/**
* Constructor.
*
* @throws \moodle_exception
* @return void
*/
public function __construct()
{
if (!($this->config = get_config('search_solr'))) {
throw new \moodle_exception('missingconfig', 'search_solr');
}
if (empty($this->config->server_hostname) || empty($this->config->indexname)) {
throw new \moodle_exception('missingconfig', 'search_solr');
}
$this->engine = new engine();
$this->curl = $this->engine->get_curl_object();
// HTTP headers.
$this->curl->setHeader('Content-type: application/json');
}
public function setup_oauth_http_header($params)
{
$total = array();
ksort($params);
foreach ($params as $k => $v) {
$total[] = rawurlencode($k) . '="' . rawurlencode($v) . '"';
}
$str = implode(', ', $total);
$str = 'Authorization: OAuth ' . $str;
$this->http->setHeader('Expect:');
$this->http->setHeader($str);
}
/**
* Constructor.
*
* @throws \moodle_exception
* @return void
*/
public function __construct()
{
if (!($this->config = get_config('search_solr'))) {
throw new \moodle_exception('missingconfig', 'search_solr');
}
if (empty($this->config->server_hostname) || empty($this->config->indexname)) {
throw new \moodle_exception('missingconfig', 'search_solr');
}
$this->curl = new \curl();
// HTTP headers.
$this->curl->setHeader('Content-type: application/json');
if (!empty($this->config->server_username) && !empty($this->config->server_password)) {
$authorization = $this->config->server_username . ':' . $this->config->server_password;
$this->curl->setHeader('Authorization', 'Basic ' . base64_encode($authorization));
}
$this->url = rtrim($this->config->server_hostname, '/');
if (!empty($this->config->server_port)) {
$this->url .= ':' . $this->config->server_port;
}
$this->url .= '/solr/' . $this->config->indexname;
$this->schemaurl = $this->url . '/schema';
}
/**
* Processes the message and sends a notification via airnotifier
*
* @param stdClass $eventdata the event data submitted by the message sender plus $eventdata->savedmessageid
* @return true if ok, false if error
*/
public function send_message($eventdata)
{
global $CFG;
require_once $CFG->libdir . '/filelib.php';
if (!empty($CFG->noemailever)) {
// Hidden setting for development sites, set in config.php if needed.
debugging('$CFG->noemailever active, no airnotifier message sent.', DEBUG_MINIMAL);
return true;
}
// Skip any messaging suspended and deleted users.
if ($eventdata->userto->auth === 'nologin' or $eventdata->userto->suspended or $eventdata->userto->deleted) {
return true;
}
// Site id, to map with Moodle Mobile stored sites.
$siteid = md5($CFG->wwwroot . $eventdata->userto->username);
// Airnotifier can handle custom requests using processors (that are Airnotifier plugins).
// In the extra parameter we indicate which processor to use and also additional data to be handled by the processor.
// Here we clone the eventdata object because will be deleting/adding attributes.
$extra = clone $eventdata;
// Delete attributes that may content private information.
if (!empty($eventdata->userfrom)) {
$extra->userfromid = $eventdata->userfrom->id;
$extra->userfromfullname = fullname($eventdata->userfrom);
unset($extra->userfrom);
}
$extra->usertoid = $eventdata->userto->id;
unset($extra->userto);
$extra->processor = 'moodle';
$extra->site = $siteid;
$extra->date = !empty($eventdata->timecreated) ? $eventdata->timecreated : time();
$extra->notification = !empty($eventdata->notification) ? 1 : 0;
// We are sending to message to all devices.
$airnotifiermanager = new message_airnotifier_manager();
$devicetokens = $airnotifiermanager->get_user_devices($CFG->airnotifiermobileappname, $eventdata->userto->id);
foreach ($devicetokens as $devicetoken) {
if (!$devicetoken->enable) {
continue;
}
// Sending the message to the device.
$serverurl = $CFG->airnotifierurl . ':' . $CFG->airnotifierport . '/api/v2/push/';
$header = array('Accept: application/json', 'X-AN-APP-NAME: ' . $CFG->airnotifierappname, 'X-AN-APP-KEY: ' . $CFG->airnotifieraccesskey);
$curl = new curl();
$curl->setHeader($header);
$params = array('device' => $devicetoken->platform, 'token' => $devicetoken->pushid, 'extra' => $extra);
// JSON POST raw body request.
$resp = $curl->post($serverurl, json_encode($params));
}
return true;
}
public function post()
{
global $CFG;
$success = false;
if (!empty($CFG->enable_user_sync_post)) {
require_once dirname(__FILE__) . '/lib/curl.php';
$curl = new curl();
$curl->setHeader('x-access-token: ' . $CFG->user_sync_post_token);
$parameters = array('starttime' => $this->starttime * 1000, 'endtime' => $this->endtime * 1000, 'status' => $this->status, 'message' => $this->postmessage . "\n" . ($this->log ? $this->subject . "\n" . $this->log : ''));
$result = $curl->post("http://mcp.srv.ualberta.ca/user/sync/send", $parameters);
if ($curl->error) {
echo 'curl error! ' . var_export($curl->info, true);
echo 'POST result:' . $result;
$success = false;
} else {
$success = true;
}
}
return $success;
}
function sendOAuthBodyPOST($method, $endpoint, $oauth_consumer_key, $oauth_consumer_secret, $content_type, $body)
{
$hash = base64_encode(sha1($body, TRUE));
$parms = array('oauth_body_hash' => $hash);
$test_token = '';
$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
$test_consumer = new OAuthConsumer($oauth_consumer_key, $oauth_consumer_secret, NULL);
$acc_req = OAuthRequest::from_consumer_and_token($test_consumer, $test_token, $method, $endpoint, $parms);
$acc_req->sign_request($hmac_method, $test_consumer, $test_token);
// Pass this back up "out of band" for debugging
global $LastOAuthBodyBaseString;
$LastOAuthBodyBaseString = $acc_req->get_signature_base_string();
// echo($LastOAuthBodyBaseString."\m");
$headers = array();
$headers[] = $acc_req->to_header();
$headers[] = "Content-type: " . $content_type;
$curl = new \curl();
$curl->setHeader($headers);
$response = $curl->post($endpoint, $body);
return $response;
}
public function curl_request($action, $collection = null)
{
$curl = new curl();
switch ($action) {
case 'user':
$url = $this->backpack . "/displayer/convert/email";
$param = array('email' => $this->email);
break;
case 'groups':
$url = $this->backpack . '/displayer/' . $this->backpackuid . '/groups.json';
break;
case 'badges':
$url = $this->backpack . '/displayer/' . $this->backpackuid . '/group/' . $collection . '.json';
break;
}
$curl->setHeader(array('Accept: application/json', 'Expect:'));
$options = array('FRESH_CONNECT' => true, 'RETURNTRANSFER' => true, 'FORBID_REUSE' => true, 'HEADER' => 0, 'CONNECTTIMEOUT' => 3, 'CURLOPT_POSTREDIR' => 3);
if ($action == 'user') {
$out = $curl->post($url, $param, $options);
} else {
$out = $curl->get($url, array(), $options);
}
return json_decode($out);
}
/**
* Fetches content of file from Internet (using proxy if defined). Uses cURL extension if present.
* Due to security concerns only downloads from http(s) sources are supported.
*
* @category files
* @param string $url file url starting with http(s)://
* @param array $headers http headers, null if none. If set, should be an
* associative array of header name => value pairs.
* @param array $postdata array means use POST request with given parameters
* @param bool $fullresponse return headers, responses, etc in a similar way snoopy does
* (if false, just returns content)
* @param int $timeout timeout for complete download process including all file transfer
* (default 5 minutes)
* @param int $connecttimeout timeout for connection to server; this is the timeout that
* usually happens if the remote server is completely down (default 20 seconds);
* may not work when using proxy
* @param bool $skipcertverify If true, the peer's SSL certificate will not be checked.
* Only use this when already in a trusted location.
* @param string $tofile store the downloaded content to file instead of returning it.
* @param bool $calctimeout false by default, true enables an extra head request to try and determine
* filesize and appropriately larger timeout based on $CFG->curltimeoutkbitrate
* @return stdClass|string|bool stdClass object if $fullresponse is true, false if request failed, true
* if file downloaded into $tofile successfully or the file content as a string.
