Commit 872da913 authored by Aaron Wells's avatar Aaron Wells Committed by Robert Lyon

Bug 1620879: Allow a user to have multiple tokens for the same service

behatnotneeded: Test to come later

Change-Id: I77131ad76a5a9f1c6e0f780fdb9bff07d70a8421
parent 2ef42b7e
......@@ -29,24 +29,40 @@ require(dirname(dirname(__FILE__)) . '/init.php');
require_once(dirname(__FILE__) . '/lib.php');
define('TITLE', get_string('webservices_title', 'auth.webservice'));
define('SUBSECTIONHEADING', get_string('apptokens', 'auth.webservice'));
/*
* get the list of services that are available for User Access Tokens usage
* determine if there is a corresponding token for the service
*/
$dbservices = get_records_array('external_services', 'tokenusers', 1);
foreach ($dbservices as $dbservice) {
$dbtoken = get_record('external_tokens', 'externalserviceid', $dbservice->id, 'userid', $USER->get('id'), 'tokentype', EXTERNAL_TOKEN_USER);
if ($dbtoken) {
$dbservice->token = $dbtoken->token;
$dbservice->ctime = $dbtoken->ctime;
$dbservice->mtime = $dbtoken->mtime;
$dbservice->institution = $dbtoken->institution;
$dbservice->validuntil = $dbtoken->validuntil;
}
else {
$dbservice->validuntil = 0;
}
}
// get the list of services that are available for User Access Tokens usage
// determine if there is a corresponding token for the service
$dbservices = get_records_sql_array(
"SELECT
es.id || '_' || (CASE WHEN et.id IS NOT NULL THEN et.id ELSE 0 END) AS dispid,
es.id,
es.name,
es.enabled,
es.restrictedusers,
et.token,
" . db_format_tsfield('et.mtime', 'token_mtime') . ',
' . db_format_tsfield('et.ctime', 'token_ctime') . ',
et.institution,
et.validuntil as token_validuntil,
esu.validuntil as user_validuntil,
esu.iprestriction
FROM
{external_services} es
LEFT JOIN {external_tokens} et
ON et.externalserviceid = es.id
AND et.userid = ?
AND et.tokentype = ?
LEFT JOIN {external_services_users} esu
ON esu.externalserviceid = es.id
AND esu.userid = ?
WHERE
es.tokenusers = 1'
,array(
$USER->get('id'),
EXTERNAL_TOKEN_USER,
$USER->get('id')
)
);
/*
* display the access tokens for services
......@@ -105,23 +121,23 @@ if (!empty($dbservices)) {
);
foreach ($dbservices as $service) {
// name of the service group
$userform['elements']['id' . $service->id . '_service_name'] = array(
$userform['elements']['id' . $service->dispid . '_service_name'] = array(
'value' => $service->name,
'type' => 'html',
'key' => $service->id,
'key' => $service->dispid,
);
// is the service group enabled
$userform['elements']['id' . $service->id . '_enabled'] = array(
$userform['elements']['id' . $service->dispid . '_enabled'] = array(
'value' => (($service->enabled == 1) ? display_icon('enabled') : display_icon('disabled')),
'type' => 'html',
'class' => 'text-center',
'key' => $service->id,
'key' => $service->dispid,
);
// token for the service if it exists
$userform['elements']['id' . $service->id . '_token'] = array(
$userform['elements']['id' . $service->dispid . '_token'] = array(
'value' => (empty($service->token) ? get_string('no_token', 'auth.webservice') : $service->token),
'type' => 'html',
'key' => $service->id,
'key' => $service->dispid,
);
// list of functions that are available in the service group
$functions = get_records_array('external_services_functions', 'externalserviceid', $service->id);
......@@ -132,28 +148,28 @@ if (!empty($dbservices)) {
$function_list[]= '<a href="' . get_config('wwwroot') . 'webservice/wsdoc.php?id=' . $dbfunction->id . '">' . $function->functionname . '</a>';
}
}
$userform['elements']['id' . $service->id . '_functions'] = array(
$userform['elements']['id' . $service->dispid . '_functions'] = array(
'value' => implode(', ', $function_list),
'type' => 'html',
'key' => $service->id,
