MDL-58090 oauth2: Store a list of oauth2 services

Build an admin page where OAuth 2 services can be installed and configured.

Part of MDL-58220

admin/oauth2callback.php

@@ -30,6 +30,17 @@
 
 require_once(__DIR__ . '/../config.php');
 
+$error = optional_param('error', '', PARAM_RAW);
+if ($error) {
+    $message = optional_param('error_description', '', PARAM_RAW);
+    if ($message) {
+        print_error($message);
+    } else {
+        print_error($error);
+    }
+    die();
+}
+
 // The authorization code generated by the authorization server.
 $code = required_param('code', PARAM_RAW);
 // The state parameter we've given (used in moodle as a redirect url).

admin/tool/oauth2/classes/form/issuer.php

@@ -0,0 +1,107 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * This file contains the form add/update oauth2 issuer.
+ *
+ * @package   tool_oauth2
+ * @copyright 2017 Damyon Wiese
+ * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+
+namespace tool_oauth2\form;
+defined('MOODLE_INTERNAL') || die();
+
+use stdClass;
+use core\form\persistent;
+
+/**
+ * Issuer form.
+ *
+ * @package   tool_oauth2
+ * @copyright 2017 Damyon Wiese
+ * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+class issuer extends persistent {
+
+    protected static $persistentclass = 'core\\oauth2\\issuer';
+
+    protected static $fieldstoremove = array('submitbutton', 'action');
+
+    /**
+     * Define the form - called by parent constructor
+     */
+    public function definition() {
+        global $PAGE;
+
+        $mform = $this->_form;
+        $provider = $this->get_persistent();
+
+        $mform->addElement('header', 'generalhdr', get_string('general'));
+
+        // Name.
+        $mform->addElement('text', 'name', get_string('issuername', 'tool_oauth2'), 'maxlength="255"');
+        $mform->addRule('name', null, 'required', null, 'client');
+        $mform->addRule('name', get_string('maximumchars', '', 255), 'maxlength', 255, 'client');
+        $mform->addHelpButton('name', 'issuername', 'tool_oauth2');
+
+        // Client ID.
+        $mform->addElement('text', 'clientid', get_string('issuerclientid', 'tool_oauth2'), 'maxlength="255"');
+        $mform->addRule('clientid', null, 'required', null, 'client');
+        $mform->addRule('clientid', get_string('maximumchars', '', 255), 'maxlength', 255, 'client');
+        $mform->addHelpButton('clientid', 'issuerclientid', 'tool_oauth2');
+
+        // Client Secret.
+        $mform->addElement('text', 'clientsecret', get_string('issuerclientsecret', 'tool_oauth2'), 'maxlength="255"');
+        $mform->addRule('clientsecret', null, 'required', null, 'client');
+        $mform->addRule('clientsecret', get_string('maximumchars', '', 255), 'maxlength', 255, 'client');
+        $mform->addHelpButton('clientsecret', 'issuerclientsecret', 'tool_oauth2');
+
+        // Base Url.
+        $mform->addElement('text', 'baseurl', get_string('issuerbaseurl', 'tool_oauth2'), 'maxlength="1024"');
+        $mform->addRule('baseurl', null, 'required', null, 'client');
+        $mform->addRule('baseurl', get_string('maximumchars', '', 1024), 'maxlength', 1024, 'client');
+        $mform->addHelpButton('baseurl', 'issuerbaseurl', 'tool_oauth2');
+
+        // Offline access type
+        $options = $provider->get_behaviour_list();
+        $mform->addElement('select', 'behaviour', get_string('issuerbehaviour', 'tool_oauth2'), $options);
+        $mform->addHelpButton('behaviour', 'issuerbehaviour', 'tool_oauth2');
+
+        // Image.
+        $mform->addElement('text', 'image', get_string('issuerimage', 'tool_oauth2'), 'maxlength="1024"');
+        $mform->addRule('image', get_string('maximumchars', '', 1024), 'maxlength', 1024, 'client');
+        $mform->addHelpButton('image', 'issuername', 'tool_oauth2');
+
+        // Show on login page.
+        $mform->addElement('checkbox', 'showonloginpage', get_string('issuershowonloginpage', 'tool_oauth2'));
+        $mform->addHelpButton('showonloginpage', 'issuershowonloginpage', 'tool_oauth2');
+
+
+        $mform->addElement('hidden', 'sortorder');
+        $mform->setType('sortorder', PARAM_INT);
+
+        $mform->addElement('hidden', 'action', 'edit');
+        $mform->setType('action', PARAM_RAW);
+
+        $mform->addElement('hidden', 'id', $provider->get('id'));
+        $mform->setType('id', PARAM_INT);
+
+        $this->add_action_buttons(true, get_string('savechanges', 'tool_oauth2'));
+    }
+
+}
+

