/**
* Construct a user API client, accounting for unified api presence, and fall back to system api user if desired.
*
* @param int $muserid The userid to get the outlook token for. If you want to force a system API user client, use an empty
* value here and set $systemfallback to true.
* @return \local_o365\rest\o365api|bool A constructed user API client (unified or legacy), or false if error.
*/
public function construct_user_api($muserid = null, $systemfallback = true)
{
$unifiedconfigured = \local_o365\rest\unified::is_configured();
if ($unifiedconfigured === true) {
$resource = \local_o365\rest\unified::get_resource();
} else {
$resource = \local_o365\rest\azuread::get_resource();
}
$token = null;
if (!empty($muserid)) {
$token = \local_o365\oauth2\token::instance($muserid, $resource, $this->clientdata, $this->httpclient);
}
if (empty($token) && $systemfallback === true) {
$token = \local_o365\oauth2\systemtoken::instance(null, $resource, $this->clientdata, $this->httpclient);
}
if (empty($token)) {
throw new \Exception('No token available for user #' . $muserid);
}
if ($unifiedconfigured === true) {
$apiclient = new \local_o365\rest\unified($token, $this->httpclient);
} else {
$apiclient = new \local_o365\rest\azuread($token, $this->httpclient);
}
return $apiclient;
}
/**
* Get the token to authenticate with OneNote.
*
* @return string The token to authenticate with OneNote.
*/
public function get_token()
{
global $USER;
$httpclient = new \local_o365\httpclient();
$clientdata = \local_o365\oauth2\clientdata::instance_from_oidc();
$resource = \local_o365\rest\onenote::get_resource();
$token = \local_o365\oauth2\token::instance($USER->id, $resource, $clientdata, $httpclient);
return $token->get_token();
}
/**
* Automatically construct an instance of the API class for a given user.
*
* NOTE: Useful for one-offs, not efficient for bulk operations.
*
* @param int $userid The Moodle user ID to construct the API for.
* @return \local_o365\rest\o365api An instance of the requested API class with dependencies met for a given user.
*/
public static function instance_for_user($userid)
{
$httpclient = new \local_o365\httpclient();
$clientdata = \local_o365\oauth2\clientdata::instance_from_oidc();
$resource = static::get_resource();
$token = \local_o365\oauth2\token::instance($userid, $resource, $clientdata, $httpclient);
if (!empty($token)) {
return new static($token, $httpclient);
} else {
throw new \moodle_exception('erroro365apinotoken', 'local_o365');
}
}
/**
* Get additional information about a user from Azure AD.
*
* @param int $userid The ID of the user we want more information about.
* @param string $eventtype The type of event that triggered this call. "login" or "create".
* @return bool Success/Failure.
*/
public static function get_additional_user_info($userid, $eventtype)
{
global $DB;
try {
// Azure AD must be configured for us to fetch data.
if (\local_o365\rest\azuread::is_configured() !== true) {
return true;
}
$aadresource = \local_o365\rest\azuread::get_resource();
$sql = 'SELECT tok.*
FROM {auth_oidc_token} tok
JOIN {user} u
ON tok.username = u.username
WHERE u.id = ? AND tok.resource = ?';
$params = [$userid, $aadresource];
$tokenrec = $DB->get_record_sql($sql, $params);
if (empty($tokenrec)) {
// No OIDC token for this user and resource - maybe not an Azure AD user.
return false;
}
$httpclient = new \local_o365\httpclient();
$clientdata = \local_o365\oauth2\clientdata::instance_from_oidc();
$token = \local_o365\oauth2\token::instance($userid, $aadresource, $clientdata, $httpclient);
$apiclient = new \local_o365\rest\azuread($token, $httpclient);
$aaduserdata = $apiclient->get_user($tokenrec->oidcuniqid);
$updateduser = new \stdClass();
$updateduser = \local_o365\feature\usersync\main::apply_configured_fieldmap($aaduserdata, $updateduser, $eventtype);
if (!empty($updateduser)) {
$updateduser->id = $userid;
$DB->update_record('user', $updateduser);
profile_save_data($updateduser);
}
return true;
} catch (\Exception $e) {
\local_o365\utils::debug($e->getMessage());
}
return false;
}
/**
* Get a SharePoint token.
*
* @return \local_o365\oauth2\token A SharePoint token object.
*/
protected function get_sharepoint_token()
{
global $USER;
$resource = \local_o365\rest\sharepoint::get_resource();
return \local_o365\oauth2\token::instance($USER->id, $resource, $this->clientdata, $this->httpclient);
}
/**
* Gets the instance of the correct api class. Use this method to get an instance of the api class.
*
* @return \local_onenote\api\base An implementation of the OneNote API.
