/**
* Initiate an OIDC authorization request.
*
* @param bool $uselogin Whether to switch the user's Moodle login method to OpenID Connect upon successful authorization.
*/
protected function doauthrequest($uselogin)
{
global $CFG, $SESSION, $DB, $USER;
require_once $CFG->dirroot . '/auth/oidc/auth.php';
$stateparams = ['redirect' => '/local/o365/ucp.php'];
$extraparams = [];
$promptlogin = false;
$o365connected = \local_o365\utils::is_o365_connected($USER->id);
if ($o365connected === true) {
// User is already connected.
redirect('/local/o365/ucp.php');
}
$connection = $DB->get_record('local_o365_connections', ['muserid' => $USER->id]);
if (!empty($connection)) {
// Matched user.
$extraparams['login_hint'] = $connection->aadupn;
$promptlogin = true;
}
$auth = new \auth_oidc\loginflow\authcode();
$auth->set_httpclient(new \auth_oidc\httpclient());
if ($uselogin !== true) {
$SESSION->auth_oidc_connectiononly = true;
$stateparams['connectiononly'] = true;
}
$auth->initiateauthrequest($promptlogin, $stateparams, $extraparams);
}
<?php
/**
*
* @package mahara
* @subpackage auth-oidc
* @author James McQuillan <*****@*****.**>
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @copyright (C) 2015 onwards Microsoft Open Technologies, Inc. (http://msopentech.com/)
*/
define('INTERNAL', 1);
define('PUBLIC', 1);
global $CFG, $USER, $SESSION;
require dirname(dirname(dirname(__FILE__))) . '/init.php';
require_once __DIR__ . '/autoload.php';
require_once __DIR__ . '/lib.php';
require_once get_config('libroot') . 'institution.php';
$auth = new \auth_oidc\loginflow\authcode();
$auth->set_httpclient(new \auth_oidc\httpclient());
$auth->handleredirect();
/**
* Connect to o365 without switching user's login method.
*/
public function mode_connecttoken()
{
global $CFG, $SESSION;
require_once $CFG->dirroot . '/auth/oidc/auth.php';
$auth = new \auth_oidc\loginflow\authcode();
$auth->set_httpclient(new \auth_oidc\httpclient());
$SESSION->auth_oidc_connectiononly = true;
$auth->initiateauthrequest(false, ['redirect' => '/local/o365/ucp.php']);
}
*/
require_once __DIR__ . '/../../config.php';
require_once __DIR__ . '/auth.php';
require_login();
require_capability('auth/oidc:manageconnection', \context_user::instance($USER->id), $USER->id);
$action = optional_param('action', null, PARAM_TEXT);
$oidctoken = $DB->get_record('auth_oidc_token', ['username' => $USER->username]);
$oidcconnected = !empty($oidctoken) ? true : false;
$oidcloginconnected = $USER->auth === 'oidc' ? true : false;
if (!empty($action)) {
if ($action === 'connectlogin' && $oidcloginconnected === false) {
// Use authorization request login flow to connect existing users.
if (!is_enabled_auth('oidc')) {
throw new \moodle_exception('erroroidcnotenabled', 'auth_oidc');
}
$auth = new \auth_oidc\loginflow\authcode();
$auth->set_httpclient(new \auth_oidc\httpclient());
$auth->initiateauthrequest();
} else {
if ($action === 'disconnectlogin' && $oidcloginconnected === true) {
if (is_enabled_auth('manual') === true) {
$auth = new \auth_plugin_oidc();
$auth->set_httpclient(new \auth_oidc\httpclient());
$auth->disconnect();
}
} else {
throw new \moodle_exception('errorucpinvalidaction', 'auth_oidc');
}
}
} else {
$PAGE->set_url('/auth/oidc/ucp.php');
