Exemple #1
0
function webservices_token_submit(Pieform $form, $values)
{
    global $SESSION, $USER;
    if ($values['action'] == 'generate') {
        if (!empty($values['userid'][0])) {
            $dbuser = get_record('usr', 'id', $values['userid'][0]);
            if (!empty($dbuser)) {
                $services = get_records_array('external_services', 'restrictedusers', 0);
                if (empty($services)) {
                    $SESSION->add_error_msg(get_string('noservices', 'auth.webservice'));
                } else {
                    // just pass the first one for the moment
                    $service = array_shift($services);
                    $token = webservice_generate_token(EXTERNAL_TOKEN_PERMANENT, $service, $dbuser->id);
                    $dbtoken = get_record('external_tokens', 'token', $token);
                    redirect('/webservice/admin/tokenconfig.php?token=' . $dbtoken->id);
                }
            } else {
                $SESSION->add_error_msg(get_string('invaliduserselected', 'auth.webservice'));
            }
        } else {
            $SESSION->add_error_msg(get_string('nouser', 'auth.webservice'));
        }
    } else {
        $token = get_record('external_tokens', 'id', $values['token']);
        if (!empty($token)) {
            if ($values['action'] == 'edit') {
                redirect('/webservice/admin/tokenconfig.php?token=' . $values['token']);
            } else {
                if ($values['action'] == 'delete') {
                    // remove everything associated with a service
                    $params = array($values['token']);
                    delete_records_select('external_tokens', "id = ?", $params);
                    $SESSION->add_ok_msg(get_string('configsaved', 'auth.webservice'));
                }
            }
        }
    }
    // default back to where we came from
    redirect('/webservice/admin/index.php?open=webservices_token');
}
 /**
  * Setup test data
  */
 protected function setUp()
 {
     // default current user to admin
     global $USER;
     $USER->id = 1;
     $USER->admin = 1;
     set_config('webservice_enabled', true);
     set_config('webservice_rest_enabled', true);
     set_config('webservice_xmlrpc_enabled', true);
     set_config('webservice_soap_enabled', true);
     set_config('webservice_oauth_enabled', true);
     //token to test
     $this->servicename = 'test webservices';
     $this->testuser = '******';
     $this->testinstitution = 'mytestinstitutionone';
     // clean out first
     $this->tearDown();
     if (!($authinstance = get_record('auth_instance', 'institution', 'mahara', 'authname', 'webservice'))) {
         $authinstance = new stdClass();
         $authinstance->instancename = 'webservice';
         $authinstance->institution = 'mahara';
         $authinstance->authname = 'webservice';
         $lastinstance = get_records_array('auth_instance', 'institution', 'mahara', 'priority DESC', '*', '0', '1');
         if ($lastinstance == false) {
             $authinstance->priority = 0;
         } else {
             $authinstance->priority = $lastinstance[0]->priority + 1;
         }
         $authinstance->id = insert_record('auth_instance', $authinstance, 'id', true);
     }
     $this->authinstance = $authinstance;
     $this->institution = new Institution($authinstance->institution);
     // create the new test user
     if (!($dbuser = get_record('usr', 'username', $this->testuser))) {
         db_begin();
         $new_user = new StdClass();
         $new_user->authinstance = $authinstance->id;
         $new_user->username = $this->testuser;
         $new_user->firstname = 'Firstname';
         $new_user->lastname = 'Lastname';
         $new_user->password = $this->testuser;
         $new_user->email = $this->testuser . '@hogwarts.school.nz';
         $new_user->passwordchange = 0;
         $new_user->admin = 1;
         $profilefields = new StdClass();
         $userid = create_user($new_user, $profilefields, $this->institution, $authinstance);
         $dbuser = get_record('usr', 'username', $this->testuser);
         db_commit();
     }
     // construct a test service from all available functions
     $dbservice = get_record('external_services', 'name', $this->servicename);
     if (empty($dbservice)) {
         $service = array('name' => $this->servicename, 'tokenusers' => 0, 'restrictedusers' => 0, 'enabled' => 1, 'component' => 'webservice', 'ctime' => db_format_timestamp(time()));
         insert_record('external_services', $service);
         $dbservice = get_record('external_services', 'name', $this->servicename);
     }
     $dbfunctions = get_records_array('external_functions', null, null, 'name');
     foreach ($dbfunctions as $function) {
         $sfexists = record_exists('external_services_functions', 'externalserviceid', $dbservice->id, 'functionname', $function->name);
         if (!$sfexists) {
             $service_function = array('externalserviceid' => $dbservice->id, 'functionname' => $function->name);
             insert_record('external_services_functions', $service_function);
             $dbservice->mtime = db_format_timestamp(time());
             update_record('external_services', $dbservice);
         }
     }
     // create an OAuth registry object
     require_once get_config('docroot') . 'webservice/libs/oauth-php/OAuthServer.php';
     require_once get_config('docroot') . 'webservice/libs/oauth-php/OAuthStore.php';
     require_once get_config('docroot') . 'webservice/libs/oauth-php/OAuthRequester.php';
     $store = OAuthStore::instance('Mahara', array(), true);
     $new_app = array('application_title' => 'Test Application', 'application_uri' => 'http://example.com', 'requester_name' => $dbuser->firstname . ' ' . $dbuser->lastname, 'requester_email' => $dbuser->email, 'callback_uri' => 'http://example.com', 'institution' => 'mahara', 'externalserviceid' => $dbservice->id);
