function webservices_token_submit(Pieform $form, $values)
{
global $SESSION, $USER;
if ($values['action'] == 'generate') {
if (!empty($values['userid'][0])) {
$dbuser = get_record('usr', 'id', $values['userid'][0]);
if (!empty($dbuser)) {
$services = get_records_array('external_services', 'restrictedusers', 0);
if (empty($services)) {
$SESSION->add_error_msg(get_string('noservices', 'auth.webservice'));
} else {
// just pass the first one for the moment
$service = array_shift($services);
$token = webservice_generate_token(EXTERNAL_TOKEN_PERMANENT, $service, $dbuser->id);
$dbtoken = get_record('external_tokens', 'token', $token);
redirect('/webservice/admin/tokenconfig.php?token=' . $dbtoken->id);
}
} else {
$SESSION->add_error_msg(get_string('invaliduserselected', 'auth.webservice'));
}
} else {
$SESSION->add_error_msg(get_string('nouser', 'auth.webservice'));
}
} else {
$token = get_record('external_tokens', 'id', $values['token']);
if (!empty($token)) {
if ($values['action'] == 'edit') {
redirect('/webservice/admin/tokenconfig.php?token=' . $values['token']);
} else {
if ($values['action'] == 'delete') {
// remove everything associated with a service
$params = array($values['token']);
delete_records_select('external_tokens', "id = ?", $params);
$SESSION->add_ok_msg(get_string('configsaved', 'auth.webservice'));
}
}
}
}
// default back to where we came from
redirect('/webservice/admin/index.php?open=webservices_token');
}
/**
* Setup test data
*/
protected function setUp()
{
// default current user to admin
global $USER;
$USER->id = 1;
$USER->admin = 1;
set_config('webservice_enabled', true);
set_config('webservice_rest_enabled', true);
set_config('webservice_xmlrpc_enabled', true);
set_config('webservice_soap_enabled', true);
set_config('webservice_oauth_enabled', true);
//token to test
$this->servicename = 'test webservices';
$this->testuser = '******';
$this->testinstitution = 'mytestinstitutionone';
// clean out first
$this->tearDown();
if (!($authinstance = get_record('auth_instance', 'institution', 'mahara', 'authname', 'webservice'))) {
$authinstance = new stdClass();
$authinstance->instancename = 'webservice';
$authinstance->institution = 'mahara';
$authinstance->authname = 'webservice';
$lastinstance = get_records_array('auth_instance', 'institution', 'mahara', 'priority DESC', '*', '0', '1');
if ($lastinstance == false) {
$authinstance->priority = 0;
} else {
$authinstance->priority = $lastinstance[0]->priority + 1;
}
$authinstance->id = insert_record('auth_instance', $authinstance, 'id', true);
}
$this->authinstance = $authinstance;
$this->institution = new Institution($authinstance->institution);
// create the new test user
if (!($dbuser = get_record('usr', 'username', $this->testuser))) {
db_begin();
$new_user = new StdClass();
$new_user->authinstance = $authinstance->id;
$new_user->username = $this->testuser;
$new_user->firstname = 'Firstname';
$new_user->lastname = 'Lastname';
$new_user->password = $this->testuser;
$new_user->email = $this->testuser . '@hogwarts.school.nz';
$new_user->passwordchange = 0;
$new_user->admin = 1;
$profilefields = new StdClass();
$userid = create_user($new_user, $profilefields, $this->institution, $authinstance);
$dbuser = get_record('usr', 'username', $this->testuser);
db_commit();
}
// construct a test service from all available functions
$dbservice = get_record('external_services', 'name', $this->servicename);
if (empty($dbservice)) {
$service = array('name' => $this->servicename, 'tokenusers' => 0, 'restrictedusers' => 0, 'enabled' => 1, 'component' => 'webservice', 'ctime' => db_format_timestamp(time()));
insert_record('external_services', $service);
$dbservice = get_record('external_services', 'name', $this->servicename);
}
$dbfunctions = get_records_array('external_functions', null, null, 'name');
foreach ($dbfunctions as $function) {
$sfexists = record_exists('external_services_functions', 'externalserviceid', $dbservice->id, 'functionname', $function->name);
if (!$sfexists) {
$service_function = array('externalserviceid' => $dbservice->id, 'functionname' => $function->name);
insert_record('external_services_functions', $service_function);
$dbservice->mtime = db_format_timestamp(time());
update_record('external_services', $dbservice);
}
}
// create an OAuth registry object
require_once get_config('docroot') . 'webservice/libs/oauth-php/OAuthServer.php';
require_once get_config('docroot') . 'webservice/libs/oauth-php/OAuthStore.php';
require_once get_config('docroot') . 'webservice/libs/oauth-php/OAuthRequester.php';
$store = OAuthStore::instance('Mahara', array(), true);
$new_app = array('application_title' => 'Test Application', 'application_uri' => 'http://example.com', 'requester_name' => $dbuser->firstname . ' ' . $dbuser->lastname, 'requester_email' => $dbuser->email, 'callback_uri' => 'http://example.com', 'institution' => 'mahara', 'externalserviceid' => $dbservice->id);
$this->consumer_key = $store->updateConsumer($new_app, $dbuser->id, true);
$this->consumer = (object) $store->getConsumer($this->consumer_key, $dbuser->id);
// Now do the request and access token
$this->request_token = $store->addConsumerRequestToken($this->consumer_key, array());
