//check that the current user is the token user $webservice = new webservice(); $token = $webservice->get_token_by_id($tokenid); if (empty($token) or empty($token->userid) or empty($USER->id) or $token->userid != $USER->id) { throw new moodle_exception('docaccessrefused', 'webservice'); } // get the list of all functions related to the token $functions = $webservice->get_external_functions(array($token->externalserviceid)); // get all the function descriptions $functiondescs = array(); foreach ($functions as $function) { $functiondescs[$function->name] = external_function_info($function); } //get activated protocol $activatedprotocol = array(); $activatedprotocol['rest'] = webservice_protocol_is_enabled('rest'); $activatedprotocol['xmlrpc'] = webservice_protocol_is_enabled('xmlrpc'); /// Check if we are in printable mode $printableformat = false; if (isset($_REQUEST['print'])) { $printableformat = $_REQUEST['print']; } /// OUTPUT echo $OUTPUT->header(); $renderer = $PAGE->get_renderer('core', 'webservice'); echo $renderer->documentation_html($functiondescs, $printableformat, $activatedprotocol, array('id' => $tokenid)); /// trigger browser print operation if (!empty($printableformat)) { $PAGE->requires->js_function_call('window.print', array()); } echo $OUTPUT->footer();
// // Moodle is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Moodle is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Moodle. If not, see <http://www.gnu.org/licenses/>. /** * XML-RPC web service entry point. The authentication is done via tokens. * * @package webservice * @copyright 2009 Moodle Pty Ltd (http://moodle.com) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ // disable moodle specific debug messages and any errors in output define('NO_DEBUG_DISPLAY', true); define('NO_MOODLE_COOKIES', true); require '../../config.php'; require_once "{$CFG->dirroot}/webservice/xmlrpc/locallib.php"; if (!webservice_protocol_is_enabled('xmlrpc')) { die; } $server = new webservice_xmlrpc_server(WEBSERVICE_AUTHMETHOD_PERMANENT_TOKEN); $server->run(); die;
/** * REST web service entry point. The authentication is done via tokens. * * @package webservice * @copyright 2009 Moodle Pty Ltd (http://moodle.com) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ // disable moodle specific debug messages and any errors in output define('NO_DEBUG_DISPLAY', true); define('NO_MOODLE_COOKIES', true); require('../../config.php'); require_once("$CFG->dirroot/webservice/rest/locallib.php"); if (!webservice_protocol_is_enabled('rest')) { die; } $restformat = optional_param('moodlewsrestformat', 'xml', PARAM_ALPHA); //remove the alt from the request if (isset($_REQUEST['moodlewsrestformat'])) { unset($_REQUEST['moodlewsrestformat']); } if (isset($_GET['moodlewsrestformat'])) { unset($_GET['moodlewsrestformat']); } if (isset($_POST['moodlewsrestformat'])) { unset($_POST['moodlewsrestformat']); }
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ define('INTERNAL', 1); define('PUBLIC', 1); define('XMLRPC', 1); define('TITLE', ''); global $SESSION, $USER; // Catch anything that goes wrong in init.php ob_start(); require dirname(dirname(__FILE__)) . '/init.php'; $errors = trim(ob_get_contents()); ob_end_clean(); require_once dirname(__FILE__) . '/lib.php'; if (!webservice_protocol_is_enabled('oauth')) { header("HTTP/1.0 404 Not Found"); die; } // you must use HTTPS as token based auth is a hazzard without it if (!is_https()) { header("HTTP/1.0 403 Forbidden - HTTPS must be used"); die; } /* * Always announce XRDS OAuth discovery */ header('X-XRDS-Location: ' . get_config('wwwroot') . 'webservice/oauthv1/services.xrds'); /* * Initialize OAuth store */
