MDL-69555 tool_mobile: Allow to set QR login keys duration time

2025-01-19 06:18:28 +01:00 · 2021-11-19 14:59:42 +01:00 · 2021-11-19 14:59:42 +01:00 · 80a9eef971
commit 80a9eef971
parent 0c63990e4f
7 changed files with 24 additions and 9 deletions
--- a/admin/tool/mobile/classes/api.php
+++ b/admin/tool/mobile/classes/api.php
@ -53,7 +53,7 @@ class api {
    const LOGIN_KEY_TTL = 60;
    /** @var string URL of the Moodle Apps Portal */
    const MOODLE_APPS_PORTAL_URL = 'https://apps.moodle.com';
-    /** @var int seconds a QR login key will expire. */
+    /** @var int default value in seconds a QR login key will expire. */
    const LOGIN_QR_KEY_TTL = 600;
    /** @var int QR code disabled value */
    const QR_CODE_DISABLED = 0;
@ -383,17 +383,19 @@ class api {
     * Creates a QR login key for the current user, this key is restricted by time and ip address.
     * This key is used for automatically login the user in the site when the user scans a QR code in the Moodle app.
     *
+     * @param  stdClass $mobilesettings  mobile app plugin settings
     * @return string the key
     * @since Moodle 3.9
     */
-    public static function get_qrlogin_key() {
+    public static function get_qrlogin_key(stdClass $mobilesettings) {
        global $USER;
        // Delete previous keys.
        delete_user_key('tool_mobile', $USER->id);

        // Create a new key.
        $iprestriction = getremoteaddr(null);
-        $validuntil = time() + self::LOGIN_QR_KEY_TTL;
+        $qrkeyttl = !empty($mobilesettings->qrkeyttl) ? $mobilesettings->qrkeyttl : self::LOGIN_QR_KEY_TTL;
+        $validuntil = time() + $qrkeyttl;
        return create_user_key('tool_mobile', $USER->id, null, $iprestriction, $validuntil);
    }

@ -687,7 +689,7 @@ class api {
        $data = $urlscheme . '://' . $CFG->wwwroot;

        if ($mobilesettings->qrcodetype == static::QR_CODE_LOGIN) {
-            $qrloginkey = static::get_qrlogin_key();
+            $qrloginkey = static::get_qrlogin_key($mobilesettings);
            $data .= '?qrlogin=' . $qrloginkey . '&userid=' . $USER->id;
        }

--- a/admin/tool/mobile/lang/en/tool_mobile.php
+++ b/admin/tool/mobile/lang/en/tool_mobile.php
@ -114,13 +114,15 @@ $string['pluginname'] = 'Moodle app tools';
 $string['pluginnotenabledorconfigured'] = 'Plugin not enabled or configured.';
 $string['qrcodedisabled'] = 'Access via QR code disabled';
 $string['qrcodeformobileappaccess'] = 'QR code for mobile app access';
-$string['qrcodeformobileapploginabout'] = 'Scan the QR code with your mobile app and you will be automatically logged in. The QR code will expire in {$a} minutes.';
+$string['qrcodeformobileapploginabout'] = 'Scan the QR code with your mobile app and you will be automatically logged in. The QR code will expire in {$a}.';
 $string['qrcodeformobileappurlabout'] = 'Scan the QR code with your mobile app to fill in the site URL in your app.';
 $string['qrsiteadminsnotallowed'] = 'For security reasons login via QR code is not allowed for site administrators or if you are logged in as another user.';
 $string['qrcodetype'] = 'QR code access';
 $string['qrcodetype_desc'] = 'A QR code can be provided for mobile app users to scan. This can be used to fill in the site URL, or where the site is secured using HTTPS, to automatically log the user in without having to enter their username and password.';
 $string['qrcodetypeurl'] = 'QR code with site URL';
 $string['qrcodetypelogin'] = 'QR code with automatic login';
+$string['qrkeyttl'] = 'QR authentication key duration';
+$string['qrkeyttl_desc'] = 'Length of time for which a QR code for authentication is valid. Empty values are not allowed, in that case the default value for the setting will be used.';
 $string['readingthisemailgettheapp'] = 'Reading this in an email? <a href="{$a}">Download the mobile app and receive notifications on your mobile device</a>.';
 $string['remoteaddons'] = 'Remote add-ons';
 $string['scanqrcode'] = 'Scan QR code';
--- a/admin/tool/mobile/lib.php
+++ b/admin/tool/mobile/lib.php
@ -149,8 +149,9 @@ function tool_mobile_myprofile_navigation(\core_user\output\myprofile\tree $tree
            } else {
                $qrcodeimg = tool_mobile\api::generate_login_qrcode($mobilesettings);

-                $minutes = tool_mobile\api::LOGIN_QR_KEY_TTL / MINSECS;
-                $mobileqr = html_writer::tag('p', get_string('qrcodeformobileapploginabout', 'tool_mobile', $minutes));
+                $qrkeyttl = !empty($mobilesettings->qrkeyttl) ? $mobilesettings->qrkeyttl : tool_mobile\api::LOGIN_QR_KEY_TTL;
+                $mobileqr = html_writer::tag('p', get_string('qrcodeformobileapploginabout', 'tool_mobile',
+                    format_time($qrkeyttl)));
                $mobileqr .= html_writer::link('#qrcode', get_string('viewqrcode', 'tool_mobile'),
                    ['class' => 'btn btn-primary mt-2', 'data-toggle' => 'collapse',
                    'role' => 'button', 'aria-expanded' => 'false']);
--- a/admin/tool/mobile/settings.php
+++ b/admin/tool/mobile/settings.php
@ -117,6 +117,11 @@ if ($hassiteconfig) {
                new lang_string('qrcodetype', 'tool_mobile'),
                new lang_string('qrcodetype_desc', 'tool_mobile'), $qrcodetypedefault, $options));

+    $temp->add(new admin_setting_configduration('tool_mobile/qrkeyttl',
+        new lang_string('qrkeyttl', 'tool_mobile'),
+        new lang_string('qrkeyttl_desc', 'tool_mobile'), tool_mobile\api::LOGIN_QR_KEY_TTL, MINSECS));
+    $temp->hide_if('tool_mobile/qrkeyttl', 'tool_mobile/qrcodetype', 'neq', tool_mobile\api::QR_CODE_LOGIN);
+
    $temp->add(new admin_setting_configtext('tool_mobile/forcedurlscheme',
                new lang_string('forcedurlscheme_key', 'tool_mobile'),
                new lang_string('forcedurlscheme', 'tool_mobile'), 'moodlemobile', PARAM_NOTAGS));
--- a/admin/tool/mobile/tests/externallib_test.php
+++ b/admin/tool/mobile/tests/externallib_test.php
@ -623,7 +623,8 @@ class tool_mobile_external_testcase extends externallib_advanced_testcase {
        $user = $this->getDataGenerator()->create_user();
        $this->setUser($user);

-        $qrloginkey = api::get_qrlogin_key();
+        $mobilesettings = get_config('tool_mobile');
+        $qrloginkey = api::get_qrlogin_key($mobilesettings);

        // Generate new tokens, the ones we expect to receive.
        $service = $DB->get_record('external_services', array('shortname' => MOODLE_OFFICIAL_MOBILE_SERVICE));
--- a/admin/tool/mobile/upgrade.txt
+++ b/admin/tool/mobile/upgrade.txt
@ -1,6 +1,10 @@
 This files describes changes in tool_mobile code.
 Information provided here is intended especially for developers.

+=== 4.0 ===
+
+* The function tool_mobile\api::get_qrlogin_key() now requires as parameter an object with all the mobile plugin settings.
+
 === 3.7 ===

 * New external function tool_mobile::tool_mobile_call_external_function allows calling multiple external functions and returns all responses.
--- a/version.php
+++ b/version.php
@ -29,7 +29,7 @@

 defined('MOODLE_INTERNAL') || die();

-$version  = 2022010700.00;              // YYYYMMDD      = weekly release date of this DEV branch.
+$version  = 2022010700.01;              // YYYYMMDD      = weekly release date of this DEV branch.
                                        //         RR    = release increments - 00 in DEV branches.
                                        //           .XX = incremental changes.
 $release  = '4.0dev+ (Build: 20220107)'; // Human-friendly version name