Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 27 |
|
0.00% |
0 / 13 |
CRAP | |
0.00% |
0 / 1 |
OATHUser | |
0.00% |
0 / 27 |
|
0.00% |
0 / 13 |
306 | |
0.00% |
0 / 1 |
__construct | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
getUser | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getCentralId | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getIssuer | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
getAccount | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getKeys | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
setKeys | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
addKey | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
getModule | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
setModule | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
isTwoFactorAuthEnabled | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
disable | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
checkKeyTypeCorrect | |
0.00% |
0 / 8 |
|
0.00% |
0 / 1 |
12 |
1 | <?php |
2 | /** |
3 | * This program is free software; you can redistribute it and/or modify |
4 | * it under the terms of the GNU General Public License as published by |
5 | * the Free Software Foundation; either version 2 of the License, or |
6 | * (at your option) any later version. |
7 | * |
8 | * This program is distributed in the hope that it will be useful, |
9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
11 | * GNU General Public License for more details. |
12 | * |
13 | * You should have received a copy of the GNU General Public License along |
14 | * with this program; if not, write to the Free Software Foundation, Inc., |
15 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
16 | * http://www.gnu.org/copyleft/gpl.html |
17 | */ |
18 | |
19 | namespace MediaWiki\Extension\OATHAuth; |
20 | |
21 | use InvalidArgumentException; |
22 | use MediaWiki\User\User; |
23 | use ReflectionClass; |
24 | |
25 | /** |
26 | * Class representing a user from OATH's perspective |
27 | * |
28 | * @ingroup Extensions |
29 | */ |
30 | class OATHUser { |
31 | private User $user; |
32 | private int $centralId; |
33 | |
34 | /** @var IAuthKey[] */ |
35 | private array $keys = []; |
36 | private ?IModule $module = null; |
37 | |
38 | /** |
39 | * Constructor. Can't be called directly. Use OATHUserRepository::findByUser instead. |
40 | * @param User $user |
41 | * @param int $centralId |
42 | */ |
43 | public function __construct( User $user, int $centralId ) { |
44 | $this->user = $user; |
45 | $this->centralId = $centralId; |
46 | } |
47 | |
48 | /** |
49 | * @return User |
50 | */ |
51 | public function getUser(): User { |
52 | return $this->user; |
53 | } |
54 | |
55 | /** |
56 | * @return int The central ID of this user |
57 | */ |
58 | public function getCentralId(): int { |
59 | return $this->centralId; |
60 | } |
61 | |
62 | /** |
63 | * @return string |
64 | */ |
65 | public function getIssuer() { |
66 | global $wgSitename, $wgOATHAuthAccountPrefix; |
67 | |
68 | if ( $wgOATHAuthAccountPrefix !== false ) { |
69 | return $wgOATHAuthAccountPrefix; |
70 | } |
71 | return $wgSitename; |
72 | } |
73 | |
74 | /** |
75 | * @return string |
76 | */ |
77 | public function getAccount() { |
78 | return $this->user->getName(); |
79 | } |
80 | |
81 | /** |
82 | * Get the key associated with this user. |
83 | * |
84 | * @return IAuthKey[] |
85 | */ |
86 | public function getKeys(): array { |
87 | return $this->keys; |
88 | } |
89 | |
90 | /** |
91 | * Set the key associated with this user. |
92 | * |
93 | * @param IAuthKey[] $keys |
94 | */ |
95 | public function setKeys( array $keys = [] ) { |
96 | $this->keys = []; |
97 | foreach ( $keys as $key ) { |
98 | $this->addKey( $key ); |
99 | } |
100 | } |
101 | |
102 | /** |
103 | * Adds single key to the key array |
104 | * |
105 | * @param IAuthKey $key |
106 | */ |
107 | public function addKey( IAuthKey $key ) { |
108 | $this->checkKeyTypeCorrect( $key ); |
109 | $this->keys[] = $key; |
110 | } |
111 | |
112 | /** |
113 | * Gets the module instance associated with this user |
114 | * |
115 | * @return IModule|null |
116 | */ |
117 | public function getModule() { |
118 | return $this->module; |
119 | } |
120 | |
121 | /** |
122 | * Sets the module instance associated with this user |
123 | * |
124 | * @param IModule|null $module |
125 | */ |
126 | public function setModule( IModule $module = null ) { |
127 | $this->module = $module; |
128 | } |
129 | |
130 | /** |
131 | * @return bool Whether this user has two-factor authentication enabled or not |
132 | */ |
133 | public function isTwoFactorAuthEnabled(): bool { |
134 | return count( $this->getKeys() ) >= 1; |
135 | } |
136 | |
137 | /** |
138 | * Disables current (if any) auth method |
139 | */ |
140 | public function disable() { |
141 | $this->keys = []; |
142 | $this->module = null; |
143 | } |
144 | |
145 | /** |
146 | * All keys set for the user must be of the same type |
147 | * @param IAuthKey $key |
148 | */ |
149 | private function checkKeyTypeCorrect( IAuthKey $key ): void { |
150 | $newKeyClass = get_class( $key ); |
151 | foreach ( $this->keys as $keyToTest ) { |
152 | if ( get_class( $keyToTest ) !== $newKeyClass ) { |
153 | $first = ( new ReflectionClass( $keyToTest ) )->getShortName(); |
154 | $second = ( new ReflectionClass( $key ) )->getShortName(); |
155 | |
156 | throw new InvalidArgumentException( |
157 | "User already has a key from a different two-factor module enabled ($first !== $second)" |
158 | ); |
159 | } |
160 | } |
161 | } |
162 | } |