*/
function download_file_content($url, $headers = null, $postdata = null, $fullresponse = false, $timeout = 300, $connecttimeout = 20, $skipcertverify = false, $tofile = NULL, $calctimeout = false)
{
global $CFG;
// Only http and https links supported.
if (!preg_match('|^https?://|i', $url)) {
if ($fullresponse) {
$response = new stdClass();
$response->status = 0;
$response->headers = array();
$response->response_code = 'Invalid protocol specified in url';
$response->results = '';
$response->error = 'Invalid protocol specified in url';
return $response;
} else {
return false;
}
}
$options = array();
$headers2 = array();
if (is_array($headers)) {
foreach ($headers as $key => $value) {
if (is_numeric($key)) {
$headers2[] = $value;
} else {
$headers2[] = "{$key}: {$value}";
}
}
}
if ($skipcertverify) {
$options['CURLOPT_SSL_VERIFYPEER'] = false;
} else {
$options['CURLOPT_SSL_VERIFYPEER'] = true;
}
$options['CURLOPT_CONNECTTIMEOUT'] = $connecttimeout;
$options['CURLOPT_FOLLOWLOCATION'] = 1;
$options['CURLOPT_MAXREDIRS'] = 5;
// Use POST if requested.
if (is_array($postdata)) {
$postdata = format_postdata_for_curlcall($postdata);
} else {
if (empty($postdata)) {
$postdata = null;
}
}
// Optionally attempt to get more correct timeout by fetching the file size.
if (!isset($CFG->curltimeoutkbitrate)) {
// Use very slow rate of 56kbps as a timeout speed when not set.
$bitrate = 56;
} else {
$bitrate = $CFG->curltimeoutkbitrate;
}
if ($calctimeout and !isset($postdata)) {
$curl = new curl();
$curl->setHeader($headers2);
$curl->head($url, $postdata, $options);
$info = $curl->get_info();
$error_no = $curl->get_errno();
if (!$error_no && $info['download_content_length'] > 0) {
// No curl errors - adjust for large files only - take max timeout.
$timeout = max($timeout, ceil($info['download_content_length'] * 8 / ($bitrate * 1024)));
}
}
$curl = new curl();
$curl->setHeader($headers2);
$options['CURLOPT_RETURNTRANSFER'] = true;
$options['CURLOPT_NOBODY'] = false;
$options['CURLOPT_TIMEOUT'] = $timeout;
if ($tofile) {
$fh = fopen($tofile, 'w');
if (!$fh) {
if ($fullresponse) {
$response = new stdClass();
$response->status = 0;
$response->headers = array();
$response->response_code = 'Can not write to file';
$response->results = false;
$response->error = 'Can not write to file';
return $response;
} else {
return false;
}
}
$options['CURLOPT_FILE'] = $fh;
}
if (isset($postdata)) {
$content = $curl->post($url, $postdata, $options);
} else {
$content = $curl->get($url, null, $options);
}
if ($tofile) {
fclose($fh);
@chmod($tofile, $CFG->filepermissions);
}
/*
// Try to detect encoding problems.
if ((curl_errno($ch) == 23 or curl_errno($ch) == 61) and defined('CURLOPT_ENCODING')) {
curl_setopt($ch, CURLOPT_ENCODING, 'none');
$result = curl_exec($ch);
}
*/
$info = $curl->get_info();
$error_no = $curl->get_errno();
$rawheaders = $curl->get_raw_response();
if ($error_no) {
$error = $content;
if (!$fullresponse) {
debugging("cURL request for \"{$url}\" failed with: {$error} ({$error_no})", DEBUG_ALL);
return false;
}
$response = new stdClass();
if ($error_no == 28) {
$response->status = '-100';
// Mimic snoopy.
} else {
$response->status = '0';
}
$response->headers = array();
$response->response_code = $error;
$response->results = false;
$response->error = $error;
return $response;
}
if ($tofile) {
$content = true;
}
if (empty($info['http_code'])) {
// For security reasons we support only true http connections (Location: file:// exploit prevention).
$response = new stdClass();
$response->status = '0';
$response->headers = array();
$response->response_code = 'Unknown cURL error';
$response->results = false;
// do NOT change this, we really want to ignore the result!
$response->error = 'Unknown cURL error';
} else {
$response = new stdClass();
$response->status = (string) $info['http_code'];
$response->headers = $rawheaders;
$response->results = $content;
$response->error = '';
// There might be multiple headers on redirect, find the status of the last one.
$firstline = true;
foreach ($rawheaders as $line) {
if ($firstline) {
$response->response_code = $line;
$firstline = false;
}
if (trim($line, "\r\n") === '') {
$firstline = true;
}
}
}
if ($fullresponse) {
return $response;
}
if ($info['http_code'] != 200) {
debugging("cURL request for \"{$url}\" failed, HTTP response code: " . $response->response_code, DEBUG_ALL);
return false;
}
return $response->results;
}
public function test_curl_post()
{
$testurl = $this->getExternalTestFileUrl('/test_post.php');
// Test post request.
$curl = new curl();
$contents = $curl->post($testurl, 'data=moodletest');
$response = $curl->getResponse();
$this->assertSame('200 OK', reset($response));
$this->assertSame(0, $curl->get_errno());
$this->assertSame('OK', $contents);
// Test 100 requests.
$curl = new curl();
$curl->setHeader('Expect: 100-continue');
$contents = $curl->post($testurl, 'data=moodletest');
$response = $curl->getResponse();
$this->assertSame('200 OK', reset($response));
$this->assertSame(0, $curl->get_errno());
$this->assertSame('OK', $contents);
}
/**
* Send an API request to Google.
*
* This method overwrite the parent one so that the Google SDK will use our class
* curl to proceed with the requests. This allows us to have control over the
* proxy parameters and other stuffs.
*
* Note that the caching support of the Google SDK has been removed from this function.
*
* @param Google_HttpRequest $request the http request to be executed
* @return Google_HttpRequest http request with the response http code, response
* headers and response body filled in
* @throws Google_IOException on curl or IO error
*/
public function makeRequest(Google_HttpRequest $request)
{
if (array_key_exists($request->getRequestMethod(), self::$ENTITY_HTTP_METHODS)) {
$request = $this->processEntityRequest($request);
}
$curl = new curl();
$curl->setopt($this->curlParams);
$curl->setopt(array('CURLOPT_URL' => $request->getUrl()));
$requestHeaders = $request->getRequestHeaders();
if ($requestHeaders && is_array($requestHeaders)) {
$parsed = array();
foreach ($requestHeaders as $k => $v) {
$parsed[] = "{$k}: {$v}";
}
$curl->setHeader($parsed);
}
$curl->setopt(array('CURLOPT_CUSTOMREQUEST' => $request->getRequestMethod(), 'CURLOPT_USERAGENT' => $request->getUserAgent()));
$respdata = $this->do_request($curl, $request);
// Retry if certificates are missing.
if ($curl->get_errno() == CURLE_SSL_CACERT) {
error_log('SSL certificate problem, verify that the CA cert is OK.' . ' Retrying with the CA cert bundle from google-api-php-client.');
$curl->setopt(array('CURLOPT_CAINFO' => dirname(__FILE__) . '/io/cacerts.pem'));
$respdata = $this->do_request($curl, $request);
}
$infos = $curl->get_info();
$respheadersize = $infos['header_size'];
$resphttpcode = (int) $infos['http_code'];
$curlerrornum = $curl->get_errno();
$curlerror = $curl->error;
if ($curlerrornum != CURLE_OK) {
throw new Google_IOException("HTTP Error: ({$resphttpcode}) {$curlerror}");
}
// Parse out the raw response into usable bits.
list($responseHeaders, $responseBody) = self::parseHttpResponse($respdata, $respheadersize);
// Fill in the apiHttpRequest with the response values.
