Merge branch 'wip-MSFTMPP-110-m27' into MOODLE_27_STABLE

auth.php

@@ -79,10 +79,25 @@ public function loginpage_idp_list($wantsurl) {
         if (empty($this->config->authendpoint) || empty($this->config->tokenendpoint)) {
             return [];
         }
+
+        if (!empty($this->config->customicon)) {
+            $icon = new \pix_icon('0/customicon', get_string('pluginname', 'auth_oidc'), 'auth_oidc');
+        } else {
+            $icon = (!empty($this->config->icon)) ? $this->config->icon : 'auth_oidc:o365';
+            $icon = explode(':', $icon);
+            if (isset($icon[1])) {
+                list($iconcomponent, $iconkey) = $icon;
+            } else {
+                $iconcomponent = 'auth_oidc';
+                $iconkey = 'o365';
+            }
+            $icon = new \pix_icon($iconkey, get_string('pluginname', 'auth_oidc'), $iconcomponent);
+        }
+
         return [
             [
                 'url' => new \moodle_url('/auth/oidc/'),
-                'icon' => new \pix_icon('t/locked', get_string('pluginname', 'auth_oidc')),
+                'icon' => $icon,
                 'name' => $this->config->opname,
             ]
         ];
@@ -526,66 +541,4 @@ public function cron() {
         $params = [time() - (5 * 60)];
         $DB->delete_records_select('auth_oidc_state', 'timecreated < ?', $params);
     }
-
-    /**
-     * Prints a form for configuring this authentication plugin.
-     *
-     * This function is called from admin/auth.php, and outputs a full page with
-     * a form for configuring this plugin.
-     *
-     * @param stdClass $config
-     * @param array $err errors
-     * @param array $userfields
-     * @return void
-     */
-    public function config_form($config, $err, $userfields) {
-        include(__DIR__.'/config.html');
-    }
-
-    /**
-     * A chance to validate form data, and last chance to do stuff before it is inserted in config_plugin.
-     *
-     * @param object object with submitted configuration settings (without system magic quotes)
-     * @param array $err array of error messages
-     */
-    public function validate_form($form, &$err) {
-        if (!empty($form->authendpoint)) {
-            if (clean_param($form->authendpoint, PARAM_URL) !== $form->authendpoint) {
-                $err['authendpoint'] = get_string('cfg_err_invalidauthendpoint', 'auth_oidc');
-            }
-            // Strip api-version=1.0 from AAD URLs until issues with OIDC are sorted out.
-            if (strpos($form->authendpoint, 'https://login.windows.net/') === 0) {
-                $needle = 'api-version=1.0';
-                if (substr($form->authendpoint, strlen($needle) * -1) === $needle) {
-                    $form->authendpoint = substr($form->authendpoint, 0, strlen($form->authendpoint) - strlen($needle));
-                }
-            }
-        }
-        if (!empty($form->tokenendpoint)) {
-            if (clean_param($form->tokenendpoint, PARAM_URL) !== $form->tokenendpoint) {
-                $err['tokenendpoint'] = get_string('cfg_err_invalidtokenendpoint', 'auth_oidc');
-            }
-            // Strip api-version=1.0 from AAD URLs until issues with OIDC are sorted out.
-            if (strpos($form->tokenendpoint, 'https://login.windows.net/') === 0) {
-                $needle = 'api-version=1.0';
-                if (substr($form->tokenendpoint, strlen($needle) * -1) === $needle) {
-                    $form->tokenendpoint = substr($form->tokenendpoint, 0, strlen($form->tokenendpoint) - strlen($needle));
-                }
-            }
-        }
-    }
-
-    /**
-     * Processes and stores configuration data for this authentication plugin.
-     *
-     * @param object object with submitted configuration settings (without system magic quotes)
-     */
-    public function process_config($config) {
-        set_config('opname', $config->opname, 'auth_oidc');
-        set_config('clientid', $config->clientid, 'auth_oidc');
-        set_config('clientsecret', $config->clientsecret, 'auth_oidc');
-        set_config('authendpoint', $config->authendpoint, 'auth_oidc');
-        set_config('tokenendpoint', $config->tokenendpoint, 'auth_oidc');
-        return true;
-    }
 }

