/**
  * Get user info should fail if is passed an invalid token with secret.
  * It should be allowed to continue othewise.
  *
  * @return void
  */
 public function test_get_user_info_invalid_token()
 {
     $callback = 'block_mhaairs_utilservice_external::get_user_info';
     $this->set_user('admin');
     $secret = 'DF4#R66';
     $userid = $this->student1->username;
     $equal = true;
     // SECRET NOT CONFIGURED.
     // Invalid token missing userid.
     // Should fail with or without a correct secret.
     $this->assert_invalid_token('time=' . MHUtil::get_time_stamp());
     $this->assert_invalid_token('time=' . MHUtil::get_time_stamp(), $secret);
     // Invalid token with userid.
     // Should NOT fail with or without secret.
     $this->assert_invalid_token("userid={$userid}", null, !$equal);
     $this->assert_invalid_token("userid={$userid}", $secret, !$equal);
     // SECRET CONFIGURED.
     set_config('block_mhaairs_shared_secret', $secret);
     // Invalid token missing userid.
     // Should fail with or without a correct secret.
     $this->assert_invalid_token('time=' . MHUtil::get_time_stamp());
     $this->assert_invalid_token('time=' . MHUtil::get_time_stamp(), $secret);
     // Invalid token with userid.
     // Should fail with or without a correct secret.
     $this->assert_invalid_token("userid={$userid}", null, $equal);
     $this->assert_invalid_token("userid={$userid}", $secret, $equal);
     // Valid token, incorrect secret.
     $this->assert_invalid_token(MHUtil::create_token($userid), $secret . '7', $equal);
 }
}
$token = optional_param('token', 'test', PARAM_ALPHANUM);
$action = optional_param('action', null, PARAM_ALPHA);
$username = optional_param('username', null, PARAM_USERNAME);
$userid = optional_param('userid', null, PARAM_INT);
$password = optional_param('password', null, PARAM_TEXT);
$identitytype = optional_param('identitytype', null, PARAM_TEXT);
if (empty($secure) and !empty($CFG->block_mhaairs_sslonly)) {
    echo 'Connection must be secured with SSL';
    return;
}
$secret = !empty($CFG->block_mhaairs_shared_secret) ? $CFG->block_mhaairs_shared_secret : '';
$result = null;
switch ($action) {
    case "test":
        $result = "OK";
        break;
    case "ValidateLogin":
        $result = MHUtil::validate_login($token, $secret, $username, $password);
        break;
    case "GetUserInfo":
        $result = MHUtil::get_user_info($token, $secret, $identitytype);
        break;
    case "GetServerTime":
        $result = MHUtil::get_time_stamp();
        break;
    default:
        break;
}
header('Content-Type: application/json; charset=utf-8');
echo json_encode($result);
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
require_once '../../config.php';
global $CFG;
require_once $CFG->libdir . '/accesslib.php';
require_once $CFG->libdir . '/datalib.php';
require_once $CFG->libdir . '/moodlelib.php';
require_once $CFG->dirroot . '/blocks/mhaairs/block_mhaairs_util.php';
global $CFG, $COURSE, $USER, $_SERVER;
$blockrequestbase = "/blocks/mhaairs/";
$testuserid = "moodleinstructor";
$testcourseid = "testcourse123";
$testtimestamp = MHUtil::get_time_stamp();
echo "<p>time stamp:<b>" . $testtimestamp . "</b></p>";
echo "<p>test user id:<b>" . $testuserid . "</b></p>";
echo "<p>test course id:<b>" . $testcourseid . "</b></p>";
$customer = $CFG->block_mhaairs_customer_number;
$sharedsecret = $CFG->block_mhaairs_sharedsecret;
$base = $CFG->block_mhaairs_base_address;
$requesttoken = MHUtil::create_token($testuserid);
$encodedrequesttoken = MHUtil::encode_token2($requesttoken, $sharedsecret);
echo "<p>the token is valid:<b>" . (MHUtil::is_token_valid($encodedrequesttoken, $sharedsecret) ? "true" : "false") . "</b></p>";
$getuserinfourl = $blockrequestbase . "block_mhaairs_action.php?action=GetUserInfo&token=" . $encodedrequesttoken;
"<p>encoded request token:<b>" . $encodedrequesttoken . "</b></p>";
echo "<a href='" . $getuserinfourl . "' target='blank'>get user info</a>";