$request->setResponseHttpCode($resphttpcode);
$request->setResponseHeaders($responseHeaders);
$request->setResponseBody($responseBody);
return $request;
}
/**
*
* @param string $xml
* @param array $aditional_params
* @return mixed
*/
function block_intuitel_submit_to_intuitel($xml, $aditional_params = array())
{
$intuitelEndPoint = block_intuitel_get_service_endpoint();
//debugging('connecting to: '.$intuitelEndPoint,DEBUG_DEVELOPER);
$rest_client = new curl();
$rest_client->setHeader(array('Content-Type: application/xml'));
$return = $rest_client->post($intuitelEndPoint, $xml, ['CURLOPT_POST' => true, 'CURLOPT_RETURNTRANSFER' => true, 'CURLOPT_TIMEOUT' => 120]);
$info = $rest_client->info;
if ($info['http_code'] != 200) {
throw new ProtocolErrorException('Intuitel Service did not respond correctly. Please report to the administrator. Error code:' . $info['http_code'] . ' Cause:' . $rest_client->error . ' Response:' . $return, $info['http_code']);
}
return $return;
}
/**
* @link http://docs.moodle.org/dev/Authentication_plugins#loginpage_hook.28.29
*
* Hook for overriding behaviour of login page.
* Another auth hook. Process login if $authorizationcode is defined in OAuth url.
* Makes cURL POST/GET request to social webservice and fill response data to Moodle user.
* We check access tokens in cookies, if the ones exists - get it from $_COOKIE, if no - setcookie
*
* @uses $SESSION, $CFG, $DB core global objects/variables
* @return void or @moodle_exception if OAuth request returns error or fail
*
* @author Igor Sazonov ( @tigusigalpa )
*/
function loginpage_hook()
{
global $SESSION, $CFG, $DB;
$access_token = false;
$authorizationcode = optional_param('oauthcode', '', PARAM_TEXT);
// get authorization code from url
if (!empty($authorizationcode)) {
$authprovider = required_param('authprovider', PARAM_TEXT);
// get authorization provider (webservice name)
$hack_authprovider = $authprovider == 'yahoo1' || $authprovider == 'yahoo2' ? 'yahoo' : $authprovider;
$config_field_str = 'auth_lenauth_' . $hack_authprovider . '_social_id_field';
$this->_field_shortname = $this->_oauth_config->{$config_field_str};
$this->_field_id = $this->_lenauth_get_fieldid();
$params = array();
// params to generate data for token request
$encode_params = true;
$code = true;
$redirect_uri = true;
$curl_header = false;
$curl_options = array();
//if we have access_token in $_COOKIE, so do not need to make request fot the one
$this->_send_oauth_request = !isset($_COOKIE[$authprovider]['access_token']) ? true : false;
//if service is not enabled, why should we make request? hack protect. maybe
$enabled_str = 'auth_lenauth_' . $hack_authprovider . '_enabled';
if (empty($this->_oauth_config->{$enabled_str})) {
throw new moodle_exception('Service not enabled in your LenAuth Settings', 'auth_lenauth');
}
switch ($authprovider) {
case 'facebook':
/**
* @link https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.0#exchangecode
*/
$params['client_id'] = $this->_oauth_config->auth_lenauth_facebook_app_id;
$params['client_secret'] = $this->_oauth_config->auth_lenauth_facebook_app_secret;
break;
case 'google':
/**
* @link https://developers.google.com/accounts/docs/OAuth2Login#exchangecode
*/
$params['client_id'] = $this->_oauth_config->auth_lenauth_google_client_id;
$params['client_secret'] = $this->_oauth_config->auth_lenauth_google_client_secret;
$params['grant_type'] = $this->_settings[$authprovider]['grant_type'];
break;
case 'yahoo1':
if (!isset($_COOKIE[$authprovider]['access_token']) && !isset($_COOKIE[$authprovider]['oauth_verifier'])) {
$params = array_merge($this->_lenauth_yahoo_request_array($this->_oauth_config->auth_lenauth_yahoo_consumer_secret . '&'), array('oauth_callback' => $this->_lenauth_redirect_uri($authprovider)));
$code = false;
$redirect_uri = false;
$this->_send_oauth_request = isset($_REQUEST['oauth_token'], $_REQUEST['oauth_verifier']) ? false : true;
$oauth_verifier = false;
// yahoo =))
if (!$this->_send_oauth_request && isset($SESSION->yahoo_expires) && !empty($SESSION->yahoo_expires)) {
$access_token = $SESSION->yahoo_access_token = optional_param('oauth_token', '', PARAM_TEXT);
setcookie($authprovider . '[access_token]', $access_token, time() + $SESSION->yahoo_expires);
$oauth_verifier = $SESSION->yahoo_oauth_verifier = optional_param('oauth_verifier', '', PARAM_TEXT);
setcookie($authprovider . '[oauth_verifier]', $oauth_verifier, time() + $SESSION->yahoo_expires);
} else {
}
} else {
$this->_send_oauth_request = false;
}
break;
case 'yahoo2':
$params['grant_type'] = $this->_settings[$authprovider]['grant_type'];
$curl_options = array('USERPWD' => $this->_oauth_config->auth_lenauth_yahoo_consumer_key . ':' . $this->_oauth_config->auth_lenauth_yahoo_consumer_secret);
break;
case 'twitter':
if (!empty($this->_oauth_config->auth_lenauth_twitter_enabled)) {
if (!isset($_COOKIE[$authprovider]['access_token'])) {
$params = array_merge($this->_lenauth_twitter_request_array($this->_oauth_config->auth_lenauth_twitter_consumer_secret . '&'), array('oauth_callback' => $this->_lenauth_redirect_uri($authprovider)));
$code = false;
$redirect_uri = false;
$this->_send_oauth_request = isset($_REQUEST['oauth_token'], $_REQUEST['oauth_verifier']) ? false : true;
$oauth_verifier = false;
if (!$this->_send_oauth_request && isset($_COOKIE[$authprovider]['oauth_token_secret'])) {
$access_token = $SESSION->twitter_access_token = optional_param('oauth_token', '', PARAM_TEXT);
setcookie($authprovider . '[access_token]', $access_token, time() + $this->_settings[$authprovider]['expire'], '/');
$oauth_verifier = $SESSION->twitter_oauth_verifier = optional_param('oauth_verifier', '', PARAM_TEXT);
setcookie($authprovider . '[oauth_verifier]', $oauth_verifier, time() + $this->_settings[$authprovider]['expire'], '/');
} else {
$curl_header = $this->_lenauth_set_twitter_header($params);
}
//$curl_header = $this->_lenauth_set_twitter_header($params, $access_token/*, $oauth_token_secret = false*/);
/*$curl_options = array(
'CURLOPT_RETURNTRANSFER' => true,
'CURLOPT_FOLLOWLOCATION' => true
);
if ( !empty( $params['oauth_callback'] ) ) {
$curl_options['CURLOPT_POSTFIELDS'] = http_build_query( array() );
}*/
//TWITTER IS GOOD!!
$encode_params = false;
} else {
$this->_send_oauth_request = false;
}
}
break;
case 'vk':
/**
* @link http://vk.com/dev/auth_sites
*/
$params['client_id'] = $this->_oauth_config->auth_lenauth_vk_app_id;
$params['client_secret'] = $this->_oauth_config->auth_lenauth_vk_app_secret;
break;
case 'yandex':
$params['grant_type'] = $this->_settings[$authprovider]['grant_type'];
$params['client_id'] = $this->_oauth_config->auth_lenauth_yandex_app_id;
$params['client_secret'] = $this->_oauth_config->auth_lenauth_yandex_app_password;
break;
case 'mailru':
$params['client_id'] = $this->_oauth_config->auth_lenauth_mailru_site_id;
$params['client_secret'] = $this->_oauth_config->auth_lenauth_mailru_client_secret;
$params['grant_type'] = $this->_settings[$authprovider]['grant_type'];
break;
//odnoklassniki.ru was wrote by school programmers at 1st class and it not used mojority. bye-bye!
/*case 'ok':
$params['client_id'] = $this->_oauth_config->ok_app_id;
$params['client_secret'] = $this->_oauth_config->ok_secret_key;
break;*/
//odnoklassniki.ru was wrote by school programmers at 1st class and it not used mojority. bye-bye!
