Skip to content

Commit 548d8db

Browse files
authored
Merge pull request #63 from microsoft/MOODLE_500_STABLE
Moodle 500 stable
2 parents 2ebc084 + b76aacf commit 548d8db

27 files changed

Lines changed: 546 additions & 266 deletions

auth.php

Lines changed: 24 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -25,8 +25,8 @@
2525

2626
defined('MOODLE_INTERNAL') || die();
2727

28-
require_once($CFG->libdir.'/authlib.php');
29-
require_once($CFG->dirroot.'/login/lib.php');
28+
require_once($CFG->libdir . '/authlib.php');
29+
require_once($CFG->dirroot . '/login/lib.php');
3030

3131
/**
3232
* OpenID Connect Authentication Plugin.
@@ -51,8 +51,10 @@ public function __construct($forceloginflow = null) {
5151
global $SESSION;
5252
$loginflow = 'authcode';
5353

54-
if (isset($SESSION->stateadditionaldata) && !empty($SESSION->stateadditionaldata) &&
55-
isset($SESSION->stateadditoinaldata['forceflow'])) {
54+
if (
55+
isset($SESSION->stateadditionaldata) && !empty($SESSION->stateadditionaldata) &&
56+
isset($SESSION->stateadditoinaldata['forceflow'])
57+
) {
5658
$loginflow = $SESSION->stateadditoinaldata['forceflow'];
5759
} else {
5860
if (!empty($forceloginflow) && is_string($forceloginflow)) {
@@ -64,7 +66,7 @@ public function __construct($forceloginflow = null) {
6466
}
6567
}
6668
}
67-
$loginflowclass = '\auth_oidc\loginflow\\'.$loginflow;
69+
$loginflowclass = '\auth_oidc\loginflow\\' . $loginflow;
6870
if (class_exists($loginflowclass)) {
6971
$this->loginflow = new $loginflowclass($this->config);
7072
} else {
@@ -150,8 +152,10 @@ public function should_login_redirect() {
150152
$silentloginmodesetting = get_config('auth_oidc', 'silentloginmode');
151153
$forceredirectsetting = get_config('auth_oidc', 'forceredirect');
152154
$forceloginsetting = get_config('core', 'forcelogin');
153-
if ($silentloginmodesetting && $forceredirectsetting && $forceloginsetting && isset($_SERVER['HTTP_REFERER']) &&
154-
strpos($_SERVER['HTTP_REFERER'], $CFG->wwwroot) !== false) {
155+
if (
156+
$silentloginmodesetting && $forceredirectsetting && $forceloginsetting && isset($_SERVER['HTTP_REFERER']) &&
157+
strpos($_SERVER['HTTP_REFERER'], $CFG->wwwroot) !== false
158+
) {
155159
return false;
156160
}
157161

@@ -197,8 +201,13 @@ public function handleredirect() {
197201
* @param null $userid
198202
* @return mixed
199203
*/
200-
public function disconnect($justremovetokens = false, $donotremovetokens = false, ?\moodle_url $redirect = null,
201-
?\moodle_url $selfurl = null, $userid = null) {
204+
public function disconnect(
205+
$justremovetokens = false,
206+
$donotremovetokens = false,
207+
?\moodle_url $redirect = null,
208+
?\moodle_url $selfurl = null,
209+
$userid = null
210+
) {
202211
return $this->loginflow->disconnect($justremovetokens, $donotremovetokens, $redirect, $selfurl, $userid);
203212
}
204213

