14:38 +11:00
ni-ght
39b7aa33e1
Update README.md
Added "Using" step: Authorise the "web service" user.
2021-12-14 12:47:52 +01:00
Miguel Urtado
86c72529f6
Display locking profile fields
Display locking / mapping of profile fields
2021-09-02 00:19:38 -03:00
Dmitrii Metelkin
4e151b4223
Merge pull request #52 from catalyst/logout
Implement logout functionality
2020-05-08 23:18:30 +10:00
Dmitrii Metelkin
e77e47fc94 Version bump 2020-05-08 23:14:43 +10:00
Dmitrii Metelkin
650c772707 Implement logout functionality 2020-05-08 22:57:13 +10:00
Dmitrii Metelkin
2038257a9e
Merge pull request #51 from catalyst/update
Update plugin for the latest Moodle
2020-05-08 19:40:37 +10:00
Dmitrii Metelkin
0ae1e389b3 Version bump 2020-05-08 19:40:04 +10:00
Dmitrii Metelkin
5a3cd5867f Fix test names of test functions 2020-05-08 19:39:22 +10:00
Dmitrii Metelkin
ac8c1c6cda Modify exclusions in travis 2020-05-08 18:12:53 +10:00
Dmitrii Metelkin
4ed8bc9c3c Remove phpcpd from travis 2020-05-08 17:47:02 +10:00
Dmitrii Metelkin
a9fa45b6d4 Remove empty line 2020-05-08 17:43:30 +10:00
Dmitrii Metelkin
de5cfdab7e Make sure that we check HTTP_CLIENT_IP first 2020-05-08 17:22:13 +10:00