function __construct($keystring, $wwwroot)
{
$this->credentials = openssl_x509_parse($keystring);
$this->wwwroot = dropslash($wwwroot);
$this->certificate = $keystring;
if ($this->credentials == false) {
throw new CryptException(get_string('errornotvalidsslcertificate', 'auth'), 1);
return false;
} elseif ($this->credentials['subject']['CN'] != $this->wwwroot) {
throw new CryptException(get_string('errorcertificateinvalidwwwroot', 'auth', $this->credentials['subject']['CN'], $this->wwwroot), 1);
return false;
} else {
return $this->credentials;
}
}
public static function save_instance_config_options($values, Pieform $form)
{
if (false === strpos($values['wwwroot'], '://')) {
$values['wwwroot'] = 'http://' . $values['wwwroot'];
}
db_begin();
$authinstance = new stdClass();
$peer = new Peer();
if ($values['instance'] > 0) {
$values['create'] = false;
$current = get_records_assoc('auth_instance_config', 'instance', $values['instance'], '', 'field, value');
$authinstance->id = $values['instance'];
} else {
$values['create'] = true;
// Get the auth instance with the highest priority number (which is
// the instance with the lowest priority).
// TODO: rethink 'priority' as a fieldname... it's backwards!!
$lastinstance = get_records_array('auth_instance', 'institution', $values['institution'], 'priority DESC', '*', '0', '1');
if ($lastinstance == false) {
$authinstance->priority = 0;
} else {
$authinstance->priority = $lastinstance[0]->priority + 1;
}
}
if (false == $peer->findByWwwroot($values['wwwroot'])) {
try {
$peer->bootstrap($values['wwwroot'], null, $values['appname'], $values['institution']);
} catch (RemoteServerException $e) {
$form->set_error('wwwroot', get_string('cantretrievekey', 'auth'));
throw new RemoteServerException($e->getMessage(), $e->getCode());
}
}
$peer->wwwroot = preg_replace("|\\/+\$|", "", $values['wwwroot']);
$peer->name = $values['name'];
$peer->deleted = $values['deleted'];
$peer->appname = $values['appname'];
$peer->institution = $values['institution'];
if (isset($values['publickey'])) {
$peer->publickey = new PublicKey($values['publickey'], $peer->wwwroot);
$peer->publickeyexpires = $peer->publickey->expires;
}
/**
* The following properties are not user-updatable
$peer->lastconnecttime = $values['lastconnecttime'];
*/
$peer->commit();
$authinstance->instancename = $values['instancename'];
$authinstance->institution = $values['institution'];
$authinstance->authname = $values['authname'];
if ($values['create']) {
$values['instance'] = insert_record('auth_instance', $authinstance, 'id', true);
} else {
update_record('auth_instance', $authinstance, array('id' => $values['instance']));
}
if (empty($current)) {
$current = array();
}
self::$default_config = array('wwwroot' => $values['wwwroot'], 'parent' => $values['parent'], 'authloginmsg' => $values['authloginmsg'], 'wessoout' => 0, 'theyssoin' => 0, 'theyautocreateusers' => 0, 'weautocreateusers' => 0, 'updateuserinfoonlogin' => 0, 'weimportcontent' => 0);
if ($values['ssodirection'] == 'wessoout') {
self::$default_config['wessoout'] = 1;
self::$default_config['theyautocreateusers'] = $values['theyautocreateusers'];
} else {
if ($values['ssodirection'] == 'theyssoin') {
self::$default_config['theyssoin'] = 1;
self::$default_config['updateuserinfoonlogin'] = $values['updateuserinfoonlogin'];
self::$default_config['weautocreateusers'] = $values['weautocreateusers'];
self::$default_config['weimportcontent'] = $values['weimportcontent'];
}
}
foreach (self::$default_config as $field => $value) {
$record = new stdClass();
$record->instance = $values['instance'];
$record->field = $field;
$record->value = $value;
if ($field == 'wwwroot') {
$record->value = dropslash($value);
}
if (empty($value)) {
delete_records('auth_instance_config', 'field', $field, 'instance', $values['instance']);
} elseif ($values['create'] || !array_key_exists($field, $current)) {
insert_record('auth_instance_config', $record);
} else {
update_record('auth_instance_config', $record, array('instance' => $values['instance'], 'field' => $field));
}
}
db_commit();
return $values;
}
public function bootstrap($wwwroot, $pubkey, $appname = 'moodle', $institution = null)
{
$wwwroot = dropslash($wwwroot);
if (!$this->findByWwwroot($wwwroot)) {
$hostname = get_hostname_from_uri($wwwroot);
// Get the IP address for that host - if this fails, it will
// return the hostname string
$ipaddress = gethostbyname($hostname);
// Couldn't find the IP address?
if ($ipaddress === $hostname && !preg_match('/^\\d+\\.\\d+\\.\\d+.\\d+$/', $hostname)) {
throw new ParamOutOfRangeException('Could not find IP address for host: ' . addslashes($hostname));
return false;
}
// Default the name to the wwwroot
$this->name = $wwwroot;
// Get a page from the remote host, and check its title.
$homepage = file_get_contents($wwwroot);
if (!empty($homepage) && ($count = preg_match("@<title>(.*)</title>@siU", $homepage, $matches))) {
$this->name = $matches[1];
}
$exists = get_record('application', 'name', $appname);
if (empty($exists)) {
throw new ParamOutOfRangeException('Application ' . addslashes($appname) . ' does not exist.');
}
$this->appname = $appname;
$this->application = Application::findByName($this->appname);
$this->wwwroot = $wwwroot;
$this->ipaddress = $ipaddress;
require_once get_config('libroot') . 'institution.php';
if (null == $institution) {
$institution = new Institution();
$institution->name = preg_replace('/[^a-zA-Z]/', '', $this->name);
// Check that the institution name has not already been taken.
// If it has, we change it until we find a name that works
$existinginstitutionnames = get_column('institution', 'name');
if (in_array($institution->name, $existinginstitutionnames)) {
$success = false;
foreach (range('a', 'z') as $character) {
$testname = $institution->name . $character;
if (!in_array($testname, $existinginstitutionnames)) {
$success = true;
$institution->name = $testname;
break;
}
}
if (!$success) {
// We couldn't find a unique name. Noes!
throw new RemoteServerException('Could not create a unique institution name');
}
}
$institution->displayname = $this->name;
$institution->commit();
$this->institution = $institution->name;
} else {
$this->institution = $institution;
}
if (empty($pubkey)) {
try {
$somekey = get_public_key($this->wwwroot, $this->appname);
$this->publickey = new PublicKey($somekey, $this->wwwroot);
} catch (XmlrpcClientException $e) {
$errcode = $e->getCode();
if ($errcode == 404) {
throw new RemoteServerException('404: Incorrect WWWRoot or Application: file not found.');
} elseif ($errcode == 704) {
throw new RemoteServerException('Networking is disabled on the host at ' . $this->wwwroot . '.');
} else {
throw new RemoteServerException('Error retrieving public key, failed with error code ' . $errcode . ': ' . $e->getMessage());
}
} catch (Exception $e) {
throw new RemoteServerException('Error retrieving public key: ' . $e->getMessage());
}
} else {
$this->publickey = new PublicKey($pubkey, $this->wwwroot);
}
$this->lastconnecttime = 0;
$this->initialized = self::INITIALIZED;
$this->changed = true;
if (false == $this->publickey->expires) {
$this->publickey == null;
return false;
}
}
return true;
}
