[Summary view] [Print] [Text view]

   1  <?php
   2  // This file is part of Moodle - http://moodle.org/
   3  //
   4  // Moodle is free software: you can redistribute it and/or modify
   5  // it under the terms of the GNU General Public License as published by
   6  // the Free Software Foundation, either version 3 of the License, or
   7  // (at your option) any later version.
   8  //
   9  // Moodle is distributed in the hope that it will be useful,
  10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  // GNU General Public License for more details.
  13  //
  14  // You should have received a copy of the GNU General Public License
  15  // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16  
  17  /**
  18   * Web service auth plugin, reserves username, prevents normal login.
  19   * TODO: add IP restrictions and some other features - MDL-17135
  20   *
  21   * @package    auth_webservice
  22   * @copyright  2008 Petr Skoda (http://skodak.org)
  23   * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  24   */
  25  
  26  defined('MOODLE_INTERNAL') || die();
  27  
  28  require_once($CFG->libdir.'/authlib.php');
  29  
  30  /**
  31   * Web service auth plugin.
  32   */
  33  class auth_plugin_webservice extends auth_plugin_base {
  34  
  35      /**
  36       * Constructor.
  37       */
  38      function auth_plugin_webservice() {
  39          $this->authtype = 'webservice';
  40          $this->config = get_config('auth/webservice');
  41      }
  42  
  43      /**
  44       * Returns true if the username and password work and false if they are
  45       * wrong or don't exist.
  46       *
  47       * @param string $username The username (with system magic quotes)
  48       * @param string $password The password (with system magic quotes)
  49       *
  50       * @return bool Authentication success or failure.
  51       */
  52      function user_login($username, $password) {
  53          // normla logins not allowed!
  54          return false;
  55      }
  56  
  57      /**
  58       * Custom auth hook for web services.
  59       * @param string $username
  60       * @param string $password
  61       * @return bool success
  62       */
  63      function user_login_webservice($username, $password) {
  64          global $CFG, $DB;
  65          // special web service login
  66          if ($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) {
  67              return validate_internal_user_password($user, $password);
  68          }
  69          return false;
  70      }
  71  
  72      /**
  73       * Updates the user's password.
  74       *
  75       * called when the user password is updated.
  76       *
  77       * @param  object  $user        User table object  (with system magic quotes)
  78       * @param  string  $newpassword Plaintext password (with system magic quotes)
  79       * @return boolean result
  80       *
  81       */
  82      function user_update_password($user, $newpassword) {
  83          $user = get_complete_user_data('id', $user->id);
  84          // This will also update the stored hash to the latest algorithm
  85          // if the existing hash is using an out-of-date algorithm (or the
  86          // legacy md5 algorithm).
  87          return update_internal_user_password($user, $newpassword);
  88      }
  89  
  90      /**
  91       * Returns true if this authentication plugin is 'internal'.
  92       *
  93       * Webserice auth doesn't use password fields, it uses only tokens.
  94       *
  95       * @return bool
  96       */
  97      function is_internal() {
  98          return false;
  99      }
 100  
 101      /**
 102       * Returns true if this authentication plugin can change the user's
 103       * password.
 104       *
 105       * @return bool
 106       */
 107      function can_change_password() {
 108          return false;
 109      }
 110  
 111      /**
 112       * Returns the URL for changing the user's pw, or empty if the default can
 113       * be used.
 114       *
 115       * @return moodle_url
 116       */
 117      function change_password_url() {
 118          return null;
 119      }
 120  
 121      /**
 122       * Returns true if plugin allows resetting of internal password.
 123       *
 124       * @return bool
 125       */
 126      function can_reset_password() {
 127          return false;
 128      }
 129  
 130      /**
 131       * Prints a form for configuring this authentication plugin.
 132       *
 133       * This function is called from admin/auth.php, and outputs a full page with
 134       * a form for configuring this plugin.
 135       *
 136       * @param array $page An object containing all the data for this page.
 137       */
 138      function config_form($config, $err, $user_fields) {
 139      }
 140  
 141      /**
 142       * Processes and stores configuration data for this authentication plugin.
 143       */
 144      function process_config($config) {
 145          return true;
 146      }
 147  
 148     /**
 149       * Confirm the new user as registered. This should normally not be used,
 150       * but it may be necessary if the user auth_method is changed to manual
 151       * before the user is confirmed.
 152       */
 153      function user_confirm($username, $confirmsecret = null) {
 154          return AUTH_CONFIRM_ERROR;
 155      }
 156  
 157  }