@@ -264,7 +273,7 @@ public function user_authenticated_hook(&$user, $username, $password) {
264273
if (!empty($tokenrec)) {
265274
// If the token record username is out of sync (ie username changes), update it.
266275
if ($tokenrec->username != $user->username) {
267-
$updatedtokenrec = new \stdClass;
276+
$updatedtokenrec = new \stdClass();
268277
$updatedtokenrec->id = $tokenrec->id;
269278
$updatedtokenrec->username = $user->username;
270279
$DB->update_record('auth_oidc_token', $updatedtokenrec);
@@ -276,7 +285,7 @@ public function user_authenticated_hook(&$user, $username, $password) {
276285
$tokenrec = $DB->get_record('auth_oidc_token', ['username' => $username]);
277286
if (!empty($tokenrec)) {
278287
$tokenrec->userid = $user->id;
279-
$updatedtokenrec = new \stdClass;
288+
$updatedtokenrec = new \stdClass();
280289
$updatedtokenrec->id = $tokenrec->id;
281290
$updatedtokenrec->userid = $user->id;
282291
$DB->update_record('auth_oidc_token', $updatedtokenrec);
@@ -323,8 +332,10 @@ public function postlogout_hook($user) {
323332
$logouturl = 'https://login.microsoftonline.com/organizations/oauth2/logout?post_logout_redirect_uri=' .
324333
urlencode($CFG->wwwroot);
325334
} else {
326-
if (preg_match("/^https:\/\/login.microsoftonline.com\//", $logouturl) &&
327-
preg_match("/\/oauth2\/logout$/", $logouturl)) {
335+
if (
336+
preg_match("/^https:\/\/login.microsoftonline.com\//", $logouturl) &&
337+
preg_match("/\/oauth2\/logout$/", $logouturl)
338+
) {
328339
$logouturl .= '?post_logout_redirect_uri=' . urlencode($CFG->wwwroot);
329340
}
330341
}

binding_username_claim.php

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -100,8 +100,14 @@
100100
$bindingusernametoolurl = new moodle_url('/auth/oidc/change_binding_username_claim_tool.php');
101101
echo html_writer::tag('p', get_string('binding_username_claim_description', 'auth_oidc', $bindingusernametoolurl->out()));
102102
if ($existingclaims) {
103-
echo html_writer::tag('p', get_string('binding_username_claim_description_existing_claims', 'auth_oidc',
104-
implode(' / ', $existingclaims)));
103+
echo html_writer::tag(
104+
'p',
105+
get_string(
106+
'binding_username_claim_description_existing_claims',
107+
'auth_oidc',
108+
implode(' / ', $existingclaims)
109+
)
110+
);
105111
}
106112

107113
$form->display();

change_binding_username_claim_tool.php

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -71,8 +71,14 @@
7171

7272
echo $OUTPUT->heading(get_string('change_binding_username_claim_tool', 'auth_oidc'));
7373
$bindingusernameclaimurl = new moodle_url('/auth/oidc/binding_username_claim.php');
74-
echo html_writer::tag('p', get_string('change_binding_username_claim_tool_description', 'auth_oidc',
75-
$bindingusernameclaimurl->out()));
74+
echo html_writer::tag(
75+
'p',
76+
get_string(
77+
'change_binding_username_claim_tool_description',
78+
'auth_oidc',
79+
$bindingusernameclaimurl->out()
80+
)
81+
);
7682

7783
$form1->display();
7884

@@ -87,8 +93,10 @@
8793
$process = new process($cir);
8894
$filecolumns = $process->get_file_columns();
8995

90-
$mform2 = new change_binding_username_claim_tool_form2(null,
91-
['columns' => $filecolumns, 'data' => ['iid' => $iid, 'previewrows' => $previewrows]]);
96+
$mform2 = new change_binding_username_claim_tool_form2(
97+
null,
98+
['columns' => $filecolumns, 'data' => ['iid' => $iid, 'previewrows' => $previewrows]]
99+
);
92100

93101
// If a file has been uploaded, then process it.
94102
if ($mform2->is_cancelled()) {

classes/adminsetting/auth_oidc_admin_setting_loginflow.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,7 @@ public function output_html($data, $query = '') {
7272

7373
foreach ($this->flowtypes as $flowtype) {
7474
$html .= \html_writer::start_div();
75-
$flowtypeid = $baseid.'_'.$flowtype;
75+
$flowtypeid = $baseid . '_' . $flowtype;
7676
$radioattrs = [
7777
'type' => 'radio',
7878
'name' => $inputname,
@@ -82,8 +82,8 @@ public function output_html($data, $query = '') {
8282
if ($data === $flowtype || (empty($data) && $flowtype === $this->get_defaultsetting())) {
8383
$radioattrs['checked'] = 'checked';
8484
}
85-
$typename = get_string('cfg_loginflow_'.$flowtype, 'auth_oidc');
86-
$typedesc = get_string('cfg_loginflow_'.$flowtype.'_desc', 'auth_oidc');
85+
$typename = get_string('cfg_loginflow_' . $flowtype, 'auth_oidc');
86+
$typedesc = get_string('cfg_loginflow_' . $flowtype . '_desc', 'auth_oidc');
8787
$html .= \html_writer::empty_tag('input', $radioattrs);
8888
$html .= \html_writer::label($typename, $flowtypeid, false);
8989
$html .= '<br />';

classes/form/application.php

Lines changed: 39 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -69,8 +69,10 @@ protected function definition() {
6969
$authmethodoptions = [
7070
AUTH_OIDC_AUTH_METHOD_SECRET => get_string('auth_method_secret', 'auth_oidc'),
7171
];
72-
if (isset($this->_customdata['oidcconfig']->idptype) &&
73-
$this->_customdata['oidcconfig']->idptype == AUTH_OIDC_IDP_TYPE_MICROSOFT_IDENTITY_PLATFORM) {
72+
if (
73+
isset($this->_customdata['oidcconfig']->idptype) &&
74+
$this->_customdata['oidcconfig']->idptype == AUTH_OIDC_IDP_TYPE_MICROSOFT_IDENTITY_PLATFORM
75+
) {
7476
$authmethodoptions[AUTH_OIDC_AUTH_METHOD_CERTIFICATE] = get_string('auth_method_certificate', 'auth_oidc');
7577
}
7678
$mform->addElement('select', 'clientauthmethod', auth_oidc_config_name_in_form('clientauthmethod'), $authmethodoptions);
@@ -93,16 +95,24 @@ protected function definition() {
9395
$mform->addElement('static', 'clientcertsource_help', '', get_string('clientcertsource_help', 'auth_oidc'));
9496

9597
// Certificate private key.
96-
$mform->addElement('textarea', 'clientprivatekey', auth_oidc_config_name_in_form('clientprivatekey'),
97-
['rows' => 10, 'cols' => 80, 'class' => 'cert_textarea']);
98+
$mform->addElement(
99+
'textarea',
100+
'clientprivatekey',
101+
auth_oidc_config_name_in_form('clientprivatekey'),
102+
['rows' => 10, 'cols' => 80, 'class' => 'cert_textarea']
103+
);
98104
$mform->setType('clientprivatekey', PARAM_TEXT);
99105
$mform->disabledIf('clientprivatekey', 'clientauthmethod', 'neq', AUTH_OIDC_AUTH_METHOD_CERTIFICATE);
100106
$mform->disabledIf('clientprivatekey', 'clientcertsource', 'neq', AUTH_OIDC_AUTH_CERT_SOURCE_TEXT);
101107
$mform->addElement('static', 'clientprivatekey_help', '', get_string('clientprivatekey_help', 'auth_oidc'));
102108

103109
// Certificate certificate.
104-
$mform->addElement('textarea', 'clientcert', auth_oidc_config_name_in_form('clientcert'),
105-
['rows' => 10, 'cols' => 80, 'class' => 'cert_textarea']);
110+
$mform->addElement(
111+
'textarea',
112+
'clientcert',
113+
auth_oidc_config_name_in_form('clientcert'),
114+
['rows' => 10, 'cols' => 80, 'class' => 'cert_textarea']
115+
);
106116
$mform->setType('clientcert', PARAM_TEXT);
107117
$mform->disabledIf('clientcert', 'clientauthmethod', 'neq', AUTH_OIDC_AUTH_METHOD_CERTIFICATE);
108118
$mform->disabledIf('clientcert', 'clientcertsource', 'neq', AUTH_OIDC_AUTH_CERT_SOURCE_TEXT);
@@ -164,12 +174,19 @@ protected function definition() {
164174

165175
// Secret expiry notifications recipients.
166176
if (auth_oidc_is_local_365_installed()) {
167-
$mform->addElement('header', 'secretexpirynotification',
168-
get_string('settings_section_secret_expiry_notification', 'auth_oidc'));
177+
$mform->addElement(
178+
'header',
179+
'secretexpirynotification',
180+
get_string('settings_section_secret_expiry_notification', 'auth_oidc')
181+
);
169182
$mform->setExpanded('secretexpirynotification');
170183

171-
$mform->addElement('text', 'secretexpiryrecipients', auth_oidc_config_name_in_form('secretexpiryrecipients'),
172-
['size' => 256]);
184+
$mform->addElement(
185+
'text',
186+
'secretexpiryrecipients',
187+
auth_oidc_config_name_in_form('secretexpiryrecipients'),
188+
['size' => 256]
189+
);
173190
$mform->setType('secretexpiryrecipients', PARAM_TEXT);
174191
$mform->disabledIf('secretexpiryrecipients', 'clientauthmethod', 'neq', AUTH_OIDC_AUTH_METHOD_SECRET);
175192
$mform->disabledIf('secretexpiryrecipients', 'idptype', 'eq', AUTH_OIDC_IDP_TYPE_OTHER);
@@ -254,16 +271,22 @@ public function validation($data, $files) {
254271
}
255272

