Commit 4aab3a18 authored by Aaron Wells's avatar Aaron Wells Committed by Robert Lyon

Bug 1084336: Implement MNet "kill child"

If you're logged in to Mahara via a remote IdP,
when you log out on the IdP it will try to invoke
this method to log you out of Mahara.

Change-Id: Ia11250b408ba594aaa179478cd67d5499cd1e2c8
behatnotneeded: Can't test Mnet in Behat yet
parent aeb91f9e
......@@ -36,7 +36,7 @@ class Dispatcher {
'auth/mnet/auth.php/update_enrolments' => 'xmlrpc_not_implemented',
'auth/mnet/auth.php/keepalive_server' => 'xmlrpc_not_implemented',
'auth/mnet/auth.php/kill_children' => 'kill_children',
'auth/mnet/auth.php/kill_child' => 'xmlrpc_not_implemented',
'auth/mnet/auth.php/kill_child' => 'kill_child',
// Lines added for the mahara assignment type plugin for Moodle; the first three
// are for an old version that require a patched Moodle and will eventually be removed.
// All of these should be pulled in from the artefact plugin.
......
......@@ -557,6 +557,30 @@ function kill_children($username, $useragent) {
return true;
}
/**
* When the IdP requests that child sessions are terminated,
* this function will be called on each of the child hosts. The machine that
* calls the function (over xmlrpc) provides us with the mnethostid we need.
*
* @param string $username Username for session to kill
* @param string $useragent SHA1 hash of user agent to look for
* @return bool True on success
*/
function kill_child($username, $useragent) {
global $REMOTEWWWROOT; // comes from server.php
$user_exists = find_remote_user($username, $REMOTEWWWROOT);
if (!$user_exists) {
return false;
}
list($user, $authinstance) = $user_exists;
$userid = $user->get('id');
delete_records('sso_session', 'userid', $userid);
remove_user_sessions($userid);
return true;
}
function xmlrpc_not_implemented() {
return true;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment