Proyectos de Subversion Moodle

<?php

// This file is part of Moodle - http://moodle.org/

//

// Moodle is free software: you can redistribute it and/or modify

// it under the terms of the GNU General Public License as published by

// the Free Software Foundation, either version 3 of the License, or

// (at your option) any later version.

//

// Moodle is distributed in the hope that it will be useful,

// but WITHOUT ANY WARRANTY; without even the implied warranty of

// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

// GNU General Public License for more details.

//

// You should have received a copy of the GNU General Public License

// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

namespace mod_bigbluebuttonbn;

use Exception;

use Firebase\JWT\JWT;

use Firebase\JWT\Key;

use mod_bigbluebuttonbn\local\config;

/**

 * The broker routines

 *

 * @package   mod_bigbluebuttonbn

 * @copyright 2010 onwards, Blindside Networks Inc

 * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later

 * @author    Jesus Federico  (jesus [at] blindsidenetworks [dt] com)

 */

class broker {

    /**

     * Validate the supplied list of parameters, providing feedback about any missing or incorrect values.

     *

     * @param array $params

     * @return null|string

     */

    public static function validate_parameters(array $params): ?string {

        $requiredparams = [

            'recording_ready' => [

                'bigbluebuttonbn' => 'The BigBlueButtonBN instance ID must be specified.',

                'signed_parameters' => 'A JWT encoded string must be included as [signed_parameters].',

            ],

            'meeting_events' => [

                'bigbluebuttonbn' => 'The BigBlueButtonBN instance ID must be specified.',

            ],

        ];

        if (!isset($params['action']) || empty($params['action'])) {

            return 'Parameter [' . $params['action'] . '] was not included';

        }

        $action = strtolower($params['action']);

        if (!array_key_exists($action, $requiredparams)) {

            return "Action {$params['action']} can not be performed.";

        }

        return self::validate_parameters_message($params, $requiredparams[$action]);

    }

    /**

     * Check whether the specified parameter is valid.

     *

     * @param array $params

     * @param array $requiredparams

     * @return null|string

     */

    protected static function validate_parameters_message(array $params, array $requiredparams): ?string {

        foreach ($requiredparams as $param => $message) {

            if (!array_key_exists($param, $params) || $params[$param] == '') {

                return $message;

            }

        }

        // Everything is valid.

        return null;

    }

    /**

     * Helper for responding when recording ready is performed.

     *

     * @param instance $instance

     * @param array $params

     */

    public static function process_recording_ready(instance $instance, array $params): void {

        // Decodes the received JWT string.

        try {

            $decodedparameters = JWT::decode(

                $params['signed_parameters'],

                new Key(config::get('shared_secret'), 'HS256')

            );

        } catch (Exception $e) {

            $error = 'Caught exception: ' . $e->getMessage();

            header('HTTP/1.0 400 Bad Request. ' . $error);

            return;

        }

        // Validations.

        if (!isset($decodedparameters->record_id)) {

            header('HTTP/1.0 400 Bad request. Missing record_id parameter');

            return;

        }

        $recording = recording::get_record(['recordingid' => $decodedparameters->record_id]);

        if (!isset($recording)) {

            header('HTTP/1.0 400 Bad request. Invalid record_id');

            return;

        }

        // Sends the messages.

        try {

            // We make sure messages are sent only once.

            if ($recording->get('status') != recording::RECORDING_STATUS_NOTIFIED) {

                $task = new \mod_bigbluebuttonbn\task\send_recording_ready_notification();

                $task->set_instance_id($instance->get_instance_id());

                \core\task\manager::queue_adhoc_task($task);

                $recording->set('status', recording::RECORDING_STATUS_NOTIFIED);

                $recording->update();

            }

            header('HTTP/1.0 202 Accepted');

        } catch (Exception $e) {

            $error = 'Caught exception: ' . $e->getMessage();

            header('HTTP/1.0 503 Service Unavailable. ' . $error);

        }

    }

    /**

     * Process meeting events for instance with provided HTTP headers.

     *

     * @param instance $instance

     * @return void

     */

    public static function process_meeting_events(instance $instance) {

        try {

            // Get the HTTP headers.

            $authorization = self::get_authorization_token();

            // Pull the Bearer from the headers.

            if (empty($authorization)) {

                $msg = 'Authorization failed';

                header('HTTP/1.0 400 Bad Request. ' . $msg);

                return;

            }

            // Verify the authenticity of the request.

            $token = \Firebase\JWT\JWT::decode(

                $authorization[1],

                new Key(config::get('shared_secret'), 'HS512')

            );

            // Get JSON string from the body.

            $jsonstr = file_get_contents('php://input');

            // Convert JSON string to a JSON object.

            $jsonobj = json_decode($jsonstr);

            $headermsg = meeting::meeting_events($instance, $jsonobj);

            self::process_extension_actions($instance, $jsonstr);

        } catch (Exception $e) {

            $msg = 'Caught exception: ' . $e->getMessage();

            debugging($msg, DEBUG_DEVELOPER);

            $headermsg = 'HTTP/1.0 400 Bad Request. ' . $msg;

        }

        header($headermsg);

    }

    /**

     * Process meeting events extension actions.

     *

     * @param instance $instance

     * @param string $jsonstr

     * @return void

     */

    protected static function process_extension_actions(instance $instance, string $jsonstr) {

        // Hooks for extensions.

        $extensions = extension::broker_meeting_events_addons_instances($instance, $jsonstr);

        foreach ($extensions as $extension) {

            $extension->process_action();

        }

    }

    /**

     * Get authorisation token

     *

     * We could use getallheaders but this is only compatible with apache types of servers

     * some explanations and examples here: https://www.php.net/manual/en/function.getallheaders.php#127190

     *

     * @return array|null an array composed of the Authorization token provided in the header.

     */

    private static function get_authorization_token(): ?array {

        $autorization = null;

        if (isset($_SERVER['Authorization'])) {

            $autorization = trim($_SERVER["Authorization"]);

        } else if (isset($_SERVER['HTTP_AUTHORIZATION'])) {

            $autorization = trim($_SERVER["HTTP_AUTHORIZATION"]);

        } else if (function_exists('apache_request_headers')) {

            $requestheaders = apache_request_headers();

            $requestheaders = array_combine(array_map('ucwords',

                    array_keys($requestheaders)), array_values($requestheaders));

            if (isset($requestheaders['Authorization'])) {

                $autorization = trim($requestheaders['Authorization']);

            }

        }

        return empty($autorization) ? null : explode(" ", $autorization);

    }

}