// // Moodle is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Moodle. If not, see <http://www.gnu.org/licenses/>. /** * SOAP web service entry point. The authentication is done via tokens. * * @package webservice_soap * @copyright 2009 Jerome Mouneyrac * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ /** * NO_DEBUG_DISPLAY - disable moodle specific debug messages and any errors in output */ define('NO_DEBUG_DISPLAY', true); /** * NO_MOODLE_COOKIES - no cookies with web service */ define('NO_MOODLE_COOKIES', true); require '../../config.php'; require_once "{$CFG->dirroot}/webservice/soap/locallib.php"; if (!webservice_protocol_is_enabled('soap')) { die; } $server = new webservice_soap_server(WEBSERVICE_AUTHMETHOD_PERMANENT_TOKEN); $server->run(); die;
* AMF web service entry point. The authentication is done via tokens. * * @package webservice_amf * @copyright 2009 Jerome Mouneyrac * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ /** * NO_DEBUG_DISPLAY - disable moodle specific debug messages and any errors in output */ define('NO_DEBUG_DISPLAY', true); /** * NO_MOODLE_COOKIES - no cookies with web service */ define('NO_MOODLE_COOKIES', true); require('../../config.php'); require_once("$CFG->dirroot/webservice/amf/locallib.php"); if (!webservice_protocol_is_enabled('amf')) { debugging('The server died because the web services or the AMF protocol are not enable', DEBUG_DEVELOPER); die; } $server = new webservice_amf_server(WEBSERVICE_AUTHMETHOD_PERMANENT_TOKEN); $server->run(); die;
// // Moodle is free software: you can redistribute it and/or modify // it under the terms of the GNU General Public License as published by // the Free Software Foundation, either version 3 of the License, or // (at your option) any later version. // // Moodle is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // // You should have received a copy of the GNU General Public License // along with Moodle. If not, see <http://www.gnu.org/licenses/>. /** * Hub XML-RPC web service entry point. The authentication is done via hub tokens (hidden). * * @package localhub * @copyright 2009 Moodle Pty Ltd (http://moodle.com) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ // disable moodle specific debug messages and any errors in output define('NO_DEBUG_DISPLAY', true); define('NO_MOODLE_COOKIES', true); require '../../../config.php'; require_once $CFG->dirroot . "/local/hub/webservice/locallib.php"; if (!webservice_protocol_is_enabled('xmlrpc') and !get_config('local_hub', 'hubenabled')) { die; } $server = new hub_webservice_xmlrpc_server(WEBSERVICE_AUTHMETHOD_PERMANENT_TOKEN); $server->run(); die;
$dialog = param_integer('dialog', 0); $dbfunction = get_record('external_functions', 'id', $function); if (empty($dbfunction)) { $SESSION->add_error_msg(get_string('invalidfunction', 'auth.webservice')); redirect('/webservice/admin/index.php'); } $fdesc = webservice_function_info($dbfunction->name); $smarty = smarty(array(), array('<link rel="stylesheet" type="text/css" href="' . $THEME->get_url('style/webservice.css', false, 'auth/webservice') . '">')); safe_require('auth', 'webservice'); PluginAuthWebservice::menu_items($smarty, 'webservice'); $smarty->assign('function', $dbfunction); $smarty->assign('functiondescription', $fdesc->description); $smarty->assign('fdesc', $fdesc); $smarty->assign('xmlrpcactive', webservice_protocol_is_enabled('xmlrpc')); $smarty->assign('restactive', webservice_protocol_is_enabled('rest')); $smarty->assign('soapactive', webservice_protocol_is_enabled('soap')); $heading = get_string('wsdoc', 'auth.webservice'); $smarty->assign('PAGEHEADING', $heading); $smarty->assign('dialog', $dialog); $smarty->display('auth:webservice:wsdoc.tpl'); die; /** * Return documentation for a ws description object * ws description object can be 'external_multiple_structure', 'external_single_structure' * or 'external_value' * Example of documentation for moodle_group_create_groups function: list of ( object { courseid int //id of course name string //multilang compatible name, course unique description string //group description text
