PageRenderTime 144ms CodeModel.GetById 28ms RepoModel.GetById 0ms app.codeStats 0ms

/auth/cas/settings.php

https://bitbucket.org/moodle/moodle
PHP | 293 lines | 178 code | 50 blank | 65 comment | 12 complexity | 638f1071dc2ad0efbcb12fb3a13b4b17 MD5 | raw file
Possible License(s): Apache-2.0, LGPL-2.1, BSD-3-Clause, MIT, GPL-3.0
  1. <?php
  2. // This file is part of Moodle - http://moodle.org/
  3. //
  4. // Moodle is free software: you can redistribute it and/or modify
  5. // it under the terms of the GNU General Public License as published by
  6. // the Free Software Foundation, either version 3 of the License, or
  7. // (at your option) any later version.
  8. //
  9. // Moodle is distributed in the hope that it will be useful,
  10. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. // GNU General Public License for more details.
  13. //
  14. // You should have received a copy of the GNU General Public License
  15. // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
  16. /**
  17. * Admin settings and defaults.
  18. *
  19. * @package auth_cas
  20. * @copyright 2017 Stephen Bourget
  21. * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
  22. */
  23. defined('MOODLE_INTERNAL') || die;
  24. if ($ADMIN->fulltree) {
  25. if (!function_exists('ldap_connect')) {
  26. $notify = new \core\output\notification(get_string('auth_casnotinstalled', 'auth_cas'),
  27. \core\output\notification::NOTIFY_WARNING);
  28. $settings->add(new admin_setting_heading('auth_casnotinstalled', '', $OUTPUT->render($notify)));
  29. } else {
  30. // We use a couple of custom admin settings since we need to massage the data before it is inserted into the DB.
  31. require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_lowercase_configtext.php');
  32. require_once($CFG->dirroot.'/auth/ldap/classes/admin_setting_special_contexts_configtext.php');
  33. // Include needed files.
  34. require_once($CFG->dirroot.'/auth/cas/auth.php');
  35. require_once($CFG->dirroot.'/auth/cas/languages.php');
  36. // Introductory explanation.
  37. $settings->add(new admin_setting_heading('auth_cas/pluginname', '',
  38. new lang_string('auth_casdescription', 'auth_cas')));
  39. // CAS server configuration label.
  40. $settings->add(new admin_setting_heading('auth_cas/casserversettings',
  41. new lang_string('auth_cas_server_settings', 'auth_cas'), ''));
  42. // Authentication method name.
  43. $settings->add(new admin_setting_configtext('auth_cas/auth_name',
  44. get_string('auth_cas_auth_name', 'auth_cas'),
  45. get_string('auth_cas_auth_name_description', 'auth_cas'),
  46. get_string('auth_cas_auth_service', 'auth_cas'),
  47. PARAM_RAW_TRIMMED));
  48. // Authentication method logo.
  49. $opts = array('accepted_types' => array('.png', '.jpg', '.gif', '.webp', '.tiff', '.svg'));
  50. $settings->add(new admin_setting_configstoredfile('auth_cas/auth_logo',
  51. get_string('auth_cas_auth_logo', 'auth_cas'),
  52. get_string('auth_cas_auth_logo_description', 'auth_cas'), 'logo', 0, $opts));
  53. // Hostname.
  54. $settings->add(new admin_setting_configtext('auth_cas/hostname',
  55. get_string('auth_cas_hostname_key', 'auth_cas'),
  56. get_string('auth_cas_hostname', 'auth_cas'), '', PARAM_RAW_TRIMMED));
  57. // Base URI.
  58. $settings->add(new admin_setting_configtext('auth_cas/baseuri',
  59. get_string('auth_cas_baseuri_key', 'auth_cas'),
  60. get_string('auth_cas_baseuri', 'auth_cas'), '', PARAM_RAW_TRIMMED));
  61. // Port.
  62. $settings->add(new admin_setting_configtext('auth_cas/port',
  63. get_string('auth_cas_port_key', 'auth_cas'),
  64. get_string('auth_cas_port', 'auth_cas'), '', PARAM_INT));
  65. // CAS Version.
