Merge pull request #485 from jrchamp/bc-break/drop-jwt-support

jwt: remove support for deprecated token method

.github/workflows/ci.yml

@@ -88,7 +88,6 @@ jobs:
           DB: ${{ matrix.database }}
           MOODLE_BRANCH: ${{ matrix.moodle-branch }}
           MUSTACHE_IGNORE_NAMES: 'mobile_view_page_latest.mustache,mobile_view_page_ionic3.mustache'
-          PHPDOC_IGNORE_PATHS: 'jwt'
 
       - name: PHP Lint
         if: ${{ always() }}

README.md

@@ -39,12 +39,6 @@ Optional functionality can be enabled by granting additional scopes:
     - webinar:read:admin
     - webinar:write:admin
 
-### JWT
-JWT will be deprecated in June 2023. To create an account-level JWT app the 'JWT' permission is
-required.
-
-You will need to [create a JWT app](https://developers.zoom.us/docs/platform/build/jwt-app/) and that will generate the API key and secret.
-
 ## Installation
 
 1. [Install plugin](https://docs.moodle.org/en/Installing_plugins#Installing_a_plugin) to the /mod/zoom folder in Moodle.
@@ -54,13 +48,6 @@ You will need to [create a JWT app](https://developers.zoom.us/docs/platform/bui
 - Zoom client ID (mod_zoom | clientid)
 - Zoom client secret (mod_zoom | clientsecret)
 
-JWT will be deprecated in June 2023. For a JWT app, you need to set the following settings to enable the plugin:
-
-- Zoom API key (mod_zoom | apikey)
-- Zoom API secret (mod_zoom | apisecret)
-
-Please note that the API key and secret are not the same as the LTI key/secret.
-
 If you get "Access token is expired" errors, make sure the date/time on your
 server is properly synchronized with the time servers.
 

classes/webservice.php

@@ -27,21 +27,6 @@
 require_once($CFG->dirroot . '/mod/zoom/locallib.php');
 require_once($CFG->libdir . '/filelib.php');
 
-// Some plugins already might include this library, like mod_bigbluebuttonbn.
-// Hacky, but need to create list of plugins that might have JWT library.
-// NOTE: Remove file_exists checks and the JWT library in mod when versions prior to Moodle 3.7 is no longer supported.
-if (!class_exists('Firebase\JWT\JWT')) {
-    if (file_exists($CFG->libdir . '/php-jwt/src/JWT.php')) {
-        require_once($CFG->libdir . '/php-jwt/src/JWT.php');
-    } else {
-        if (file_exists($CFG->dirroot . '/mod/bigbluebuttonbn/vendor/firebase/php-jwt/src/JWT.php')) {
-            require_once($CFG->dirroot . '/mod/bigbluebuttonbn/vendor/firebase/php-jwt/src/JWT.php');
-        } else {
-            require_once($CFG->dirroot . '/mod/zoom/jwt/JWT.php');
-        }
-    }
-}
-
 /**
  * Web service class.
  */
@@ -85,18 +70,6 @@ class mod_zoom_webservice {
      */
     protected $accountid;
 
-    /**
-     * API key
-     * @var string
-     */
-    protected $apikey;
-
-    /**
-     * API secret
-     * @var string
-     */
-    protected $apisecret;
-
     /**
      * API base URL.
      * @var string
@@ -146,14 +119,6 @@ public function __construct() {
             'accountid',
         ];
 
-        // TODO: Remove when JWT is no longer supported in June 2023.
-        if (empty($config->clientid) || empty($config->clientsecret) || empty($config->accountid)) {
-            $requiredfields = [
-                'apikey',
-                'apisecret',
-            ];
-        }
-
         try {
             // Get and remember each required field.
             foreach ($requiredfields as $requiredfield) {
@@ -256,16 +221,7 @@ private function make_call($path, $data = [], $method = 'get') {
         $url = $this->apiurl . $path;
         $method = strtolower($method);
 
-        // TODO: Remove JWT auth when deprecated in June 2023.
-        if (isset($this->clientid) && isset($this->clientsecret) && isset($this->accountid)) {
-            $token = $this->get_access_token();
-        } else {
-            $payload = [
-                'iss' => $this->apikey,
-                'exp' => time() + 40,
-            ];
-            $token = \Firebase\JWT\JWT::encode($payload, $this->apisecret, 'HS256');
-        }
+        $token = $this->get_access_token();
 
         $curl = $this->get_curl_object();
         $curl->setHeader('Authorization: Bearer ' . $token);