admin/tool/oauth2/classes/output/renderer.php

@@ -0,0 +1,167 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * Output rendering for the plugin.
+ *
+ * @package     tool_oauth2
+ * @copyright   2017 Damyon Wiese
+ * @license     http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+namespace tool_oauth2\output;
+
+use plugin_renderer_base;
+use html_table;
+use html_table_cell;
+use html_table_row;
+use html_writer;
+use core\oauth2\issuer;
+use core\oauth2\api;
+use moodle_url;
+
+defined('MOODLE_INTERNAL') || die();
+
+/**
+ * Implements the plugin renderer
+ *
+ * @copyright 2017 Damyon Wiese
+ * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ */
+class renderer extends plugin_renderer_base {
+    /**
+     * This function will render one beautiful table with all the issuers.
+     *
+     * @param \core\oauth2\issuer[] $issuers - list of all issuers.
+     * @return string HTML to output.
+     */
+    public function issuers_table($issuers) {
+        global $CFG, $OUTPUT;
+
+        $table = new html_table();
+        $table->head  = [
+            get_string('name'),
+            get_string('configuredstatus', 'tool_oauth2'),
+            get_string('loginissuer', 'tool_oauth2'),
+            get_string('discoverystatus', 'tool_oauth2'),
+            get_string('systemauthstatus', 'tool_oauth2'),
+            get_string('edit'),
+        ];
+        $table->attributes['class'] = 'admintable generaltable';
+        $data = [];
+
+        $index = 0;
+
+        foreach ($issuers as $issuer) {
+            // We need to handle the first and last ones specially.
+            $first = false;
+            if ($index == 0) {
+                $first = true;
+            }
+            $last = false;
+            if ($index == count($issuers) - 1) {
+                $last = true;
+            }
+
+            // Name.
+            $name = $issuer->get('name');
+            $image = $issuer->get('image');
+            if ($image) {
+                $name = '<img width=24 height=24 alt="" src="' . $image . '"> ' . $name;
+            }
+            $namecell = new html_table_cell($name);
+            $namecell->header = true;
+
+            // Configured.
+            if (!empty($issuer->get('clientid')) && !empty($issuer->get('clientsecret'))) {
+                $configured = $OUTPUT->pix_icon('yes', get_string('configured', 'tool_oauth2'), 'tool_oauth2');
+            } else {
+                $configured = $OUTPUT->pix_icon('no', get_string('notconfigured', 'tool_oauth2'), 'tool_oauth2');
+            }
+            $configuredstatuscell = new html_table_cell($configured);
+
+            // Login issuer.
+            if (!empty($issuer->get('showonloginpage'))) {
+                $loginissuer = $OUTPUT->pix_icon('yes', get_string('loginissuer', 'tool_oauth2'), 'tool_oauth2');
+            } else {
+                $loginissuer = $OUTPUT->pix_icon('no', get_string('notloginissuer', 'tool_oauth2'), 'tool_oauth2');
+            }
+            $loginissuerstatuscell = new html_table_cell($loginissuer);
+
+            // Discovered.
+            if (!empty($issuer->get('scopessupported'))) {
+                $discovered = $OUTPUT->pix_icon('yes', get_string('discovered', 'tool_oauth2'), 'tool_oauth2');
+            } else {
+                $discovered = $OUTPUT->pix_icon('no', get_string('notdiscovered', 'tool_oauth2'), 'tool_oauth2');
+            }
+            $discoverystatuscell = new html_table_cell($discovered);
+
+            // Connected.
+            if ($issuer->is_system_account_connected()) {
+                $systemauth = $OUTPUT->pix_icon('yes', get_string('systemaccountconnected', 'tool_oauth2'), 'tool_oauth2');
+            } else {
+                $systemauth = $OUTPUT->pix_icon('no', get_string('systemaccountnotconnected', 'tool_oauth2'), 'tool_oauth2');
+            }
+
+            if ($issuer->is_system_account_setup_supported()) {
+                $params = ['id' => $issuer->get('id'), 'action' => 'auth'];
+                $authurl = new moodle_url('/admin/tool/oauth2/issuers.php', $params);
+                $icon = $OUTPUT->pix_icon('auth', get_string('connectsystemaccount', 'tool_oauth2'), 'tool_oauth2');
+                $authlink = html_writer::link($authurl, $icon);
+                $systemauth .= ' ' . $authlink;
+            }
+
+            $systemauthstatuscell = new html_table_cell($systemauth);
+
+            // Action links.
+            $links = '';
+            $editurl = new moodle_url('/admin/tool/oauth2/issuers.php', ['id' => $issuer->get('id'), 'action' => 'edit']);
+            $editlink = html_writer::link($editurl, $OUTPUT->pix_icon('t/edit', get_string('edit')));
+
+            $links .= ' ' . $editlink;
+            $deleteurl = new moodle_url('/admin/tool/oauth2/issuers.php', ['id' => $issuer->get('id'), 'action' => 'delete']);
+            $deletelink = html_writer::link($deleteurl, $OUTPUT->pix_icon('t/delete', get_string('delete')));
+            $links .= ' ' . $deletelink;
+            if (!$last) {
+                $params = ['id' => $issuer->get('id'), 'action' => 'movedown', 'sesskey' => sesskey()];
+                $movedownurl = new moodle_url('/admin/tool/oauth2/issuers.php', $params);
+                $movedownlink = html_writer::link($movedownurl, $OUTPUT->pix_icon('t/down', get_string('movedown')));
+                $links .= ' ' . $movedownlink;
+            }
+            if (!$first) {
+                $params = ['id' => $issuer->get('id'), 'action' => 'moveup', 'sesskey' => sesskey()];
+                $moveupurl = new moodle_url('/admin/tool/oauth2/issuers.php', $params);
+                $moveuplink = html_writer::link($moveupurl, $OUTPUT->pix_icon('t/up', get_string('moveup')));
+                $links .= ' ' . $moveuplink;
+            }
+
+            $editcell = new html_table_cell($links);
+
+            $row = new html_table_row([
+                $namecell,
+                $configuredstatuscell,
+                $loginissuerstatuscell,
+                $discoverystatuscell,
+                $systemauthstatuscell,
+                $editcell,
+            ]);
+
+            $data[] = $row;
+            $index++;
+        }
+        $table->data = $data;
+        return html_writer::table($table);
+    }
+}