  66. $casversions = array();
  67. $casversions[CAS_VERSION_1_0] = 'CAS 1.0';
  68. $casversions[CAS_VERSION_2_0] = 'CAS 2.0';
  69. $settings->add(new admin_setting_configselect('auth_cas/casversion',
  70. new lang_string('auth_cas_casversion', 'auth_cas'),
  71. new lang_string('auth_cas_version', 'auth_cas'), CAS_VERSION_2_0, $casversions));
  72. // Language.
  73. if (!isset($CASLANGUAGES) || empty($CASLANGUAGES)) {
  74. // Prevent warnings on other admin pages.
  75. // $CASLANGUAGES is defined in /auth/cas/languages.php.
  76. $CASLANGUAGES = array();
  77. $CASLANGUAGES[PHPCAS_LANG_ENGLISH] = 'English';
  78. $CASLANGUAGES[PHPCAS_LANG_FRENCH] = 'French';
  79. }
  80. $settings->add(new admin_setting_configselect('auth_cas/language',
  81. new lang_string('auth_cas_language_key', 'auth_cas'),
  82. new lang_string('auth_cas_language', 'auth_cas'), PHPCAS_LANG_ENGLISH, $CASLANGUAGES));
  83. // Proxy.
  84. $yesno = array(
  85. new lang_string('no'),
  86. new lang_string('yes'),
  87. );
  88. $settings->add(new admin_setting_configselect('auth_cas/proxycas',
  89. new lang_string('auth_cas_proxycas_key', 'auth_cas'),
  90. new lang_string('auth_cas_proxycas', 'auth_cas'), 0 , $yesno));
  91. // Logout option.
  92. $settings->add(new admin_setting_configselect('auth_cas/logoutcas',
  93. new lang_string('auth_cas_logoutcas_key', 'auth_cas'),
  94. new lang_string('auth_cas_logoutcas', 'auth_cas'), 0 , $yesno));
  95. // Multi-auth.
  96. $settings->add(new admin_setting_configselect('auth_cas/multiauth',
  97. new lang_string('auth_cas_multiauth_key', 'auth_cas'),
  98. new lang_string('auth_cas_multiauth', 'auth_cas'), 0 , $yesno));
  99. // Server validation.
  100. $settings->add(new admin_setting_configselect('auth_cas/certificate_check',
  101. new lang_string('auth_cas_certificate_check_key', 'auth_cas'),
  102. new lang_string('auth_cas_certificate_check', 'auth_cas'), 0 , $yesno));
  103. // Certificate path.
  104. $settings->add(new admin_setting_configfile('auth_cas/certificate_path',
  105. get_string('auth_cas_certificate_path_key', 'auth_cas'),
  106. get_string('auth_cas_certificate_path', 'auth_cas'), ''));
  107. // CURL SSL version.
  108. $sslversions = array();
  109. $sslversions[''] = get_string('auth_cas_curl_ssl_version_default', 'auth_cas');
  110. if (defined('CURL_SSLVERSION_TLSv1')) {
  111. $sslversions[CURL_SSLVERSION_TLSv1] = get_string('auth_cas_curl_ssl_version_TLSv1x', 'auth_cas');
  112. }
  113. if (defined('CURL_SSLVERSION_TLSv1_0')) {
  114. $sslversions[CURL_SSLVERSION_TLSv1_0] = get_string('auth_cas_curl_ssl_version_TLSv10', 'auth_cas');
  115. }
  116. if (defined('CURL_SSLVERSION_TLSv1_1')) {
  117. $sslversions[CURL_SSLVERSION_TLSv1_1] = get_string('auth_cas_curl_ssl_version_TLSv11', 'auth_cas');
  118. }
  119. if (defined('CURL_SSLVERSION_TLSv1_2')) {
  120. $sslversions[CURL_SSLVERSION_TLSv1_2] = get_string('auth_cas_curl_ssl_version_TLSv12', 'auth_cas');
  121. }
  122. if (defined('CURL_SSLVERSION_SSLv2')) {
  123. $sslversions[CURL_SSLVERSION_SSLv2] = get_string('auth_cas_curl_ssl_version_SSLv2', 'auth_cas');
  124. }
  125. if (defined('CURL_SSLVERSION_SSLv3')) {
  126. $sslversions[CURL_SSLVERSION_SSLv3] = get_string('auth_cas_curl_ssl_version_SSLv3', 'auth_cas');
  127. }
  128. $settings->add(new admin_setting_configselect('auth_cas/curl_ssl_version',
  129. new lang_string('auth_cas_curl_ssl_version_key', 'auth_cas'),
  130. new lang_string('auth_cas_curl_ssl_version', 'auth_cas'), '' , $sslversions));
  131. // Alt Logout URL.
