auth/oauth2/confirm-account.php

   1 <?php
   2 // This file is part of Moodle - http://moodle.org/
   3 //
   4 // Moodle is free software: you can redistribute it and/or modify
   5 // it under the terms of the GNU General Public License as published by
   6 // the Free Software Foundation, either version 3 of the License, or
   7 // (at your option) any later version.
   8 //
   9 // Moodle is distributed in the hope that it will be useful,
  10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12 // GNU General Public License for more details.
  13 //
  14 // You should have received a copy of the GNU General Public License
  15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
  16
  17 /**
  18  * Confirm self oauth2 user.
  19  *
  20  * @package    auth_oauth2
  21  * @copyright  2017 Damyon Wiese
  22  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  23  */
  24
  25 require('../../config.php');
  26 require_once($CFG->libdir . '/authlib.php');
  27
  28 $usersecret = required_param('token', PARAM_RAW);
  29 $username = required_param('username', PARAM_USERNAME);
  30 $redirect = optional_param('redirect', '', PARAM_LOCALURL);    // Where to redirect the browser once the user has been confirmed.
  31
  32 $PAGE->set_url('/auth/oauth2/confirm-account.php');
  33 $PAGE->set_context(context_system::instance());
  34
  35 $auth = get_auth_plugin('oauth2');
  36
  37 if (!\auth_oauth2\api::is_enabled()) {
  38     throw new \moodle_exception('notenabled', 'auth_oauth2');
  39 }
  40
  41 $confirmed = $auth->user_confirm($username, $usersecret);
  42
  43 if ($confirmed == AUTH_CONFIRM_ALREADY) {
  44     $user = get_complete_user_data('username', $username);
  45     $PAGE->navbar->add(get_string("alreadyconfirmed"));
  46     $PAGE->set_title(get_string("alreadyconfirmed"));
  47     $PAGE->set_heading($COURSE->fullname);
  48     echo $OUTPUT->header();
  49     echo $OUTPUT->box_start('generalbox centerpara boxwidthnormal boxaligncenter');
  50     echo "<p>".get_string("alreadyconfirmed")."</p>\n";
  51     echo $OUTPUT->single_button("$CFG->wwwroot/course/", get_string('courses'));
  52     echo $OUTPUT->box_end();
  53     echo $OUTPUT->footer();
  54     exit;
  55
  56 } else if ($confirmed == AUTH_CONFIRM_OK) {
  57
  58     // The user has confirmed successfully, let's log them in.
  59
  60     if (!$user = get_complete_user_data('username', $username)) {
  61         print_error('cannotfinduser', '', '', s($username));
  62     }
  63
  64     if (!$user->suspended) {
  65         complete_user_login($user);
  66
  67         \core\session\manager::apply_concurrent_login_limit($user->id, session_id());
  68
  69         // Check where to go, $redirect has a higher preference.
  70         if (empty($redirect) and !empty($SESSION->wantsurl) ) {
  71             $redirect = $SESSION->wantsurl;
  72             unset($SESSION->wantsurl);
  73         }
  74
  75         if (!empty($redirect)) {
  76             redirect($redirect);
  77         }
  78     }
  79
  80     $PAGE->navbar->add(get_string("confirmed"));
  81     $PAGE->set_title(get_string("confirmed"));
  82     $PAGE->set_heading($COURSE->fullname);
  83     echo $OUTPUT->header();
  84     echo $OUTPUT->box_start('generalbox centerpara boxwidthnormal boxaligncenter');
  85     echo "<h3>".get_string("thanks").", ". fullname($USER) . "</h3>\n";
  86     echo "<p>".get_string("confirmed")."</p>\n";
  87     echo $OUTPUT->single_button("$CFG->wwwroot/course/", get_string('courses'));
  88     echo $OUTPUT->box_end();
  89     echo $OUTPUT->footer();
  90     exit;
  91 } else {
  92     \core\notification::error(get_string('confirmationinvalid', 'auth_oauth2'));
  93 }
  94
  95 redirect("$CFG->wwwroot/");