/** * This method parses the $_REQUEST superglobal and looks for * the following information: * 1/ user authentication - username+password or token (wsusername, wspassword and wstoken parameters) * 2/ function name (wsfunction parameter) * 3/ function parameters (all other parameters except those above) * * @return void */ protected function parse_request() { // determine the request/response format if (isset($_REQUEST['alt']) && trim($_REQUEST['alt']) == 'json' || isset($_GET['alt']) && trim($_GET['alt']) == 'json' || isset($_SERVER['HTTP_ACCEPT']) && $_SERVER['HTTP_ACCEPT'] == 'application/json' || isset($_SERVER['HTTP_ACCEPT']) && $_SERVER['HTTP_ACCEPT'] == 'application/jsonrequest' || isset($_SERVER['CONTENT_TYPE']) && $_SERVER['CONTENT_TYPE'] == 'application/json' || isset($_SERVER['CONTENT_TYPE']) && $_SERVER['CONTENT_TYPE'] == 'application/jsonrequest') { $this->format = 'json'; } else { if (isset($_REQUEST['alt']) && trim($_REQUEST['alt']) == 'atom' || isset($_GET['alt']) && trim($_GET['alt']) == 'atom' || isset($_SERVER['HTTP_ACCEPT']) && $_SERVER['HTTP_ACCEPT'] == 'application/atom+xml' || $_SERVER['CONTENT_TYPE'] == 'application/atom+xml') { $this->format = 'atom'; } else { $this->format = 'xml'; } } unset($_REQUEST['alt']); $this->parameters = $_REQUEST; // if we should have one - setup the OAuth server handler if (webservice_protocol_is_enabled('oauth')) { OAuthStore::instance('Mahara'); $this->oauth_server = new OAuthServer(); $oauth_token = null; $headers = OAuthRequestLogger::getAllHeaders(); try { $oauth_token = $this->oauth_server->verifyExtended(); } catch (OAuthException2 $e) { // let all others fail if (isset($_REQUEST['oauth_token']) || preg_grep('/oauth/', array_values($headers))) { $this->auth = 'OAUTH'; throw $e; } } if ($oauth_token) { $this->authmethod = WEBSERVICE_AUTHMETHOD_OAUTH_TOKEN; $token = $this->oauth_server->getParam('oauth_token'); $store = OAuthStore::instance(); $secrets = $store->getSecretsForVerify($oauth_token['consumer_key'], $this->oauth_server->urldecode($token), 'access'); $this->oauth_token_details = $secrets; // the content type might be different for the OAuth client if (isset($headers['Content-Type']) && $headers['Content-Type'] == 'application/octet-stream' && $this->format != 'json') { $body = file_get_contents('php://input'); parse_str($body, $parameters); $this->parameters = array_merge($this->parameters, $parameters); } } } // make sure oauth parameters are gone foreach (array('oauth_nonce', 'oauth_timestamp', 'oauth_consumer_key', 'oauth_signature_method', 'oauth_version', 'oauth_token', 'oauth_signature') as $param) { if (isset($this->parameters[$param])) { unset($this->parameters[$param]); } } // merge parameters from JSON request body if there is one if ($this->format == 'json') { // get request body $values = (array) json_decode(@file_get_contents('php://input'), true); if (!empty($values)) { $this->parameters = array_merge($this->parameters, $values); } } if ($this->authmethod == WEBSERVICE_AUTHMETHOD_USERNAME) { $this->username = isset($this->parameters['wsusername']) ? trim($this->parameters['wsusername']) : null; unset($this->parameters['wsusername']); $this->password = isset($this->parameters['wspassword']) ? trim($this->parameters['wspassword']) : null; unset($this->parameters['wspassword']); } else { if ($this->authmethod == WEBSERVICE_AUTHMETHOD_PERMANENT_TOKEN) { // is some other form of token - what kind is it? $this->token = isset($this->parameters['wstoken']) ? trim($this->parameters['wstoken']) : null; unset($this->parameters['wstoken']); } } $this->functionname = isset($this->parameters['wsfunction']) ? trim($this->parameters['wsfunction']) : null; unset($this->parameters['wsfunction']); }