Esempio n. 1
0
 /**
  * Function to enable SSO (it runs before user_login() is called)
  * If a valid Drupal session is not found, the user will be forced to the
  * login page where some other plugin will have to authenticate the user
  *
  * @return int return FALSE
  */
 function loginpage_hook()
 {
     global $CFG, $USER, $SESSION, $DB;
     // Check if we have a Drupal session.
     $drupalsession = $this->get_drupal_session();
     if ($drupalsession == null) {
         debugging("No drupal session detected, sending to drupal for login.", DEBUG_DEVELOPER);
         // redirect to drupal login page with destination
         if (isset($SESSION->wantsurl) and strpos($SESSION->wantsurl, $CFG->wwwroot) == 0) {
             // the URL is set and within Moodle's environment
             $urltogo = $SESSION->wantsurl;
             unset($SESSION->wantsurl);
             $path = ltrim(parse_url($urltogo, PHP_URL_PATH), '/');
             $args = parse_url($urltogo, PHP_URL_QUERY);
             if ($args) {
                 $args = '?' . $args;
             }
             // FIX so not hard coded.
             redirect($this->config->host_uri . "/user/login?moodle_url=true&destination=" . $path . $args);
         }
         return;
         // just send user to login page
     }
     // Verify the authenticity of the Drupal session ID
     // Create JSON cookie used to connect to drupal services.
     // So we connect to system/connect and we should get a valid drupal user.
     $apiObj = new RemoteAPI($this->config->host_uri, 1, $drupalsession);
     // Connect to Drupal with this session
     $ret = $apiObj->Connect();
     if (is_null($ret)) {
         //should we just return?
         if (isloggedin() && !isguestuser()) {
             // the user is logged-off of Drupal but still logged-in on Moodle
             // so we must now log-off the user from Moodle...
             require_logout();
         }
         return;
     }
     debugging("<pre>Live session detected the user returned is\r\n" . print_r($ret, true) . "</pre>", DEBUG_DEVELOPER);
     $uid = $ret->user->uid;
     if ($uid < 1) {
         //No anon
         return;
     }
     // The Drupal session is valid; now check if Moodle is logged in...
     if (isloggedin() && !isguestuser()) {
         return;
     }
     $drupaluser = $apiObj->Index("user/{$uid}");
     debugging("<pre>The full user data about this user is:\r\n" . print_r($drupaluser, true) . "</pre>", DEBUG_DEVELOPER);
     //create/update looks up the user and writes updated information to the DB
     $this->create_update_user($drupaluser);
     $user = get_complete_user_data('idnumber', $uid);
     debugging("<pre>the user that should have been created or updated is:\r\n" . print_r($user, true) . "</pre>", DEBUG_DEVELOPER);
     // Complete the login
     complete_user_login($user);
     // redirect
     if (isset($SESSION->wantsurl) and strpos($SESSION->wantsurl, $CFG->wwwroot) == 0) {
         // the URL is set and within Moodle's environment
         $urltogo = $SESSION->wantsurl;
         unset($SESSION->wantsurl);
     } else {
         // no wantsurl stored or external link. Go to homepage.
         $urltogo = $CFG->wwwroot . '/';
         unset($SESSION->wantsurl);
     }
     redirect($urltogo);
 }
        $config->cookiedomain = $remote_settings->cookiedomain;
    }
    if ($configempty) {
        set_config('cookiedomain', $config->cookiedomain, 'auth_drupalservices');
    }
} else {
    //TODO: This should get converted into a proper message.
    debugging("The moodlesso service is unreachable. Please verify that you have the Mooodle SSO drupal module installed and enabled: http://drupal.org/project/moodle_sso ", DEBUG_DEVELOPER);
}
$fulluser_keys = array();
if ($config->cookiedomain) {
    $drupalsession = $drupalauth->get_drupal_session($config);
    //now that the cookie domain is discovered, try to reach out to the endpoint to test SSO
    $apiObj = new RemoteAPI($config->host_uri, 1, $drupalsession);
    // Connect to Drupal with this session
    if ($loggedin_user = $apiObj->Connect()) {
        if ($loggedin_user->user->uid !== false) {
            debugging("<pre>Service were reached, here's the logged in user:"******"</pre>", DEBUG_DEVELOPER);
            $endpoint_reachable = true;
            $tests['session'] = array('success' => true, 'message' => "system/connect: User session data reachable and you are logged in!");
        } else {
            $tests['session'] = array('success' => false, 'message' => "system/connect: User session data reachable but you aren't logged in!");
        }
        //this data should be cached - its possible that a non-admin user
        $fulluser = (array) $apiObj->Index("user/" . $loggedin_user->user->uid);
        debugging("<pre>here's the complete user:"******"</pre>", DEBUG_DEVELOPER);
        // turn the fulluser fields into key/value options
        $fulluser_keys = array_combine(array_keys($fulluser), array_keys($fulluser));
    } else {
        debugging("could not reach the logged in user " . print_r($loggedin_user, true), DEBUG_DEVELOPER);
        $tests['session'] = array('success' => false, 'message' => "system/connect: User session data unreachable. Ensure that the server is reachable");