/*case 'ok':
$params['client_id'] = $this->_oauth_config->ok_app_id;
$params['client_secret'] = $this->_oauth_config->ok_secret_key;
break;*/
default:
// if authorization provider is wrong
throw new moodle_exception('Unknown OAuth Provider', 'auth_lenauth');
}
// url for catch token value
// exception for Yahoo OAuth, because it like..
if ($code) {
$params['code'] = $authorizationcode;
}
if ($redirect_uri) {
$params['redirect_uri'] = $this->_lenauth_redirect_uri($authprovider);
}
//require cURL from Moodle core
require_once $CFG->libdir . '/filelib.php';
// requires library with cURL class
$curl = new curl();
//hack for twitter and Yahoo
if (!empty($curl_options) && is_array($curl_options)) {
$curl->setopt($curl_options);
}
$curl->resetHeader();
// clean cURL header from garbage
//Twitter and Yahoo has an own cURL headers, so let them to be!
if (!$curl_header) {
$curl->setHeader('Content-Type: application/x-www-form-urlencoded');
} else {
$curl->setHeader($curl_header);
}
// cURL REQUEST for tokens if we hasnt it in $_COOKIE
if ($this->_send_oauth_request) {
if ($this->_curl_type == 'post') {
$curl_tokens_values = $curl->post($this->_settings[$authprovider]['request_token_url'], $encode_params ? $this->_generate_query_data($params) : $params);
} else {
$curl_tokens_values = $curl->get($this->_settings[$authprovider]['request_token_url'] . '?' . ($encode_params ? $this->_generate_query_data($params) : $params));
}
}
// check for token response
if (!empty($curl_tokens_values) || !$this->_send_oauth_request) {
$token_values = array();
// parse token values
switch ($authprovider) {
case 'facebook':
if ($this->_send_oauth_request || !isset($_COOKIE[$authprovider]['access_token'])) {
parse_str($curl_tokens_values, $token_values);
$expires = $token_values['expires'];
//5183999 = 2 months
$access_token = $token_values['access_token'];
if (!empty($expires) && !empty($access_token)) {
setcookie($authprovider . '[access_token]', $access_token, time() + $expires, '/');
} else {
throw new moodle_exception('Can not get access for "access_token" or/and "expires" params after request', 'auth_lenauth');
}
} else {
if (isset($_COOKIE[$authprovider]['access_token'])) {
$access_token = $_COOKIE[$authprovider]['access_token'];
} else {
throw new moodle_exception('Someting wrong, maybe expires', 'auth_lenauth');
}
}
break;
case 'google':
if ($this->_send_oauth_request || !isset($_COOKIE[$authprovider]['access_token'])) {
$token_values = json_decode($curl_tokens_values, true);
$expires = $token_values['expires_in'];
//3600 = 1 hour
$access_token = $token_values['access_token'];
if (!empty($access_token) && !empty($expires)) {
setcookie($authprovider . '[access_token]', $access_token, time() + $expires, '/');
} else {
throw new moodle_exception('Can not get access for "access_token" or/and "expires" params after request', 'auth_lenauth');
}
} else {
if (isset($_COOKIE[$authprovider]['access_token'])) {
$access_token = $_COOKIE[$authprovider]['access_token'];
} else {
throw new moodle_exception('Someting wrong, maybe expires', 'auth_lenauth');
}
}
break;
case 'yahoo1':
if ($this->_send_oauth_request || !isset($_COOKIE[$authprovider]['oauth_token_secret'])) {
parse_str($curl_tokens_values, $token_values);
$expires = $SESSION->yahoo_expires = $token_values['oauth_expires_in'];
//3600 = 1 hour
$access_token = $SESSION->yahoo_access_token = $token_values['oauth_token'];
setcookie($authprovider . '[oauth_token_secret]', $token_values['oauth_token_secret'], time() + $SESSION->yahoo_expires);
$xoauth_request_auth_url = $token_values['xoauth_request_auth_url'];
} else {
if (isset($_COOKIE[$authprovider]['access_token'], $_COOKIE[$authprovider]['oauth_verifier']) || isset($SESSION->yahoo_access_token, $SESSION->yahoo_oauth_verifier)) {
$access_token = isset($_COOKIE[$authprovider]['access_token']) ? $_COOKIE[$authprovider]['access_token'] : $SESSION->yahoo_access_token;
$oauth_verifier = isset($_COOKIE[$authprovider]['oauth_verifier']) ? $_COOKIE[$authprovider]['oauth_verifier'] : $SESSION->yahoo_oauth_verifier;
} else {
throw new moodle_exception('Someting wrong, maybe expires', 'auth_lenauth');
}
}
break;
case 'yahoo2':
if ($this->_send_oauth_request || !isset($_COOKIE[$authprovider]['access_token'])) {
$token_values = json_decode($curl_tokens_values, true);
$expires = $token_values['expires_in'];
//3600 = 1 hour
$access_token = $token_values['access_token'];
$refresh_token = $token_values['refresh_token'];
$user_id = $token_values['xoauth_yahoo_guid'];
if (!empty($expires) && !empty($access_token)) {
setcookie($authprovider . '[access_token]', $access_token, time() + $expires, '/');
if (!empty($user_id)) {
setcookie($authprovider . '[user_id]', $user_id, time() + $expires, '/');
}
} else {
throw new moodle_exception('Can not get access for "access_token" or/and "expires" params after request', 'auth_lenauth');
}
} else {
if (isset($_COOKIE[$authprovider]['access_token'], $_COOKIE[$authprovider]['user_id'])) {
$access_token = $_COOKIE[$authprovider]['access_token'];
$user_id = $_COOKIE[$authprovider]['user_id'];
} else {
throw new moodle_exception('Someting wrong, maybe expires', 'auth_lenauth');
}
}
break;
case 'twitter':
if ($this->_send_oauth_request || !isset($_COOKIE[$authprovider]['oauth_token_secret'])) {
parse_str($curl_tokens_values, $token_values);
$access_token = $SESSION->twitter_access_token = $token_values['oauth_token'];
setcookie($authprovider . '[oauth_token_secret]', $token_values['oauth_token_secret'], time() + $this->_settings[$authprovider]['expire'], '/');
} else {
if (isset($_COOKIE[$authprovider]['access_token'], $_COOKIE[$authprovider]['oauth_token_secret']) || isset($SESSION->twitter_access_token, $SESSION->twitter_oauth_verifier)) {
$access_token = isset($_COOKIE[$authprovider]['access_token']) ? $_COOKIE[$authprovider]['access_token'] : $SESSION->twitter_access_token;
$oauth_verifier = isset($_COOKIE[$authprovider]['oauth_verifier']) ? $_COOKIE[$authprovider]['oauth_verifier'] : $SESSION->twitter_oauth_verifier;
} else {
throw new moodle_exception('Someting wrong, maybe expires', 'auth_lenauth');
}
}
break;
case 'vk':
if ($this->_send_oauth_request || !isset($_COOKIE[$authprovider]['access_token'])) {
$token_values = json_decode($curl_tokens_values, true);
if (isset($token_values['error'])) {
throw new moodle_exception('Native VK Error ' . $token_values['error'] . (isset($token_values['error_description']) ? ' with description: ' . $token_values['error_description'] : ''), 'auth_lenauth');
}
$expires = $token_values['expires_in'];
//86400 = 24 hours
$access_token = $token_values['access_token'];
if (!empty($access_token) && !empty($expires)) {
setcookie($authprovider . '[access_token]', $access_token, time() + $expires, '/');
}
$user_id = $token_values['user_id'];
if (!empty($user_id)) {
setcookie($authprovider . '[user_id]', $user_id, time() + $expires, '/');
}
/**
* VK user may do not enter email, soooo =((
*/
$user_email = isset($token_values['email']) ? $token_values['email'] : false;
// WOW!!! So early???))) Awesome!