     $this->consumer_key = $store->updateConsumer($new_app, $dbuser->id, true);
     $this->consumer = (object) $store->getConsumer($this->consumer_key, $dbuser->id);
     // Now do the request and access token
     $this->request_token = $store->addConsumerRequestToken($this->consumer_key, array());
     // authorise
     $verifier = $store->authorizeConsumerRequestToken($this->request_token['token'], $dbuser->id, 'localhost');
     // exchange access token
     $options = array();
     $options['verifier'] = $verifier;
     $this->access_token = $store->exchangeConsumerRequestForAccessToken($this->request_token['token'], $options);
     // generate a test token
     $token = webservice_generate_token(EXTERNAL_TOKEN_PERMANENT, $dbservice, $dbuser->id);
     $dbtoken = get_record('external_tokens', 'token', $token);
     $this->testtoken = $dbtoken->token;
     // create an external test user instance
     $dbserviceuser = (object) array('externalserviceid' => $dbservice->id, 'userid' => $dbuser->id, 'institution' => 'mahara', 'ctime' => db_format_timestamp(time()), 'wssigenc' => 0, 'publickeyexpires' => 0);
     $dbserviceuser->id = insert_record('external_services_users', $dbserviceuser, 'id', true);
     // setup test groups
     $groupid = group_create(array('shortname' => 'mytestgroup1', 'name' => 'The test group 1', 'description' => 'a description for test group 1', 'institution' => 'mahara', 'grouptype' => 'standard', 'open' => 1, 'controlled' => 0, 'request' => 0, 'submitpages' => 0, 'hidemembers' => 0, 'invitefriends' => 0, 'suggestfriends' => 0, 'hidden' => 0, 'hidemembersfrommembers' => 0, 'public' => 0, 'usersautoadded' => 0, 'members' => array($dbuser->id => 'admin'), 'viewnotify' => 0));
     // create test institution
     $dbinstitution = get_record('institution', 'name', $this->testinstitution);
     if (empty($dbinstitution)) {
         db_begin();
         $newinstitution = new StdClass();
         $institution = $newinstitution->name = $this->testinstitution;
         $newinstitution->displayname = $institution . ' - display name';
         $newinstitution->authplugin = 'internal';
         $newinstitution->showonlineusers = 1;
         $newinstitution->registerallowed = 0;
         $newinstitution->theme = null;
         $newinstitution->defaultquota = get_config_plugin('artefact', 'file', 'defaultquota');
         $newinstitution->defaultmembershipperiod = null;
         $newinstitution->maxuseraccounts = null;
         $newinstitution->allowinstitutionpublicviews = 1;
         insert_record('institution', $newinstitution);
         $authinstance = (object) array('instancename' => 'internal', 'priority' => 0, 'institution' => $newinstitution->name, 'authname' => 'internal');
         insert_record('auth_instance', $authinstance);
         db_commit();
     }
     //protocols to test
     $this->testrest = false;
     $this->testxmlrpc = false;
     $this->testsoap = false;
     ////// READ-ONLY DB tests ////
     $this->readonlytests = array();
     ////// WRITE DB tests ////
     $this->writetests = array();
     ///// Authentication types ////
     $this->auths = array();
     //performance testing: number of time the web service are run
     $this->iteration = 1;
     // keep track of users created and deleted
     $this->created_users = array();
     // keep track of groups
     $this->created_groups = array();
     //DO NOT CHANGE
     //reset the timers
     $this->timerrest = 0;
     $this->timerxmlrpc = 0;
     $this->timersoap = 0;
 }
Exemple #3
0
/**
 * handle the callback for actions on the user token panel
 *  - generate noew token
 *  - delete token
 *
 * @param Pieform $form
 * @param array $values
 */
function webservices_user_token_submit(Pieform $form, $values)
{
    global $USER, $SESSION;
    if ($values['action'] == 'generate') {
        delete_records('external_tokens', 'userid', $USER->get('id'), 'externalserviceid', $values['service']);
        $services = get_records_select_array('external_services', 'id = ? AND tokenusers = ?', array($values['service'], 1));
        if (empty($services)) {
            $SESSION->add_error_msg(get_string('noservices', 'auth.webservice'));
        } else {
            // just pass the first one for the moment
            $service = array_shift($services);
            $authinstance = get_record('auth_instance', 'id', $USER->get('authinstance'));
            $token = webservice_generate_token(EXTERNAL_TOKEN_USER, $service, $USER->get('id'), $authinstance->institution, time() + EXTERNAL_TOKEN_USER_EXPIRES);
            $SESSION->add_ok_msg(get_string('token_generated', 'auth.webservice'));
        }
    } else {
        if ($values['action'] == 'delete') {
            delete_records('external_tokens', 'userid', $USER->get('id'), 'externalserviceid', $values['service']);
            $SESSION->add_ok_msg(get_string('oauthtokendeleted', 'auth.webservice'));
        }
    }
    redirect('/webservice/apptokens.php');
}
Exemple #4
0
/**
 * Create and return a session linked token. Token to be used for html embedded client apps that want to communicate
 * with the Moodle server through web services. The token is linked to the current session for the current page request.
 * It is expected this will be called in the script generating the html page that is embedding the client app and that the
 * returned token will be somehow passed into the client app being embedded in the page.
 * @param string $servicename name of the web service. Service name as defined in db/services.php
 * @param integer $userid
 * @param string $institution
 * @param integer $validuntil
 * @param string $iprestriction
 * @return int returns token id.
 */
function webservice_create_service_token($servicename, $userid, $institution = 'mahara', $validuntil = 0, $iprestriction = '')
{
    $service = get_record('external_services', 'name', $servicename, '*');
    return webservice_generate_token(EXTERNAL_TOKEN_EMBEDDED, $service, $userid, $institution, $validuntil, $iprestriction);
}