[moodle.git] / auth / oauth2 / classes / linked_login.php

<?php
// This file is part of Moodle - http://moodle.org/
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

/**
 * Class for loading/storing issuers from the DB.
 *
 * @package    auth_oauth2
 * @copyright  2017 Damyon Wiese
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */
namespace auth_oauth2;

defined('MOODLE_INTERNAL') || die();

use core\persistent;

/**
 * Class for loading/storing issuer from the DB
 *
 * @copyright  2017 Damyon Wiese
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */
class linked_login extends persistent {

    const TABLE = 'auth_oauth2_linked_login';

    /**
     * Return the definition of the properties of this model.
     *
     * @return array
     */
    protected static function define_properties() {
        return array(
            'issuerid' => array(
                'type' => PARAM_INT
            ),
            'userid' => array(
                'type' => PARAM_INT
            ),
            'username' => array(
                'type' => PARAM_RAW
            ),
            'email' => array(
                'type' => PARAM_RAW
            ),
            'confirmtoken' => array(
                'type' => PARAM_RAW
            ),
            'confirmtokenexpires' => array(
                'type' => PARAM_INT
            )
        );
    }

    /**
     * Check whether there are any valid linked accounts for this issuer
     * and username combination.
     *
     * @param \core\oauth2\issuer $issuer The issuer
     * @param string $username The username to check
     */
    public static function has_existing_issuer_match(\core\oauth2\issuer $issuer, $username) {
        global $DB;

        $where = "issuerid = :issuerid
              AND username = :username
              AND (confirmtokenexpires = 0 OR confirmtokenexpires > :maxexpiry)";

        $count = $DB->count_records_select(static::TABLE, $where, [
            'issuerid' => $issuer->get('id'),
            'username' => $username,
            'maxexpiry' => (new \DateTime('NOW'))->getTimestamp(),
        ]);

        return $count > 0;
    }

    /**
     * Remove all linked logins that are using issuers that have been deleted.
     *
     * @param int $issuerid The issuer id of the issuer to check, or false to check all (defaults to all)
     * @return boolean
     */
    public static function delete_orphaned($issuerid = false) {
        global $DB;
        // Delete any linked_login entries with a issuerid
        // which does not exist in the issuer table.
        // In the left join, the issuer id will be null
        // where a match linked_login.issuerid is not found.
        $sql = "DELETE FROM {" . self::TABLE . "}
                 WHERE issuerid NOT IN (SELECT id FROM {" . \core\oauth2\issuer::TABLE . "})";
        $params = [];
        if (!empty($issuerid)) {
            $sql .= ' AND issuerid = ?';
            $params['issuerid'] = $issuerid;
        }
        return $DB->execute($sql, $params);
    }

}
Commit	Line	Data
1dca8d1a DW	1	<?php
	2	// This file is part of Moodle - http://moodle.org/
	3	//
	4	// Moodle is free software: you can redistribute it and/or modify
	5	// it under the terms of the GNU General Public License as published by
	6	// the Free Software Foundation, either version 3 of the License, or
	7	// (at your option) any later version.
	8	//
	9	// Moodle is distributed in the hope that it will be useful,
	10	// but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	// GNU General Public License for more details.
	13	//
	14	// You should have received a copy of the GNU General Public License
	15	// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
	16
	17	/**
	18	* Class for loading/storing issuers from the DB.
	19	*
72fd103a	20	* @package auth_oauth2
1dca8d1a DW	21	* @copyright 2017 Damyon Wiese
	22	* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
	23	*/
	24	namespace auth_oauth2;
	25
	26	defined('MOODLE_INTERNAL') \|\| die();
	27
	28	use core\persistent;
	29
	30	/**
	31	* Class for loading/storing issuer from the DB
	32	*
	33	* @copyright 2017 Damyon Wiese
	34	* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
	35	*/
	36	class linked_login extends persistent {
	37
1dca8d1a DW	38	const TABLE = 'auth_oauth2_linked_login';
	39
	40	/**
	41	* Return the definition of the properties of this model.
	42	*
	43	* @return array
	44	*/
	45	protected static function define_properties() {
	46	return array(
	47	'issuerid' => array(
	48	'type' => PARAM_INT
	49	),
	50	'userid' => array(
	51	'type' => PARAM_INT
	52	),
	53	'username' => array(
	54	'type' => PARAM_RAW
	55	),
	56	'email' => array(
	57	'type' => PARAM_RAW
28b592d5 DW	58	),
	59	'confirmtoken' => array(
	60	'type' => PARAM_RAW
	61	),
	62	'confirmtokenexpires' => array(
	63	'type' => PARAM_INT
1dca8d1a DW	64	)
	65	);
	66	}
	67
95dd5e3b AN	68	/**
	69	* Check whether there are any valid linked accounts for this issuer
	70	* and username combination.
	71	*
	72	* @param \core\oauth2\issuer $issuer The issuer
	73	* @param string $username The username to check
	74	*/
	75	public static function has_existing_issuer_match(\core\oauth2\issuer $issuer, $username) {
	76	global $DB;
	77
	78	$where = "issuerid = :issuerid
	79	AND username = :username
	80	AND (confirmtokenexpires = 0 OR confirmtokenexpires > :maxexpiry)";
	81
	82	$count = $DB->count_records_select(static::TABLE, $where, [
	83	'issuerid' => $issuer->get('id'),
	84	'username' => $username,
	85	'maxexpiry' => (new \DateTime('NOW'))->getTimestamp(),
	86	]);
	87
	88	return $count > 0;
	89	}
	90
4c8727ba JO	91	/**
	92	* Remove all linked logins that are using issuers that have been deleted.
	93	*
	94	* @param int $issuerid The issuer id of the issuer to check, or false to check all (defaults to all)
	95	* @return boolean
	96	*/
	97	public static function delete_orphaned($issuerid = false) {
	98	global $DB;
	99	// Delete any linked_login entries with a issuerid
	100	// which does not exist in the issuer table.
	101	// In the left join, the issuer id will be null
	102	// where a match linked_login.issuerid is not found.
	103	$sql = "DELETE FROM {" . self::TABLE . "}
	104	WHERE issuerid NOT IN (SELECT id FROM {" . \core\oauth2\issuer::TABLE . "})";
	105	$params = [];
	106	if (!empty($issuerid)) {
	107	$sql .= ' AND issuerid = ?';
	108	$params['issuerid'] = $issuerid;
	109	}
	110	return $DB->execute($sql, $params);
	111	}
	112
1dca8d1a	113	}