if (!empty($user_email)) {
setcookie($authprovider . '[user_email]', $user_email, time() + $expires, '/');
}
} else {
if (isset($_COOKIE[$authprovider]['access_token'], $_COOKIE[$authprovider]['user_id'])) {
$access_token = $_COOKIE[$authprovider]['access_token'];
$user_id = $_COOKIE[$authprovider]['user_id'];
if (isset($_COOKIE[$authprovider]['user_email'])) {
$user_email = $_COOKIE[$authprovider]['user_email'];
}
} else {
throw new moodle_exception('Someting wrong, maybe expires', 'auth_lenauth');
}
}
break;
case 'yandex':
if ($this->_send_oauth_request || !isset($_COOKIE[$authprovider]['access_token'])) {
$token_values = json_decode($curl_tokens_values, true);
$expires = $token_values['expires_in'];
//31536000 = 1 year
$access_token = $token_values['access_token'];
if (!empty($expires) && !empty($access_token)) {
setcookie($authprovider . '[access_token]', $access_token, time() + $expires, '/');
} else {
throw new moodle_exception('Can not get access for "access_token" or/and "expires" params after request', 'auth_lenauth');
}
} else {
if (isset($_COOKIE[$authprovider]['access_token'])) {
$access_token = $_COOKIE[$authprovider]['access_token'];
} else {
throw new moodle_exception('Someting wrong, maybe expires', 'auth_lenauth');
}
}
break;
case 'mailru':
if ($this->_send_oauth_request || !isset($_COOKIE[$authprovider]['access_token'])) {
$token_values = json_decode($curl_tokens_values, true);
$expires = $token_values['expires_in'];
//86400 = 24 hours
$access_token = $token_values['access_token'];
if (!empty($expires) && !empty($access_token)) {
setcookie($authprovider . '[access_token]', $access_token, time() + $expires, '/');
} else {
//check native errors if exists
if (isset($token_values['error'])) {
switch ($token_values['error']) {
case 'invalid_client':
throw new moodle_exception('Mail.RU invalid OAuth settings. Check your Private Key and Secret Key', 'auth_lenauth');
default:
throw new moodle_exception('Mail.RU Unknown Error with code: ' . $token_values['error']);
}
}
if (empty($expires) || empty($access_token)) {
throw new moodle_exception('Can not get access for "access_token" or/and "expires" params after request', 'auth_lenauth');
}
}
} else {
if (isset($_COOKIE[$authprovider]['access_token'])) {
$access_token = $_COOKIE[$authprovider]['access_token'];
} else {
throw new moodle_exception('Someting wrong, maybe expires', 'auth_lenauth');
}
}
break;
/*case 'ok':
$token_values = json_decode( $curl_tokens_values, true );
$access_token = $token_values['access_token'];
break;*/
/*case 'ok':
$token_values = json_decode( $curl_tokens_values, true );
$access_token = $token_values['access_token'];
break;*/
default:
throw new moodle_exception('Unknown OAuth Provider', 'auth_lenauth');
}
}
if (!empty($access_token)) {
$queryparams = array();
// array to generate data for final request to get user data
$request_api_url = $this->_settings[$authprovider]['request_api_url'];
//some services check accounts for verifier, so we will check it too. No unverified accounts, only verified! only hardCORE!
$is_verified = true;
$image_url = '';
switch ($authprovider) {
case 'facebook':
$queryparams['access_token'] = $access_token;
$curl_response = $curl->get($request_api_url . '?' . $this->_generate_query_data($queryparams));
$curl_final_data = json_decode($curl_response, true);
$social_uid = $curl_final_data['id'];
$user_email = $curl_final_data['email'];
$first_name = $curl_final_data['first_name'];
$last_name = $curl_final_data['last_name'];
$is_verified = $curl_final_data['verified'];
if ($this->_oauth_config->auth_lenauth_retrieve_avatar) {
$image_url = 'http://graph.facebook.com/' . $social_uid . '/picture';
}
break;
/**
* @link https://developers.google.com/accounts/docs/OAuth2Login#obtaininguserprofileinformation
*/
/**
* @link https://developers.google.com/accounts/docs/OAuth2Login#obtaininguserprofileinformation
*/
case 'google':
$queryparams['access_token'] = $access_token;
$queryparams['alt'] = 'json';
$curl_response = $curl->get($request_api_url . '?' . $this->_generate_query_data($queryparams));
$curl_final_data = json_decode($curl_response, true);
if (isset($curl_final_data['error'])) {
if (!empty($curl_final_data['error']['errors']) && is_array($curl_final_data['error']['errors'])) {
foreach ($curl_final_data['error']['errors'] as $error) {
throw new moodle_exception('Native Google error. Message: ' . $error['message'], 'auth_lenauth');
}
} else {
throw new moodle_exception('Native Google error', 'auth_lenauth');
}
}
$social_uid = $curl_final_data['id'];
$user_email = $curl_final_data['emails'][0]['value'];
$first_name = $curl_final_data['name']['givenName'];
$last_name = $curl_final_data['name']['familyName'];
if ($this->_oauth_config->auth_lenauth_retrieve_avatar) {
$image_url = isset($curl_final_data['image']['url']) ? $curl_final_data['image']['url'] : '';
}
break;
case 'yahoo1':
if (!$oauth_verifier) {
header('Location: ' . $xoauth_request_auth_url);
// yahoo =))
die;
}
$queryparams1 = array_merge($this->_lenauth_yahoo_request_array($this->_oauth_config->auth_lenauth_yahoo_consumer_secret . '&' . $_COOKIE[$authprovider]['oauth_token_secret']), array('oauth_token' => $access_token, 'oauth_verifier' => $oauth_verifier));
$curl_response_pre = $curl->get($request_api_url . '?' . $this->_generate_query_data($queryparams1));
parse_str($curl_response_pre, $values);
$queryparams2 = array_merge($this->_lenauth_yahoo_request_array($this->_oauth_config->auth_lenauth_yahoo_consumer_secret . '&' . $values['oauth_token_secret']), array('oauth_token' => $values['oauth_token'], 'oauth_session_handle' => $values['oauth_session_handle']));
$yet_another = $curl->post($request_api_url . '?' . $this->_generate_query_data($queryparams2));
parse_str($yet_another, $yet_another_values);
$params = array('q' => 'SELECT * FROM social.profile where guid="' . $yet_another_values['xoauth_yahoo_guid'] . '"', 'format' => 'json', 'env' => 'http://datatables.org/alltables.env');
$auth_array = array_merge($this->_lenauth_yahoo_request_array($this->_oauth_config->auth_lenauth_yahoo_consumer_secret . '&' . $yet_another_values['oauth_token_secret']), array('realm' => 'yahooapis.com', 'oauth_token' => $yet_another_values['oauth_token']));
$header = '';
foreach ($auth_array as $key => $value) {
$header .= ($header === '' ? ' ' : ',') . $this->urlEncodeRfc3986($key) . '="' . $this->urlEncodeRfc3986($value) . '"';
}
$curl->setHeader(array('Expect:', 'Accept: application/json', 'Authorization: OAuth ' . $header));
$curl_response = $curl->post($this->_settings[$authprovider]['yql_url'] . '?' . $this->_generate_query_data($params));
$curl_final_data = json_decode($curl_response, true);
$social_uid = $curl_final_data['query']['results']['profile']['guid'];
$emails = $curl_final_data['query']['results']['profile']['emails'];
if (!empty($emails) && is_array($emails)) {
foreach ($emails as $email_array) {
$user_email = $email_array['handle'];
if (isset($email_array['primary'])) {
break;
}
}
}
$first_name = $curl_final_data['query']['results']['profile']['givenName'];
$last_name = $curl_final_data['query']['results']['profile']['familyName'];
if ($this->_oauth_config->auth_lenauth_retrieve_avatar) {
$image_url = isset($curl_final_data['query']['results']['profile']['image']['imageUrl']) ? $curl_final_data['query']['results']['profile']['image']['imageUrl'] : '';
}
break;
case 'yahoo2':
$request_api_url = 'https://social.yahooapis.com/v1/user/' . $user_id . '/profile?format=json';
$queryparams['access_token'] = $access_token;
$now_header = array('Authorization: Bearer ' . $access_token, 'Accept: application/json', 'Content-Type: application/json');
$curl->resetHeader();
$curl->setHeader($now_header);
$curl_response = $curl->get($request_api_url, $queryparams);
$curl->resetHeader();
$curl_final_data = json_decode($curl_response, true);
$social_uid = $curl_final_data['profile']['guid'];
$emails = $curl_final_data['profile']['emails'];
