Merge branch 'MDL-58220-master-fix4' of http://github.com/damyon/moodle

This commit is contained in:
Andrew Nicols 2017-04-06 11:54:58 +08:00
commit 97f17c0490
2 changed files with 14 additions and 3 deletions

View File

@ -256,6 +256,7 @@ class auth extends \auth_plugin_base {
require_once($CFG->libdir . '/filelib.php');
require_once($CFG->libdir . '/gdlib.php');
require_once($CFG->dirroot . '/user/lib.php');
$fs = get_file_storage();
$userid = $user->id;
@ -373,6 +374,7 @@ class auth extends \auth_plugin_base {
$errormsg = get_string('loginerror_nouserinfo', 'auth_oauth2');
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url($CFG->httpswwwroot . '/login/index.php'));
}
if (empty($userinfo['username']) || empty($userinfo['email'])) {
@ -384,10 +386,12 @@ class auth extends \auth_plugin_base {
$errormsg = get_string('loginerror_userincomplete', 'auth_oauth2');
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url($CFG->httpswwwroot . '/login/index.php'));
}
$userinfo['username'] = trim(core_text::strtolower($userinfo['username']));
$oauthemail = $userinfo['email'];
// Once we get here we have the user info from oauth.
$userwasmapped = false;
@ -423,6 +427,7 @@ class auth extends \auth_plugin_base {
$errormsg = get_string('confirmationpending', 'auth_oauth2');
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url($CFG->httpswwwroot . '/login/index.php'));
}
} else if (!empty($linkedlogin)) {
@ -434,10 +439,12 @@ class auth extends \auth_plugin_base {
$errormsg = get_string('confirmationpending', 'auth_oauth2');
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url($CFG->httpswwwroot . '/login/index.php'));
}
$issuer = $client->get_issuer();
if (!$issuer->is_valid_login_domain($userinfo['email'])) {
if (!$issuer->is_valid_login_domain($oauthemail)) {
// Trigger login failed event.
$failurereason = AUTH_LOGIN_UNAUTHORISED;
$event = \core\event\user_login_failed::create(['other' => ['username' => $userinfo['username'],
@ -446,6 +453,7 @@ class auth extends \auth_plugin_base {
$errormsg = get_string('notloggedindebug', 'auth_oauth2', get_string('loginerror_invaliddomain', 'auth_oauth2'));
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url($CFG->httpswwwroot . '/login/index.php'));
}
@ -478,6 +486,7 @@ class auth extends \auth_plugin_base {
// The username exists but the emails don't match. Refuse to continue.
$errormsg = get_string('accountexists', 'auth_oauth2');
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url($CFG->httpswwwroot . '/login/index.php'));
}
@ -491,6 +500,7 @@ class auth extends \auth_plugin_base {
$reason = get_string('loginerror_invaliddomain', 'auth_oauth2');
$errormsg = get_string('notloggedindebug', 'auth_oauth2', $reason);
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url($CFG->httpswwwroot . '/login/index.php'));
}
@ -504,6 +514,7 @@ class auth extends \auth_plugin_base {
$reason = get_string('loginerror_cannotcreateaccounts', 'auth_oauth2');
$errormsg = get_string('notloggedindebug', 'auth_oauth2', $reason);
$SESSION->loginerrormsg = $errormsg;
$client->log_out();
redirect(new moodle_url($CFG->httpswwwroot . '/login/index.php'));
}

View File

@ -40,8 +40,8 @@ if ($confirmed) {
// The user has confirmed successfully, let's log them in.
if (!$user = get_complete_user_data('username', $username)) {
print_error('cannotfinduser', '', '', s($username));
if (!$user = get_complete_user_data('id', $userid)) {
print_error('cannotfinduser', '', '', $userid);
}
if (!$user->suspended) {