| [ Index ] |
PHP Cross Reference of Unnamed Project |
[Summary view] [Print] [Text view]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * AJAX script for validating backpack connection. 19 * 20 * @package core 21 * @subpackage badges 22 * @copyright 2012 onwards Totara Learning Solutions Ltd {@link http://www.totaralms.com/} 23 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 24 * @author Simon Coggins <simon.coggins@totaralms.com> 25 */ 26 27 define('AJAX_SCRIPT', true); 28 29 require_once(__DIR__ . '/../config.php'); 30 require_once($CFG->dirroot . '/badges/lib/backpacklib.php'); 31 require_once($CFG->libdir . '/filelib.php'); 32 require_once($CFG->libdir . '/badgeslib.php'); 33 34 require_sesskey(); 35 require_login(); 36 $PAGE->set_url('/badges/backpackconnect.php'); 37 $PAGE->set_context(context_system::instance()); 38 echo $OUTPUT->header(); 39 40 // Use PHP input filtering as there is no PARAM type for 41 // the type of cleaning that is required (ASCII chars 32-127 only). 42 $assertion = filter_input( 43 INPUT_POST, 44 'assertion', 45 FILTER_UNSAFE_RAW, 46 FILTER_FLAG_STRIP_LOW|FILTER_FLAG_STRIP_HIGH 47 ); 48 49 // Audience is the site url scheme + host + port only. 50 $wwwparts = parse_url($CFG->wwwroot); 51 $audience = $wwwparts['scheme'] . '://' . $wwwparts['host']; 52 $audience .= isset($wwwparts['port']) ? ':' . $wwwparts['port'] : ''; 53 $params = 'assertion=' . urlencode($assertion) . '&audience=' . 54 urlencode($audience); 55 56 $curl = new curl(); 57 $url = 'https://verifier.login.persona.org/verify'; 58 $options = array( 59 'FRESH_CONNECT' => true, 60 'RETURNTRANSFER' => true, 61 'FORBID_REUSE' => true, 62 'SSL_VERIFYPEER' => true, 63 'SSL_VERIFYHOST' => 2, 64 'HEADER' => 0, 65 'HTTPHEADER' => array('Content-type: application/x-www-form-urlencoded'), 66 'CONNECTTIMEOUT' => 0, 67 'TIMEOUT' => 10, // Fail if data not returned within 10 seconds. 68 ); 69 $result = $curl->post($url, $params, $options); 70 71 // Handle time-out and failed request. 72 if ($curl->errno != 0) { 73 if ($curl->errno == CURLE_OPERATION_TIMEOUTED) { 74 $reason = get_string('error:requesttimeout', 'badges'); 75 } else { 76 $reason = get_string('error:requesterror', 'badges', $curl->errno); 77 } 78 badges_send_response('failure', $reason); 79 } 80 81 $data = json_decode($result); 82 83 if (!isset($data->status) || $data->status != 'okay') { 84 $reason = isset($data->reason) ? $data->reason : get_string('error:connectionunknownreason', 'badges'); 85 badges_send_response('failure', $reason); 86 } 87 88 // Make sure email matches a backpack. 89 $check = new stdClass(); 90 $check->backpackurl = BADGE_BACKPACKURL; 91 $check->email = $data->email; 92 93 $bp = new OpenBadgesBackpackHandler($check); 94 $request = $bp->curl_request('user'); 95 if (isset($request->status) && $request->status == 'missing') { 96 $reason = get_string('error:backpackemailnotfound', 'badges', $data->email); 97 badges_send_response('failure', $reason); 98 } else if (empty($request->userId)) { 99 $reason = get_string('error:backpackdatainvalid', 'badges'); 100 badges_send_response('failure', $reason); 101 } else { 102 $backpackuid = $request->userId; 103 } 104 105 // Insert record. 106 $obj = new stdClass(); 107 $obj->userid = $USER->id; 108 $obj->email = $data->email; 109 $obj->backpackurl = BADGE_BACKPACKURL; 110 $obj->backpackuid = $backpackuid; 111 $obj->autosync = 0; 112 $obj->password = ''; 113 $DB->insert_record('badge_backpack', $obj); 114 115 // Return success indicator and email address. 116 badges_send_response('success', $data->email); 117 118 119 /** 120 * Return a JSON response containing the response provided. 121 * 122 * @param string $status Status of the response, typically 'success' or 'failure'. 123 * @param string $responsetext On success, the email address of the user, 124 * otherwise a reason for the failure. 125 * @return void Outputs the JSON and terminates the script. 126 */ 127 function badges_send_response($status, $responsetext) { 128 $out = new stdClass(); 129 $out->status = $status; 130 if ($status == 'success') { 131 $out->email = $responsetext; 132 } else { 133 $out->reason = $responsetext; 134 send_header_404(); 135 } 136 echo json_encode($out); 137 exit; 138 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Thu Aug 11 10:00:09 2016 | Cross-referenced by PHPXref 0.7.1 |