Search moodle.org's
Developer Documentation
Developer Documentation
- Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
- Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
- PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.
/lib/classes/oauth2/discovery/ -> imsbadgeconnect.php (source)
Differences Between: [Versions 311 and 400] [Versions 311 and 401] [Versions 311 and 402] [Versions 311 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 namespace core\oauth2\discovery; 18 19 use curl; 20 use stdClass; 21 use moodle_exception; 22 use core\oauth2\issuer; 23 use core\oauth2\endpoint; 24 25 /** 26 * Class for IMS Open Badge Connect API (aka OBv2.1) discovery definition. 27 * 28 * @package core 29 * @since Moodle 3.11 30 * @copyright 2021 Sara Arjona (sara@moodle.com) 31 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 32 */ 33 class imsbadgeconnect extends base_definition { 34 35 /** 36 * Get the URL for the discovery manifest. 37 * 38 * @param issuer $issuer The OAuth issuer the endpoints should be discovered for. 39 * @return string The URL of the discovery file, containing the endpoints. 40 */ 41 public static function get_discovery_endpoint_url(issuer $issuer): string { 42 $url = $issuer->get('baseurl'); 43 if (!empty($url)) { 44 // Add slash at the end of the base url. 45 $url .= (substr($url, -1) == '/' ? '' : '/'); 46 // Append the well-known file for IMS OBv2.1. 47 $url .= '.well-known/badgeconnect.json'; 48 } 49 50 return $url; 51 } 52 53 /** 54 * Process the discovery information and create endpoints defined with the expected format. 55 * 56 * @param issuer $issuer The OAuth issuer the endpoints should be discovered for. 57 * @param stdClass $info The discovery information, with the endpoints to process and create. 58 * @return void 59 */ 60 protected static function process_configuration_json(issuer $issuer, stdClass $info): void { 61 $info = array_pop($info->badgeConnectAPI); 62 foreach ($info as $key => $value) { 63 if (substr_compare($key, 'Url', - strlen('Url')) === 0 && !empty($value)) { 64 $record = new stdClass(); 65 $record->issuerid = $issuer->get('id'); 66 // Convert key names from xxxxUrl to xxxx_endpoint, in order to make it compliant with the Moodle oAuth API. 67 $record->name = strtolower(substr($key, 0, - strlen('Url'))) . '_endpoint'; 68 $record->url = $value; 69 70 $endpoint = new endpoint(0, $record); 71 $endpoint->create(); 72 } else if ($key == 'scopesOffered') { 73 // Get and update supported scopes. 74 $issuer->set('scopessupported', implode(' ', $value)); 75 $issuer->update(); 76 } else if ($key == 'image' && empty($issuer->get('image'))) { 77 // Update the image with the value in the manifest file if it's valid and empty in the issuer. 78 $url = filter_var($value, FILTER_SANITIZE_URL); 79 // Remove multiple slashes in URL. It will fix the Badgr bug with image URL defined in their manifest. 80 $url = preg_replace('/([^:])(\/{2,})/', '$1/', $url); 81 if (filter_var($url, FILTER_VALIDATE_URL) !== false) { 82 $issuer->set('image', $url); 83 $issuer->update(); 84 } 85 } 86 } 87 } 88 89 /** 90 * Process how to map user field information. 91 * 92 * @param issuer $issuer The OAuth issuer the endpoints should be discovered for. 93 * @return void 94 */ 95 protected static function create_field_mappings(issuer $issuer): void { 96 // In that case, there are no user fields to map. 97 } 98 99 /** 100 * Self-register the issuer if the 'registration' endpoint exists and client id and secret aren't defined. 101 * 102 * @param issuer $issuer The OAuth issuer to register. 103 * @return void 104 */ 105 protected static function register(issuer $issuer): void { 106 global $CFG, $SITE; 107 108 $clientid = $issuer->get('clientid'); 109 $clientsecret = $issuer->get('clientsecret'); 110 111 // Registration request for getting client id and secret will be done only they are empty in the issuer. 112 // For now this can't be run from PHPUNIT (because IMS testing platform needs real URLs). In the future, this 113 // request can be moved to the moodle-exttests repository. 114 if (empty($clientid) && empty($clientsecret) && (!defined('PHPUNIT_TEST') || !PHPUNIT_TEST)) { 115 $url = $issuer->get_endpoint_url('registration'); 116 if ($url) { 117 $scopes = str_replace("\r", " ", $issuer->get('scopessupported')); 118 119 // Add slash at the end of the site URL. 120 $hosturl = $CFG->wwwroot; 121 $hosturl .= (substr($CFG->wwwroot, -1) == '/' ? '' : '/'); 122 123 // Create the registration request following the format defined in the IMS OBv2.1 specification. 124 $request = [ 125 'client_name' => $SITE->fullname, 126 'client_uri' => $hosturl, 127 'logo_uri' => $hosturl . 'pix/f/moodle-256.png', 128 'tos_uri' => $hosturl, 129 'policy_uri' => $hosturl, 130 'software_id' => 'moodle', 131 'software_version' => $CFG->version, 132 'redirect_uris' => [ 133 $hosturl . 'admin/oauth2callback.php' 134 ], 135 'token_endpoint_auth_method' => 'client_secret_basic', 136 'grant_types' => [ 137 'authorization_code', 138 'refresh_token' 139 ], 140 'response_types' => [ 141 'code' 142 ], 143 'scope' => $scopes 144 ]; 145 $jsonrequest = json_encode($request); 146 147 $curl = new curl(); 148 $curl->setHeader(['Content-type: application/json']); 149 $curl->setHeader(['Accept: application/json']); 150 151 // Send the registration request. 152 if (!$jsonresponse = $curl->post($url, $jsonrequest)) { 153 $msg = 'Could not self-register identity issuer: ' . $issuer->get('name') . 154 ". Wrong URL or JSON data [URL: $url]"; 155 throw new moodle_exception($msg); 156 } 157 158 // Process the response and update client id and secret if they are valid. 159 $response = json_decode($jsonresponse); 160 if (property_exists($response, 'client_id')) { 161 $issuer->set('clientid', $response->client_id); 162 $issuer->set('clientsecret', $response->client_secret); 163 $issuer->update(); 164 } else { 165 $msg = 'Could not self-register identity issuer: ' . $issuer->get('name') . 166 '. Invalid response ' . $jsonresponse; 167 throw new moodle_exception($msg); 168 } 169 } 170 } 171 } 172 173 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
