moodle_local_treestudyplan/classes/premium.php
2024-02-14 23:34:32 +01:00

378 lines
14 KiB
PHP

<?php
// This file is part of the Studyplan plugin for Moodle
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle. If not, see <https://www.gnu.org/licenses/>.
/**
* Determine premium status
* @package local_treestudyplan
* @copyright 2023 P.M. Kuipers
* @license https://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
namespace local_treestudyplan;
defined('MOODLE_INTERNAL') || die();
require_once($CFG->libdir.'/externallib.php');
use DateTime;
use moodle_url;
use stdClass;
/**
* Handle badge information in the same style as the other classes
*/
class premium extends \external_api {
private static $premiumcrt = "-----BEGIN CERTIFICATE-----
MIIDSzCCAjMCFFlyhmKf1fN7U5lQL/dtlsyP24AQMA0GCSqGSIb3DQEBCwUAMGEx
CzAJBgNVBAYTAk5MMRYwFAYDVQQIDA1Ob29yZC1Ib2xsYW5kMRowGAYDVQQKDBFN
aXFyYSBFbmdpbmVlcmluZzEeMBwGA1UEAwwVVHJlZVN0dWR5cGxhbiBQcmVtaXVt
MCAXDTI0MDIxMDE2MDQwM1oYDzIxMjQwMTE3MTYwNDAzWjBhMQswCQYDVQQGEwJO
TDEWMBQGA1UECAwNTm9vcmQtSG9sbGFuZDEaMBgGA1UECgwRTWlxcmEgRW5naW5l
ZXJpbmcxHjAcBgNVBAMMFVRyZWVTdHVkeXBsYW4gUHJlbWl1bTCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBAOD7+Nf5UBYGmIadI+kRM7vSPGA12F6cyZuZ
O/JsdCWzZx3cCgVYt29DxHRvFVGrhGGLsoaMY9iXc9LdeO02jKqL3RoPo2kc5moT
SNarsKZcGZXgqo5NATmdMLqQpKAy41H0ybgXZDLq5XKs9YIRlkwSpzQTNeP49mOl
48giVX3icbpMw1TdQotalKXAtcs62o+guQJNANpjBRxPXssrmDoNXrJcAtUjNOjx
8M+8tCmwkKwBoK8F3wWxIo04kZ9KILtybMmn4VJJ6SwLEf4StphTIoru8zS7XUt8
3HbV3PsiyYErPlwIcobfcjwZJpub23bzetvxRvhpeIpLhrTGrPMCAwEAATANBgkq
hkiG9w0BAQsFAAOCAQEAQwkbP6m3sdQgXEK3mYYZvvs6R/FI9QPu/9ICA+dgfj4y
7wvL0toYYR5oXdhO9At3MYmS+0bFUmqoTS+cxsC4COpEKFbRBWwbJ3NXAw14Hx2U
ELLqMZGJNOwNV+3ZdhADrwA++AjUqu144ObrcNUqo4+A4h9R8qj+o0J50Gvwja9R
Uh67LsF4Ls8fUtqzpqct94bUl6MPMHlH4qpZlgndmQdgOwLWeQEmM8X3WtSJH90S
n8FqBInMBhGu1uz0Qeo09ke0RHRnghP9EXfig/veMegASZeEhFqmS2Bdiy6gqeZ5
Klc5I28bGbvxIV5pnL6ZSjHEDp2WreM8HB0XFJwU+Q==
-----END CERTIFICATE-----";
private static $cachedpremiumstatus = null;
private static function decrypt($encrypted) {
// Get the public key.
$key = \openssl_get_publickey(self::$premiumcrt);
if ($key === false ){
throw new \ValueError("Error parsing public key data)");
}
// Determine the key size.
$keysize = \openssl_pkey_get_details($key)["bits"];
//
$blocksize = ($keysize / 8); // Bits / 8. Whether padded or not.
// Decode data in
$b64 = \base64_decode($encrypted);
if ($b64 === false) {
throw new \ValueError("Error in base64 decoding");
}
$data = \str_split($b64,$blocksize);
$decrypted = "";
$i = 0;
foreach($data as $chunk) {
if (\openssl_public_decrypt($chunk,$dchunk,$key, \OPENSSL_PKCS1_PADDING)) {
$decrypted .= $dchunk;
} else {
throw new \ValueError("Error decrypting chunk $i ({$blocksize} bytes)");
}
$i++;
}
// Deprecated in PHP 8.0 and up, but included to be compatible with 7.4.
