mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-18 22:08:20 +01:00
Code Issues Projects Releases Wiki Activity
84,942 Commits 36 Branches 519 Tags
Commit Graph

34 Commits

Author SHA1 Message Date
Simey Lameze
92c8cb9d98 MDL-59275 auth: prevent user login failed coding error 2017-06-27 13:04:02 +08:00
Jun Pataleta
e037a6a126 Merge branch 'MDL-59012-master-linkurl' of git://github.com/mudrd8mz/moodle 2017-06-14 12:32:03 +01:00
Jun Pataleta
1ff50be21f Merge branch 'MDL-58908-master' of git://github.com/damyon/moodle 2017-06-06 17:15:41 +08:00
David Mudrák
97cc7e0969 MDL-59012 auth_oauth2: Do not escape URL in plain text emails 2017-05-23 13:28:27 +02:00
David Monllao
011591a148 MDL-58905 auth_oauth2: No linked accounts if the plugin is not enabled 2017-05-12 14:36:01 +08:00
Andrew Nicols
2c69d24037 Merge branch 'MDL-58898-master' of https://github.com/xow/moodle 2017-05-12 12:32:23 +08:00
John Okely
4c8727bad6 MDL-58898 oauth: Remove orphaned linked logins 2017-05-12 12:18:17 +08:00
Damyon Wiese
95e13556df MDL-58908 auth_oauth2: Don't kill gravatar 
If gravatar is enabled, don't update profile pictures.
 2017-05-12 11:43:47 +08:00
Andrew Nicols
95dd5e3bd6 MDL-58774 auth_oauth2: Only check unexpired accounts for same issuer 
It shoudl be possible to link multiple OAuth2 sources which have the
same e-mail address to an account.

This patch makes the check for an existing linked account stricter so
that it only checks for linked account records which match the same
issuer, and which do not have expired confirmation tokens.
 2017-05-12 09:44:48 +08:00
Damyon Wiese
4f705f5d0d MDL-58774 auth_oauth2: Prevent duplicate linked logins 2017-05-10 10:17:56 +08:00
Damyon Wiese
e0abc2e405 MDL-58774 auth_oauth2: Cleanup on user delete. 2017-05-08 14:26:44 +08:00
David Mudrák
1cb5c7b31f MDL-58631 auth: Clarify documentation of changes in loginpage_idp_list() 
This should clarify the new 'iconurl' key returned by the auth plugin's
loginpage_idp_list() method.
 2017-04-18 17:00:40 +02:00
David Monllao
bb17eafab0 Merge branch 'MDL-58478-master' of git://github.com/damyon/moodle 2017-04-17 14:44:39 +02:00
Damyon Wiese
427fa27cf4 MDL-58220 auth_oauth2: Fix login domains 
The login domains were checking the email of the moodle account, not the returned
email from oauth. Also after a failure, it was not killing the oauth session, which
prevents you trying again with a different account.
 2017-04-06 11:35:02 +08:00
Damyon Wiese
f331513347 MDL-58220 auth_oauth2: Fix for login via linked login 
This was broken by the refactoring to always link logins. Some of the static
variables could also be removed but I'll do that in a later issue to keep this patch small.
 2017-04-05 15:55:53 +08:00
Damyon Wiese
a647e7d762 MDL-58220 oauth2: missing param confirmtokenexpires 2017-04-05 14:42:22 +08:00
Damyon Wiese
6cee96c8af MDL-58220 oauth2: obey $CFG->authpreventaccountcreation 2017-04-05 12:52:32 +08:00
Damyon Wiese
46d5582ec9 MDL-58478 oauth2: Use real admin settings 
This is an upgrade to real admin settings to comply with MDL-12689
 2017-04-04 14:37:13 +08:00
Damyon Wiese
512e681a3b MDL-58220 oauth2: Don't login as deleted users 
Also prevent sesskey error on first page of new logins.
 2017-04-03 13:43:27 +08:00
Damyon Wiese
7f15866006 MDL-58220 oauth2: Use email as default username 
And give better error messages.
 2017-04-03 13:43:27 +08:00
Damyon Wiese
c45d4b6a73 MDL-58220 oauth2: Change $OUTPUT to $this 2017-04-03 13:43:26 +08:00
Damyon Wiese
5b0b35c096 MDL-58220 oauth2: Add is_configured to issuer 
Saves repeated checks for clientid and clientsecret.
 2017-04-03 13:43:25 +08:00
Damyon Wiese
bfc60d386d MDL-58220 auth_oauth: return false for non-oauth 
Always return false for non-oauth logins.
 2017-04-03 13:43:25 +08:00
Damyon Wiese
13b449f4a5 MDL-58220 oauth2: cibot cleanups 2017-04-03 13:43:25 +08:00
Damyon Wiese
28b592d5a6 MDL-58338 oauth2: Force email confirmation 
New accounts and linking a login to an existing account MUST go through email verification.
We cannot trust the emails we get from oauth providers have been confirmed.

Part of MDL-58220
 2017-04-03 13:43:25 +08:00
Damyon Wiese
c21a66e40a MDL-58220 auth_oauth2: Restrict logins to a set of domains 
This is set on the issuer, so you can have different lists for each oauth2 provider.
 2017-04-03 13:43:25 +08:00
Damyon Wiese
979d1f66dd MDL-58220 auth_oauth2: Fix new account creation 
This was not allowing new accounts to be registered.
 2017-04-03 13:41:19 +08:00
Damyon Wiese
eca128bf47 MDL-58220 oauth2: Global enable/disable for issuers. 2017-04-03 13:41:19 +08:00
Damyon Wiese
72fd103add MDL-58219 cibot: Fixes 
Fixes for cibot warnings.

Part of MDL-58220
 2017-04-03 13:41:19 +08:00
Damyon Wiese
1dca8d1a1d MDL-58168 auth_oauth2: Allow linking other accounts 
Part of MDL-58220
 2017-04-03 13:40:13 +08:00
Damyon Wiese
299112498b MDL-58090 oauth2: Coding style 
Part of MDL-58220
 2017-04-03 13:40:13 +08:00
Damyon Wiese
f9f243f93e MDL-58090 oauth2: Complete phpdocs 
Part of MDL-58220
 2017-04-03 13:40:13 +08:00
Damyon Wiese
8445556b4c MDL-58090 oauth2: Move code from subclasses to config 
Allow the behaviour of each oauth service to be customised by config instead of
subclasses.

Part of MDL-58220
 2017-04-03 13:39:44 +08:00
Damyon Wiese
60237253a2 MDL-58090 oauth2: Store a list of oauth2 services 
Build an admin page where OAuth 2 services can be installed and configured.

Part of MDL-58220
 2017-04-03 13:39:02 +08:00