From bf08e3f94c2f253e6c66b3d639feec3f5d972fe2 Mon Sep 17 00:00:00 2001
From: Brendan Heywood <brendan@catalyst-au.net>
Date: Tue, 20 Jan 2015 14:25:14 +1100
Subject: [PATCH] MDL-48887 An auth plugin hook enabling removal of redundant
 redirects

This introduces a new hook allowing an auth plugin to redirect to an
external login page directly without redundant redirects to the standard
login page first, or where possible to authenticate the user and simply
continue loading the page without any redirects. For some protocols such
as SAML reducing the number of redirects to the bare minimum greatly
speeds up the login process on high latency networks.
---
 lib/authlib.php   | 20 ++++++++++++++++++++
 lib/moodlelib.php | 18 ++++++++++++++++--
 2 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/lib/authlib.php b/lib/authlib.php
index dc2ceb90f0c..cb9ef99ecbc 100644
--- a/lib/authlib.php
+++ b/lib/authlib.php
@@ -435,6 +435,26 @@ class auth_plugin_base {
         //override if needed
     }
 
+    /**
+     * Hook for overriding behaviour before going to the login page.
+     *
+     * This method is called from require_login from potentially any page for
+     * all enabled auth plugins and gives each plugin a chance to redirect
+     * directly to an external login page, or to instantly login a user where
+     * possible.
+     *
+     * If an auth plugin implements this hook, it must not rely on ONLY this
+     * hook in order to work, as there are many ways a user can browse directly
+     * to the standard login page. As a general rule in this case you should
+     * also implement the loginpage_hook as well.
+     *
+     */
+    function pre_loginpage_hook() {
+        // override if needed, eg by redirecting to an external login page
+        // or logging in a user:
+        // complete_user_login($user);
+    }
+
     /**
      * Post authentication hook.
      * This method is called from authenticate_user_login() for all enabled auth plugins.
diff --git a/lib/moodlelib.php b/lib/moodlelib.php
index 7b74a701dff..b80bb302ce9 100644
--- a/lib/moodlelib.php
+++ b/lib/moodlelib.php
@@ -2902,8 +2902,22 @@ function require_login($courseorid = null, $autologinguest = true, $cm = null, $
             if (!empty($_SERVER['HTTP_REFERER'])) {
                 $SESSION->fromurl  = $_SERVER['HTTP_REFERER'];
             }
-            redirect(get_login_url());
-            exit; // Never reached.
+
+            // Give auth plugins an opportunity to authenticate or redirect to an external login page
+            $authsequence = get_enabled_auth_plugins(true); // auths, in sequence
+            foreach($authsequence as $authname) {
+                $authplugin = get_auth_plugin($authname);
+                $authplugin->pre_loginpage_hook();
+                if (isloggedin()) {
+                    break;
+                }
+            }
+
+            // If we're still not logged in then go to the login page
+            if (!isloggedin()) {
+                redirect(get_login_url());
+                exit; // Never reached.
+            }
         }
     }
 
-- 
2.43.0