*/
public static function getinstance()
{
global $USER, $SESSION, $CFG;
$msaccountclass = '\\local_onenote\\api\\msaccount';
$o365class = '\\local_onenote\\api\\o365';
$class = '';
$iso365user = \local_o365\utils::is_o365_connected($USER->id) === true && class_exists('\\local_o365\\rest\\onenote') ? true : false;
if ($iso365user === true) {
$sesskey = class_exists('\\local_msaccount\\client') ? 'msaccount_client-' . md5(\local_msaccount\client::SCOPE) : null;
$disableo365onenote = get_user_preferences('local_o365_disableo365onenote', 0);
// If the user is logged in to msaccount OneNote, or has o365 OneNote disabled.
$iso365user = !empty($sesskey) && !empty($SESSION->{$sesskey}) || !empty($disableo365onenote) ? false : $iso365user;
if ($iso365user === true) {
try {
$httpclient = new \local_o365\httpclient();
$clientdata = \local_o365\oauth2\clientdata::instance_from_oidc();
$onenoteresource = \local_o365\rest\onenote::get_resource();
$token = \local_o365\oauth2\token::instance($USER->id, $onenoteresource, $clientdata, $httpclient);
if (empty($token)) {
$iso365user = false;
}
} catch (\Exception $e) {
$iso365user = false;
}
}
if ($iso365user === true) {
$class = $o365class;
} else {
$class = class_exists('\\local_msaccount\\client') ? $msaccountclass : null;
}
} else {
$class = class_exists('\\local_msaccount\\client') ? $msaccountclass : null;
}
if (empty($class)) {
throw new \moodle_exception('error_noapiavailable', 'local_onenote');
}
if (empty(self::$instance)) {
self::$instance = new $class();
}
return self::$instance;
}
/**
* Manage calendar syncing.
*/
public function mode_calendar()
{
global $DB, $USER, $OUTPUT, $PAGE;
if (empty($this->o365connected)) {
throw new \moodle_exception('ucp_notconnected', 'local_o365');
}
$outlookresource = \local_o365\rest\calendar::get_resource();
if (empty($outlookresource)) {
throw new \Exception('Not configured');
}
$httpclient = new \local_o365\httpclient();
$clientdata = \local_o365\oauth2\clientdata::instance_from_oidc();
$token = \local_o365\oauth2\token::instance($USER->id, $outlookresource, $clientdata, $httpclient);
$calsync = new \local_o365\feature\calsync\main();
$o365calendars = $calsync->get_calendars();
$customdata = ['o365calendars' => [], 'usercourses' => enrol_get_my_courses(['id', 'fullname']), 'cancreatesiteevents' => false, 'cancreatecourseevents' => []];
foreach ($o365calendars as $o365calendar) {
$customdata['o365calendars'][] = ['id' => $o365calendar['Id'], 'name' => $o365calendar['Name']];
}
$primarycalid = $customdata['o365calendars'][0]['id'];
// Determine permissions to create events. Determines whether user can sync from o365 to Moodle.
$customdata['cancreatesiteevents'] = has_capability('moodle/calendar:manageentries', \context_course::instance(SITEID));
foreach ($customdata['usercourses'] as $courseid => $course) {
$cancreateincourse = has_capability('moodle/calendar:manageentries', \context_course::instance($courseid));
$customdata['cancreatecourseevents'][$courseid] = $cancreateincourse;
}
$mform = new \local_o365\feature\calsync\form\subscriptions('?action=calendar', $customdata);
if ($mform->is_cancelled()) {
redirect(new \moodle_url('/local/o365/ucp.php'));
} else {
if ($fromform = $mform->get_data()) {
\local_o365\feature\calsync\form\subscriptions::update_subscriptions($fromform, $primarycalid, $customdata['cancreatesiteevents'], $customdata['cancreatecourseevents']);
redirect(new \moodle_url('/local/o365/ucp.php'));
} else {
$PAGE->requires->jquery();
$defaultdata = [];
$existingsubsrs = $DB->get_recordset('local_o365_calsub', ['user_id' => $USER->id]);
foreach ($existingsubsrs as $existingsubrec) {
if ($existingsubrec->caltype === 'site') {
$defaultdata['sitecal']['checked'] = '1';
$defaultdata['sitecal']['syncwith'] = $existingsubrec->o365calid;
$defaultdata['sitecal']['syncbehav'] = $existingsubrec->syncbehav;
} else {
if ($existingsubrec->caltype === 'user') {
$defaultdata['usercal']['checked'] = '1';
$defaultdata['usercal']['syncwith'] = $existingsubrec->o365calid;
$defaultdata['usercal']['syncbehav'] = $existingsubrec->syncbehav;
} else {
if ($existingsubrec->caltype === 'course') {
$defaultdata['coursecal'][$existingsubrec->caltypeid]['checked'] = '1';
$defaultdata['coursecal'][$existingsubrec->caltypeid]['syncwith'] = $existingsubrec->o365calid;
$defaultdata['coursecal'][$existingsubrec->caltypeid]['syncbehav'] = $existingsubrec->syncbehav;
}
}
}
}
$existingsubsrs->close();
$mform->set_data($defaultdata);
echo $OUTPUT->header();
$mform->display();
echo $OUTPUT->footer();
}
}
}
/**
* Get a SharePoint token.
*
* @param bool $system If true, get a system API ser token instead of the user's token.
* @param int|null $userid The userid to get a token for. If null, the current user will be used.
* @return \local_o365\oauth2\token A SharePoint token object.
*/
protected function get_sharepoint_token($system = false, $userid = null)
{
global $USER;
$resource = \local_o365\rest\sharepoint::get_resource();
if ($system === true) {
return \local_o365\oauth2\systemtoken::instance(null, $resource, $this->clientdata, $this->httpclient);
} else {
$userid = !empty($userid) ? $userid : $USER->id;
return \local_o365\oauth2\token::instance($userid, $resource, $this->clientdata, $this->httpclient);
}
}
/**
* Gets the instance of the correct api class. Use this method to get an instance of the api class.
*
* @return \local_onenote\api\base An implementation of the OneNote API.
*/
public static function getinstance()
{
global $USER, $SESSION, $CFG;
$msaccountclass = '\\local_onenote\\api\\msaccount';
$o365class = '\\local_onenote\\api\\o365';
$iso365user = \local_o365\utils::is_o365_connected($USER->id) === true && class_exists('\\local_o365\\rest\\onenote') ? true : false;
if ($iso365user === true) {
require_once $CFG->dirroot . '/local/msaccount/msaccount_client.php';
$sesskey = 'msaccount_client-' . md5(\msaccount_client::SCOPE);
$disableo365onenote = get_user_preferences('local_o365_disableo365onenote', 0);
$iso365user = !empty($SESSION->{$sesskey}) || !empty($disableo365onenote) ? false : $iso365user;
if ($iso365user === true) {
try {
$httpclient = new \local_o365\httpclient();
$clientdata = \local_o365\oauth2\clientdata::instance_from_oidc();
$onenoteresource = \local_o365\rest\onenote::get_resource();
$token = \local_o365\oauth2\token::instance($USER->id, $onenoteresource, $clientdata, $httpclient);
if (empty($token)) {
$iso365user = false;
}
} catch (\Exception $e) {
$iso365user = false;
}
}
$class = $iso365user === true ? $o365class : $msaccountclass;
} else {
$class = $msaccountclass;
}
if (empty(self::$instance)) {
self::$instance = new $class();
}
return self::$instance;
}
/**
* Get additional information about a user from Azure AD.
*
* @return bool Success/Failure.
*/
public static function get_additional_user_info($userid)
{
global $DB;
try {
// Azure AD must be configured for us to fetch data.
if (\local_o365\rest\azuread::is_configured() !== true) {
return true;
}
$aadresource = \local_o365\rest\azuread::get_resource();
$sql = 'SELECT tok.*
FROM {auth_oidc_token} tok
JOIN {user} u
ON tok.username = u.username
WHERE u.id = ? AND tok.resource = ?';
$params = [$userid, $aadresource];
$tokenrec = $DB->get_record_sql($sql, $params);
if (empty($tokenrec)) {
// No OIDC token for this user and resource - maybe not an Azure AD user.
return false;
}
$httpclient = new \local_o365\httpclient();
$clientdata = \local_o365\oauth2\clientdata::instance_from_oidc();
$token = \local_o365\oauth2\token::instance($userid, $aadresource, $clientdata, $httpclient);
$apiclient = new \local_o365\rest\azuread($token, $httpclient);
$aaduserdata = $apiclient->get_user($tokenrec->oidcuniqid);
$updateduser = [];
$parammap = ['mail' => 'email', 'city' => 'city', 'country' => 'country', 'department' => 'department'];
foreach ($parammap as $aadparam => $moodleparam) {
if (!empty($aaduserdata[$aadparam])) {
$updateduser[$moodleparam] = $aaduserdata[$aadparam];
}
}
if (!empty($aaduserdata['preferredLanguage'])) {
$updateduser['lang'] = substr($aaduserdata['preferredLanguage'], 0, 2);
}
if (!empty($updateduser)) {
$updateduser['id'] = $userid;
$DB->update_record('user', (object) $updateduser);
}
return true;
} catch (\Exception $e) {
return false;
}
return false;
}
/**
* Get a token that can be used for calendar syncing.
*
* @param int $muserid The ID of a Moodle user to get a token for.
* @return \local_o365\oauth2\token|null Either a token for calendar syncing, or null if no token could be retrieved.
*/
public function get_user_token($muserid)
{
$outlookresource = \local_o365\rest\calendar::get_resource();
$usertoken = \local_o365\oauth2\token::instance($muserid, $outlookresource, $this->clientdata, $this->httpclient);
return !empty($usertoken) ? $usertoken : null;
}
