/** * Construct a user API client, accounting for unified api presence, and fall back to system api user if desired. * * @param int $muserid The userid to get the outlook token for. If you want to force a system API user client, use an empty * value here and set $systemfallback to true. * @return \local_o365\rest\o365api|bool A constructed user API client (unified or legacy), or false if error. */ public function construct_user_api($muserid = null, $systemfallback = true) { $unifiedconfigured = \local_o365\rest\unified::is_configured(); if ($unifiedconfigured === true) { $resource = \local_o365\rest\unified::get_resource(); } else { $resource = \local_o365\rest\azuread::get_resource(); } $token = null; if (!empty($muserid)) { $token = \local_o365\oauth2\token::instance($muserid, $resource, $this->clientdata, $this->httpclient); } if (empty($token) && $systemfallback === true) { $token = \local_o365\oauth2\systemtoken::instance(null, $resource, $this->clientdata, $this->httpclient); } if (empty($token)) { throw new \Exception('No token available for user #' . $muserid); } if ($unifiedconfigured === true) { $apiclient = new \local_o365\rest\unified($token, $this->httpclient); } else { $apiclient = new \local_o365\rest\azuread($token, $this->httpclient); } return $apiclient; }
/** * Get the token to authenticate with OneNote. * * @return string The token to authenticate with OneNote. */ public function get_token() { global $USER; $httpclient = new \local_o365\httpclient(); $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); $resource = \local_o365\rest\onenote::get_resource(); $token = \local_o365\oauth2\token::instance($USER->id, $resource, $clientdata, $httpclient); return $token->get_token(); }
/** * Automatically construct an instance of the API class for a given user. * * NOTE: Useful for one-offs, not efficient for bulk operations. * * @param int $userid The Moodle user ID to construct the API for. * @return \local_o365\rest\o365api An instance of the requested API class with dependencies met for a given user. */ public static function instance_for_user($userid) { $httpclient = new \local_o365\httpclient(); $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); $resource = static::get_resource(); $token = \local_o365\oauth2\token::instance($userid, $resource, $clientdata, $httpclient); if (!empty($token)) { return new static($token, $httpclient); } else { throw new \moodle_exception('erroro365apinotoken', 'local_o365'); } }
/** * Get additional information about a user from Azure AD. * * @param int $userid The ID of the user we want more information about. * @param string $eventtype The type of event that triggered this call. "login" or "create". * @return bool Success/Failure. */ public static function get_additional_user_info($userid, $eventtype) { global $DB; try { // Azure AD must be configured for us to fetch data. if (\local_o365\rest\azuread::is_configured() !== true) { return true; } $aadresource = \local_o365\rest\azuread::get_resource(); $sql = 'SELECT tok.* FROM {auth_oidc_token} tok JOIN {user} u ON tok.username = u.username WHERE u.id = ? AND tok.resource = ?'; $params = [$userid, $aadresource]; $tokenrec = $DB->get_record_sql($sql, $params); if (empty($tokenrec)) { // No OIDC token for this user and resource - maybe not an Azure AD user. return false; } $httpclient = new \local_o365\httpclient(); $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); $token = \local_o365\oauth2\token::instance($userid, $aadresource, $clientdata, $httpclient); $apiclient = new \local_o365\rest\azuread($token, $httpclient); $aaduserdata = $apiclient->get_user($tokenrec->oidcuniqid); $updateduser = new \stdClass(); $updateduser = \local_o365\feature\usersync\main::apply_configured_fieldmap($aaduserdata, $updateduser, $eventtype); if (!empty($updateduser)) { $updateduser->id = $userid; $DB->update_record('user', $updateduser); profile_save_data($updateduser); } return true; } catch (\Exception $e) { \local_o365\utils::debug($e->getMessage()); } return false; }
/** * Get a SharePoint token. * * @return \local_o365\oauth2\token A SharePoint token object. */ protected function get_sharepoint_token() { global $USER; $resource = \local_o365\rest\sharepoint::get_resource(); return \local_o365\oauth2\token::instance($USER->id, $resource, $this->clientdata, $this->httpclient); }
/** * Gets the instance of the correct api class. Use this method to get an instance of the api class. * * @return \local_onenote\api\base An implementation of the OneNote API. */ public static function getinstance() { global $USER, $SESSION, $CFG; $msaccountclass = '\\local_onenote\\api\\msaccount'; $o365class = '\\local_onenote\\api\\o365'; $class = ''; $iso365user = \local_o365\utils::is_o365_connected($USER->id) === true && class_exists('\\local_o365\\rest\\onenote') ? true : false; if ($iso365user === true) { $sesskey = class_exists('\\local_msaccount\\client') ? 'msaccount_client-' . md5(\local_msaccount\client::SCOPE) : null; $disableo365onenote = get_user_preferences('local_o365_disableo365onenote', 0); // If the user is logged in to msaccount OneNote, or has o365 OneNote disabled. $iso365user = !empty($sesskey) && !empty($SESSION->{$sesskey}) || !empty($disableo365onenote) ? false : $iso365user; if ($iso365user === true) { try { $httpclient = new \local_o365\httpclient(); $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); $onenoteresource = \local_o365\rest\onenote::get_resource(); $token = \local_o365\oauth2\token::instance($USER->id, $onenoteresource, $clientdata, $httpclient); if (empty($token)) { $iso365user = false; } } catch (\Exception $e) { $iso365user = false; } } if ($iso365user === true) { $class = $o365class; } else { $class = class_exists('\\local_msaccount\\client') ? $msaccountclass : null; } } else { $class = class_exists('\\local_msaccount\\client') ? $msaccountclass : null; } if (empty($class)) { throw new \moodle_exception('error_noapiavailable', 'local_onenote'); } if (empty(self::$instance)) { self::$instance = new $class(); } return self::$instance; }
/** * Manage calendar syncing. */ public function mode_calendar() { global $DB, $USER, $OUTPUT, $PAGE; if (empty($this->o365connected)) { throw new \moodle_exception('ucp_notconnected', 'local_o365'); } $outlookresource = \local_o365\rest\calendar::get_resource(); if (empty($outlookresource)) { throw new \Exception('Not configured'); } $httpclient = new \local_o365\httpclient(); $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); $token = \local_o365\oauth2\token::instance($USER->id, $outlookresource, $clientdata, $httpclient); $calsync = new \local_o365\feature\calsync\main(); $o365calendars = $calsync->get_calendars(); $customdata = ['o365calendars' => [], 'usercourses' => enrol_get_my_courses(['id', 'fullname']), 'cancreatesiteevents' => false, 'cancreatecourseevents' => []]; foreach ($o365calendars as $o365calendar) { $customdata['o365calendars'][] = ['id' => $o365calendar['Id'], 'name' => $o365calendar['Name']]; } $primarycalid = $customdata['o365calendars'][0]['id']; // Determine permissions to create events. Determines whether user can sync from o365 to Moodle. $customdata['cancreatesiteevents'] = has_capability('moodle/calendar:manageentries', \context_course::instance(SITEID)); foreach ($customdata['usercourses'] as $courseid => $course) { $cancreateincourse = has_capability('moodle/calendar:manageentries', \context_course::instance($courseid)); $customdata['cancreatecourseevents'][$courseid] = $cancreateincourse; } $mform = new \local_o365\feature\calsync\form\subscriptions('?action=calendar', $customdata); if ($mform->is_cancelled()) { redirect(new \moodle_url('/local/o365/ucp.php')); } else { if ($fromform = $mform->get_data()) { \local_o365\feature\calsync\form\subscriptions::update_subscriptions($fromform, $primarycalid, $customdata['cancreatesiteevents'], $customdata['cancreatecourseevents']); redirect(new \moodle_url('/local/o365/ucp.php')); } else { $PAGE->requires->jquery(); $defaultdata = []; $existingsubsrs = $DB->get_recordset('local_o365_calsub', ['user_id' => $USER->id]); foreach ($existingsubsrs as $existingsubrec) { if ($existingsubrec->caltype === 'site') { $defaultdata['sitecal']['checked'] = '1'; $defaultdata['sitecal']['syncwith'] = $existingsubrec->o365calid; $defaultdata['sitecal']['syncbehav'] = $existingsubrec->syncbehav; } else { if ($existingsubrec->caltype === 'user') { $defaultdata['usercal']['checked'] = '1'; $defaultdata['usercal']['syncwith'] = $existingsubrec->o365calid; $defaultdata['usercal']['syncbehav'] = $existingsubrec->syncbehav; } else { if ($existingsubrec->caltype === 'course') { $defaultdata['coursecal'][$existingsubrec->caltypeid]['checked'] = '1'; $defaultdata['coursecal'][$existingsubrec->caltypeid]['syncwith'] = $existingsubrec->o365calid; $defaultdata['coursecal'][$existingsubrec->caltypeid]['syncbehav'] = $existingsubrec->syncbehav; } } } } $existingsubsrs->close(); $mform->set_data($defaultdata); echo $OUTPUT->header(); $mform->display(); echo $OUTPUT->footer(); } } }
/** * Get a SharePoint token. * * @param bool $system If true, get a system API ser token instead of the user's token. * @param int|null $userid The userid to get a token for. If null, the current user will be used. * @return \local_o365\oauth2\token A SharePoint token object. */ protected function get_sharepoint_token($system = false, $userid = null) { global $USER; $resource = \local_o365\rest\sharepoint::get_resource(); if ($system === true) { return \local_o365\oauth2\systemtoken::instance(null, $resource, $this->clientdata, $this->httpclient); } else { $userid = !empty($userid) ? $userid : $USER->id; return \local_o365\oauth2\token::instance($userid, $resource, $this->clientdata, $this->httpclient); } }
/** * Gets the instance of the correct api class. Use this method to get an instance of the api class. * * @return \local_onenote\api\base An implementation of the OneNote API. */ public static function getinstance() { global $USER, $SESSION, $CFG; $msaccountclass = '\\local_onenote\\api\\msaccount'; $o365class = '\\local_onenote\\api\\o365'; $iso365user = \local_o365\utils::is_o365_connected($USER->id) === true && class_exists('\\local_o365\\rest\\onenote') ? true : false; if ($iso365user === true) { require_once $CFG->dirroot . '/local/msaccount/msaccount_client.php'; $sesskey = 'msaccount_client-' . md5(\msaccount_client::SCOPE); $disableo365onenote = get_user_preferences('local_o365_disableo365onenote', 0); $iso365user = !empty($SESSION->{$sesskey}) || !empty($disableo365onenote) ? false : $iso365user; if ($iso365user === true) { try { $httpclient = new \local_o365\httpclient(); $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); $onenoteresource = \local_o365\rest\onenote::get_resource(); $token = \local_o365\oauth2\token::instance($USER->id, $onenoteresource, $clientdata, $httpclient); if (empty($token)) { $iso365user = false; } } catch (\Exception $e) { $iso365user = false; } } $class = $iso365user === true ? $o365class : $msaccountclass; } else { $class = $msaccountclass; } if (empty(self::$instance)) { self::$instance = new $class(); } return self::$instance; }
/** * Get additional information about a user from Azure AD. * * @return bool Success/Failure. */ public static function get_additional_user_info($userid) { global $DB; try { // Azure AD must be configured for us to fetch data. if (\local_o365\rest\azuread::is_configured() !== true) { return true; } $aadresource = \local_o365\rest\azuread::get_resource(); $sql = 'SELECT tok.* FROM {auth_oidc_token} tok JOIN {user} u ON tok.username = u.username WHERE u.id = ? AND tok.resource = ?'; $params = [$userid, $aadresource]; $tokenrec = $DB->get_record_sql($sql, $params); if (empty($tokenrec)) { // No OIDC token for this user and resource - maybe not an Azure AD user. return false; } $httpclient = new \local_o365\httpclient(); $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); $token = \local_o365\oauth2\token::instance($userid, $aadresource, $clientdata, $httpclient); $apiclient = new \local_o365\rest\azuread($token, $httpclient); $aaduserdata = $apiclient->get_user($tokenrec->oidcuniqid); $updateduser = []; $parammap = ['mail' => 'email', 'city' => 'city', 'country' => 'country', 'department' => 'department']; foreach ($parammap as $aadparam => $moodleparam) { if (!empty($aaduserdata[$aadparam])) { $updateduser[$moodleparam] = $aaduserdata[$aadparam]; } } if (!empty($aaduserdata['preferredLanguage'])) { $updateduser['lang'] = substr($aaduserdata['preferredLanguage'], 0, 2); } if (!empty($updateduser)) { $updateduser['id'] = $userid; $DB->update_record('user', (object) $updateduser); } return true; } catch (\Exception $e) { return false; } return false; }
/** * Get a token that can be used for calendar syncing. * * @param int $muserid The ID of a Moodle user to get a token for. * @return \local_o365\oauth2\token|null Either a token for calendar syncing, or null if no token could be retrieved. */ public function get_user_token($muserid) { $outlookresource = \local_o365\rest\calendar::get_resource(); $usertoken = \local_o365\oauth2\token::instance($muserid, $outlookresource, $this->clientdata, $this->httpclient); return !empty($usertoken) ? $usertoken : null; }