Skip to content

Commit

Permalink
webservice MDL-20805 add token authentication method to test client (…
Browse files Browse the repository at this point in the history 
…+ use token constant)
  • Loading branch information
@mouneyrac
mouneyrac committed Jan 13, 2010
1 parent eec9904 commit bff11d2
Show file tree
Hide file tree
Showing 5 changed files with 107 additions and 39 deletions.
4 changes: 2 additions & 2 deletions admin/webservice/tokens.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@
} else {
throw new moodle_exception('nocapabilitytousethisservice');
}
$newtoken->tokentype = 2;
$newtoken->tokentype = EXTERNAL_TOKEN_PERMANENT;
$newtoken->userid = $data->user;
//TODO: find a way to get the context - UPDATE FOLLOWING LINE
$newtoken->contextid = get_context_instance(CONTEXT_SYSTEM)->id;
Expand Down Expand Up @@ -103,7 +103,7 @@
FROM
{external_tokens} token, {user} user, {external_services} service
WHERE
token.creatorid=? AND token.id=? AND token.tokentype = 2 AND service.id = token.externalserviceid AND token.userid = user.id";
token.creatorid=? AND token.id=? AND token.tokentype = ".EXTERNAL_TOKEN_PERMANENT." AND service.id = token.externalserviceid AND token.userid = user.id";
$token = $DB->get_record_sql($sql, array($USER->id, $tokenid), MUST_EXIST); //must be the token creator
if (!$confirm) {
admin_externalpage_print_header();
Expand Down
18 changes: 1 addition & 17 deletions lib/externallib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,25 +24,9 @@
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/

/**
* Security token used for allowing access
* from external application such as web services.
* Scripts do not use any session, performance is relatively
* low because we need to load access info in each request.
* Scrits are executed in parallel.
*/
define('EXTERNAL_TOKEN_PERMANENT', 0);

/**
* Security token used for allowing access
* of embedded applications, the code is executed in the
* active user session. Token is invalidated after user logs out.
* Scripts are executed serially - normal session locking is used.
*/
define('EXTERNAL_TOKEN_EMBEDDED', 1);

/**
* Returns detailed functio information
* Returns detailed function information
* @param string|object $function name of external function or record from external_function
* @param int $strictness IGNORE_MISSING means compatible mode, false returned if record not found, debug message if more found;
* MUST_EXIST means throw exception if no record or multiple records found
Expand Down
4 changes: 2 additions & 2 deletions user/managetoken.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@
throw new moodle_exception('nocapabilitytousethisservice');
}

$newtoken->tokentype = 2;
$newtoken->tokentype = EXTERNAL_TOKEN_PERMANENT;
$newtoken->userid = $USER->id;
//TODO: find a way to get the context - UPDATE FOLLOWING LINE
$newtoken->contextid = get_context_instance(CONTEXT_SYSTEM)->id;
Expand Down Expand Up @@ -98,7 +98,7 @@
FROM
{external_tokens} token, {user} user, {external_services} service
WHERE
token.creatorid=? AND token.id=? AND token.tokentype = 2 AND service.id = token.externalserviceid AND token.userid = user.id";
token.creatorid=? AND token.id=? AND token.tokentype = ".EXTERNAL_TOKEN_PERMANENT." AND service.id = token.externalserviceid AND token.userid = user.id";
$token = $DB->get_record_sql($sql, array($USER->id, $tokenid), MUST_EXIST); //must be the token creator
if (!$confirm) {
echo $OUTPUT->header();
Expand Down
15 changes: 11 additions & 4 deletions webservice/testclient.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@

$function = optional_param('function', '', PARAM_SAFEDIR);
$protocol = optional_param('protocol', '', PARAM_SAFEDIR);
$authmethod = optional_param('authmethod', '', PARAM_SAFEDIR);

$PAGE->set_url('webservice/testclient.php');

Expand Down Expand Up @@ -87,7 +88,7 @@

$class = $function.'_form';

$mform = new $class();
$mform = new $class(null, array('authmethod' => $authmethod));
$mform->set_data(array('function'=>$function, 'protocol'=>$protocol));

if ($mform->is_cancelled()) {
Expand All @@ -106,9 +107,15 @@
}
$testclient = new $testclientclass();

$serverurl = "$CFG->wwwroot/webservice/$protocol/simpleserver.php";
$serverurl .= '?wsusername='.urlencode($data->wsusername);
$serverurl .= '&wspassword='.urlencode($data->wspassword);
$serverurl = "$CFG->wwwroot/webservice/$protocol/";
if ($authmethod == 'simple') {
$serverurl .= 'simpleserver.php';
$serverurl .= '?wsusername='.urlencode($data->wsusername);
$serverurl .= '&wspassword='.urlencode($data->wspassword);
} else if ($authmethod == 'token') {
$serverurl .= 'server.php';
$serverurl .= '?wstoken='.urlencode($data->token);
}

