. /** * Web service auth plugin, reserves username, prevents normal login. * TODO: add IP restrictions and some other features - MDL-17135 * * @package auth_webservice * @copyright 2008 Petr Skoda (http://skodak.org) * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ defined('MOODLE_INTERNAL') || die(); require_once($CFG->libdir.'/authlib.php'); /** * Web service auth plugin. */ class auth_plugin_webservice extends auth_plugin_base { /** * Constructor. */ public function __construct() { $this->authtype = 'webservice'; $this->config = get_config('auth_webservice'); } /** * Old syntax of class constructor. Deprecated in PHP7. * * @deprecated since Moodle 3.1 */ public function auth_plugin_webservice() { debugging('Use of class name as constructor is deprecated', DEBUG_DEVELOPER); self::__construct(); } /** * Returns true if the username and password work and false if they are * wrong or don't exist. * * @param string $username The username (with system magic quotes) * @param string $password The password (with system magic quotes) * * @return bool Authentication success or failure. */ function user_login($username, $password) { // normla logins not allowed! return false; } /** * Custom auth hook for web services. * @param string $username * @param string $password * @return bool success */ function user_login_webservice($username, $password) { global $CFG, $DB; // special web service login if ($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) { return validate_internal_user_password($user, $password); } return false; } /** * Updates the user's password. * * called when the user password is updated. * * @param object $user User table object (with system magic quotes) * @param string $newpassword Plaintext password (with system magic quotes) * @return boolean result * */ function user_update_password($user, $newpassword) { $user = get_complete_user_data('id', $user->id); // This will also update the stored hash to the latest algorithm // if the existing hash is using an out-of-date algorithm (or the // legacy md5 algorithm). return update_internal_user_password($user, $newpassword); } /** * Returns true if this authentication plugin is 'internal'. * * Webserice auth doesn't use password fields, it uses only tokens. * * @return bool */ function is_internal() { return false; } /** * Returns true if this authentication plugin can change the user's * password. * * @return bool */ function can_change_password() { return false; } /** * Returns the URL for changing the user's pw, or empty if the default can * be used. * * @return moodle_url */ function change_password_url() { return null; } /** * Returns true if plugin allows resetting of internal password. * * @return bool */ function can_reset_password() { return false; } /** * Confirm the new user as registered. This should normally not be used, * but it may be necessary if the user auth_method is changed to manual * before the user is confirmed. */ function user_confirm($username, $confirmsecret = null) { return AUTH_CONFIRM_ERROR; } }