mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-18 22:08:20 +01:00
Code Issues Projects Releases Wiki Activity

webservice MDL-20805 add token authentication method to test client (+ use token constant)

Browse Source
This commit is contained in:
jerome mouneyrac 2010-01-13 10:10:27 +00:00
parent eec99048c2
commit bff11d2953
5 changed files with 107 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
admin/webservice/tokens.php
View File

@ -72,7 +72,7 @@ switch ($action) {
} else {
throw new moodle_exception('nocapabilitytousethisservice');
}
$newtoken->tokentype = 2;
$newtoken->tokentype = EXTERNAL_TOKEN_PERMANENT;
$newtoken->userid = $data->user;
//TODO: find a way to get the context - UPDATE FOLLOWING LINE
$newtoken->contextid = get_context_instance(CONTEXT_SYSTEM)->id;
@ -103,7 +103,7 @@ switch ($action) {
FROM
{external_tokens} token, {user} user, {external_services} service
WHERE
token.creatorid=? AND token.id=? AND token.tokentype = 2 AND service.id = token.externalserviceid AND token.userid = user.id";
token.creatorid=? AND token.id=? AND token.tokentype = ".EXTERNAL_TOKEN_PERMANENT." AND service.id = token.externalserviceid AND token.userid = user.id";
$token = $DB->get_record_sql($sql, array($USER->id, $tokenid), MUST_EXIST); //must be the token creator
if (!$confirm) {
admin_externalpage_print_header();

18
lib/externallib.php
View File

@ -24,25 +24,9 @@
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
/**
* Security token used for allowing access
* from external application such as web services.
* Scripts do not use any session, performance is relatively
* low because we need to load access info in each request.
* Scrits are executed in parallel.
*/
define('EXTERNAL_TOKEN_PERMANENT', 0);
/**
* Security token used for allowing access
* of embedded applications, the code is executed in the
* active user session. Token is invalidated after user logs out.
* Scripts are executed serially - normal session locking is used.
*/
define('EXTERNAL_TOKEN_EMBEDDED', 1);
/**
* Returns detailed functio information
* Returns detailed function information
* @param string|object $function name of external function or record from external_function
* @param int $strictness IGNORE_MISSING means compatible mode, false returned if record not found, debug message if more found;
* MUST_EXIST means throw exception if no record or multiple records found

4
user/managetoken.php
View File

@ -69,7 +69,7 @@ switch ($action) {
throw new moodle_exception('nocapabilitytousethisservice');
}
$newtoken->tokentype = 2;
$newtoken->tokentype = EXTERNAL_TOKEN_PERMANENT;
$newtoken->userid = $USER->id;
//TODO: find a way to get the context - UPDATE FOLLOWING LINE
$newtoken->contextid = get_context_instance(CONTEXT_SYSTEM)->id;
@ -98,7 +98,7 @@ switch ($action) {
FROM
{external_tokens} token, {user} user, {external_services} service
WHERE
token.creatorid=? AND token.id=? AND token.tokentype = 2 AND service.id = token.externalserviceid AND token.userid = user.id";
token.creatorid=? AND token.id=? AND token.tokentype = ".EXTERNAL_TOKEN_PERMANENT." AND service.id = token.externalserviceid AND token.userid = user.id";
$token = $DB->get_record_sql($sql, array($USER->id, $tokenid), MUST_EXIST); //must be the token creator
if (!$confirm) {
echo $OUTPUT->header();

15
webservice/testclient.php
View File

@ -30,6 +30,7 @@ require_once("$CFG->dirroot/webservice/testclient_forms.php");
$function = optional_param('function', '', PARAM_SAFEDIR);
$protocol = optional_param('protocol', '', PARAM_SAFEDIR);
$authmethod = optional_param('authmethod', '', PARAM_SAFEDIR);
$PAGE->set_url('webservice/testclient.php');
@ -87,7 +88,7 @@ if (!$function or !$protocol) {
$class = $function.'_form';
$mform = new $class();
$mform = new $class(null, array('authmethod' => $authmethod));
$mform->set_data(array('function'=>$function, 'protocol'=>$protocol));
if ($mform->is_cancelled()) {
@ -106,9 +107,15 @@ if ($mform->is_cancelled()) {
}
$testclient = new $testclientclass();
$serverurl = "$CFG->wwwroot/webservice/$protocol/simpleserver.php";
$serverurl .= '?wsusername='.urlencode($data->wsusername);
$serverurl .= '&wspassword='.urlencode($data->wspassword);
$serverurl = "$CFG->wwwroot/webservice/$protocol/";
if ($authmethod == 'simple') {
$serverurl .= 'simpleserver.php';
$serverurl .= '?wsusername='.urlencode($data->wsusername);
$serverurl .= '&wspassword='.urlencode($data->wspassword);
} else if ($authmethod == 'token') {
$serverurl .= 'server.php';
$serverurl .= '?wstoken='.urlencode($data->token);
}
// now get the function parameters
$params = $mform->get_params();

105
webservice/testclient_forms.php
View File

@ -12,6 +12,9 @@ class webservice_test_client_form extends moodleform {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));
$authmethod = array('simple' => 'simple', 'token' => 'token');
$mform->addElement('select', 'authmethod', get_string('authmethod', 'webservice'), $authmethod);
$mform->addElement('select', 'protocol', get_string('protocol', 'webservice'), $protocols);
$mform->addElement('select', 'function', get_string('function', 'webservice'), $functions);
@ -27,12 +30,22 @@ class moodle_group_create_groups_form extends moodleform {
global $CFG;
$mform = $this->_form;
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));
//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}
$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'courseid', 'courseid');
$mform->addElement('text', 'name', 'name');
$mform->addElement('text', 'description', 'description');
@ -44,6 +57,8 @@ class moodle_group_create_groups_form extends moodleform {
$mform->addElement('hidden', 'protocol');
$mform->setType('protocol', PARAM_SAFEDIR);
$mform->addElement('static', 'warning', '', get_string('executewarnign', 'webservice'));
$this->add_action_buttons(true, get_string('execute', 'webservice'));
@ -59,6 +74,8 @@ class moodle_group_create_groups_form extends moodleform {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);
$params = array();
$params['groups'] = array();
@ -77,8 +94,16 @@ class moodle_group_get_groups_form extends moodleform {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));
//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}
$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'groupids[0]', 'groupids[0]');
$mform->addElement('text', 'groupids[1]', 'groupids[1]');
$mform->addElement('text', 'groupids[2]', 'groupids[2]');
@ -103,6 +128,8 @@ class moodle_group_get_groups_form extends moodleform {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);
$params = array();
$params['groupids'] = array();
@ -126,8 +153,16 @@ class moodle_group_get_course_groups_form extends moodleform {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));
//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}
$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'courseid', 'courseid');
$mform->addElement('hidden', 'function');
@ -149,6 +184,8 @@ class moodle_group_get_course_groups_form extends moodleform {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);
$params = array();
$params['courseid'] = $data->courseid;
@ -166,8 +203,16 @@ class moodle_group_delete_groups_form extends moodleform {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));
//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}
$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'groupids[0]', 'groupids[0]');
$mform->addElement('text', 'groupids[1]', 'groupids[1]');
$mform->addElement('text', 'groupids[2]', 'groupids[2]');
@ -194,6 +239,8 @@ class moodle_group_delete_groups_form extends moodleform {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);
$params = array();
$params['groupids'] = array();
@ -217,8 +264,16 @@ class moodle_group_get_groupmembers_form extends moodleform {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));
//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}
$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'groupids[0]', 'groupids[0]');
$mform->addElement('text', 'groupids[1]', 'groupids[1]');
$mform->addElement('text', 'groupids[2]', 'groupids[2]');
@ -243,6 +298,8 @@ class moodle_group_get_groupmembers_form extends moodleform {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);
$params = array();
$params['groupids'] = array();
@ -266,8 +323,16 @@ class moodle_group_add_groupmembers_form extends moodleform {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));
//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}
$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'userid[0]', 'userid[0]');
$mform->addElement('text', 'groupid[0]', 'groupid[0]');
$mform->addElement('text', 'userid[1]', 'userid[1]');
@ -292,6 +357,8 @@ class moodle_group_add_groupmembers_form extends moodleform {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);
$params = array();
$params['members'] = array();
@ -315,8 +382,16 @@ class moodle_group_delete_groupmembers_form extends moodleform {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));
//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}
$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'userid[0]', 'userid[0]');
$mform->addElement('text', 'groupid[0]', 'groupid[0]');
$mform->addElement('text', 'userid[1]', 'userid[1]');
@ -341,6 +416,8 @@ class moodle_group_delete_groupmembers_form extends moodleform {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);
$params = array();
$params['members'] = array();