function RWSAAFinish()
{
global $DB;
global $SESSION;
global $USER;
unset($SESSION->wantsurl);
$r_bo = true;
RWSCMAuth($r_bo);
RWSCMUSvc($r_bo);
RWSCMMaint($r_bo);
$r_ac = RWSGSOpt("action", PARAM_ALPHANUMEXT);
if ($r_ac === false || strlen($r_ac) == 0) {
RWSBErr("No service action was specified.");
}
$r_rv = RWSGSOpt("version", PARAM_ALPHANUMEXT);
if ($r_rv === false || strlen($r_rv) == 0) {
$r_bv = 2009093000;
} else {
$r_bv = intval($r_rv);
}
$r_usrn = RWSGSOpt("username", PARAM_RAW);
if ($r_usrn === false || strlen($r_usrn) == 0) {
RWSBErr("No username specified.");
}
$r_rtm = RWSGSOpt("time", PARAM_ALPHANUM);
if ($r_rtm === false || strlen($r_rtm) == 0) {
RWSBErr("No request time specified.");
}
$r_rmc = RWSGSOpt("mac", PARAM_ALPHANUMEXT);
if ($r_rmc === false || strlen($r_rmc) == 0) {
RWSBErr("No message authentication code specified.");
}
if ($r_bv < 2013061700) {
RWSBErr("The authentication framework is not supported by the requested behavior version.");
}
if (strcmp($r_usrn, $USER->username) != 0) {
RWSBErr("Invalid username specified.");
}
$r_ctm = time();
$r_mxt = $r_rtm + 60 * 10;
if ($r_ctm < $r_rtm || $r_ctm > $r_mxt) {
RWSBErr("Invalid request time specified.");
}
$r_chm = RWSGAMac($r_ac . $r_bv . $r_usrn . $r_rtm);
if (strcmp($r_chm, $r_rmc) != 0) {
RWSBErr("Invalid message authentication code.");
}
$r_rws = $DB->get_record("respondusws", array("course" => SITEID));
if ($r_rws === false) {
RWSBErr("The respondusws module has not yet been installed. Please contact the system administrator.");
}
$r_chrs = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$r_cmx = strlen($r_chrs) - 1;
$r_tln = 40;
$r_tok = "";
for ($r_i = 0; $r_i < $r_tln; $r_i++) {
$r_tok .= substr($r_chrs, mt_rand(0, $r_cmx), 1);
}
$r_h = sha1($r_tok);
$r_auu = $DB->get_record("respondusws_auth_users", array("responduswsid" => $r_rws->id, "userid" => $USER->id));
if ($r_auu === false) {
$r_auu = new stdClass();
$r_auu->responduswsid = $r_rws->id;
$r_auu->userid = $USER->id;
$r_auu->authtoken = $r_h;
$r_auu->timeissued = $r_ctm;
try {
$r_auu->id = $DB->insert_record("respondusws_auth_users", $r_auu);
} catch (Exception $r_e) {
RWSBErr("Unable to issue authentication token.");
}
} else {
$r_auu->authtoken = $r_h;
$r_auu->timeissued = $r_ctm;
try {
$DB->update_record("respondusws_auth_users", $r_auu);
} catch (Exception $r_e) {
RWSBErr("Unable to issue authentication token.");
}
}
RWSRHHtml();
echo "{\"RWSAuthToken\":\"{$r_tok}\"}";
exit;
}
<?php
// Respondus 4.0 Web Service Extension For Moodle
// Copyright (c) 2009-2015 Respondus, Inc. All Rights Reserved.
// Date: January 07, 2015.
$r_rsv = dirname(__FILE__) . "/servicelib.php";
if (is_readable($r_rsv)) {
include_once $r_rsv;
defined("MOODLE_INTERNAL") || die;
} else {
header("Content-Type: text/xml");
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\r\n";
echo "<service_error>2000</service_error>\r\n";
exit;
}
raise_memory_limit(MEMORY_EXTRA);
set_exception_handler("RWSEHdlr");
RWSCMBVer();
RWSCMVer();
RWSCMInst();
if ($RWSECAS) {
RWSPCReqs();
}
$r_raction = RWSGSOpt("action", PARAM_ALPHANUMEXT);
if ($r_raction === false || strlen($r_raction) == 0) {
RWSSErr("2001");
} else {
RWSDSAct($r_raction);
}