function __construct($keystring, $wwwroot) { $this->credentials = openssl_x509_parse($keystring); $this->wwwroot = dropslash($wwwroot); $this->certificate = $keystring; if ($this->credentials == false) { throw new CryptException(get_string('errornotvalidsslcertificate', 'auth'), 1); return false; } elseif ($this->credentials['subject']['CN'] != $this->wwwroot) { throw new CryptException(get_string('errorcertificateinvalidwwwroot', 'auth', $this->credentials['subject']['CN'], $this->wwwroot), 1); return false; } else { return $this->credentials; } }
public static function save_instance_config_options($values, Pieform $form) { if (false === strpos($values['wwwroot'], '://')) { $values['wwwroot'] = 'http://' . $values['wwwroot']; } db_begin(); $authinstance = new stdClass(); $peer = new Peer(); if ($values['instance'] > 0) { $values['create'] = false; $current = get_records_assoc('auth_instance_config', 'instance', $values['instance'], '', 'field, value'); $authinstance->id = $values['instance']; } else { $values['create'] = true; // Get the auth instance with the highest priority number (which is // the instance with the lowest priority). // TODO: rethink 'priority' as a fieldname... it's backwards!! $lastinstance = get_records_array('auth_instance', 'institution', $values['institution'], 'priority DESC', '*', '0', '1'); if ($lastinstance == false) { $authinstance->priority = 0; } else { $authinstance->priority = $lastinstance[0]->priority + 1; } } if (false == $peer->findByWwwroot($values['wwwroot'])) { try { $peer->bootstrap($values['wwwroot'], null, $values['appname'], $values['institution']); } catch (RemoteServerException $e) { $form->set_error('wwwroot', get_string('cantretrievekey', 'auth')); throw new RemoteServerException($e->getMessage(), $e->getCode()); } } $peer->wwwroot = preg_replace("|\\/+\$|", "", $values['wwwroot']); $peer->name = $values['name']; $peer->deleted = $values['deleted']; $peer->appname = $values['appname']; $peer->institution = $values['institution']; if (isset($values['publickey'])) { $peer->publickey = new PublicKey($values['publickey'], $peer->wwwroot); $peer->publickeyexpires = $peer->publickey->expires; } /** * The following properties are not user-updatable $peer->lastconnecttime = $values['lastconnecttime']; */ $peer->commit(); $authinstance->instancename = $values['instancename']; $authinstance->institution = $values['institution']; $authinstance->authname = $values['authname']; if ($values['create']) { $values['instance'] = insert_record('auth_instance', $authinstance, 'id', true); } else { update_record('auth_instance', $authinstance, array('id' => $values['instance'])); } if (empty($current)) { $current = array(); } self::$default_config = array('wwwroot' => $values['wwwroot'], 'parent' => $values['parent'], 'authloginmsg' => $values['authloginmsg'], 'wessoout' => 0, 'theyssoin' => 0, 'theyautocreateusers' => 0, 'weautocreateusers' => 0, 'updateuserinfoonlogin' => 0, 'weimportcontent' => 0); if ($values['ssodirection'] == 'wessoout') { self::$default_config['wessoout'] = 1; self::$default_config['theyautocreateusers'] = $values['theyautocreateusers']; } else { if ($values['ssodirection'] == 'theyssoin') { self::$default_config['theyssoin'] = 1; self::$default_config['updateuserinfoonlogin'] = $values['updateuserinfoonlogin']; self::$default_config['weautocreateusers'] = $values['weautocreateusers']; self::$default_config['weimportcontent'] = $values['weimportcontent']; } } foreach (self::$default_config as $field => $value) { $record = new stdClass(); $record->instance = $values['instance']; $record->field = $field; $record->value = $value; if ($field == 'wwwroot') { $record->value = dropslash($value); } if (empty($value)) { delete_records('auth_instance_config', 'field', $field, 'instance', $values['instance']); } elseif ($values['create'] || !array_key_exists($field, $current)) { insert_record('auth_instance_config', $record); } else { update_record('auth_instance_config', $record, array('instance' => $values['instance'], 'field' => $field)); } } db_commit(); return $values; }
public function bootstrap($wwwroot, $pubkey, $appname = 'moodle', $institution = null) { $wwwroot = dropslash($wwwroot); if (!$this->findByWwwroot($wwwroot)) { $hostname = get_hostname_from_uri($wwwroot); // Get the IP address for that host - if this fails, it will // return the hostname string $ipaddress = gethostbyname($hostname); // Couldn't find the IP address? if ($ipaddress === $hostname && !preg_match('/^\\d+\\.\\d+\\.\\d+.\\d+$/', $hostname)) { throw new ParamOutOfRangeException('Could not find IP address for host: ' . addslashes($hostname)); return false; } // Default the name to the wwwroot $this->name = $wwwroot; // Get a page from the remote host, and check its title. $homepage = file_get_contents($wwwroot); if (!empty($homepage) && ($count = preg_match("@<title>(.*)</title>@siU", $homepage, $matches))) { $this->name = $matches[1]; } $exists = get_record('application', 'name', $appname); if (empty($exists)) { throw new ParamOutOfRangeException('Application ' . addslashes($appname) . ' does not exist.'); } $this->appname = $appname; $this->application = Application::findByName($this->appname); $this->wwwroot = $wwwroot; $this->ipaddress = $ipaddress; require_once get_config('libroot') . 'institution.php'; if (null == $institution) { $institution = new Institution(); $institution->name = preg_replace('/[^a-zA-Z]/', '', $this->name); // Check that the institution name has not already been taken. // If it has, we change it until we find a name that works $existinginstitutionnames = get_column('institution', 'name'); if (in_array($institution->name, $existinginstitutionnames)) { $success = false; foreach (range('a', 'z') as $character) { $testname = $institution->name . $character; if (!in_array($testname, $existinginstitutionnames)) { $success = true; $institution->name = $testname; break; } } if (!$success) { // We couldn't find a unique name. Noes! throw new RemoteServerException('Could not create a unique institution name'); } } $institution->displayname = $this->name; $institution->commit(); $this->institution = $institution->name; } else { $this->institution = $institution; } if (empty($pubkey)) { try { $somekey = get_public_key($this->wwwroot, $this->appname); $this->publickey = new PublicKey($somekey, $this->wwwroot); } catch (XmlrpcClientException $e) { $errcode = $e->getCode(); if ($errcode == 404) { throw new RemoteServerException('404: Incorrect WWWRoot or Application: file not found.'); } elseif ($errcode == 704) { throw new RemoteServerException('Networking is disabled on the host at ' . $this->wwwroot . '.'); } else { throw new RemoteServerException('Error retrieving public key, failed with error code ' . $errcode . ': ' . $e->getMessage()); } } catch (Exception $e) { throw new RemoteServerException('Error retrieving public key: ' . $e->getMessage()); } } else { $this->publickey = new PublicKey($pubkey, $this->wwwroot); } $this->lastconnecttime = 0; $this->initialized = self::INITIALIZED; $this->changed = true; if (false == $this->publickey->expires) { $this->publickey == null; return false; } } return true; }