/** * Post authentication hook. * This method is called from authenticate_user_login() for all enabled auth plugins. * * @param object $user user object, later used for $USER * @param string $username (with system magic quotes) * @param string $password plain text password (with system magic quotes) */ function user_authenticated_hook(&$user, $username, $password) { global $SESSION; global $CFG; global $DB; $record = $DB->get_record('block_gdata_gapps', array('userid' => $user->id)); if (empty($record) || !empty($record->remove)) { return true; } // Shouldn't need due to Gmail using OAuth // // TODO: IMPORTANT user_auth hook gets called for all plugins so // setting user to gsaml auth may override all moodle user auth plugins. // auth_gsaml still needs to run the update password code somehow. // if there was another way to test for it.... as compare if password is diff // and then set the google user to the new password. :/ // Verify that user has a google account. If not create one for them. if (!file_exists($CFG->dirroot . '/blocks/gdata/gapps.php')) { debugging('gdata block is not installed'); } else { require_once $CFG->dirroot . '/blocks/gdata/gapps.php'; try { $g = new blocks_gdata_gapps(); try { $g_user = $g->gapps_get_user($username); if (empty($g_user)) { /* * MOODLE must enforce the above minium 6 char passwords! * http://www.google.com/support/a/bin/answer.py?answer=33386 */ // Create Moodle User in the Gsync system $g->moodle_create_user($user); // Create google user $m_user = $g->moodle_get_user($user->id); $g->create_user($m_user); } } catch (blocks_gdata_exception $e) { // TODO: catch and inform of this common error //if (stripos($e->getMessage(),'Error 1100: UserDeletedRecently') ) { // notice('Error 1100: UserDeletedRecently.<br/> Google does not allow a user to be created after deletion until at least 5 days have passed.'); //} if (method_exists($e, 'getErrors')) { $errors = $e->getErrors(); foreach ($errors as $errorcode => $error) { debugging("Error({$errorcode}): {$error}", DEBUG_NORMAL, true); } } else { debugging($e, DEBUG_DEVELOPER); } } } catch (blocks_gdata_exception $e) { //'Authentication with Google Apps failed. Please check your credentials. ->getMessage() ? // if Authentication with Google Apps failed. Please check your credentials. // print $e->getMessage(); // TODO: catch and inform of this Error debugging($e, DEBUG_DEVELOPER); } } // We are Succesfully logged in and we have a SAML Request // So we want to process the rest of the log in and redirect // to the Service that the SAML Request is asking for. // // All this code essentialy makes up for the fact that // we have to exit the login page prematurely. if (isset($SESSION->samlrequest)) { $SESSION->samlrequest = false; if (!($user = $DB->get_record('user', array('username' => $username, 'mnethostid' => $CFG->mnet_localhost_id)))) { // User could not be logged in error(get_string('errusernotloggedin', 'auth_gsaml')); } if (!validate_internal_user_password($user, $password)) { // Password not valid error(get_string('pwdnotvalid', 'auth_gsaml')); } // Added to fix navigation $navlinks = array(array('name' => 'test', 'link' => null, 'type' => 'misc')); $navigation = build_navigation($navlinks); update_login_count(); if ($user) { // language setup if ($user->username == 'guest') { // no predefined language for guests - use existing session or default site lang unset($user->lang); } else { if (!empty($user->lang)) { // unset previous session language - use user preference instead unset($SESSION->lang); } } if (empty($user->confirmed)) { // This account was never confirmed print_header(get_string("mustconfirm"), get_string("mustconfirm")); print_heading(get_string("mustconfirm")); print_simple_box(get_string("emailconfirmsent", "", $user->email), "center"); print_footer(); die; } // TODO : Fix this bug frm isn't on this page here if (isset($frm)) { // if isset placed here for now if ($frm->password == 'changeme') { //force the change set_user_preference('auth_forcepasswordchange', true, $user->id); } } // end of if issuet /// Let's get them all set up. add_to_log(SITEID, 'user', 'login', "view.php?id={$USER->id}&course=" . SITEID, $user->id, 0, $user->id); $USER = complete_user_login($user); /// Prepare redirection if (user_not_fully_set_up($USER)) { $urltogo = $CFG->wwwroot . '/user/edit.php'; // We don't delete $SESSION->wantsurl yet, so we get there later } else { if (isset($SESSION->wantsurl) and strpos($SESSION->wantsurl, $CFG->wwwroot) === 0) { $urltogo = $SESSION->wantsurl; /// Because it's an address in this site unset($SESSION->wantsurl); } else { // no wantsurl stored or external - go to homepage $urltogo = $CFG->wwwroot . '/'; unset($SESSION->wantsurl); } } /// Go to my-moodle page instead of homepage if mymoodleredirect enabled if (!has_capability('moodle/site:config', get_context_instance(CONTEXT_SYSTEM)) and !empty($CFG->mymoodleredirect) and !isguest()) { if ($urltogo == $CFG->wwwroot or $urltogo == $CFG->wwwroot . '/' or $urltogo == $CFG->wwwroot . '/index.php') { $urltogo = $CFG->wwwroot . '/my/'; } } /// check if user password has expired /// Currently supported only for ldap-authentication module $userauth = get_auth_plugin($USER->auth); if (!empty($userauth->config->expiration) and $userauth->config->expiration == 1) { if ($userauth->can_change_password()) { $passwordchangeurl = $userauth->change_password_url(); } else { $passwordchangeurl = $CFG->httpswwwroot . '/login/change_password.php'; } $days2expire = $userauth->password_expire($USER->username); if (intval($days2expire) > 0 && intval($days2expire) < intval($userauth->config->expiration_warning)) { print_header("{$site->fullname}: {$loginsite}", "{$site->fullname}", $navigation, '', '', true, "<div class=\"langmenu\">{$langmenu}</div>"); notice_yesno(get_string('auth_passwordwillexpire', 'auth', $days2expire), $passwordchangeurl, $urltogo); print_footer(); exit; } elseif (intval($days2expire) < 0) { print_header("{$site->fullname}: {$loginsite}", "{$site->fullname}", $navigation, '', '', true, "<div class=\"langmenu\">{$langmenu}</div>"); notice_yesno(get_string('auth_passwordisexpired', 'auth'), $passwordchangeurl, $urltogo); print_footer(); exit; } } reset_login_count(); // END of the regular Moodle Login Procedures // Process the SAML Request and redirect to the Service // it is asking for. // This function should never return unless there's an error. if (!gsaml_send_auth_response($SESSION->samlrequestdata)) { // SAML code failed turn debugging on error(get_string('samlcodefailed', 'auth_gsaml')); } } else { if (empty($errormsg)) { $errormsg = get_string("invalidlogin"); $errorcode = 3; } // TODO: if the user failed to authenticate, check if the username corresponds to a remote mnet user if (!empty($CFG->mnet_dispatcher_mode) && $CFG->mnet_dispatcher_mode === 'strict' && is_enabled_auth('mnet')) { $errormsg .= get_string('loginlinkmnetuser', 'mnet', "mnet_email.php?u={$frm->username}"); } } } // else if NO SAML request is made we don't do anything but log in normally }
/** * Events API Hook for event 'user_created' * * The user is created in Google Apps when * the admin creates an user in Moodle * * @param object $user Moodle user record object * @return boolean **/ public static function user_created_event($user) { $file = "/tmp/testerio.txt"; file_put_contents($file, "Testing"); echo "TESTING"; try { $gapps = new blocks_gdata_gapps(); $gapps->create_user($user, $checkexists = true); return true; } catch (blocks_gdata_exception $e) { return false; } }
* @author Mark Nielsen * @version $Id$ * @package block_gdata **/ // Only accept POST requests if ($_SERVER['REQUEST_METHOD'] == 'POST' || true) { $nomoodlecookie = true; require '../../config.php'; require_once $CFG->dirroot . '/blocks/gdata/gapps.php'; $response = array('counts' => array('errors' => 1), 'message' => ''); if ($userid = optional_param('userid', 0, PARAM_INT)) { try { // Want to capture output so we // can return it properly ob_start(); $gapps = new blocks_gdata_gapps(); $moodleuser = $gapps->moodle_get_user($userid); $gapps->sync_moodle_user_to_gapps($moodleuser); $output = ob_get_contents(); $output = trim($output); ob_end_clean(); if (!empty($output)) { $response['message'] = $output; } $response['counts'] = $gapps->counts; } catch (blocks_gdata_exception $e) { $response['message'] = $e->getMessage(); } catch (Zend_Exception $e) { // Catch Zend_Exception just in case it happens $response['message'] = $e->getMessage(); }
/** * Addusers hook - processes the * submit from addusers_display() * * @return void **/ function addusers_process() { global $CFG; global $DB; require_once $CFG->dirroot . '/blocks/gdata/gapps.php'; $userids = optional_param('userids', '', PARAM_RAW); $allusers = optional_param('allusers', '', PARAM_RAW); $users = optional_param('users', '', PARAM_RAW); if ($userids = optional_param('userids', 0, PARAM_INT) or optional_param('allusers', '', PARAM_RAW)) { if (!confirm_sesskey()) { throw new blocks_gdata_exception('confirmsesskeybad', 'error'); } $gapps = new blocks_gdata_gapps(false); if (optional_param('allusers', '', PARAM_RAW)) { list($select, $from, $where) = $this->get_sql('addusers'); // Bulk processing if ($rs = $DB->get_recordset_sql("{$select} {$from} {$where}")) { foreach ($rs as $user) { $gapps->moodle_create_user($user); } $rs->close(); } else { throw new blocks_gdata_exception('invalidparameter'); } } else { // Process user IDs foreach ($userids as $userid) { if ($user = $DB->get_record('user', array('id' => $userid), 'id, username, password')) { $gapps->moodle_create_user($user); } else { throw new blocks_gdata_exception('invalidparameter'); } } } redirect($CFG->wwwroot . '/blocks/gdata/index.php?hook=addusers'); } }
/** * Event handler: processes all events * * @param string $event Name of the event * @param mixed $eventdata Data passed to the event * @return boolean **/ private static function event_handler($event, $eventdata) { // Check first to see if events are allowed if (get_config('blocks/gdata', 'allowevents')) { switch ($event) { case 'user_deleted': case 'user_updated': case 'password_changed': try { $gapps = new blocks_gdata_gapps(); $moodleuser = $gapps->moodle_get_user($eventdata->id); $gappsuser = $gapps->gapps_get_user($moodleuser->oldusername); $gapps->sync_moodle_user_to_gapps($moodleuser, $gappsuser, false); } catch (blocks_gdata_exception $e) { // Do nothing on errors } break; } } return true; }