Search moodle.org's
Developer Documentation

See Release Notes
Long Term Support Release

  • Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
  • Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
  • PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.

Differences Between: [Versions 310 and 401] [Versions 311 and 401] [Versions 39 and 401] [Versions 400 and 401]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Confirm self oauth2 user.
  19   *
  20   * @package    auth_oauth2
  21   * @copyright  2017 Damyon Wiese
  22   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23   */
  24  
  25  require('../../config.php');
  26  require_once($CFG->libdir . '/authlib.php');
  27  
  28  $token = required_param('token', PARAM_RAW);
  29  $username = required_param('username', PARAM_USERNAME);
  30  $userid = required_param('userid', PARAM_INT);
  31  $issuerid = required_param('issuerid', PARAM_INT);
  32  $redirect = optional_param('redirect', '', PARAM_LOCALURL);    // Where to redirect the browser once the user has been confirmed.
  33  
  34  $PAGE->set_url('/auth/oauth2/confirm-linkedlogin.php');
  35  $PAGE->set_context(context_system::instance());
  36  
  37  if (!\auth_oauth2\api::is_enabled()) {
  38      throw new \moodle_exception('notenabled', 'auth_oauth2');
  39  }
  40  
  41  $confirmed = \auth_oauth2\api::confirm_link_login($userid, $username, $issuerid, $token);
  42  
  43  if ($confirmed) {
  44  
  45      // The user has confirmed successfully, let's log them in.
  46  
  47      if (!$user = get_complete_user_data('id', $userid)) {
  48          throw new \moodle_exception('cannotfinduser', '', '', $userid);
  49      }
  50  
  51      if ($user->id == $USER->id) {
  52          // Check where to go, $redirect has a higher preference.
  53          if (empty($redirect) and !empty($SESSION->wantsurl) ) {
  54              $redirect = $SESSION->wantsurl;
  55              unset($SESSION->wantsurl);
  56          }
  57  
  58          if (!empty($redirect)) {
  59              redirect($redirect);
  60          }
  61      }
  62  
  63      $PAGE->navbar->add(get_string("confirmed"));
  64      $PAGE->set_title(get_string("confirmed"));
  65      $PAGE->set_heading($COURSE->fullname);
  66      echo $OUTPUT->header();
  67      echo $OUTPUT->box_start('generalbox centerpara boxwidthnormal boxaligncenter');
  68      echo "<h3>".get_string("thanks").", ". fullname($user) . "</h3>\n";
  69      echo "<p>".get_string("confirmed")."</p>\n";
  70      // If $wantsurl and $redirect are empty, then the button will navigate the identical user to the dashboard.
  71      if ($user->id == $USER->id) {
  72          echo $OUTPUT->single_button("$CFG->wwwroot/course/", get_string('courses'));
  73      } else if (!isloggedin() || isguestuser()) {
  74          echo $OUTPUT->single_button(get_login_url(), get_string('login'));
  75      } else {
  76          echo $OUTPUT->single_button("$CFG->wwwroot/login/logout.php", get_string('logout'));
  77      }
  78      echo $OUTPUT->box_end();
  79      echo $OUTPUT->footer();
  80      exit;
  81  } else {
  82      // Avoid error if logged-in user visiting the page.
  83      if (!isloggedin()) {
  84          \core\notification::error(get_string('confirmationinvalid', 'auth_oauth2'));
  85      }
  86  }
  87  
  88  redirect("$CFG->wwwroot/");