Proyectos de Subversion Moodle

Rev

| Ultima modificación | Ver Log |

Rev Autor Línea Nro. Línea
1 efrain 1
<?php
2
// This file is part of Moodle - http://moodle.org/
3
//
4
// Moodle is free software: you can redistribute it and/or modify
5
// it under the terms of the GNU General Public License as published by
6
// the Free Software Foundation, either version 3 of the License, or
7
// (at your option) any later version.
8
//
9
// Moodle is distributed in the hope that it will be useful,
10
// but WITHOUT ANY WARRANTY; without even the implied warranty of
11
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12
// GNU General Public License for more details.
13
//
14
// You should have received a copy of the GNU General Public License
15
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
16
 
17
namespace core\oauth2\discovery;
18
 
19
use stdClass;
20
use core\oauth2\issuer;
21
use core\oauth2\endpoint;
22
use core\oauth2\user_field_mapping;
23
 
24
/**
25
 * Class for Open ID Connect discovery definition.
26
 *
27
 * @package    core
28
 * @since      Moodle 3.11
29
 * @copyright  2021 Sara Arjona (sara@moodle.com)
30
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
31
 */
32
class openidconnect extends base_definition {
33
 
34
    /**
35
     * Get the URL for the discovery manifest.
36
     *
37
     * @param issuer $issuer The OAuth issuer the endpoints should be discovered for.
38
     * @return string The URL of the discovery file, containing the endpoints.
39
     */
40
    public static function get_discovery_endpoint_url(issuer $issuer): string {
41
        $url = $issuer->get('baseurl');
42
        if (!empty($url)) {
43
            // Add slash at the end of the base url.
44
            $url .= (substr($url, -1) == '/' ? '' : '/');
45
            // Append the well-known file for OIDC.
46
            $url .= '.well-known/openid-configuration';
47
        }
48
 
49
        return $url;
50
    }
51
 
52
    /**
53
     * Process the discovery information and create endpoints defined with the expected format.
54
     *
55
     * @param issuer $issuer The OAuth issuer the endpoints should be discovered for.
56
     * @param stdClass $info The discovery information, with the endpoints to process and create.
57
     * @return void
58
     */
59
    protected static function process_configuration_json(issuer $issuer, stdClass $info): void {
60
        foreach ($info as $key => $value) {
61
            if (substr_compare($key, '_endpoint', - strlen('_endpoint')) === 0) {
62
                $record = new stdClass();
63
                $record->issuerid = $issuer->get('id');
64
                $record->name = $key;
65
                $record->url = $value;
66
 
67
                $endpoint = new endpoint(0, $record);
68
                $endpoint->create();
69
            }
70
 
71
            if ($key == 'scopes_supported') {
72
                $issuer->set('scopessupported', implode(' ', $value));
73
                $issuer->update();
74
            }
75
        }
76
    }
77
 
78
    /**
79
     * Process how to map user field information.
80
     *
81
     * @param issuer $issuer The OAuth issuer the endpoints should be discovered for.
82
     * @return void
83
     */
84
    protected static function create_field_mappings(issuer $issuer): void {
85
        // Remove existing user field mapping.
86
        foreach (user_field_mapping::get_records(['issuerid' => $issuer->get('id')]) as $userfieldmapping) {
87
            $userfieldmapping->delete();
88
        }
89
 
90
        // Create the default user field mapping list.
91
        $mapping = [
92
            'given_name' => 'firstname',
93
            'middle_name' => 'middlename',
94
            'family_name' => 'lastname',
95
            'email' => 'email',
96
            'nickname' => 'alternatename',
97
            'picture' => 'picture',
98
            'address' => 'address',
99
            'phone' => 'phone1',
100
            'locale' => 'lang',
101
        ];
102
 
103
        foreach ($mapping as $external => $internal) {
104
            $record = (object) [
105
                'issuerid' => $issuer->get('id'),
106
                'externalfield' => $external,
107
                'internalfield' => $internal
108
            ];
109
            $userfieldmapping = new user_field_mapping(0, $record);
110
            $userfieldmapping->create();
111
        }
112
    }
113
 
114
    /**
115
     * Self-register the issuer if the 'registration' endpoint exists and client id and secret aren't defined.
116
     *
117
     * @param issuer $issuer The OAuth issuer to register.
118
     * @return void
119
     */
120
    protected static function register(issuer $issuer): void {
121
        // Registration not supported (at least for now).
122
    }
123
 
124
}