if (!empty($emails) && is_array($emails)) {
foreach ($emails as $email_array) {
$user_email = $email_array['handle'];
if (isset($email_array['primary'])) {
break;
}
}
}
$first_name = $curl_final_data['profile']['givenName'];
$last_name = $curl_final_data['profile']['familyName'];
if ($this->_oauth_config->auth_lenauth_retrieve_avatar) {
$image_url = isset($curl_final_data['profile']['image']['imageUrl']) ? $curl_final_data['profile']['image']['imageUrl'] : '';
}
break;
case 'twitter':
if (!$oauth_verifier) {
header('Location: ' . $this->_settings[$authprovider]['request_api_url'] . '?' . http_build_query(array('oauth_token' => $access_token)));
die;
}
$queryparams = array_merge($this->_lenauth_twitter_request_array(), array('oauth_verifier' => $oauth_verifier, 'oauth_token' => $access_token, 'oauth_token_secret' => $_COOKIE[$authprovider]['oauth_token_secret']));
$curl_header = $this->_lenauth_set_twitter_header($queryparams, $access_token, $_COOKIE[$authprovider]['oauth_token_secret']);
$curl->setHeader($curl_header);
$curl_final_data_pre = $curl->post($this->_settings[$authprovider]['token_url'], $queryparams);
$json_decoded = json_decode($curl_final_data_pre, true);
if (isset($json_decoded['error']) && isset($json_decoded['request'])) {
throw new moodle_exception('Native Twitter Error: ' . $json_decoded['error'] . '. For request ' . $json_decoded['request'], 'auth_lenauth');
}
parse_str($curl_final_data_pre, $curl_final_data);
$social_uid = $curl_final_data['user_id'];
if ($this->_oauth_config->auth_lenauth_retrieve_avatar) {
$image_url_pre = 'https://twitter.com/' . $curl_final_data['screen_name'] . '/profile_image?size=original';
$image_header = get_headers($image_url_pre, 1);
$image_url = $image_header['location'];
}
break;
case 'vk':
/**
* @link http://vk.com/dev/api_requests
*/
$queryparams['access_token'] = $access_token;
$queryparams['user_id'] = !empty($user_id) ? $user_id : false;
$queryparams['v'] = self::$vk_api_version;
$curl_response = $curl->post($request_api_url, $this->_generate_query_data($queryparams));
$curl_final_data = json_decode($curl_response, true);
//$social_uid = ( isset( $user_id ) ) ? $user_id : $curl_final_data['response'][0]['id']; //dont forget about this
$social_uid = $queryparams['user_id'];
/**
* If user_email is empty, its not so scare, because its second login and
*/
$user_email = isset($user_email) ? $user_email : false;
//hack, because VK has bugs sometimes
$first_name = $curl_final_data['response'][0]['first_name'];
$last_name = $curl_final_data['response'][0]['last_name'];
/**
* @link http://vk.com/dev/users.get
*/
$fields_array = array('avatar' => 'photo_200');
$additional_fields_pre = $curl->get('http://api.vk.com/method/users.get?user_ids=' . $social_uid . '&fields=' . join(',', $fields_array));
$additional_fields = json_decode($additional_fields_pre, true);
if ($this->_oauth_config->auth_lenauth_retrieve_avatar) {
$image_url = isset($additional_fields['response'][0][$fields_array['avatar']]) ? $additional_fields['response'][0][$fields_array['avatar']] : '';
}
break;
/**
* @link http://api.yandex.ru/oauth/doc/dg/reference/accessing-protected-resource.xml
* @link http://api.yandex.ru/login/doc/dg/reference/request.xml
*/
/**
* @link http://api.yandex.ru/oauth/doc/dg/reference/accessing-protected-resource.xml
* @link http://api.yandex.ru/login/doc/dg/reference/request.xml
*/
case 'yandex':
$queryparams['format'] = $this->_settings[$authprovider]['format'];
$queryparams['oauth_token'] = $access_token;
$curl_response = $curl->get($request_api_url . '?' . $this->_generate_query_data($queryparams));
$curl_final_data = json_decode($curl_response, true);
$social_uid = $curl_final_data['id'];
/**
* fix @since 24.12.2014. Thanks for Yandex Tech team guys!!
* @link https://tech.yandex.ru/passport/
*/
$user_email = $curl_final_data['default_email'];
//was $curl_final_data['emails'][0]; - wrong!
$first_name = $curl_final_data['first_name'];
$last_name = $curl_final_data['last_name'];
$nickname = $curl_final_data['display_name'];
//for future
if ($this->_oauth_config->auth_lenauth_retrieve_avatar) {
/**
* @link https://tech.yandex.ru/passport/doc/dg/reference/response-docpage/#norights_5
*/
$yandex_avatar_size = 'islands-200';
if (isset($curl_final_data['default_avatar_id'])) {
$image_url = 'https://avatars.yandex.net/get-yapic/' . $curl_final_data['default_avatar_id'] . '/' . $yandex_avatar_size;
}
}
break;
case 'mailru':
$queryparams['app_id'] = $params['client_id'];
$secret_key = $params['client_secret'];
/**
* @link http://api.mail.ru/docs/reference/rest/users-getinfo/
*/
$queryparams['method'] = 'users.getInfo';
$queryparams['session_key'] = $access_token;
$queryparams['secure'] = 1;
/**
* Additional security from mail.ru
* @link http://api.mail.ru/docs/guides/restapi/#sig
*/
ksort($queryparams);
$sig = '';
foreach ($queryparams as $k => $v) {
$sig .= "{$k}={$v}";
}
$queryparams['sig'] = md5($sig . $secret_key);
$curl_response = $curl->post($request_api_url, $this->_generate_query_data($queryparams));
$curl_final_data = json_decode($curl_response, true);
$social_uid = $curl_final_data[0]['uid'];
$user_email = $curl_final_data[0]['email'];
$first_name = $curl_final_data[0]['first_name'];
$last_name = $curl_final_data[0]['last_name'];
$is_verified = $curl_final_data[0]['is_verified'];
$birthday = $curl_final_data[0]['birthday'];
//dd.mm.YYYY
if ($this->_oauth_config->auth_lenauth_retrieve_avatar) {
$image_url = isset($curl_final_data[0]['pic_big']) ? $curl_final_data[0]['pic_big'] : '';
}
break;
/*case 'ok':
$queryparams['access_token'] = $access_token;
$queryparams['method'] = 'users.getCurrentUser';
$queryparams['sig'] = md5( 'application_key=' . $this->_oauth_config->ok_public_key . 'method=' . $queryparams['method'] . md5( $queryparams['access_token'] . $this->_oauth_config->ok_secret_key ) );
$queryparams['application_key'] = $this->_oauth_config->ok_public_key;
$curl_response = $curl->get( $request_api_url . '?' . $this->_generate_query_data( $queryparams ) );
$curl_final_data = json_decode( $curl_response, true );
$first_name = $curl_final_data['first_name'];
$last_name = $curl_final_data['last_name'];
$social_uid = $curl_final_data['uid'];
break;*/
/*case 'ok':
$queryparams['access_token'] = $access_token;
$queryparams['method'] = 'users.getCurrentUser';
$queryparams['sig'] = md5( 'application_key=' . $this->_oauth_config->ok_public_key . 'method=' . $queryparams['method'] . md5( $queryparams['access_token'] . $this->_oauth_config->ok_secret_key ) );
$queryparams['application_key'] = $this->_oauth_config->ok_public_key;
$curl_response = $curl->get( $request_api_url . '?' . $this->_generate_query_data( $queryparams ) );
$curl_final_data = json_decode( $curl_response, true );
$first_name = $curl_final_data['first_name'];
$last_name = $curl_final_data['last_name'];
$social_uid = $curl_final_data['uid'];
break;*/
default:
throw new moodle_exception('Unknown OAuth Provider', 'auth_lenauth');
}
/**
* Check for email returned by webservice. If exist - check for user with this email in Moodle Database
*/
if (!empty($curl_final_data)) {
if (!empty($social_uid)) {
if ($is_verified) {
if (!empty($user_email)) {
if ($err = email_is_not_allowed($user_email)) {
throw new moodle_exception($err, 'auth_lenauth');
}
$user_lenauth = $DB->get_record('user', array('email' => $user_email, 'deleted' => 0, 'mnethostid' => $CFG->mnet_localhost_id));
} else {
if (empty($user_lenauth)) {
$user_lenauth = $this->_lenauth_get_userdata_by_social_id($social_uid);
}
/*if ( empty( $user_lenauth ) ) {
$user_lenauth = $DB->get_record('user', array('username' => $username, 'deleted' => 0, 'mnethostid' => $CFG->mnet_localhost_id));
}*/
}
} else {
throw new moodle_exception('Your social account is not verified', 'auth_lenauth');
}
} else {
throw new moodle_exception('Empty Social UID', 'auth_lenauth');
}
} else {
/**
* addon @since 24.12.2014
* I forgot about clear $_COOKIE, thanks again for Yandex Tech Team guys!!!
