1. class
  2. local_middag
  3. \
  4. framework
  5. \
  6. service
  7. \
  8. auth_service

auth_service

class auth_service implements auth_service_interface

internal  
 

Authentication Service.

Handles JWT-based authentication (HS256/RS256) for SSO and support access.

Constants

AUTH_JWT

AUTH_JWT_ALGORITHM_SHA

AUTH_JWT_ALGORITHM_RSA

ACTION_MIDDAG_LOGIN

PUBLIC_KEY

Methods

static void
init()

Initializes the authentication process based on the token provided in the request.

static void
redirect()

Redirects the user to the home page or the requested URL safely.

static void
auth_check()

Checks if the user is already logged in.

static moodle_url
generate_login_url(stdClass $user, int $expires = 120)

Generates a login URL with a JWT token based on the provided user data and expiration time.

static stdClass
decrypt(string $value, string $key)

Decode a JWT token using HS256.

static false|stdClass
decrypt_jwt_rsa(string $value)

Decodes a JWT token using RS256 algorithm (Public Key).

static void
middag_rsa(mixed $data)

Handles RSA specific actions like support login.

static void
action_middag_rsa_login()

Execute the support login action.

static void
login_user(mixed $token)

Authenticate a standard user via JWT.

static void
perform_safe_login(stdClass $user)

Performs the login process safely.

static void
auth_jwt(mixed $token)

Wrapper to handle JWT authentication logic.

Details

at line 72
static void init()

Initializes the authentication process based on the token provided in the request.

Return Value

void

Exceptions

coding_exception

at line 105
static void redirect()

Redirects the user to the home page or the requested URL safely.

Return Value

void

Exceptions

coding_exception

at line 129
static void auth_check()

Checks if the user is already logged in.

Return Value

void

Exceptions

moodle_exception

at line 144
static moodle_url generate_login_url(stdClass $user, int $expires = 120)

Generates a login URL with a JWT token based on the provided user data and expiration time.

Parameters

stdClass $user

Moodle user object
int $expires

Expiration in seconds

Return Value

moodle_url

at line 175
static protected stdClass decrypt(string $value, string $key)

Decode a JWT token using HS256.

Parameters

string $value

JWT string
string $key

Secret key

Return Value

stdClass

at line 187
static protected false|stdClass decrypt_jwt_rsa(string $value)

Decodes a JWT token using RS256 algorithm (Public Key).

Parameters

string $value

the JWT string

Return Value

false|stdClass

the decoded payload or false on failure

at line 204
static protected void middag_rsa(mixed $data)

Handles RSA specific actions like support login.

Parameters

mixed $data

the decoded token data

Return Value

void

Exceptions

moodle_exception

at line 221
static protected void action_middag_rsa_login()

Execute the support login action.

Return Value

void

Exceptions

moodle_exception

at line 243
static protected void login_user(mixed $token)

Authenticate a standard user via JWT.

Parameters

mixed $token

JWT token payload

Return Value

void

Exceptions

moodle_exception

at line 295
static protected void perform_safe_login(stdClass $user)

Performs the login process safely.

If running in a PHPUnit environment, it sets the global user without regenerating the session ID (which causes errors in CLI) and avoids the redirect (which kills the test). In production, it performs the standard complete_user_login and redirect.

Parameters

stdClass $user

the Moodle user object

Return Value

void

Exceptions

moodle_exception

at line 319
static protected void auth_jwt(mixed $token)

Wrapper to handle JWT authentication logic.

Parameters

mixed $token

Return Value

void

Exceptions

moodle_exception