// authorise
$verifier = $store->authorizeConsumerRequestToken($this->request_token['token'], $dbuser->id, 'localhost');
// exchange access token
$options = array();
$options['verifier'] = $verifier;
$this->access_token = $store->exchangeConsumerRequestForAccessToken($this->request_token['token'], $options);
// generate a test token
$token = webservice_generate_token(EXTERNAL_TOKEN_PERMANENT, $dbservice, $dbuser->id);
$dbtoken = get_record('external_tokens', 'token', $token);
$this->testtoken = $dbtoken->token;
// create an external test user instance
$dbserviceuser = (object) array('externalserviceid' => $dbservice->id, 'userid' => $dbuser->id, 'institution' => 'mahara', 'ctime' => db_format_timestamp(time()), 'wssigenc' => 0, 'publickeyexpires' => 0);
$dbserviceuser->id = insert_record('external_services_users', $dbserviceuser, 'id', true);
// setup test groups
$groupid = group_create(array('shortname' => 'mytestgroup1', 'name' => 'The test group 1', 'description' => 'a description for test group 1', 'institution' => 'mahara', 'grouptype' => 'standard', 'open' => 1, 'controlled' => 0, 'request' => 0, 'submitpages' => 0, 'hidemembers' => 0, 'invitefriends' => 0, 'suggestfriends' => 0, 'hidden' => 0, 'hidemembersfrommembers' => 0, 'public' => 0, 'usersautoadded' => 0, 'members' => array($dbuser->id => 'admin'), 'viewnotify' => 0));
// create test institution
$dbinstitution = get_record('institution', 'name', $this->testinstitution);
if (empty($dbinstitution)) {
db_begin();
$newinstitution = new StdClass();
$institution = $newinstitution->name = $this->testinstitution;
$newinstitution->displayname = $institution . ' - display name';
$newinstitution->authplugin = 'internal';
$newinstitution->showonlineusers = 1;
$newinstitution->registerallowed = 0;
$newinstitution->theme = null;
$newinstitution->defaultquota = get_config_plugin('artefact', 'file', 'defaultquota');
$newinstitution->defaultmembershipperiod = null;
$newinstitution->maxuseraccounts = null;
$newinstitution->allowinstitutionpublicviews = 1;
insert_record('institution', $newinstitution);
$authinstance = (object) array('instancename' => 'internal', 'priority' => 0, 'institution' => $newinstitution->name, 'authname' => 'internal');
insert_record('auth_instance', $authinstance);
db_commit();
}
//protocols to test
$this->testrest = false;
$this->testxmlrpc = false;
$this->testsoap = false;
////// READ-ONLY DB tests ////
$this->readonlytests = array();
////// WRITE DB tests ////
$this->writetests = array();
///// Authentication types ////
$this->auths = array();
//performance testing: number of time the web service are run
$this->iteration = 1;
// keep track of users created and deleted
$this->created_users = array();
// keep track of groups
$this->created_groups = array();
//DO NOT CHANGE
//reset the timers
$this->timerrest = 0;
$this->timerxmlrpc = 0;
$this->timersoap = 0;
}
/**
* handle the callback for actions on the user token panel
* - generate noew token
* - delete token
*
* @param Pieform $form
* @param array $values
*/
function webservices_user_token_submit(Pieform $form, $values)
{
global $USER, $SESSION;
if ($values['action'] == 'generate') {
delete_records('external_tokens', 'userid', $USER->get('id'), 'externalserviceid', $values['service']);
$services = get_records_select_array('external_services', 'id = ? AND tokenusers = ?', array($values['service'], 1));
if (empty($services)) {
$SESSION->add_error_msg(get_string('noservices', 'auth.webservice'));
} else {
// just pass the first one for the moment
$service = array_shift($services);
$authinstance = get_record('auth_instance', 'id', $USER->get('authinstance'));
$token = webservice_generate_token(EXTERNAL_TOKEN_USER, $service, $USER->get('id'), $authinstance->institution, time() + EXTERNAL_TOKEN_USER_EXPIRES);
$SESSION->add_ok_msg(get_string('token_generated', 'auth.webservice'));
}
} else {
if ($values['action'] == 'delete') {
delete_records('external_tokens', 'userid', $USER->get('id'), 'externalserviceid', $values['service']);
$SESSION->add_ok_msg(get_string('oauthtokendeleted', 'auth.webservice'));
}
}
redirect('/webservice/apptokens.php');
}
/**
* Create and return a session linked token. Token to be used for html embedded client apps that want to communicate
* with the Moodle server through web services. The token is linked to the current session for the current page request.
* It is expected this will be called in the script generating the html page that is embedding the client app and that the
* returned token will be somehow passed into the client app being embedded in the page.
* @param string $servicename name of the web service. Service name as defined in db/services.php
* @param integer $userid
* @param string $institution
* @param integer $validuntil
* @param string $iprestriction
* @return int returns token id.
*/
function webservice_create_service_token($servicename, $userid, $institution = 'mahara', $validuntil = 0, $iprestriction = '')
{
$service = get_record('external_services', 'name', $servicename, '*');
return webservice_generate_token(EXTERNAL_TOKEN_EMBEDDED, $service, $userid, $institution, $validuntil, $iprestriction);
}