Merge branch 'wip-85446-m311' into MOODLE_311_STABLE

# Conflicts: # local/o365/classes/observers.php
microsoft · Oct 5, 2022 · c20b6a8 · c20b6a8
2 parents 3d1682f + 97be258
commit c20b6a8
Showing 1 changed file with 31 additions and 14 deletions.
diff --git a/classes/observers.php b/classes/observers.php
@@ -841,20 +841,37 @@ public static function handle_config_log_created(config_log_created $event) : bo
 
         $eventdata = $event->get_data();
 
-        // If Azure app is changed, all tokens need to be deleted.
-        if ($eventdata['other']['plugin'] == 'auth_oidc' && $eventdata['other']['name'] == 'clientid') {
-            // Clear local_o365_token table.
-            $DB->delete_records('local_o365_token');
-
-            // Clear auth_oidc_token table.
-            $DB->delete_records('auth_oidc_token');
-
-            // Delete delta user token, and force a user sync task run.
-            unset_config('local_o365', 'task_usersync_lastdeltatoken');
-            if ($usersynctask = $DB->get_record('task_scheduled',
-                ['component' => 'local_o365', 'classname' => '\local_o365\task\usersync'])) {
-                $usersynctask->nextruntime = time();
-                $DB->update_record('task_scheduled', $usersynctask);
+        if ($eventdata['other']['plugin'] == 'auth_oidc') {
+            switch ($eventdata['other']['name']) {
+                case 'clientid':
+                    // Clear local_o365_token table.
+                    $DB->delete_records('local_o365_token');
+
+                    // Clear auth_oidc_token table.
+                    $DB->delete_records('auth_oidc_token');
+
+                    // Clear local_o365_connections table.
+                    $DB->delete_records('local_o365_connections');
+
+                    // Clear user records in local_o365_objects table.
+                    $DB->delete_records('local_o365_objects', ['type' => 'user']);
+
+                    // Delete delta user token, and force a user sync task run.
+                    unset_config('local_o365', 'task_usersync_lastdeltatoken');
+                    if ($usersynctask = $DB->get_record('task_scheduled',
+                        ['component' => 'local_o365', 'classname' => '\local_o365\task\usersync'])) {
+                        $usersynctask->nextruntime = time();
+                        $DB->update_record('task_scheduled', $usersynctask);
+                    }
+
+                    // No call to "break;" on purpose.
+                case 'idptype':
+                case 'clientauthmethod':
+                    // If client ID, IdP type, or authentication method has changed, unset token and verify setup results.
+                    // Azure admin needs to set up again.
+                    unset_config('apptokens', 'local_o365');
+                    unset_config('adminconsent', 'local_o365');
+                    unset_config('azuresetupresult', 'local_o365');
             }
         }