// now get the function parameters
$params = $mform->get_params();
Expand Down
105 changes: 91 additions & 14 deletions webservice/testclient_forms.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,9 @@ public function definition() {

$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));

$authmethod = array('simple' => 'simple', 'token' => 'token');
$mform->addElement('select', 'authmethod', get_string('authmethod', 'webservice'), $authmethod);

$mform->addElement('select', 'protocol', get_string('protocol', 'webservice'), $protocols);

$mform->addElement('select', 'function', get_string('function', 'webservice'), $functions);
Expand All @@ -27,12 +30,22 @@ public function definition() {
global $CFG;

$mform = $this->_form;


$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));

//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}

$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);

$mform->addElement('text', 'courseid', 'courseid');
$mform->addElement('text', 'name', 'name');
$mform->addElement('text', 'description', 'description');
Expand All @@ -44,6 +57,8 @@ public function definition() {
$mform->addElement('hidden', 'protocol');
$mform->setType('protocol', PARAM_SAFEDIR);



$mform->addElement('static', 'warning', '', get_string('executewarnign', 'webservice'));

$this->add_action_buttons(true, get_string('execute', 'webservice'));
Expand All @@ -59,6 +74,8 @@ public function get_params() {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);

$params = array();
$params['groups'] = array();
Expand All @@ -77,8 +94,16 @@ public function definition() {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));

//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}

$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'groupids[0]', 'groupids[0]');
$mform->addElement('text', 'groupids[1]', 'groupids[1]');
$mform->addElement('text', 'groupids[2]', 'groupids[2]');
Expand All @@ -103,6 +128,8 @@ public function get_params() {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);

$params = array();
$params['groupids'] = array();
Expand All @@ -126,8 +153,16 @@ public function definition() {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));

//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}

$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'courseid', 'courseid');

$mform->addElement('hidden', 'function');
Expand All @@ -149,6 +184,8 @@ public function get_params() {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);

$params = array();
$params['courseid'] = $data->courseid;
Expand All @@ -166,8 +203,16 @@ public function definition() {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));

//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}

$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'groupids[0]', 'groupids[0]');
$mform->addElement('text', 'groupids[1]', 'groupids[1]');
$mform->addElement('text', 'groupids[2]', 'groupids[2]');
Expand All @@ -194,6 +239,8 @@ public function get_params() {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);

$params = array();
$params['groupids'] = array();
Expand All @@ -217,8 +264,16 @@ public function definition() {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));

//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}

$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'groupids[0]', 'groupids[0]');
$mform->addElement('text', 'groupids[1]', 'groupids[1]');
$mform->addElement('text', 'groupids[2]', 'groupids[2]');
Expand All @@ -243,6 +298,8 @@ public function get_params() {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);

$params = array();
$params['groupids'] = array();
Expand All @@ -266,8 +323,16 @@ public function definition() {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));

//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}

$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'userid[0]', 'userid[0]');
$mform->addElement('text', 'groupid[0]', 'groupid[0]');
$mform->addElement('text', 'userid[1]', 'userid[1]');
Expand All @@ -292,6 +357,8 @@ public function get_params() {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);

$params = array();
$params['members'] = array();
Expand All @@ -315,8 +382,16 @@ public function definition() {
$mform->addElement('header', 'wstestclienthdr', get_string('testclient', 'webservice'));

//note: these values are intentionally PARAM_RAW - we want users to test any rubbish as parameters
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
$data = $this->_customdata;
if ($data['authmethod'] == 'simple') {
$mform->addElement('text', 'wsusername', 'wsusername');
$mform->addElement('text', 'wspassword', 'wspassword');
} else if ($data['authmethod'] == 'token') {
$mform->addElement('text', 'token', 'token');
}

$mform->addElement('hidden', 'authmethod', $data['authmethod']);
$mform->setType('authmethod', PARAM_SAFEDIR);
$mform->addElement('text', 'userid[0]', 'userid[0]');
$mform->addElement('text', 'groupid[0]', 'groupid[0]');
$mform->addElement('text', 'userid[1]', 'userid[1]');
Expand All @@ -341,6 +416,8 @@ public function get_params() {
unset($data->function);
unset($data->wsusername);
unset($data->wspassword);
unset($data->token);
unset($data->authmethod);

$params = array();
$params['members'] = array();
Expand Down

0 comments on commit bff11d2

Please sign in to comment.