From: jerome <jerome>
Date: Fri, 23 Jan 2009 04:55:56 +0000 (+0000)
Subject: web service MDL-12886 implement authentication token systemprototype
X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=89b8ce51d969858ca664db43d8c97b8be2c48818;p=moodle.git

web service MDL-12886 implement authentication token systemprototype
---

diff --git a/webservice/rest/locallib.php b/webservice/rest/locallib.php
index 064825a912..de81868107 100644
--- a/webservice/rest/locallib.php
+++ b/webservice/rest/locallib.php
@@ -35,6 +35,26 @@ function call_moodle_function ($rest_arguments) {
     if ($params === false) {
         //return an error message, the REST params doesn't match with the web service description
     }
+
+/// Authentication process
+/// TODO: this use a fake token => need to implement token generation
+    $token = optional_param('token',null,PARAM_ALPHANUM);
+    if (empty($token)) {
+        if ($functionname != 'tmp_get_token') {
+            throw new moodle_exception('identifyfirst');
+        } else {
+            if (optional_param('username',null,PARAM_ALPHANUM) == 'admin' && optional_param('password',null,PARAM_ALPHANUM) == 'admin') {
+                return '465465465468468464';
+            } else {
+                throw new moodle_exception('wrongusernamepassword');
+            }
+        }
+    } else {
+        if (!mock_check_token($token)) {
+            throw new moodle_exception('wrongidentification');
+        }
+    }
+
     $res = call_user_func_array  ( $classname.'::'.$functionname, array($params));
     
 ///Transform result into xml in order to send the REST response
@@ -43,6 +63,19 @@ function call_moodle_function ($rest_arguments) {
 	return "<Result>$return</Result>";
 }
 
+/**
+ * TODO: remove this funcion once token implementation is done
+ * Mock function waiting for token system implementation
+ * @param <type> $token
+ * @return <type> 
+ */
+function mock_check_token($token) {
+    if ($token == 465465465468468464) {
+        return true;
+    } else {
+        return false;
+    }
+}
 
 /**
  *
diff --git a/webservice/rest/testclient/createuser.php b/webservice/rest/testclient/createuser.php
index 5e564eba01..3b86fab617 100644
--- a/webservice/rest/testclient/createuser.php
+++ b/webservice/rest/testclient/createuser.php
@@ -21,6 +21,17 @@ $data['email'] = "mockuser5@lastname.com";
 
 var_dump($data);
 
+//we are asking for a token
+$connectiondata['username'] = 'admin';
+$connectiondata['password'] = 'admin';
+$ch = curl_init();
+curl_setopt($ch, CURLOPT_URL, $CFG->serverurl.'/user/tmp_get_token');
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+curl_setopt($ch, CURLOPT_POST, 1);
+curl_setopt($ch, CURLOPT_POSTFIELDS, format_postdata($connectiondata));
+$token = curl_exec($ch);
+$data['token'] = $token;
+
 curl_setopt($ch, CURLOPT_URL, $CFG->serverurl.'/user/tmp_create_user');
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 curl_setopt($ch, CURLOPT_POST, 1);
diff --git a/webservice/rest/testclient/deleteuser.php b/webservice/rest/testclient/deleteuser.php
index b8ee31b5d8..a83e99bd46 100644
--- a/webservice/rest/testclient/deleteuser.php
+++ b/webservice/rest/testclient/deleteuser.php
@@ -30,6 +30,18 @@ start_interface("Delete a user");
 <?php
 
 if ($username) {
+  
+     //we are asking for a token
+    $connectiondata['username'] = 'admin';
+    $connectiondata['password'] = 'admin';
+    $ch = curl_init();
+    curl_setopt($ch, CURLOPT_URL, $CFG->serverurl.'/user/tmp_get_token');
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt($ch, CURLOPT_POST, 1);
+    curl_setopt($ch, CURLOPT_POSTFIELDS, format_postdata($connectiondata));
+    $token = curl_exec($ch);
+    $data['token'] = $token;
+
     $data['username'] = $username;
     $data['mnethostid'] = $mnethostid;
 
diff --git a/webservice/rest/testclient/getusers.php b/webservice/rest/testclient/getusers.php
index 5287b94da7..44e9eef1d2 100644
--- a/webservice/rest/testclient/getusers.php
+++ b/webservice/rest/testclient/getusers.php
@@ -34,6 +34,18 @@ if ($search) {
 
     var_dump($CFG->serverurl.'/user/tmp_get_users');
 
+    
+    //we are asking for a token
+    $connectiondata['username'] = 'admin';
+    $connectiondata['password'] = 'admin';
+    $ch = curl_init();
+    curl_setopt($ch, CURLOPT_URL, $CFG->serverurl.'/user/tmp_get_token');
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt($ch, CURLOPT_POST, 1);
+    curl_setopt($ch, CURLOPT_POSTFIELDS, format_postdata($connectiondata));
+    $token = curl_exec($ch);
+    $data['token'] = $token;
+  
     $ch = curl_init();
     curl_setopt($ch, CURLOPT_URL, $CFG->serverurl.'/user/tmp_get_users');
     curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
diff --git a/webservice/rest/testclient/updateuser.php b/webservice/rest/testclient/updateuser.php
index f086c0f32e..65b9fd94c3 100644
--- a/webservice/rest/testclient/updateuser.php
+++ b/webservice/rest/testclient/updateuser.php
@@ -32,6 +32,18 @@ start_interface("Update a user");
 <?php
 
 if ($username) {
+
+    //we are asking for a token
+    $connectiondata['username'] = 'admin';
+    $connectiondata['password'] = 'admin';
+    $ch = curl_init();
+    curl_setopt($ch, CURLOPT_URL, $CFG->serverurl.'/user/tmp_get_token');
+    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+    curl_setopt($ch, CURLOPT_POST, 1);
+    curl_setopt($ch, CURLOPT_POSTFIELDS, format_postdata($connectiondata));
+    $token = curl_exec($ch);
+    $data['token'] = $token;
+
     $data['username'] = $username;
     $data['mnethostid'] = $mnethostid;
     $data['newusername'] = $newusername;