/** * Get the Azure AD UPN of a connected Moodle user. * * @param \stdClass $user The Moodle user. * @return string|bool The user's Azure AD UPN, or false if failure. */ public static function get_muser_upn($user) { global $DB; $now = time(); if (is_numeric($user)) { $user = $DB->get_record('user', ['id' => $user]); if (empty($user)) { \local_o365\utils::debug('User not found', 'rest\\azuread\\get_muser_upn', $user); return false; } } // Get user UPN. $userobjectdata = $DB->get_record('local_o365_objects', ['type' => 'user', 'moodleid' => $user->id]); if (!empty($userobjectdata)) { return $userobjectdata->o365name; } else { // Get user data. $authoidcuserdata = $DB->get_record('auth_oidc_token', ['username' => $user->username]); if (empty($authoidcuserdata)) { // No data for the user in the OIDC token table. Can't proceed. \local_o365\utils::debug('No oidc token found for user.', 'rest\\azuread\\get_muser_upn', $user->username); return false; } $httpclient = new \local_o365\httpclient(); try { $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); } catch (\Exception $e) { \local_o365\utils::debug($e->getMessage()); return false; } $resource = static::get_resource(); $token = \local_o365\oauth2\systemtoken::instance(null, $resource, $clientdata, $httpclient); $aadapiclient = new \local_o365\rest\azuread($token, $httpclient); $aaduserdata = $aadapiclient->get_user($authoidcuserdata->oidcuniqid); $userobjectdata = (object) ['type' => 'user', 'subtype' => '', 'objectid' => $aaduserdata['objectId'], 'o365name' => $aaduserdata['userPrincipalName'], 'moodleid' => $user->id, 'timecreated' => $now, 'timemodified' => $now]; $userobjectdata->id = $DB->insert_record('local_o365_objects', $userobjectdata); return $userobjectdata->o365name; } }
/** * Get additional information about a user from Azure AD. * * @param int $userid The ID of the user we want more information about. * @param string $eventtype The type of event that triggered this call. "login" or "create". * @return bool Success/Failure. */ public static function get_additional_user_info($userid, $eventtype) { global $DB; try { // Azure AD must be configured for us to fetch data. if (\local_o365\rest\azuread::is_configured() !== true) { return true; } $aadresource = \local_o365\rest\azuread::get_resource(); $sql = 'SELECT tok.* FROM {auth_oidc_token} tok JOIN {user} u ON tok.username = u.username WHERE u.id = ? AND tok.resource = ?'; $params = [$userid, $aadresource]; $tokenrec = $DB->get_record_sql($sql, $params); if (empty($tokenrec)) { // No OIDC token for this user and resource - maybe not an Azure AD user. return false; } $httpclient = new \local_o365\httpclient(); $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); $token = \local_o365\oauth2\token::instance($userid, $aadresource, $clientdata, $httpclient); $apiclient = new \local_o365\rest\azuread($token, $httpclient); $aaduserdata = $apiclient->get_user($tokenrec->oidcuniqid); $updateduser = new \stdClass(); $updateduser = \local_o365\feature\usersync\main::apply_configured_fieldmap($aaduserdata, $updateduser, $eventtype); if (!empty($updateduser)) { $updateduser->id = $userid; $DB->update_record('user', $updateduser); profile_save_data($updateduser); } return true; } catch (\Exception $e) { \local_o365\utils::debug($e->getMessage()); } return false; }
/** * Get additional information about a user from Azure AD. * * @return bool Success/Failure. */ public static function get_additional_user_info($userid) { global $DB; try { // Azure AD must be configured for us to fetch data. if (\local_o365\rest\azuread::is_configured() !== true) { return true; } $aadresource = \local_o365\rest\azuread::get_resource(); $sql = 'SELECT tok.* FROM {auth_oidc_token} tok JOIN {user} u ON tok.username = u.username WHERE u.id = ? AND tok.resource = ?'; $params = [$userid, $aadresource]; $tokenrec = $DB->get_record_sql($sql, $params); if (empty($tokenrec)) { // No OIDC token for this user and resource - maybe not an Azure AD user. return false; } $httpclient = new \local_o365\httpclient(); $clientdata = \local_o365\oauth2\clientdata::instance_from_oidc(); $token = \local_o365\oauth2\token::instance($userid, $aadresource, $clientdata, $httpclient); $apiclient = new \local_o365\rest\azuread($token, $httpclient); $aaduserdata = $apiclient->get_user($tokenrec->oidcuniqid); $updateduser = []; $parammap = ['mail' => 'email', 'city' => 'city', 'country' => 'country', 'department' => 'department']; foreach ($parammap as $aadparam => $moodleparam) { if (!empty($aaduserdata[$aadparam])) { $updateduser[$moodleparam] = $aaduserdata[$aadparam]; } } if (!empty($aaduserdata['preferredLanguage'])) { $updateduser['lang'] = substr($aaduserdata['preferredLanguage'], 0, 2); } if (!empty($updateduser)) { $updateduser['id'] = $userid; $DB->update_record('user', (object) $updateduser); } return true; } catch (\Exception $e) { return false; } return false; }