  132. $settings->add(new admin_setting_configtext('auth_cas/logout_return_url',
  133. get_string('auth_cas_logout_return_url_key', 'auth_cas'),
  134. get_string('auth_cas_logout_return_url', 'auth_cas'), '', PARAM_URL));
  135. // LDAP server settings.
  136. $settings->add(new admin_setting_heading('auth_cas/ldapserversettings',
  137. new lang_string('auth_ldap_server_settings', 'auth_ldap'), ''));
  138. // Host.
  139. $settings->add(new admin_setting_configtext('auth_cas/host_url',
  140. get_string('auth_ldap_host_url_key', 'auth_ldap'),
  141. get_string('auth_ldap_host_url', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
  142. // Version.
  143. $versions = array();
  144. $versions[2] = '2';
  145. $versions[3] = '3';
  146. $settings->add(new admin_setting_configselect('auth_cas/ldap_version',
  147. new lang_string('auth_ldap_version_key', 'auth_ldap'),
  148. new lang_string('auth_ldap_version', 'auth_ldap'), 3, $versions));
  149. // Start TLS.
  150. $settings->add(new admin_setting_configselect('auth_cas/start_tls',
  151. new lang_string('start_tls_key', 'auth_ldap'),
  152. new lang_string('start_tls', 'auth_ldap'), 0 , $yesno));
  153. // Encoding.
  154. $settings->add(new admin_setting_configtext('auth_cas/ldapencoding',
  155. get_string('auth_ldap_ldap_encoding_key', 'auth_ldap'),
  156. get_string('auth_ldap_ldap_encoding', 'auth_ldap'), 'utf-8', PARAM_RAW_TRIMMED));
  157. // Page Size. (Hide if not available).
  158. $settings->add(new admin_setting_configtext('auth_cas/pagesize',
  159. get_string('pagesize_key', 'auth_ldap'),
  160. get_string('pagesize', 'auth_ldap'), '250', PARAM_INT));
  161. // Bind settings.
  162. $settings->add(new admin_setting_heading('auth_cas/ldapbindsettings',
  163. new lang_string('auth_ldap_bind_settings', 'auth_ldap'), ''));
  164. // User ID.
  165. $settings->add(new admin_setting_configtext('auth_cas/bind_dn',
  166. get_string('auth_ldap_bind_dn_key', 'auth_ldap'),
  167. get_string('auth_ldap_bind_dn', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
  168. // Password.
  169. $settings->add(new admin_setting_configpasswordunmask('auth_cas/bind_pw',
  170. get_string('auth_ldap_bind_pw_key', 'auth_ldap'),
  171. get_string('auth_ldap_bind_pw', 'auth_ldap'), ''));
  172. // User Lookup settings.
  173. $settings->add(new admin_setting_heading('auth_cas/ldapuserlookup',
  174. new lang_string('auth_ldap_user_settings', 'auth_ldap'), ''));
  175. // User Type.
  176. $settings->add(new admin_setting_configselect('auth_cas/user_type',
  177. new lang_string('auth_ldap_user_type_key', 'auth_ldap'),
  178. new lang_string('auth_ldap_user_type', 'auth_ldap'), 'default', ldap_supported_usertypes()));
  179. // Contexts.
  180. $settings->add(new auth_ldap_admin_setting_special_contexts_configtext('auth_cas/contexts',
  181. get_string('auth_ldap_contexts_key', 'auth_ldap'),
  182. get_string('auth_ldap_contexts', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
  183. // Search subcontexts.
  184. $settings->add(new admin_setting_configselect('auth_cas/search_sub',
  185. new lang_string('auth_ldap_search_sub_key', 'auth_ldap'),
  186. new lang_string('auth_ldap_search_sub', 'auth_ldap'), 0 , $yesno));
  187. // Dereference aliases.
  188. $optderef = array();
  189. $optderef[LDAP_DEREF_NEVER] = get_string('no');
  190. $optderef[LDAP_DEREF_ALWAYS] = get_string('yes');
  191. $settings->add(new admin_setting_configselect('auth_cas/opt_deref',
  192. new lang_string('auth_ldap_opt_deref_key', 'auth_ldap'),
  193. new lang_string('auth_ldap_opt_deref', 'auth_ldap'), LDAP_DEREF_NEVER , $optderef));
  194. // User attribute.
  195. $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/user_attribute',
  196. get_string('auth_ldap_user_attribute_key', 'auth_ldap'),
  197. get_string('auth_ldap_user_attribute', 'auth_ldap'), '', PARAM_RAW));
  198. // Member attribute.
  199. $settings->add(new auth_ldap_admin_setting_special_lowercase_configtext('auth_cas/memberattribute',
  200. get_string('auth_ldap_memberattribute_key', 'auth_ldap'),
  201. get_string('auth_ldap_memberattribute', 'auth_ldap'), '', PARAM_RAW));
  202. // Member attribute uses dn.
  203. $settings->add(new admin_setting_configselect('auth_cas/memberattribute_isdn',
  204. get_string('auth_ldap_memberattribute_isdn_key', 'auth_ldap'),
  205. get_string('auth_ldap_memberattribute_isdn', 'auth_ldap'), 0, $yesno));
  206. // Object class.
  207. $settings->add(new admin_setting_configtext('auth_cas/objectclass',
  208. get_string('auth_ldap_objectclass_key', 'auth_ldap'),
  209. get_string('auth_ldap_objectclass', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
  210. // Course Creators Header.
  211. $settings->add(new admin_setting_heading('auth_cas/coursecreators',
  212. new lang_string('coursecreators'), ''));
  213. // Course creators attribute field mapping.
  214. $settings->add(new admin_setting_configtext('auth_cas/attrcreators',
  215. get_string('auth_ldap_attrcreators_key', 'auth_ldap'),
  216. get_string('auth_ldap_attrcreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
  217. // Course creator group field mapping.
  218. $settings->add(new admin_setting_configtext('auth_cas/groupecreators',
  219. get_string('auth_ldap_groupecreators_key', 'auth_ldap'),
  220. get_string('auth_ldap_groupecreators', 'auth_ldap'), '', PARAM_RAW_TRIMMED));
  221. // User Account Sync.
  222. $settings->add(new admin_setting_heading('auth_cas/syncusers',
  223. new lang_string('auth_sync_script', 'auth'), ''));
  224. // Remove external user.
  225. $deleteopt = array();
  226. $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep', 'auth');
  227. $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend', 'auth');
  228. $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete', 'auth');
  229. $settings->add(new admin_setting_configselect('auth_cas/removeuser',
  230. new lang_string('auth_remove_user_key', 'auth'),
  231. new lang_string('auth_remove_user', 'auth'), AUTH_REMOVEUSER_KEEP, $deleteopt));
  232. }
  233. // Display locking / mapping of profile fields.
  234. $authplugin = get_auth_plugin('cas');
  235. $help = get_string('auth_ldapextrafields', 'auth_ldap');
  236. $help .= get_string('auth_updatelocal_expl', 'auth');
  237. $help .= get_string('auth_fieldlock_expl', 'auth');
  238. $help .= get_string('auth_updateremote_expl', 'auth');
  239. $help .= '<hr />';
  240. $help .= get_string('auth_updateremote_ldap', 'auth');
  241. display_auth_lock_options($settings, $authplugin->authtype, $authplugin->userfields, $help, true, true,
  242. $authplugin->get_custom_user_profile_fields());
  243. }