Commit Graph

79 Commits

Author SHA1 Message Date
Ilya Tregubov e8898b3bd9 MDL-71593 oauth2: Remove methods that were readded by mistake. 2021-06-21 10:11:16 +02:00
Peter Dias 8e71f6b1f1 MDL-65637 core_oauth2: Introduce a new custom linkedin oauth2 client 2021-06-02 08:11:38 +08:00
Peter Dias 169e1812ed MDL-65637 core_oauth2: Create new oauth2 mapping function
Separated userinfo mapping into a function and new unit test
2021-06-02 08:11:38 +08:00
David Mudrák 03402e3c5d MDL-71580 lang: Fix reworded strings in tests 2021-05-12 17:10:16 +02:00
abgreeve 8a53fe7f6b Merge branch 'MDL-28452-master' of git://github.com/bmbrands/moodle 2021-04-22 09:38:50 +08:00
Bas Brands f9e1c2587a MDL-28452 core_user: migrate social profile fields
Create a new profile field type, move all existing content of the fields
'icq', 'skype', 'aim', 'yahoo', 'msn' and 'url' in the mdl_user table to
theses new profile fields if needed.

AMOS BEGIN
MOV [aimid,core],[aimid,courseimage,profilefield_social]
MOV [yahooid,core],[yahooid,profilefield_social]
MOV [skypeid,core],[skypeid,profilefield_social]
MOV [icqnumber,core],[icqnumber,profilefield_social]
MOV [msnid,core],[msnid,profilefield_social]
MOV [webpage,core],[webpage,profilefield_social]
AMOS END
2021-04-21 11:22:25 +02:00
Marina Glancy 57a444d31f MDL-71017 oath2: configuration check fix and return types 2021-04-20 12:07:54 +02:00
David Matamoros 5a6f05c605 MDL-71017 tool_oauth2: Small fixes on Oauth 2 services UI and tests 2021-04-20 10:50:44 +02:00
Marina Glancy 0152fdbdff MDL-71017 oauth2: configure some oauth2 services for login only 2021-04-20 10:50:40 +02:00
Sara Arjona 7afda52e62 MDL-70722 oauth2: move Nextcloud methods to service class 2021-03-26 09:20:52 +01:00
Sara Arjona fdaa958ff7 MDL-70722 oauth2: move Microsoft methods to service class 2021-03-26 09:20:52 +01:00
Sara Arjona 0b53d70ae9 MDL-70722 oauth2: move Facebook methods to service class 2021-03-26 09:20:52 +01:00
Sara Arjona 5d93de8b67 MDL-70722 core_badges: minor fixes from MDL-70689
In MDL-70689, Eloy and Helen suggested some fixes to improve this patch.
As this is a followup issue to move the pending services, this
very first commit will fix pending things raised in the parent issue.
2021-03-26 09:20:52 +01:00
Sara Arjona 0f59f19d3b MDL-70689 oauth2: self-register IMS OBv2.1 services
IMS OBv2.1 services have a registration endpoint to get client id
and secret.
This patch adds and implements the "register" method for the IMS
Open Badges Connect discovery system, to get the proper client id
and secret values.
2021-03-12 12:31:24 +01:00
Sara Arjona 5066c60206 MDL-70689 oauth2: add support to IMS OBv2.1 service
In order to make easier to create and maintain new OAuth2 services,
a couple of classes have been added:

- discovery\* contains methods related to the discovery system. Until
now, only OpenID Connect was supported by Moodle so all the code was
centralised in api.php.
With this patch, as IMS OBv2.1 has a different discovery system, a new
abstract class (base_definition) has been added to be called and let
every discovery system (OpenID Connect, IMS Badge Connect...)
implement their own methods.

- service\* . Instead of keep adding methods to the api, the service
namespace has been created to store all the standard issuer services.
An interface (issuer_interface) has been created and all the services
should implement it.
This patch creates the "IMS OBv2.1" and "Custom" services and moves
the methods for "Google" service because it uses the OpenID connect
discovery system.
2021-03-12 12:31:22 +01:00
Leon Stringer 5070f0d7ce MDL-70282 oauth: Improve error information
If the request to the OAuth 2 token endpoint fails show the response
body the endpoint returned with its HTTP status (when debug: DEVELOPER).
If no response is available show any error returned by Curl.  Previously
none of this information was available making troubleshooting difficult.