// Wrap in a try/catch in case the function is removed in a later version.
try {
\openssl_pkey_free($key);
} catch (\Exception $x) {}
return $decrypted;
}
private static function trim_headers($data) {
// Headers are repeated in this function for easier testing and copy-pasting into other projects.
$START_HEADER = "----- BEGIN ACTIVATION KEY -----";
$END_HEADER = "----- END ACTIVATION KEY -----";
$parts = preg_split("/\r?\n/",\trim($data));
if (count($parts) > 2) {
$start = -1;
$end = -1;
for($i = 0; $i < count($parts); $i++) {
if ( $parts[$i] == $START_HEADER ) {
$start = $i+1;
}
if ($start > 0 && $parts[$i] == $END_HEADER) {
$end = $i;
}
}
if ($start < 0 || $end < 0 || $end - $start <= 0) {
throw new \ValueError("Invalid activation key wrappers");
} else {
$keyslice = array_slice($parts, $start, $end - $start);
return implode("\n",$keyslice);
}
} else {
throw new \ValueError("Invalid activation key");
}
}
/**
* Check if premium status is enabled
* @return bool
*/
public static function enabled() {
$status = self::premiumStatus();
return $status->enabled;
}
/**
* Check if the premium key includes a specific intent in addition to the treestudyplan.
* @param string $intent The intent to search for
* @return bool
*/
public static function has_intent($intent){
$status = self::premiumStatus();
if ($status->enabled) {
return \in_array(\strtolower($intent),$status->intents);
} else {
return false;
}
}
/**
* Determine, cache and retrieve premium status
* @return object
*/
protected static function premiumStatus() {
if (!isset(self::$cachedpremiumstatus)) {
// Initialize default object.
$o = new \stdClass;
$o->enabled = false;
$o->intents = [];
$o->name = "";
$o->website = "";
$o->expires = "";
$o->expired = false;
$o->issued = "";
$o->message = \get_string("premium:notregistered","local_treestudyplan");
$activationkey = \get_config("local_treestudyplan","premium_key");
if (strlen($activationkey) > 0) {
$activationkey;
try {
$keydata = self::trim_headers($activationkey);
$json = self::decrypt($keydata);
$decoded = \json_decode($json,false);
if (is_object($decoded)) {
// Copy basic data/
$keys = ["name","website","expires","issued"];
foreach ( $keys as $k) {
if (isset($decoded->$k)) {
$o->$k = $decoded->$k;
}
}
if(!empty($decoded->intent)) {
$o->intents = explode(",",$decoded->intent);
}
// Convert dates to DateTime for
$now = new \DateTime();
$issuedate = new \DateTime($o->issued);
$expirydate = new \DateTime(); // Default to now
if ($o->expires == 'never') {
// If expiry date == never
$expirydate->add(new \DateInterval("P1Y"));
} else {
try {
$expirydate = new \DateTime($o->expires);
} catch (\Exception $x) {}
}
if ( \in_array('treestudyplan',$o->intents)
&& !empty($o->issued)
&& self::website_match($o->website)
) {
if ($expirydate > $now ) {
$o->enabled = true;
$o->expired = false;
} else {
$o->expired = true;
$o->enabled = false;
}
// Format dates localized.
$o->issued = \userdate($issuedate->getTimestamp(),\get_string('strftimedate','langconfig'));
if ($o->expires == "never") {
$o->expires = \get_string("premium:never",'local_treestudyplan');
} else {
$o->expires = \userdate($expirydate->getTimestamp(),\get_string('strftimedate','langconfig'));
}
}
}
} catch (\ValueError $x) {
$o->status = \get_string("premium:invalidactivationcontent","local_treestudyplan");
}
}
self::$cachedpremiumstatus = $o;
}
return self::$cachedpremiumstatus;
}
/**
* Check if the current site matches the provided key
*/
private static function website_match($key) {
global $CFG;
$site = $CFG->wwwroot;
// Add double slashes to key and site if no scheme is set.
// Basically: if no double slashes present before any dots,shashes or @s.
if(!\preg_match_all('#^[^./@]*?//#',$key )) {
$key = "//".$key;
}
if(!\preg_match_all('#^[^./@]*?//#',$site)) {
$site = "//".$site;
}
// Use parse_url() to split path and host.
$keyurl = (object)\parse_url($key);
$siteurl = (object)\parse_url($site);
// No match if host is empty on key or site
if (empty($keyurl->host) || empty($siteurl->host)) {
return false;
}
// First match the host part.
$keyparts = \array_reverse(\explode(".",$keyurl->host));
$siteparts = \array_reverse(\explode(".",$siteurl->host));
// Trim starting www from both parts, since site.domain and www.site.domain should be treated as the same.
if (($x = \array_pop($keyparts)) != "www") {\array_push($keyparts,$x);}
if (($x = \array_pop($siteparts)) != "www") {\array_push($siteparts,$x);}
for ($i = 0; $i < count($keyparts); $i++) {
// No match if the site does not have a part, but the key does. Unless the key part is *
if (!isset($siteparts[$i]) ) {
if($keyparts[$i] != "*") {
return false;
} else {
$i++; //increment $i by one before break, to make sure the comparison following this loop holds.
break; // Stop comparison. Host part matches.
}
}
// Now do a proper case insensitive check for matching.
// Uses fnmatch to easily handle shell type wildcards.
if ( ! \fnmatch($keyparts[$i],$siteparts[$i],\FNM_CASEFOLD)) {
return false;
}
}
// Fail if the site has a deeper subdomain than the key, unless the deepest key subdomain is *
if ($keyparts[$i-1] != '*' && count($siteparts) > ($i)) {
return false;
}
// If we made it here then the host part matches. Now check the path.
// If path is /*, matches all subpaths including /
$keypath = empty($keyurl->path)?"/":$keyurl->path;
$sitepath = empty($siteurl->path)?"/":$siteurl->path;
// Trim trailing / from both paths before comparison
if (\strlen($sitepath) > 1) {
$sitepath = \rtrim($sitepath,"/");
}
if (\strlen($keypath) > 1) {
$keypath = \rtrim($keypath,"/");
}
// Do a case insensitive fnmatch on the site so wildcards are matched too.
return \fnmatch($keypath,$sitepath,\FNM_CASEFOLD);
}
/**
* Parameter description for webservice function get_premiumstatus
*/
public static function get_premiumstatus_parameters() : \external_function_parameters {
return new \external_function_parameters([]);
}
/**
* Return value description for webservice function get_premiumstatus
*/
public static function get_premiumstatus_returns() : \external_description {
return new \external_single_structure([
"enabled" => new \external_value(PARAM_BOOL, 'premium status enabled'),
"website" => new \external_value(PARAM_TEXT, 'premium registration website'),
"name" => new \external_value(PARAM_TEXT, 'premium registration name'),
"expires" => new \external_value(PARAM_TEXT, 'premium registration expiry date'),
"expired" => new \external_value(PARAM_BOOL, 'premium status expired'),
"intents" => new \external_multiple_structure(new \external_value(PARAM_TEXT),'additional intents included in the license '),
]);
}
/**
* Get premium status information for webservice
* @return object
*/
public static function get_premiumstatus() {
$status = self::premiumStatus();
$keys = [
"enabled",
"website",
"name",
"expires",
"expired",
"intents",
];
$result = [];
foreach ( $keys as $param) {
$result[$param] = $status->$param;
}
return $result;
}
/**
* Get a descriptive text of the current premium status
* @return string HTML description of premium status.
*/
public static function statusdescription() {
$status = self::premiumStatus();
$msg = new \stdClass;
$msg->name = $status->name;
$msg->issued = $status->issued;
$msg->expires = $status->expires;
if ($status->website != "*") {
$msg->sitestatus = \get_string("premium:onsite",'local_treestudyplan',$status);
} else {
$msg->sitestatus = \get_string("premium:anywhere",'local_treestudyplan');;
}
if($status->enabled) {
return \get_string("premium:active",'local_treestudyplan',$msg);
} else if ($status->expired) {
return \get_string("premium:expired",'local_treestudyplan',$msg);
} else if (!self::website_match($status->website)) {
return \get_string("premium:siteinvalid",'local_treestudyplan',$status->website);
} else {
return \get_string("premium:notregistered",'local_treestudyplan',$msg);
}
}
}