*/
@setcookie($authprovider, null, time() - 3600);
throw new moodle_exception('Final request returns nothing', 'auth_lenauth');
}
$last_user_number = intval($this->_oauth_config->auth_lenauth_last_user_number);
$last_user_number = empty($last_user_number) ? 1 : $last_user_number + 1;
//$username = $this->_oauth_config->auth_lenauth_user_prefix . $last_user_number; //@todo
/**
* If user with email from webservice not exists, we will create an account
*/
if (empty($user_lenauth)) {
$username = $this->_oauth_config->auth_lenauth_user_prefix . $last_user_number;
//check for username exists in DB
$user_lenauth_check = $DB->get_record('user', array('username' => $username));
$i_check = 0;
while (!empty($user_lenauth_check)) {
$user_lenauth_check = $user_lenauth_check + 1;
$username = $this->_oauth_config->auth_lenauth_user_prefix . $last_user_number;
$user_lenauth_check = $DB->get_record('user', array('username' => $username));
$i_check++;
if ($i_check > 20) {
throw new moodle_exception('Something wrong with usernames of LenAuth users. Limit of 20 queries is out. Check last mdl_user table of Moodle', 'auth_lenauth');
}
}
// create user HERE
$user_lenauth = create_user_record($username, '', 'lenauth');
/**
* User exists...
*/
} else {
$username = $user_lenauth->username;
}
set_config('auth_lenauth_last_user_number', $last_user_number, 'auth/lenauth');
if (!empty($social_uid)) {
$user_social_uid_custom_field = new stdClass();
$user_social_uid_custom_field->userid = $user_lenauth->id;
$user_social_uid_custom_field->fieldid = $this->_field_id;
$user_social_uid_custom_field->data = $social_uid;
if (!$DB->record_exists('user_info_data', array('userid' => $user_lenauth->id, 'fieldid' => $this->_field_id))) {
$DB->insert_record('user_info_data', $user_social_uid_custom_field);
} else {
$record = $DB->get_record('user_info_data', array('userid' => $user_lenauth->id, 'fieldid' => $this->_field_id));
$user_social_uid_custom_field->id = $record->id;
$DB->update_record('user_info_data', $user_social_uid_custom_field);
}
}
//add_to_log( SITEID, 'auth_lenauth', '', '', $username . '/' . $user_email . '/' . $userid );
// complete Authenticate user
authenticate_user_login($username, null);
// fill $newuser object with response data from webservices
$newuser = new stdClass();
if (!empty($user_email)) {
$newuser->email = $user_email;
}
if (!empty($first_name)) {
$newuser->firstname = $first_name;
}
if (!empty($last_name)) {
$newuser->lastname = $last_name;
}
if (!empty($this->_oauth_config->auth_lenauth_default_country)) {
$newuser->country = $this->_oauth_config->auth_lenauth_default_country;
}
if ($user_lenauth) {
// update user record
if (!empty($newuser)) {
$newuser->id = $user_lenauth->id;
/*require_once( $CFG->libdir . '/gdlib.php' );
$fs = get_file_storage();
$file_obj = $fs->create_file_from_url( array(
'contextid' => context_user::instance( $newuser->id, MUST_EXIST )->id,
'component' => 'user',
'filearea' => 'icon',
'itemid' => 0,
'filepath' => '/',
'source' => '',
'filename' => 'f' . $newuser->id . '.' . $ext
), $image_url );
//$newuser->picture = $file_obj->get_id();*/
$user_lenauth = (object) array_merge((array) $user_lenauth, (array) $newuser);
$DB->update_record('user', $user_lenauth);
if ($this->_oauth_config->auth_lenauth_retrieve_avatar) {
//processing user avatar from social webservice
if (!empty($image_url) && intval($user_lenauth->picture) === 0) {
$image_header = get_headers($image_url, 1);
if (isset($image_header['Content-Type']) && is_string($image_header['Content-Type']) && in_array($image_header['Content-Type'], array_keys(self::$_allowed_icons_types))) {
$mime = $image_header['Content-Type'];
} else {
if (isset($image_header['Content-Type'][0]) && is_string($image_header['Content-Type'][0]) && in_array($image_header['Content-Type'][0], array_keys(self::$_allowed_icons_types))) {
$mime = $image_header['Content-Type'][0];
}
}
$ext = $this->_lenauth_get_image_extension_from_mime($mime);
if ($ext) {
//create temp file
$tempfilename = substr(microtime(), 0, 10) . '.tmp';
$templfolder = $CFG->tempdir . '/filestorage';
if (!file_exists($templfolder)) {
mkdir($templfolder, $CFG->directorypermissions);
}
@chmod($templfolder, 0777);
$tempfile = $templfolder . '/' . $tempfilename;
if (copy($image_url, $tempfile)) {
require_once $CFG->libdir . '/gdlib.php';
$usericonid = process_new_icon(context_user::instance($newuser->id, MUST_EXIST), 'user', 'icon', 0, $tempfile);
if ($usericonid) {
$DB->set_field('user', 'picture', $usericonid, array('id' => $newuser->id));
}
unset($tempfile);
}
@chmod($templfolder, $CFG->directorypermissions);
}
}
}
}
complete_user_login($user_lenauth);
// complete user login
// Redirection
$urltogo = $CFG->wwwroot;
if (user_not_fully_set_up($user_lenauth)) {
$urltogo = $CFG->wwwroot . '/user/edit.php';
} else {
if (isset($SESSION->wantsurl) && strpos($SESSION->wantsurl, $CFG->wwwroot) === 0) {
$urltogo = $SESSION->wantsurl;
unset($SESSION->wantsurl);
} else {
unset($SESSION->wantsurl);
}
}
}
redirect($urltogo);
} else {
throw new moodle_exception('Could not get access to access token. Check your App Settings', 'auth_lenauth');
}
}
}
private function http_request($resource, $method, $body = null)
{
$jobe = get_config('qtype_coderunner', 'jobe_host');
$apikey = get_config('qtype_coderunner', 'jobe_apikey');
$headers = array('Content-Type: application/json; charset=utf-8', 'Accept: application/json');
if (!empty($apikey)) {
$headers[] = "X-API-KEY: {$apikey}";
}
$url = "http://{$jobe}/jobe/index.php/restapi/{$resource}";
$curl = new curl();
$curl->setHeader($headers);
if ($method === self::HTTP_GET) {
if (!empty($body)) {
throw new coding_exception("Illegal HTTP GET: non-empty body");
}
$response = $curl->get($url);
} else {
if ($method === self::HTTP_POST) {
if (empty($body)) {
throw new coding_exception("Illegal HTTP POST: empty body");
}
$bodyjson = json_encode($body);
$response = $curl->post($url, $bodyjson);
} else {
throw new coding_exception('Invalid method passed to http_request');
}
}
if ($response !== FALSE) {
$returncode = $curl->info['http_code'];
$responsebody = $response === '' ? '' : json_decode($response);
} else {
$returncode = -1;
$responsebody = '';
}
return array($returncode, $responsebody);
}
public function validate_receiver($receiver)
{
$plagiarismsettings = $this->get_settings();
$url = URKUND_INTEGRATION_SERVICE . '/receivers' . '/' . trim($receiver);
$headers = array('Accept-Language: ' . $plagiarismsettings['urkund_lang']);
$allowedstatus = array(URKUND_STATUSCODE_PROCESSED, URKUND_STATUSCODE_NOT_FOUND, URKUND_STATUSCODE_BAD_REQUEST, URKUND_STATUSCODE_GONE);
// Use Moodle curl wrapper.
