source: moodle/trunk/fuentes/badges/backpackconnect.php

Last change on this file was 1331, checked in by jrpelegrina, 4 years ago

Updated to moodle 3.0.3

File size: 4.6 KB
Line 
1<?php
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * AJAX script for validating backpack connection.
19 *
20 * @package    core
21 * @subpackage badges
22 * @copyright  2012 onwards Totara Learning Solutions Ltd {@link http://www.totaralms.com/}
23 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
24 * @author     Simon Coggins <simon.coggins@totaralms.com>
25 */
26
27define('AJAX_SCRIPT', true);
28
29require_once(dirname(dirname(__FILE__)) . '/config.php');
30require_once($CFG->dirroot . '/badges/lib/backpacklib.php');
31require_once($CFG->libdir . '/filelib.php');
32require_once($CFG->libdir . '/badgeslib.php');
33
34require_sesskey();
35require_login();
36$PAGE->set_url('/badges/backpackconnect.php');
37$PAGE->set_context(context_system::instance());
38echo $OUTPUT->header();
39
40// Use PHP input filtering as there is no PARAM type for
41// the type of cleaning that is required (ASCII chars 32-127 only).
42$assertion = filter_input(
43    INPUT_POST,
44    'assertion',
45    FILTER_UNSAFE_RAW,
46    FILTER_FLAG_STRIP_LOW|FILTER_FLAG_STRIP_HIGH
47);
48
49// Audience is the site url scheme + host + port only.
50$wwwparts = parse_url($CFG->wwwroot);
51$audience = $wwwparts['scheme'] . '://' . $wwwparts['host'];
52$audience .= isset($wwwparts['port']) ? ':' . $wwwparts['port'] : '';
53$params = 'assertion=' . urlencode($assertion) . '&audience=' .
54           urlencode($audience);
55
56$curl = new curl();
57$url = 'https://verifier.login.persona.org/verify';
58$options = array(
59    'FRESH_CONNECT'  => true,
60    'RETURNTRANSFER' => true,
61    'FORBID_REUSE'   => true,
62    'SSL_VERIFYPEER' => true,
63    'SSL_VERIFYHOST' => 2,
64    'HEADER'         => 0,
65    'HTTPHEADER'     => array('Content-type: application/x-www-form-urlencoded'),
66    'CONNECTTIMEOUT' => 0,
67    'TIMEOUT' => 10, // Fail if data not returned within 10 seconds.
68);
69$result = $curl->post($url, $params, $options);
70
71// Handle time-out and failed request.
72if ($curl->errno != 0) {
73    if ($curl->errno == CURLE_OPERATION_TIMEOUTED) {
74        $reason = get_string('error:requesttimeout', 'badges');
75    } else {
76        $reason = get_string('error:requesterror', 'badges', $curl->errno);
77    }
78    badges_send_response('failure', $reason);
79}
80
81$data = json_decode($result);
82
83if (!isset($data->status) || $data->status != 'okay') {
84    $reason = isset($data->reason) ? $data->reason : get_string('error:connectionunknownreason', 'badges');
85    badges_send_response('failure', $reason);
86}
87
88// Make sure email matches a backpack.
89$check = new stdClass();
90$check->backpackurl = BADGE_BACKPACKURL;
91$check->email = $data->email;
92
93$bp = new OpenBadgesBackpackHandler($check);
94$request = $bp->curl_request('user');
95if (isset($request->status) && $request->status == 'missing') {
96    $reason = get_string('error:backpackemailnotfound', 'badges', $data->email);
97    badges_send_response('failure', $reason);
98} else if (empty($request->userId)) {
99    $reason = get_string('error:backpackdatainvalid', 'badges');
100    badges_send_response('failure', $reason);
101} else {
102    $backpackuid = $request->userId;
103}
104
105// Insert record.
106$obj = new stdClass();
107$obj->userid = $USER->id;
108$obj->email = $data->email;
109$obj->backpackurl = BADGE_BACKPACKURL;
110$obj->backpackuid = $backpackuid;
111$obj->autosync = 0;
112$obj->password = '';
113$DB->insert_record('badge_backpack', $obj);
114
115// Return success indicator and email address.
116badges_send_response('success', $data->email);
117
118
119/**
120 * Return a JSON response containing the response provided.
121 *
122 * @param string $status Status of the response, typically 'success' or 'failure'.
123 * @param string $responsetext On success, the email address of the user,
124 *                             otherwise a reason for the failure.
125 * @return void Outputs the JSON and terminates the script.
126 */
127function badges_send_response($status, $responsetext) {
128    $out = new stdClass();
129    $out->status = $status;
130    if ($status == 'success') {
131        $out->email = $responsetext;
132    } else {
133        $out->reason = $responsetext;
134        send_header_404();
135    }
136    echo json_encode($out);
137    exit;
138}
Note: See TracBrowser for help on using the repository browser.