/** * Attempt to authenticate the current request based on request params and basic auth * @param iclicker_controller $cntlr the controller instance * @throws ClickerSecurityException if authentication is impossible given the request values * @throws ClickerSSLRequiredException if the auth request is bad (requires SSL but SSL not used) */ function iclicker_handle_authn($cntlr) { global $CFG; // extract the authn params $auth_username = optional_param(iclicker_controller::LOGIN, NULL, PARAM_NOTAGS); $auth_password = optional_param(iclicker_controller::PASSWORD, NULL, PARAM_NOTAGS); if (empty($auth_username) && isset($_SERVER['PHP_AUTH_USER'])) { // no username found in normal params so try to get basic auth $auth_username = $_SERVER['PHP_AUTH_USER']; $auth_password = $_SERVER['PHP_AUTH_PW']; if (empty($auth_username)) { // attempt to get it from the header as a final try list($auth_username, $auth_password) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); } } if (iclicker_service::$block_iclicker_sso_enabled && !empty($auth_password)) { // when SSO is enabled and the password is set it means this is not actually a user password so we can proceed without requiring SSL } else { // this is a user password so https must be used if the loginhttps option is enabled $ssl_request = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443; $ssl_required = isset($CFG->forcehttps) && $CFG->forcehttps == true || isset($CFG->loginhttps) && $CFG->loginhttps == true; if ($ssl_required && !$ssl_request) { throw new ClickerSSLRequiredException('SSL is required when performing a user login (and sending user passwords)'); } } //$session_id = optional_param(iclicker_controller::SESSION_ID, NULL, PARAM_NOTAGS); if (!empty($auth_username)) { $sso_key = optional_param(iclicker_controller::SSO_KEY, NULL, PARAM_NOTAGS); iclicker_service::authenticate_user($auth_username, $auth_password, $sso_key); // throws exception if fails //} else if ($session_id) { // $valid = FALSE; // validate the session key // if (! $valid) { // throw new SecurityException("Invalid "+iclicker_controller::SESSION_ID+" provided, session may have expired, send new login credentials"); // } } $current_user_id = iclicker_service::get_current_user_id(); if (isset($current_user_id)) { $cntlr->setHeader(iclicker_controller::SESSION_ID, sesskey()); $cntlr->setHeader('_userId', $current_user_id); } }
public function processInstructorSSO() { $this->results['instPath'] = iclicker_service::block_url('instructor.php'); // admin/instructor check if (!iclicker_service::is_admin() && !iclicker_service::is_instructor()) { throw new ClickerSecurityException("Current user is not an instructor and cannot access the instructor view"); } $this->results['sso_enabled'] = iclicker_service::$block_iclicker_sso_enabled; $current_user_id = iclicker_service::get_current_user_id(); if (iclicker_service::$block_iclicker_sso_enabled) { $current_user_key = null; if ('POST' == $this->method) { if (optional_param('generateKey', false, PARAM_ALPHANUM) != null) { // handle generating a new key $current_user_key = iclicker_service::makeUserKey($current_user_id, true); $this->addMessage(self::KEY_INFO, 'inst.sso.generated.new.key', null); } } if ($current_user_key == null) { $current_user_key = iclicker_service::makeUserKey($current_user_id, false); } $this->results['sso_user_key'] = $current_user_key; } //$current_user_key = iclicker_service::makeUserKey($current_user_id); //$this->results['sso_user_key'] = $current_user_key; }
/** * Determines the content to display in a block * * Blocks use two properties of $this->content: "text" and "footer". * The text is displayed as-is as the block content, and the footer is displayed below the content in a smaller font size. * * List blocks use $this->content->footer in the exact same way, * but they ignore $this->content->text. * Moodle expects such blocks to set two other properties when the get_content() method is called: * $this->content->items and $this->content->icons. * $this->content->items should be a numerically indexed array containing elements that * represent the HTML for each item in the list that is going to be displayed. * Usually these items will be HTML anchor tags which provide links to some page. * $this->content->icons should also be a numerically indexed array, with exactly as many items * as $this->content->items has. Each of these items should be a fully qualified HTML <img> tag, * with "src", "height", "width" and "alt" attributes. Obviously, it makes sense to keep the images * small and of a uniform size. * In order to tell Moodle that we want to have a list block instead of the standard text block, * we need to make a small change to our block class declaration. * Instead of extending class block_base, our block will extend class block_list. * * You can hide the block by displaying nothing. That means that both * $this->content->text and $this->content->footer are each equal to the * empty string (''). Moodle performs this check by calling the block's * is_empty() method, and if the block is indeed empty then it is not * displayed at all. * * @return string the content to display in the block */ function get_content() { // for iclicker we will just render links here and possibly an indicator to show if you have registered a clicker global $CFG, $USER, $COURSE; if ($this->content !== null) { return $this->content; } $this->content = new stdClass(); $this->content->text = ''; if (iclicker_service::get_current_user_id()) { $this->content->text = "<div class='iclicker_nav_items'>\n"; $reg_link = '<a href="' . iclicker_service::block_url('registration.php') . '">' . iclicker_service::msg('reg.title') . '</a><br/>'; $this->content->text .= " " . $reg_link . "\n"; // also show the list of currently registered clickers $clicker_list_html = ''; if ($clickers = iclicker_service::get_registrations_by_user(null, true)) { $clicker_list_html .= " <ul class='iclicker_clickerids'>" . PHP_EOL; foreach ($clickers as $clicker) { $clicker_list_html .= " <li class='iclicker_clickerid'>{$clicker->clicker_id}</li>" . PHP_EOL; } $clicker_list_html .= " </ul>\n"; } $this->content->text .= $clicker_list_html; // the other links if (iclicker_service::is_admin()) { $link = '<a href="' . iclicker_service::block_url('admin.php') . '">' . iclicker_service::msg('admin.title') . '</a><br/>' . PHP_EOL; $this->content->text .= " " . $link . "\n"; // remove inst link after testing complete //$link = '<b><i>remove inst link</i></b> <a href="'.iclicker_service::block_url('instructor.php').'">'.iclicker_service::msg('inst.title').'</a>'; //$this->content->text .= " ".$link."\n"; } else { if (iclicker_service::is_instructor()) { $link = '<a href="' . iclicker_service::block_url('instructor.php') . '">' . iclicker_service::msg('inst.title') . '</a><br/>' . PHP_EOL; $sso_link = ''; if (iclicker_service::$block_iclicker_sso_enabled) { $sso_link = '<a class="nav_link" href="' . iclicker_service::block_url('instructor_sso.php') . '">' . iclicker_service::msg('inst.sso.title') . '</a><br/>' . PHP_EOL; } $this->content->text .= ' ' . $link . $sso_link; } } // close out the html $this->content->text .= "</div>" . PHP_EOL; } // FOOTER //$this->content->footer = '<a href="'.$CFG->wwwroot.'/blocks/iclicker/page.php?blockid='.$this->instance->id.'&courseid='.$COURSE->id.'">'.get_string('addpage', 'block_iclicker').'</a>'; $this->content->footer = ''; // Sample list items //$this->content->items[] = '<a href="some_file.php">Menu Option 1</a>'; //$this->content->icons[] = '<img src="images/icons/1.gif" class="icon" alt="" />'; return $this->content; }