forked from samfromlv/moodle-local_oauth
-
Notifications
You must be signed in to change notification settings - Fork 1
/
user_info.php
62 lines (49 loc) · 2.27 KB
/
user_info.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<?php
require_once '../../config.php';
require_once __DIR__.'/lib.php';
\core\session\manager::write_close();
$server = oauth_get_server();
if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
$logparams = array('other' => array('cause' => 'invalid_approval'));
$event = \local_oauth\event\user_info_request_failed::create($logparams);
$event->trigger();
$server->getResponse()->send();
die();
}
$token = $server->getAccessTokenData(OAuth2\Request::createFromGlobals());
if (isset($token['user_id']) && !empty($token['user_id'])) {
$user = $DB->get_record('user', array('id'=>$token['user_id']), 'id,auth,username,idnumber,firstname,lastname,middlename,email,lang,country,phone1,institution,department,address,city,description');
if (!$user) {
$logparams = array('other' => array('cause' => 'user_not_found'));
$event = \local_oauth\event\user_info_request_failed::create($logparams);
$event->trigger();
$response->send();
}
$rolestr = array();
$systemcontext = context_system::instance();
$roles = get_user_roles($systemcontext, $token['user_id']);
foreach ($roles as $role) {
$rolestr[] = role_get_name($role, $systemcontext, ROLENAME_SHORT);
}
$user->system_roles = $rolestr;
$request = OAuth2\Request::createFromGlobals();
$response = new OAuth2\Response();
$scopeRequired = 'user_info';
if (!$server->verifyResourceRequest($request, $response, $scopeRequired)) {
$logparams = array('relateduserid' => $user->id, 'other' => array('cause' => 'insufficient_scope'));
$event = \local_oauth\event\user_info_request_failed::create($logparams);
$event->trigger();
// if the scope required is different from what the token allows, this will send a "401 insufficient_scope" error
$response->send();
}
$logparams = array('userid' => $user->id);
$event = \local_oauth\event\user_info_request::create($logparams);
$event->trigger();
header('Content-Type: application/json');
echo json_encode($user);
} else {
$logparams = array('other' => array('cause' => 'invalid_token'));
$event = \local_oauth\event\user_info_request_failed::create($logparams);
$event->trigger();
$server->getResponse()->send();
}