innocampus · daniil-berg · Oct 17, 2024 · Sep 5, 2024 · Sep 12, 2024 · Sep 19, 2024
diff --git a/README.md b/README.md
@@ -4,24 +4,27 @@ Moodle availability plugin which lets users restrict activities and sections wit
 
 ## Requirements
 
-This plugin requires Moodle 4.4+.
+This plugin requires at least Moodle `4.4`.
 
 ## Installation
 
-Install the plugin by copying the code to
-availability/condition/shibboleth2fa/.
+Install the plugin by copying the code to `availability/condition/shibboleth2fa`.
 
 Example:
 
-    git clone https://github.com/innocampus/moodle-availability_shibboleth2fa.git availability/condition/shibboleth2fa
+```shell
+git clone \
+    https://github.com/innocampus/moodle-availability_shibboleth2fa.git \
+    availability/condition/shibboleth2fa
+```
 
-Shibboleth needs to be configured to protect availability/condition/shibboleth2fa/auth.php in order for this plugin to work.
+Shibboleth needs to be configured to protect `availability/condition/shibboleth2fa/auth.php` in order for this plugin to work.
 
 ## Shibboleth and Apache Example Configuration
 
-shibboleth2.xml:
+#### shibboleth2.xml
 
-```
+```xml
 <SPConfig ...>
     <RequestMapper type="Native">
         <RequestMap>
@@ -41,11 +44,11 @@ shibboleth2.xml:
 ```
 
 [More information here.](https://wiki.cac.washington.edu/display/infra/Configure+a+Service+Provider+for+Step-up+Two-Factor+Authentication)
-You need to specify the entityID if you want to have a Single Logout.
+You need to specify the `entityID` if you want to have a Single Logout.
 
-Apache:
+#### Apache
 
-```
+```apacheconf
 <Location /availability/condition/shibboleth2fa/auth.php>
     AuthType shibboleth
     ShibRequestSetting requireSession 1
@@ -59,9 +62,13 @@ Apache:
 
 ## Usage
 
-After installation, teachers can select "2FA" from the list of access restrictions when configuring an activity or section.
+#### Access restriction
+
+After installation, teachers can select "**2FA**" from the list of access restrictions when configuring an activity or section.
 Students will then be required to authenticate with shibboleth in order to access the resource.
-After successfully authenticating once, students can access *any resource* protected by 2FA on your moodle site *until they log out*.
+After successfully authenticating once, students can access _any resource_ protected by 2FA on your Moodle site _until they log out_.
+
+#### Exceptions
 
-Teachers can add course-wide exceptions for individual users by clicking "manage exceptions" on a protected resource.
-Users with exception will never be required to authenticate using 2FA for any protected resource in that course.
+Teachers can add course-wide exceptions for individual users by clicking "**manage exceptions**" on a protected resource.
+Users with an exception will never be required to authenticate using 2FA for any protected resource _in that course_.
diff --git a/auth.php b/auth.php
@@ -15,23 +15,34 @@
 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
 
 /**
- * @package    availability_shibboleth2fa
- * @copyright  2021 Lars Bonczek, innoCampus, TU Berlin
- * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ * Calls Shibboleth authentication.
+ *
+ * @package      availability_shibboleth2fa
+ * @copyright    2021 Lars Bonczek, innoCampus, TU Berlin
+ * @license      http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
+ *
+ * {@noinspection PhpUnhandledExceptionInspection}
  */
 
+use availability_shibboleth2fa\condition;
+
 require(__DIR__ . '/../../../config.php');
-global $PAGE, $OUTPUT, $USER;
+
+global $OUTPUT, $PAGE, $USER;
 
 $courseid = required_param('id', PARAM_INT);
 $cmid = optional_param('cmid', null, PARAM_INT);
 $sectionid = optional_param('sectionid', null, PARAM_INT);
 
 $course = get_course($courseid);
 
-$url = new moodle_url('/availability/condition/shibboleth2fa/auth.php', array('id' => $courseid));
-if ($cmid) $url->param('cmid', $cmid);
-if ($sectionid) $url->param('sectionid', $sectionid);
+$url = new moodle_url('/availability/condition/shibboleth2fa/auth.php', ['id' => $courseid]);
+if ($cmid) {
+    $url->param('cmid', $cmid);
+}
+if ($sectionid) {
+    $url->param('sectionid', $sectionid);
+}
 $PAGE->set_url($url);
 
 require_login($course, false);
@@ -61,7 +72,7 @@
 if ($username) {
     if (strtolower($username) == strtolower($USER->username)) {
         // User authenticated successfully.
-        \availability_shibboleth2fa\condition::set_authenticated();
+        condition::set_authenticated();
     } else {
         // Wrong user authenticated.
         $errormsg = get_string('login_failed_wrong_user', 'availability_shibboleth2fa');
@@ -71,9 +82,13 @@
     $errormsg = get_string('login_failed', 'availability_shibboleth2fa');
 }
 
-$redirecturl = new \moodle_url('/availability/condition/shibboleth2fa/index.php', array('id' => $courseid));
-if ($cmid) $redirecturl->param('cmid', $cmid);
-if ($sectionid) $redirecturl->param('sectionid', $sectionid);
+$redirecturl = new moodle_url('/availability/condition/shibboleth2fa/index.php', ['id' => $courseid]);
+if ($cmid) {
+    $redirecturl->param('cmid', $cmid);
+}
+if ($sectionid) {
+    $redirecturl->param('sectionid', $sectionid);
+}
 
 if ($errormsg) {
     // Display error before redirecting.
@@ -85,4 +100,4 @@
     echo $OUTPUT->footer();
 } else {
     redirect($redirecturl);
-}
+}