If a token refresh fails in \core\oauth2\refresh_system_tokens_task an
exception is now thrown so that the result is shown as "Fail" on
admin/tasklogs.php?filter=core\oauth2\refresh_system_tokens_task
2021-01-28 10:00:18 +00:00
David Mudrák 16d8706e2e MDL-70430 oauth2: Fix storing of the new refresh token
There was a typo - missing underscore. As a result, the new refresh
token was never updated in the database. Depending on the issuer and
whether or when theyu invalidate issued refresh tokens, this might or
might not make the token refresh stop working.
2020-12-08 11:26:23 +01:00
Jake Dallimore 0132037427 MDL-59510 core_oauth2: add autorefresh mode to oauth2\client
Changes:
- The client can now be instantiated with the new mode enabled.
- A user refresh token will be stored if returned as part of the
authorization_code grant but only if the user is authenticated and only
if the mode is enabled.
- If the mode permits it, attempt to exchange a stored refresh token for
a new access token during login checks, allowing access to continue
across sessions without the need to re-grant consent every time.
- Purge all refresh tokens for a given user, issuer and scope on client
log out. This makes sure logout persists across logins.
2020-10-05 09:19:29 +08:00
Mark Nelson 4b0cf053dc MDL-64206 core: updated FB logo URL 2018-12-03 12:20:51 +08:00
Jun Pataleta 69b6e2e9bc Merge branch 'MDL-64079-master' of https://github.com/Dagefoerde/moodle 2018-11-21 22:44:16 +08:00
Jan Dageförde 121fa4381e MDL-64079 oauth2: Set an arbitrary expiration date for eternal tokens
The oauth2 standard does not require access tokens to have an
expiration date. This assumes a default validity period of 7 days unless
an explicit expiration date is communicated by the server.
2018-11-21 10:07:14 +01:00
Jan Dageförde 3559677cb7 MDL-64078 oauth2: Google service relies on autodiscovery 2018-11-20 16:43:35 +01:00
Jan Dageförde f11a7d6a05 MDL-63696 oauth2: Store system account access tokens in DB 2018-11-16 11:43:16 +01:00
Jan Dageförde daef88213b MDL-58943 oauth2: use standard way of URL validation 2018-10-31 10:42:58 +08:00
Tobias Reischmann 3e3e120d3a MDL-58943 oauth2: Added nextcloud to standard issuers
* New button allows to create standard issuer for nextcloud
* Since the endpoints url has to be https and nextcloud relys on the
baseurl to create the endpoints, the baseurl of issuers has now to be
https as well (or empty).
* Google's baseurl was changed to https (there was no reason not to),
whereas Facebook and Microsoft baseurls remain empty.
* In case of the creation of a nextcloud issuer, the baseurl is
required.
* Nextcloud requires the baseurl, therefore a parameter is added to
create_standard_issuer($type, $baseurl = false). That parameter not
required (or used) for anything but Nextcloud.
2018-10-31 10:42:58 +08:00
Tobias Reischmann fa6cd89b24 MDL-58943 oauth2: Split issuer initialization from endpoint creation
* Splitted the initialization of default values for issuers, the
creation of the issuer, and the creation of its endpoints. This is
a fix for following use case:
 1. A user creates a standard issuer.
 2. She cancels the form.
 3. However, the issuer was already created. Thus, the cancel had no
effect.
* The function create_standard_issuer($type) can still be used to create
issuers programmatically if all required data is known beforehand (e.g.,
during upgrade or in tests).
2018-10-31 10:42:57 +08:00
Jun Pataleta 7766dbed5d MDL-61826 auth: Make Facebook endpoints more maintainable 2018-06-06 12:44:24 +08:00
Łukasz Szeremeta ac45c16544 MDL-61826 auth: Facebook OAuth2 - getting a better-quality profile photo
Get 200x200 px instead of 50x50 px user profile picture from Facebook OAuth2.
2018-06-06 12:09:09 +08:00
Leon Stringer 02cc1ecd77 MDL-62316 OAuth 2: Only guess image if base URL set.
If you added an OAuth 2 service with no base URL guess_image() would try to
parse this empty value looking for a favicon.ico.  We now check if the base
URL is empty beforehand and skip this if so.
2018-05-22 17:43:05 +01:00
Eloy Lafuente (stronk7) 11f07048f4 Merge branch 'MDL-61827' of git://github.com/lszeremeta/moodle 2018-04-20 02:32:26 +02:00
David Monllao baf8ff9cbf Merge branch 'MDL-61716-master' of git://github.com/mastnym/moodle 2018-04-18 18:24:10 +02:00
Łukasz Szeremeta 65bcb7da0e MDL-61827 auth: Change Facebook Graph API v2.8 to v.2.12 in OAuth2
Use v2.12 Facebook Graph API instead of v2.8
2018-04-13 21:40:42 +02:00
yair.spielmann b323508554 MDL-59512 tool_oauth2: add option for basic authentication 2017-11-17 10:15:29 +01:00
Jan Dageförde 99e632c446 MDL-59889 oauth2: Remove check for storing new refresh token 2017-10-06 14:49:17 +02:00
Jun Pataleta c5830051e5 Merge branch 'MDL-59855-master' of git://github.com/junpataleta/moodle 2017-08-29 11:43:36 +08:00
Jun Pataleta 7927138d50 MDL-59855 oauth2: More PHPDocs fixes
* Fix PHPDoc return type for api::get_system_account()
* Fix PHPDoc for the $contenttype parameter in \core\oauth2\rest::call()
2017-08-29 11:18:23 +08:00
Jan Dageförde 8aa17e1347 MDL-59869 oauth2: Fix notification method 2017-08-26 15:42:12 +02:00
Jan Dageförde efbe24f5a8 MDL-59869 oauth2: Send expiry notification on exceptions, too 2017-08-26 15:42:12 +02:00
Jan Dageförde bd0b987338 MDL-59855 oauth2: Fix PHPDoc type hints 2017-08-26 15:42:04 +02:00
Jan Dageförde 3fa588c637 MDL-59511 oauth2: Allow empty email in system account 2017-07-28 10:07:25 +02:00
David Monllao 9e3b60c95d Merge branch 'MDL-59539-master' of git://github.com/tobiasreischmann/moodle 2017-07-17 10:14:55 +02:00
Tobias Reischmann d029841300 MDL-59539 oauth2/issuer: Changed baseurl for guessing image URL
The url, which was used for guessing the image, was queried with the
key 'discoveryurl', which is not defined in the context of an issuer.
The baseurl should be sufficient to retrieve the favicon.ico from a
server. That's why the key for was changed from 'discoveryurl' to
'baseurl'.
2017-07-14 11:10:50 +02:00
Damyon Wiese 859e2033cb MDL-58544 oauth2: Allow trusted issuers
Add a setting to each issuer that skips the email confirmation when creating and linking accounts.
2017-06-27 16:50:27 +08:00
Damyon Wiese 3ba79ff19a MDL-58535 oauth2: Don't rely on the return scopes
MS makes a big mess of returning scopes from oauth requests. They only return the custom MS scopes like
User.Read and they never return non-MS scopes (like openid, profile, email).
2017-05-02 10:03:58 +08:00
Damyon Wiese 8381b05d49 MDL-58535 repository_onedrive: Integration review fixes
Fixes for some missing imports and unused variables.
2017-05-01 16:15:36 +08:00
Damyon Wiese 0b1a14aef9 MDL-58280 fileconverter_googledrive: More helpful errors
Detect some config errors and give a better error message.
2017-04-20 11:28:06 +08:00
Damyon Wiese 9fe3363301 MDL-58280 fileconverter_googledrive: Is born. 2017-04-20 10:49:17 +08:00
Jan Dageförde eb4ab7c4b8 MDL-58489 core: Fix unreachable HTTP error handling 2017-04-07 09:50:15 +02:00
Damyon Wiese 14cfd280d3 MDL-58220 oauth2: Sanity check user pictures 2017-04-03 13:43:27 +08:00
Damyon Wiese 7f15866006 MDL-58220 oauth2: Use email as default username
And give better error messages.
2017-04-03 13:43:27 +08:00