/**
* Test get_autologin_key.
*/
public function test_get_autologin_key()
{
global $USER, $DB;
$this->resetAfterTest(true);
$this->setAdminUser();
// Set server timezone for test.
$this->setTimezone('UTC');
// SEt user to GMT+5.
$USER->timezone = 5;
$timenow = $this->setCurrentTimeStart();
$key = api::get_autologin_key();
$key = $DB->get_record('user_private_key', array('value' => $key), '*', MUST_EXIST);
$this->assertTimeCurrent($key->validuntil - api::LOGIN_KEY_TTL);
$this->assertEquals('0.0.0.0', $key->iprestriction);
}
/**
* Creates an auto-login key for the current user. Is created only in https sites and is restricted by time and ip address.
*
* @param string $privatetoken the user private token for validating the request
* @return array with the settings and warnings
* @since Moodle 3.2
*/
public static function get_autologin_key($privatetoken)
{
global $CFG, $DB, $USER;
$params = self::validate_parameters(self::get_autologin_key_parameters(), array('privatetoken' => $privatetoken));
$privatetoken = $params['privatetoken'];
$context = context_system::instance();
// We must toletare these two exceptions: forcepasswordchangenotice and usernotfullysetup.
try {
self::validate_context($context);
} catch (moodle_exception $e) {
if ($e->errorcode != 'usernotfullysetup' && $e->errorcode != 'forcepasswordchangenotice') {
// In case we receive a different exception, throw it.
throw $e;
}
}
api::check_autologin_prerequisites($USER->id);
if (isset($_GET['privatetoken']) or empty($privatetoken)) {
throw new moodle_exception('invalidprivatetoken', 'tool_mobile');
}
// Check the request counter, we must limit the number of times the privatetoken is sent.
// Between each request 6 minutes are required.
$last = get_user_preferences('tool_mobile_autologin_request_last', 0, $USER);
// Check if we must reset the count.
$timenow = time();
if ($timenow - $last < 6 * MINSECS) {
throw new moodle_exception('autologinkeygenerationlockout', 'tool_mobile');
}
set_user_preference('tool_mobile_autologin_request_last', $timenow, $USER);
// We are expecting a privatetoken linked to the current token being used.
// This WS is only valid when using mobile services via REST (this is intended).
$currenttoken = required_param('wstoken', PARAM_ALPHANUM);
$conditions = array('userid' => $USER->id, 'token' => $currenttoken, 'privatetoken' => $privatetoken);
if (!($token = $DB->get_record('external_tokens', $conditions))) {
throw new moodle_exception('invalidprivatetoken', 'tool_mobile');
}
$result = array();
$result['key'] = api::get_autologin_key();
$autologinurl = new moodle_url("/{$CFG->admin}/tool/mobile/autologin.php");
$result['autologinurl'] = $autologinurl->out(false);
$result['warnings'] = array();
return $result;
}
/**
* Returns a list of site settings, filtering by section.
*
* @param string $section settings section name
* @return array with the settings and warnings
* @since Moodle 3.2
*/
public static function get_config($section = '')
{
$params = self::validate_parameters(self::get_config_parameters(), array('section' => $section));
$settings = api::get_config($params['section']);
$result['settings'] = array();
foreach ($settings as $name => $value) {
$result['settings'][] = array('name' => $name, 'value' => $value);
}
$result['warnings'] = array();
return $result;
}
/**
* Returns a list of the site public settings, those not requiring authentication.
*
* @return array with the settings and warnings
* @since Moodle 3.2
*/
public static function get_site_public_settings()
{
$result = api::get_site_public_settings();
$result['warnings'] = array();
return $result;
}
/**
* Returns a list of Moodle plugins supporting the mobile app.
*
* @return array an array of warnings and objects containing the plugin information
* @since Moodle 3.1
*/
public static function get_plugins_supporting_mobile()
{
return array('plugins' => api::get_plugins_supporting_mobile(), 'warnings' => array());
}