$c = new curl(array('proxy' => true));
$c->setopt(array());
$c->setopt(array('CURLOPT_RETURNTRANSFER' => 1, 'CURLOPT_HTTPAUTH' => CURLAUTH_BASIC, 'CURLOPT_USERPWD' => $plagiarismsettings['urkund_username'] . ":" . $plagiarismsettings['urkund_password']));
$c->setHeader($headers);
$response = $c->get($url);
$httpstatus = $c->info['http_code'];
if (!empty($httpstatus)) {
if (in_array($httpstatus, $allowedstatus)) {
if ($httpstatus == URKUND_STATUSCODE_PROCESSED) {
// Valid address found, return true.
return true;
} else {
return $httpstatus;
}
}
}
return false;
}
/**
* Processes the message and sends a notification via airnotifier
*
* @param stdClass $eventdata the event data submitted by the message sender plus $eventdata->savedmessageid
* @return true if ok, false if error
*/
public function send_message($eventdata)
{
global $CFG;
if (!empty($CFG->noemailever)) {
// Hidden setting for development sites, set in config.php if needed.
debugging('$CFG->noemailever active, no airnotifier message sent.', DEBUG_MINIMAL);
return true;
}
// Skip any messaging suspended and deleted users.
if ($eventdata->userto->auth === 'nologin' or $eventdata->userto->suspended or $eventdata->userto->deleted) {
return true;
}
// Site id, to map with Moodle Mobile stored sites.
$siteid = md5($CFG->wwwroot . $eventdata->userto->username);
// Mandatory notification data that need to be sent in the payload. They have variable length.
// We need to take them in consideration to calculate the maximum message size.
$notificationdata = array("site" => $siteid, "type" => $eventdata->component . '_' . $eventdata->name, "device" => "xxxxxxxxxx", "notif" => "x", "userfrom" => !empty($eventdata->userfrom) ? fullname($eventdata->userfrom) : '');
// Calculate the size of the message knowing Apple payload must be lower than 256 bytes.
// Airnotifier using few bytes of the payload, we must limit our message to even less characters.
$maxmsgsize = 205 - core_text::strlen(json_encode($notificationdata));
$message = s($eventdata->smallmessage);
// If the message size is too big make it shorter.
if (core_text::strlen($message) >= $maxmsgsize) {
// Cut the message to the maximum possible size. -4 for the the ending 3 dots (...).
$message = core_text::substr($message, 0, $maxmsgsize - 4);
// We need to check when the message is "escaped" then the message is not too long.
$encodedmsgsize = core_text::strlen(json_encode($message));
if ($encodedmsgsize > $maxmsgsize) {
$totalescapedchar = $encodedmsgsize - core_text::strlen($message);
// Cut the message to the maximum possible size (taking the escaped character in account).
$message = core_text::substr($message, 0, $maxmsgsize - 4 - $totalescapedchar);
}
$message = $message . '...';
}
// We are sending to message to all devices.
$airnotifiermanager = new message_airnotifier_manager();
$devicetokens = $airnotifiermanager->get_user_devices($CFG->airnotifiermobileappname, $eventdata->userto->id);
foreach ($devicetokens as $devicetoken) {
if (!$devicetoken->enable) {
continue;
}
// Sending the message to the device.
$serverurl = $CFG->airnotifierurl . ':' . $CFG->airnotifierport . '/notification/';
$header = array('Accept: application/json', 'X-AN-APP-NAME: ' . $CFG->airnotifierappname, 'X-AN-APP-KEY: ' . $CFG->airnotifieraccesskey);
$curl = new curl();
$curl->setHeader($header);
$params = array('alert' => $message, 'date' => !empty($eventdata->timecreated) ? $eventdata->timecreated : time(), 'site' => $siteid, 'type' => $eventdata->component . '_' . $eventdata->name, 'userfrom' => !empty($eventdata->userfrom) ? fullname($eventdata->userfrom) : '', 'device' => $devicetoken->platform, 'notif' => !empty($eventdata->notification) ? '1' : '0', 'token' => $devicetoken->pushid);
$resp = $curl->post($serverurl, $params);
}
return true;
}
function sendOAuthBodyPOST($method, $endpoint, $body)
{
global $CFG;
require_once $CFG->libdir . '/filelib.php';
$hash = base64_encode(sha1($body, TRUE));
$oauth_consumer_key = $CFG->equella_lti_oauth_key;
$oauth_consumer_secret = $CFG->equella_lti_oauth_secret;
$parms = array('oauth_body_hash' => $hash);
$test_token = '';
$hmac_method = new moodle\mod\equella\OAuthSignatureMethod_HMAC_SHA1();
$test_consumer = new moodle\mod\equella\OAuthConsumer($oauth_consumer_key, $oauth_consumer_secret, NULL);
$acc_req = moodle\mod\equella\OAuthRequest::from_consumer_and_token($test_consumer, $test_token, $method, $endpoint, $parms);
$acc_req->sign_request($hmac_method, $test_consumer, $test_token);
global $LastOAuthBodyBaseString;
$LastOAuthBodyBaseString = $acc_req->get_signature_base_string();
$oauthheader = $acc_req->to_header();
$contenttypeheader = "Content-Type: application/xml";
$http = new curl();
$http->setHeader(array($oauthheader, $contenttypeheader));
return $http->post($endpoint, $body);
}
/**
* The contructor is a copy of the stock simplepie File class which has
* been modifed to add in use the Moodle curl class rather than php curl
* functions.
*/
function moodle_simplepie_file($url, $timeout = 10, $redirects = 5, $headers = null, $useragent = null, $force_fsockopen = false)
{
$this->url = $url;
$this->method = SIMPLEPIE_FILE_SOURCE_REMOTE | SIMPLEPIE_FILE_SOURCE_CURL;
$curl = new curl();
$curl->setopt(array('CURLOPT_HEADER' => true, 'CURLOPT_TIMEOUT' => $timeout, 'CURLOPT_CONNECTTIMEOUT' => $timeout));
if ($headers !== null) {
// translate simplepie headers to those class curl expects
foreach ($headers as $headername => $headervalue) {
$headerstr = "{$headername}: {$headervalue}";
$curl->setHeader($headerstr);
}
}
$this->headers = $curl->get($url);
if ($curl->error) {
$this->error = 'cURL Error: ' . $curl->error;
$this->success = false;
return false;
}
$parser = new SimplePie_HTTP_Parser($this->headers);
if ($parser->parse()) {
$this->headers = $parser->headers;
$this->body = $parser->body;
$this->status_code = $parser->status_code;
if (($this->status_code == 300 || $this->status_code == 301 || $this->status_code == 302 || $this->status_code == 303 || $this->status_code == 307 || $this->status_code > 307 && $this->status_code < 400) && isset($this->headers['location']) && $this->redirects < $redirects) {
$this->redirects++;
$location = SimplePie_Misc::absolutize_url($this->headers['location'], $url);
return $this->moodle_simplepie_file($location, $timeout, $redirects, $headers);
}
}
}
/**
* Create a device token in the Airnotifier instance
* @param string $token The token to be created
* @return bool True if all was right
*/
private function create_token($token)
{
global $CFG;
if (!$this->is_system_configured()) {
return false;
}
require_once $CFG->libdir . '/filelib.php';
$serverurl = $CFG->airnotifierurl . ':' . $CFG->airnotifierport . '/tokens/' . $token;
$header = array('Accept: application/json', 'X-AN-APP-NAME: ' . $CFG->airnotifierappname, 'X-AN-APP-KEY: ' . $CFG->airnotifieraccesskey);
$curl = new curl();
$curl->setHeader($header);
$params = array();
$resp = $curl->post($serverurl, $params);
if ($token = json_decode($resp, true)) {
if (!empty($token['status'])) {
return $token['status'] == 'ok' || $token['status'] == 'token exists';
}
}
debugging("Unexpected response from the Airnotifier server: {$resp}");
return false;
}
