Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 3.11.x will end 14 Nov 2022 (12 months plus 6 months extension).
  • Bug fixes for security issues in 3.11.x will end 13 Nov 2023 (18 months plus 12 months extension).
  • PHP version: minimum PHP 7.3.0 Note: minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is supported too.

Differences Between: [Versions 310 and 311] [Versions 39 and 311]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * A scheduled task.
  19   *
  20   * @package    core
  21   * @copyright  2017 Damyon Wiese
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  namespace core\oauth2;
  26  
  27  use \core\task\scheduled_task;
  28  use core_user;
  29  use moodle_exception;
  30  
  31  defined('MOODLE_INTERNAL') || die();
  32  
  33  /**
  34   * Task to refresh system tokens regularly. Admins are notified in case an authorisation expires.
  35   * @package    core
  36   * @copyright  2017 Damyon Wiese
  37   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  38   */
  39  class refresh_system_tokens_task extends scheduled_task {
  40  
  41      /**
  42       * Get a descriptive name for this task (shown to admins).
  43       *
  44       * @return string
  45       */
  46      public function get_name() {
  47          return get_string('taskrefreshsystemtokens', 'admin');
  48      }
  49  
  50      /**
  51       * Notify admins when an OAuth refresh token expires. Should not happen if cron is running regularly.
  52       * @param \core\oauth2\issuer $issuer
  53       */
  54      protected function notify_admins(\core\oauth2\issuer $issuer) {
  55          global $CFG;
  56          $admins = get_admins();
  57  
  58          if (empty($admins)) {
  59              return;
  60          }
  61          foreach ($admins as $admin) {
  62              $strparams = ['siteurl' => $CFG->wwwroot, 'issuer' => $issuer->get('name')];
  63              $long = get_string('oauthrefreshtokenexpired', 'core_admin', $strparams);
  64              $short = get_string('oauthrefreshtokenexpiredshort', 'core_admin', $strparams);
  65              $message = new \core\message\message();
  66              $message->courseid          = SITEID;
  67              $message->component         = 'moodle';
  68              $message->name              = 'errors';
  69              $message->userfrom          = core_user::get_noreply_user();
  70              $message->userto            = $admin;
  71              $message->subject           = $short;
  72              $message->fullmessage       = $long;
  73              $message->fullmessageformat = FORMAT_PLAIN;
  74              $message->fullmessagehtml   = $long;
  75              $message->smallmessage      = $short;
  76              $message->notification      = 1;
  77              message_send($message);
  78          }
  79      }
  80  
  81  
  82      /**
  83       * Do the job.
  84       * Throw exceptions on errors (the job will be retried).
  85       */
  86      public function execute() {
  87          $issuers = \core\oauth2\api::get_all_issuers(true);
  88          $tasksuccess = true;
  89          foreach ($issuers as $issuer) {
  90              if ($issuer->is_system_account_connected()) {
  91                  try {
  92                      // Try to get an authenticated client; renew token if necessary.
  93                      // Returns false or throws a moodle_exception on error.
  94                      $success = \core\oauth2\api::get_system_oauth_client($issuer);
  95                  } catch (moodle_exception $e) {
  96                      mtrace($e->getMessage());
  97                      $success = false;
  98                  }
  99                  if ($success === false) {
 100                      $this->notify_admins($issuer);
 101                      $tasksuccess = false;
 102                  }
 103              }
 104          }
 105  
 106          if (!$tasksuccess) {
 107               throw new moodle_exception('oauth2refreshtokentaskerror', 'core_error');
 108          }
 109      }
 110  
 111  }