'key' => $service->dispid,
);
// last time the token was accessed if there is a token
$userform['elements']['id'. $service->id . '_last_access'] = array(
$userform['elements']['id'. $service->dispid . '_last_access'] = array(
'value' => (empty($service->mtime) ? ' ' : format_date(strtotime($service->mtime))),
'type' => 'html',
'key' => $service->id,
'key' => $service->dispid,
);
// expiry date for the token if it exists
$userform['elements']['id' . $service->id . '_expires'] = array(
$userform['elements']['id' . $service->dispid . '_expires'] = array(
'value' => (empty($service->validuntil) && empty($service->mtime) ? '' : format_date((empty($service->validuntil) ? strtotime($service->mtime) + EXTERNAL_TOKEN_USER_EXPIRES : $service->validuntil))),
'type' => 'html',
'key' => $service->id,
'key' => $service->dispid,
);
// generate button
// delete button
$userform['elements']['id' . $service->id . '_actions'] = array(
$userform['elements']['id' . $service->dispid . '_actions'] = array(
'value' => pieform(array(
'name' => 'webservices_user_token_generate_' . $service->id,
'name' => 'webservices_user_token_generate_' . $service->dispid,
'renderer' => 'div',
'elementclasses' => false,
'successcallback' => 'webservices_user_token_submit',
......@@ -174,14 +190,14 @@ if (!empty($dbservices)) {
.
(empty($service->token) ? ' ' :
pieform(array(
'name' => 'webservices_user_token_delete_' . $service->id,
'name' => 'webservices_user_token_delete_' . $service->dispid,
'renderer' => 'div',
'elementclasses' => false,
'successcallback' => 'webservices_user_token_submit',
'class' => 'form-as-button pull-left',
'jsform' => false,
'elements' => array(
'service' => array('type' => 'hidden', 'value' => $service->id),
'token' => array('type' => 'hidden', 'value' => $service->token),
'action' => array('type' => 'hidden', 'value' => 'delete'),
'submit' => array(
'type' => 'button',
......@@ -194,7 +210,7 @@ if (!empty($dbservices)) {
)))
,
'type' => 'html',
'key' => $service->id,
'key' => $service->dispid,
'class' => 'webserviceconfigcontrols btn-group' . (empty($service->token) ? ' only-button only-button-top' : ''),
);
}
......@@ -388,21 +404,27 @@ $form = array(
function webservices_user_token_submit(Pieform $form, $values) {
global $USER, $SESSION;
if ($values['action'] == 'generate') {
delete_records('external_tokens', 'userid', $USER->get('id'), 'externalserviceid', $values['service']);
$services = get_records_select_array('external_services', 'id = ? AND tokenusers = ?', array($values['service'], 1));
if (empty($services)) {
$service = get_record('external_services', 'id', $values['service'], 'tokenusers', 1);
if (!$service) {
$SESSION->add_error_msg(get_string('noservices', 'auth.webservice'));
}
else {
// just pass the first one for the moment
$service = array_shift($services);
$authinstance = get_record('auth_instance', 'id', $USER->get('authinstance'));
$token = webservice_generate_token(EXTERNAL_TOKEN_USER, $service, $USER->get('id'), $authinstance->institution, (time() + EXTERNAL_TOKEN_USER_EXPIRES));
$token = webservice_generate_token(
EXTERNAL_TOKEN_USER,
$service,
$USER->get('id'),
$authinstance->institution,
(time() + EXTERNAL_TOKEN_USER_EXPIRES),
null,
get_string('tokenmanuallycreated', 'auth.webservice')
);
$SESSION->add_ok_msg(get_string('token_generated', 'auth.webservice'));
}
}
else if ($values['action'] == 'delete') {
delete_records('external_tokens', 'userid', $USER->get('id'), 'externalserviceid', $values['service']);
delete_records('external_tokens', 'userid', $USER->get('id'), 'token', $values['token']);
$SESSION->add_ok_msg(get_string('oauthtokendeleted', 'auth.webservice'));
}
redirect('/webservice/apptokens.php');
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment