Moodle PHP Documentation 4.4
Moodle 4.4.1 (Build: 20240610) (db07c09afc5)
|
Plugin for oauth2 authentication. More...
Public Member Functions | |
__construct () | |
Constructor. | |
can_be_manually_set () | |
Returns true if plugin can be manually set. | |
can_change_password () | |
Returns true if this authentication plugin can change the user's password. | |
can_confirm () | |
Returns true if plugin allows confirming of new users. | |
can_edit_profile () | |
Returns true if this authentication plugin can edit the users' profile. | |
can_reset_password () | |
Returns true if plugin allows resetting of internal password. | |
can_signup () | |
Returns true if plugin allows resetting of internal password. | |
change_password_url () | |
Returns the URL for changing the user's pw, or empty if the default can be used. | |
complete_login (client $client, $redirecturl) | |
Complete the login process after oauth handshake is complete. | |
config_form ($config, $err, $user_fields) | |
Prints a form for configuring this authentication plugin. | |
edit_profile_url () | |
Returns the URL for editing the users' profile, or empty if the default URL can be used. | |
find_cli_user () | |
Identify a Moodle account on the CLI. | |
get_custom_user_profile_fields () | |
Return custom user profile fields. | |
get_description () | |
Get the auth description (from core or own auth lang files) | |
get_extrauserinfo () | |
Returns extra user information. | |
get_password_change_info (stdClass $user) | |
Returns information on how the specified user can change their password. | |
get_title () | |
Return the properly translated human-friendly title of this auth plugin. | |
get_userinfo ($username) | |
Return the userinfo from the oauth handshake. | |
ignore_timeout_hook ($user, $sid, $timecreated, $timemodified) | |
Hook called before timing out of database session. | |
is_captcha_enabled () | |
Returns whether or not the captcha element is enabled. | |
is_configured () | |
Returns false if this plugin is enabled but not configured. | |
is_internal () | |
Returns true if this authentication plugin is 'internal'. | |
is_synchronised_with_external () | |
Indicates if moodle should automatically update internal user records with data from external sources using the information from auth_plugin_base\get_userinfo(). | |
object | loginpage_hook () |
Hook for overriding behaviour of login page. | |
loginpage_idp_list ($wantsurl) | |
Return a list of identity providers to display on the login page. | |
object | logoutpage_hook () |
Hook for overriding behaviour of logout page. | |
password_expire ($username) | |
return number of days to user password expires | |
postlogout_hook ($user) | |
Post logout hook. | |
pre_loginpage_hook () | |
Hook for overriding behaviour before going to the login page. | |
pre_user_login_hook (&$user) | |
Pre user_login hook. | |
object | prelogout_hook () |
Pre logout hook. | |
prevent_local_passwords () | |
We don't want to allow users setting an internal password. | |
print_confirm_required ($title, $message) | |
Print a page showing that a confirm email was sent with instructions. | |
process_config ($config) | |
Processes and stores configuration data for this authentication plugin. | |
set_extrauserinfo (array $values) | |
Set extra user information. | |
signup_form () | |
Return a form to capture user details for account creation. | |
sync_roles ($user) | |
Sync roles for this user - usually creator. | |
user_authenticated_hook (&$user, $username, $password) | |
Post authentication hook. | |
user_confirm ($username, $confirmsecret) | |
Confirm the new user as registered. | |
user_delete ($olduser) | |
User delete requested - internal user record is mared as deleted already, username not present anymore. | |
user_exists ($username) | |
Checks if user exists in external db. | |
user_login ($username, $password) | |
Returns true if the username and password work or don't exist and false if the user exists and the password is wrong. | |
user_signup ($user, $notify=true) | |
Sign up a new user ready for confirmation. | |
user_update ($olduser, $newuser) | |
Called when the user record is updated. | |
user_update_password ($user, $newpassword) | |
Updates the user's password. | |
validate_form ($form, &$err) | |
A chance to validate form data, and last chance to do stuff before it is inserted in config_plugin. | |
Static Public Member Functions | |
static | find_cli_admin_user () |
Find an OS level admin Moodle user account. | |
static | get_enabled_auth_plugin_classes () |
Returns the enabled auth plugins. | |
static | get_identity_providers ($authsequence) |
Return the list of enabled identity providers. | |
static | login_cli_admin_user () |
Find and login as an OS level admin Moodle user account. | |
static | prepare_identity_providers_for_output ($identityproviders, renderer_base $output) |
Prepare a list of identity providers for output. | |
Public Attributes | |
string | $authtype |
Authentication plugin type - the same as db field. | |
object | $config |
The configuration details for the plugin. | |
array | $userfields = core_user::AUTHSYNCFIELDS |
Protected Member Functions | |
update_user_record ($username, $updatekeys=false, $triggerevent=false, $suspenduser=false) | |
Update a local user record from an external source. | |
Protected Attributes | |
string | $errorlogtag = '' |
The tag we want to prepend to any error log messages. | |
array | $extrauserinfo = [] |
Stores extra information available to the logged in event. | |
Plugin for oauth2 authentication.
auth_oauth2\auth::can_be_manually_set | ( | ) |
auth_oauth2\auth::can_change_password | ( | ) |
Returns true if this authentication plugin can change the user's password.
bool |
Reimplemented from auth_plugin_base.
|
inherited |
Returns true if plugin allows confirming of new users.
bool |
Reimplemented in auth_plugin_email, and auth_plugin_ldap.
|
inherited |
Returns true if this authentication plugin can edit the users' profile.
bool |
auth_oauth2\auth::can_reset_password | ( | ) |
Returns true if plugin allows resetting of internal password.
bool |
Reimplemented from auth_plugin_base.
|
inherited |
Returns true if plugin allows resetting of internal password.
bool |
Reimplemented in auth_plugin_email, and auth_plugin_ldap.
auth_oauth2\auth::change_password_url | ( | ) |
Returns the URL for changing the user's pw, or empty if the default can be used.
moodle_url |
Reimplemented from auth_plugin_base.
auth_oauth2\auth::complete_login | ( | client | $client, |
$redirecturl ) |
Complete the login process after oauth handshake is complete.
core\oauth2\client | $client | |
string | $redirecturl |
void | Either redirects or throws an exception |
|
inherited |
Prints a form for configuring this authentication plugin.
This function is called from admin/auth.php, and outputs a full page with a form for configuring this plugin.
object | $config | |
object | $err | |
array | $user_fields |
|
inherited |
Returns the URL for editing the users' profile, or empty if the default URL can be used.
This method is used if can_edit_profile() returns true. This method is called only when user is logged in, it may use global $USER.
?moodle_url | url of the profile page or null if standard used |
|
staticinherited |
Find an OS level admin Moodle user account.
Used when running CLI scripts. Only accounts which are site admin will be accepted.
null|stdClass | Admin user record if found |
|
inherited |
|
inherited |
Return custom user profile fields.
array | list of custom fields. |
|
inherited |
Get the auth description (from core or own auth lang files)
string | The description |
|
staticinherited |
Returns the enabled auth plugins.
array | of plugin classes |
|
inherited |
Returns extra user information.
array | An array of keys and values |
|
staticinherited |
Return the list of enabled identity providers.
Each identity provider data contains the keys url, name and iconurl (or icon). See the documentation of auth_plugin_base::loginpage_idp_list() for detailed description of the returned structure.
array | $authsequence | site's auth sequence (list of auth plugins ordered) |
array | List of arrays describing the identity providers |
auth_oauth2\auth::get_password_change_info | ( | stdClass | $user | ) |
Returns information on how the specified user can change their password.
The password of the oauth2 accounts is not stored in Moodle.
stdClass | $user | A user object |
string[] | An array of strings with keys subject and message |
Reimplemented from auth_plugin_base.
|
inherited |
Return the properly translated human-friendly title of this auth plugin.
auth_oauth2\auth::get_userinfo | ( | $username | ) |
Return the userinfo from the oauth handshake.
Will only be valid for the logged in user.
string | $username |
Reimplemented from auth_plugin_base.
|
inherited |
Hook called before timing out of database session.
This is useful for SSO and MNET.
object | $user | |
string | $sid | session id |
int | $timecreated | start of session |
int | $timemodified | user last seen |
bool | true means do not timeout session yet |
|
inherited |
Returns whether or not the captcha element is enabled.
@abstract Implement in child classes
bool |
Reimplemented in auth_plugin_email.
|
inherited |
Returns false if this plugin is enabled but not configured.
bool |
Reimplemented in auth_plugin_db.
auth_oauth2\auth::is_internal | ( | ) |
Returns true if this authentication plugin is 'internal'.
bool |
Reimplemented from auth_plugin_base.
auth_oauth2\auth::is_synchronised_with_external | ( | ) |
Indicates if moodle should automatically update internal user records with data from external sources using the information from auth_plugin_base\get_userinfo().
bool | true means automatically copy data from ext to user table |
Reimplemented from auth_plugin_base.
|
staticinherited |
Find and login as an OS level admin Moodle user account.
Used for running CLI scripts which must be admin accounts.
|
inherited |
Hook for overriding behaviour of login page.
This method is called from login/index.php page for all enabled auth plugins.
@global object
Reimplemented in auth_plugin_cas, auth_plugin_ldap, and auth_plugin_shibboleth.
auth_oauth2\auth::loginpage_idp_list | ( | $wantsurl | ) |
Return a list of identity providers to display on the login page.
string | moodle_url | $wantsurl | The requested URL. |
array | List of arrays with keys url, iconurl and name. |
Reimplemented from auth_plugin_base.
|
inherited |
Hook for overriding behaviour of logout page.
This method is called from login/logout.php page for all enabled auth plugins.
@global string
Reimplemented in auth_plugin_cas, auth_plugin_mnet, and auth_plugin_shibboleth.
|
inherited |
return number of days to user password expires
If userpassword does not expire it should return 0. If password is already expired it should return negative value.
mixed | $username | username (with system magic quotes) |
integer |
Reimplemented in auth_plugin_ldap, and auth_plugin_manual.
|
inherited |
Post logout hook.
This method is used after moodle logout by auth classes to execute server logout.
stdClass | $user | clone of USER object before the user session was terminated |
Reimplemented in auth_plugin_cas.
|
inherited |
Hook for overriding behaviour before going to the login page.
This method is called from require_login from potentially any page for all enabled auth plugins and gives each plugin a chance to redirect directly to an external login page, or to instantly login a user where possible.
If an auth plugin implements this hook, it must not rely on ONLY this hook in order to work, as there are many ways a user can browse directly to the standard login page. As a general rule in this case you should also implement the loginpage_hook as well.
|
inherited |
Pre user_login hook.
This method is called from authenticate_user_login() right after the user object is generated. This gives the auth plugins an option to make adjustments before the verification process starts.
object | $user | user object, later used for $USER |
|
inherited |
Pre logout hook.
This method is called from require_logout() for all enabled auth plugins,
Reimplemented in auth_plugin_mnet.
|
staticinherited |
Prepare a list of identity providers for output.
array | $identityproviders | as returned by self::get_identity_providers() |
renderer_base | $output |
array | the identity providers ready for output |
auth_oauth2\auth::prevent_local_passwords | ( | ) |
We don't want to allow users setting an internal password.
bool |
Reimplemented from auth_plugin_base.
auth_oauth2\auth::print_confirm_required | ( | $title, | |
$message ) |
Print a page showing that a confirm email was sent with instructions.
string | $title | |
string | $message |
|
inherited |
Processes and stores configuration data for this authentication plugin.
object | object with submitted configuration settings (without system magic quotes) |
|
inherited |
Set extra user information.
array | $values | Any Key value pair. |
void |
|
inherited |
Return a form to capture user details for account creation.
This is used in /login/signup.php.
moodleform | A form which edits a record from the user table. |
|
inherited |
Sync roles for this user - usually creator.
$user | object user object (without system magic quotes) |
Reimplemented in auth_plugin_ldap.
|
protectedinherited |
Update a local user record from an external source.
This is a lighter version of the one in moodlelib – won't do expensive ops such as enrolment.
string | $username | username |
array | $updatekeys | fields to update, false updates all fields. |
bool | $triggerevent | set false if user_updated event should not be triggered. This will not affect user_password_updated event triggering. |
bool | $suspenduser | Should the user be suspended? |
stdClass|bool | updated user record or false if there is no new info to update. |
|
inherited |
Post authentication hook.
This method is called from authenticate_user_login() for all enabled auth plugins.
object | $user | user object, later used for $USER |
string | $username | (with system magic quotes) |
string | $password | plain text password (with system magic quotes) |
auth_oauth2\auth::user_confirm | ( | $username, | |
$confirmsecret ) |
Confirm the new user as registered.
string | $username | |
string | $confirmsecret |
Reimplemented from auth_plugin_base.
|
inherited |
User delete requested - internal user record is mared as deleted already, username not present anymore.
Do any action in external database.
object | $user | Userobject before delete (without system magic quotes) |
void |
|
inherited |
Checks if user exists in external db.
string | $username | (with system magic quotes) |
bool |
Reimplemented in auth_plugin_db, and auth_plugin_ldap.
auth_oauth2\auth::user_login | ( | $username, | |
$password ) |
Returns true if the username and password work or don't exist and false if the user exists and the password is wrong.
string | $username | The username |
string | $password | The password |
bool | Authentication success or failure. |
Reimplemented from auth_plugin_base.
|
inherited |
Sign up a new user ready for confirmation.
Password is passed in plaintext.
object | $user | new user object |
boolean | $notify | print notice with link and terminate |
Reimplemented in auth_plugin_email, and auth_plugin_ldap.
|
inherited |
Called when the user record is updated.
Modifies user in external database. It takes olduser (before changes) and newuser (after changes) compares information saved modified information to external db.
mixed | $olduser | Userobject before modifications (without system magic quotes) |
mixed | $newuser | Userobject new modified userobject (without system magic quotes) |
boolean | true if updated or update ignored; false if error |
Reimplemented in auth_plugin_db, and auth_plugin_ldap.
|
inherited |
Updates the user's password.
In previous versions of Moodle, the function auth_user_update_password accepted a username as the first parameter. The revised function expects a user object.
object | $user | User table object |
string | $newpassword | Plaintext password |
bool | True on success |
Reimplemented in auth_plugin_db, auth_plugin_email, auth_plugin_ldap, auth_plugin_manual, auth_plugin_nologin, auth_plugin_none, and auth_plugin_webservice.
|
inherited |
A chance to validate form data, and last chance to do stuff before it is inserted in config_plugin.
object | object with submitted configuration settings (without system magic quotes) | |
array | $err | array of error messages |