256273
// If "certificate" authentication method is used, ensure tenant specific endpoints are used.
257-
if ($data['idptype'] == AUTH_OIDC_IDP_TYPE_MICROSOFT_IDENTITY_PLATFORM &&
258-
$data['clientauthmethod'] == AUTH_OIDC_AUTH_METHOD_CERTIFICATE) {
259-
if (strpos($data['authendpoint'], '/common/') !== false ||
274+
if (
275+
$data['idptype'] == AUTH_OIDC_IDP_TYPE_MICROSOFT_IDENTITY_PLATFORM &&
276+
$data['clientauthmethod'] == AUTH_OIDC_AUTH_METHOD_CERTIFICATE
277+
) {
278+
if (
279+
strpos($data['authendpoint'], '/common/') !== false ||
260280
strpos($data['authendpoint'], '/organizations/') !== false ||
261-
strpos($data['authendpoint'], '/consumers/') !== false) {
281+
strpos($data['authendpoint'], '/consumers/') !== false
282+
) {
262283
$errors['authendpoint'] = get_string('error_tenant_specific_endpoint_required', 'auth_oidc');
263284
}
264-
if (strpos($data['tokenendpoint'], '/common/') !== false ||
285+
if (
286+
strpos($data['tokenendpoint'], '/common/') !== false ||
265287
strpos($data['tokenendpoint'], '/organizations/') !== false ||
266-
strpos($data['tokenendpoint'], '/consumers/') !== false) {
288+
strpos($data['tokenendpoint'], '/consumers/') !== false
289+
) {
267290
$errors['tokenendpoint'] = get_string('error_tenant_specific_endpoint_required', 'auth_oidc');
268291
}
269292
}

classes/form/binding_username_claim.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -114,10 +114,10 @@ protected function definition() {
114114
}
115115

116116
$mform->addElement(
117-
'select',
118-
'bindingusernameclaim',
119-
auth_oidc_config_name_in_form('bindingusernameclaim'),
120-
$bindingusernameoptions
117+
'select',
118+
'bindingusernameclaim',
119+
auth_oidc_config_name_in_form('bindingusernameclaim'),
120+
$bindingusernameoptions
121121
);
122122
$mform->setDefault('bindingusernameclaim', 'auto');
123123
$mform->addElement('static', 'bindingusernameclaim_description', '', get_string($descriptionidentifier, 'auth_oidc'));

classes/form/disconnect.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727

2828
defined('MOODLE_INTERNAL') || die();
2929

30-
require_once($CFG->dirroot.'/lib/formslib.php');
30+
require_once($CFG->dirroot . '/lib/formslib.php');
3131

3232
/**
3333
* OIDC Disconnect Form.

classes/httpclient.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -51,8 +51,8 @@ protected function get_clienttag_headers() {
5151
$params = "lang=PHP; os={$ostype}; os_version={$osver}; arch={$arch}; version={$ver}; MoodleInstallId={$iid}";
5252
$clienttag = "Moodle/{$mdlver} ({$params})";
5353
return [
54-
'User-Agent: '.$clienttag,
55-
'X-ClientService-ClientTag: '.$clienttag,
54+
'User-Agent: ' . $clienttag,
55+
'X-ClientService-ClientTag: ' . $clienttag,
5656
];
5757
}
5858

@@ -63,8 +63,8 @@ protected function get_clienttag_headers() {
6363
*/
6464
protected function get_plugin_version() {
6565
global $CFG;
66-
$plugin = new \stdClass;
67-
require_once($CFG->dirroot.'/auth/oidc/version.php');
66+
$plugin = new \stdClass();
67+
require_once($CFG->dirroot . '/auth/oidc/version.php');
6868
return (isset($plugin->release)) ? $plugin->release : 'unknown';
6969
}
7070

classes/jwt.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -106,7 +106,7 @@ public static function decode_jws(string $jwtpayload) {
106106
*/
107107
public static function instance_from_encoded($encoded) {
108108
[$header, $body] = static::decode($encoded);
109-
$jwt = new static;
109+
$jwt = new static();
110110
$jwt->set_header($header);
111111
$jwt->set_claims($body);
112112
return $jwt;

0 commit comments

Comments
 (0)