classes/form/adminsetting/iconselect.php

@@ -0,0 +1,144 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * @package auth_oidc
+ * @author James McQuillan <[email protected]>
+ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ * @copyright (C) 2014 onwards Microsoft Open Technologies, Inc. (http://msopentech.com/)
+ */
+
+namespace auth_oidc\form\adminsetting;
+
+/**
+ * Choose an icon for the identity provider entry on the login page.
+ */
+class iconselect extends \admin_setting {
+    /** @var array The stock icons. */
+    protected $choices = [];
+
+    /**
+     * Constructor.
+     *
+     * @param string $name Name of the setting.
+     * @param string $visiblename Visible name of the setting.
+     * @param string $description Description of the setting.
+     * @param array $defaultsetting Default value.
+     * @param array $choices Array of icon choices.
+     */
+    public function __construct($name, $visiblename, $description, $defaultsetting, $choices) {
+        $this->choices = $choices;
+        parent::__construct($name, $visiblename, $description, $defaultsetting, $choices);
+    }
+
+    /**
+     * Return the setting
+     *
+     * @return mixed returns config if successful else null
+     */
+    public function get_setting() {
+        return $this->config_read($this->name);
+    }
+
+    /**
+     * Save a setting
+     *
+     * @param string $data
+     * @return string empty of error string
+     */
+    public function write_setting($data) {
+        // Validate incoming data.
+        $found = false;
+        foreach ($this->choices as $icon) {
+            $id = $icon['component'].':'.$icon['pix'];
+            if ($data === $id) {
+                $found = true;
+                break;
+            }
+        }
+
+        // Invalid value received, ignore it.
+        if ($found !== true) {
+            return '';
+        }
+
+        return ($this->config_write($this->name, $data) ? '' : get_string('errorsetting', 'admin'));
+    }
+
+    /**
+     * Get admin setting HTML.
+     *
+     * @param mixed $data Saved data.
+     * @param string $query
+     * @return string The setting HTML.
+     */
+    public function output_html($data, $query = '') {
+        global $OUTPUT;
+        $html = '<style>
+            label.iconselect {
+                display: inline-block !important;
+                padding: 0 !important;
+                margin: 5px;
+            }
+            label.iconselect img {
+                width: 25px;
+                height: 25px;
+                padding: 10px;
+            }
+            input.iconselect {
+                display: none;
+            }
+            input[type="radio"].iconselect:checked + label.iconselect {
+                outline: 1px solid #007fec;
+            }
+            body.ie input.iconselect {
+                display: inline-block;
+            }
+            body.ie label.iconselect {
+                margin-left: 0;
+                margin-right: 20px;
+            }
+            body.ie label.iconselect img {
+                padding: 5px;
+            }
+        </style>';
+        $html .= \html_writer::start_tag('div', ['style' => 'max-width: 390px']);
+        $selected = (!empty($data)) ? $data : $this->defaultsetting;
+        foreach ($this->choices as $icon) {
+            $id = $icon['component'].':'.$icon['pix'];
+            $iconhtml = $OUTPUT->pix_icon($icon['pix'], $icon['alt'], $icon['component']);
+            $inputattrs = [
+                'type' => 'radio',
+                'id' => $id,
+                'name' => $this->get_full_name(),
+                'value' => $id,
+                'class' => 'iconselect',
+            ];
+
+            if ($id === $selected) {
+                $inputattrs['checked'] = 'checked';
+            }
+            $html .= \html_writer::empty_tag('input', $inputattrs);
+            $labelattrs = [
+                'class' => 'iconselect'
+            ];
+            $html .= \html_writer::label($iconhtml, $id, true, $labelattrs);
+        }
+        $html .= \html_writer::end_tag('div');
+
+        return format_admin_setting($this, $this->visiblename, $html, $this->description, true, '', null, $query);
+    }
+}

classes/form/adminsetting/redirecturi.php

@@ -0,0 +1,82 @@
+<?php
+// This file is part of Moodle - http://moodle.org/
+//
+// Moodle is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Moodle is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * @package auth_oidc
+ * @author James McQuillan <[email protected]>
+ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ * @copyright (C) 2014 onwards Microsoft Open Technologies, Inc. (http://msopentech.com/)
+ */
+
+namespace auth_oidc\form\adminsetting;
+
+/**
+ * Displays the redirect URI for easier config.
+ */
+class redirecturi extends \admin_setting {
+
+    /**
+     * Constructor.
+     *
+     * @param string $name Name of the setting.
+     * @param string $visiblename Visible name of the setting.
+     * @param string $description Description of the setting.
+     * @param array $defaultsetting Default value.
+     * @param array $choices Array of icon choices.
+     */
+    public function __construct($name, $heading, $description) {
+        $this->nosave = true;
+        parent::__construct($name, $heading, $description, '');
+    }
+
+    /**
+     * Always returns true because we have no real setting.
+     *
+     * @return bool Always returns true
+     */
+    public function get_setting() {
+        return true;
+    }
+
+    /**
+     * Always returns true because we have no real setting.
+     *
+     * @return bool Always returns true
+     */
+    public function get_defaultsetting() {
+        return true;
+    }
+
+    /**
+     * Never write settings.
+     *
+     * @return string Always returns an empty string.
+     */
+    public function write_setting($data) {
+        return '';
+    }
+
+    /**
+     * Returns an HTML string for the redirect uri display.
+     *
+     * @return string Returns an HTML string.
+     */
+    public function output_html($data, $query = '') {
+        global $CFG;
+        $html = \html_writer::tag('h5', $CFG->wwwroot.'/auth/oidc/');
+        return format_admin_setting($this, $this->visiblename, $html, $this->description, true, '', null, $query);
+    }
+}