[Summary view] [Print] [Text view]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Web service auth plugin, reserves username, prevents normal login.
  19   * TODO: add IP restrictions and some other features - MDL-17135
  20   *
  21   * @package    auth_webservice
  22   * @copyright  2008 Petr Skoda (http://skodak.org)
  23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  
  26  defined('MOODLE_INTERNAL') || die();
  27  
  28  require_once($CFG->libdir.'/authlib.php');
  29  
  30  /**
  31   * Web service auth plugin.
  32   */
  33  class auth_plugin_webservice extends auth_plugin_base {
  34  
  35      /**
  36       * Constructor.
  37       */
  38      public function __construct() {
  39          $this->authtype = 'webservice';
  40          $this->config = get_config('auth/webservice');
  41      }
  42  
  43      /**
  44       * Old syntax of class constructor. Deprecated in PHP7.
  45       *
  46       * @deprecated since Moodle 3.1
  47       */
  48      public function auth_plugin_webservice() {
  49          debugging('Use of class name as constructor is deprecated', DEBUG_DEVELOPER);
  50          self::__construct();
  51      }
  52  
  53      /**
  54       * Returns true if the username and password work and false if they are
  55       * wrong or don't exist.
  56       *
  57       * @param string $username The username (with system magic quotes)
  58       * @param string $password The password (with system magic quotes)
  59       *
  60       * @return bool Authentication success or failure.
  61       */
  62      function user_login($username, $password) {
  63          // normla logins not allowed!
  64          return false;
  65      }
  66  
  67      /**
  68       * Custom auth hook for web services.
  69       * @param string $username
  70       * @param string $password
  71       * @return bool success
  72       */
  73      function user_login_webservice($username, $password) {
  74          global $CFG, $DB;
  75          // special web service login
  76          if ($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) {
  77              return validate_internal_user_password($user, $password);
  78          }
  79          return false;
  80      }
  81  
  82      /**
  83       * Updates the user's password.
  84       *
  85       * called when the user password is updated.
  86       *
  87       * @param  object  $user        User table object  (with system magic quotes)
  88       * @param  string  $newpassword Plaintext password (with system magic quotes)
  89       * @return boolean result
  90       *
  91       */
  92      function user_update_password($user, $newpassword) {
  93          $user = get_complete_user_data('id', $user->id);
  94          // This will also update the stored hash to the latest algorithm
  95          // if the existing hash is using an out-of-date algorithm (or the
  96          // legacy md5 algorithm).
  97          return update_internal_user_password($user, $newpassword);
  98      }
  99  
 100      /**
 101       * Returns true if this authentication plugin is 'internal'.
 102       *
 103       * Webserice auth doesn't use password fields, it uses only tokens.
 104       *
 105       * @return bool
 106       */
 107      function is_internal() {
 108          return false;
 109      }
 110  
 111      /**
 112       * Returns true if this authentication plugin can change the user's
 113       * password.
 114       *
 115       * @return bool
 116       */
 117      function can_change_password() {
 118          return false;
 119      }
 120  
 121      /**
 122       * Returns the URL for changing the user's pw, or empty if the default can
 123       * be used.
 124       *
 125       * @return moodle_url
 126       */
 127      function change_password_url() {
 128          return null;
 129      }
 130  
 131      /**
 132       * Returns true if plugin allows resetting of internal password.
 133       *
 134       * @return bool
 135       */
 136      function can_reset_password() {
 137          return false;
 138      }
 139  
 140      /**
 141       * Prints a form for configuring this authentication plugin.
 142       *
 143       * This function is called from admin/auth.php, and outputs a full page with
 144       * a form for configuring this plugin.
 145       *
 146       * @param array $page An object containing all the data for this page.
 147       */
 148      function config_form($config, $err, $user_fields) {
 149      }
 150  
 151      /**
 152       * Processes and stores configuration data for this authentication plugin.
 153       */
 154      function process_config($config) {
 155          return true;
 156      }
 157  
 158     /**
 159       * Confirm the new user as registered. This should normally not be used,
 160       * but it may be necessary if the user auth_method is changed to manual
 161       * before the user is confirmed.
 162       */
 163      function user_confirm($username, $confirmsecret = null) {
 164          return AUTH_CONFIRM_ERROR;
 165      }
 166  
 167  }