Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 27 |
|
0.00% |
0 / 13 |
CRAP | |
0.00% |
0 / 1 |
OATHUser | |
0.00% |
0 / 27 |
|
0.00% |
0 / 13 |
306 | |
0.00% |
0 / 1 |
__construct | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
getUser | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getCentralId | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getIssuer | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
getAccount | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getKeys | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
setKeys | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
6 | |||
addKey | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
getModule | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
setModule | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
isTwoFactorAuthEnabled | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
disable | |
0.00% |
0 / 2 |
|
0.00% |
0 / 1 |
2 | |||
checkKeyTypeCorrect | |
0.00% |
0 / 8 |
|
0.00% |
0 / 1 |
12 |
1 | <?php |
2 | /** |
3 | * This program is free software; you can redistribute it and/or modify |
4 | * it under the terms of the GNU General Public License as published by |
5 | * the Free Software Foundation; either version 2 of the License, or |
6 | * (at your option) any later version. |
7 | * |
8 | * This program is distributed in the hope that it will be useful, |
9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
11 | * GNU General Public License for more details. |
12 | * |
13 | * You should have received a copy of the GNU General Public License along |
14 | * with this program; if not, write to the Free Software Foundation, Inc., |
15 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
16 | * http://www.gnu.org/copyleft/gpl.html |
17 | */ |
18 | |
19 | namespace MediaWiki\Extension\OATHAuth; |
20 | |
21 | use InvalidArgumentException; |
22 | use MediaWiki\User\UserIdentity; |
23 | use ReflectionClass; |
24 | |
25 | /** |
26 | * Class representing a user from OATH's perspective |
27 | * |
28 | * @ingroup Extensions |
29 | */ |
30 | class OATHUser { |
31 | private UserIdentity $user; |
32 | private int $centralId; |
33 | |
34 | /** @var IAuthKey[] */ |
35 | private array $keys = []; |
36 | private ?IModule $module = null; |
37 | |
38 | /** |
39 | * Constructor. Can't be called directly. Use OATHUserRepository::findByUser instead. |
40 | * @param UserIdentity $user |
41 | * @param int $centralId |
42 | */ |
43 | public function __construct( UserIdentity $user, int $centralId ) { |
44 | $this->user = $user; |
45 | $this->centralId = $centralId; |
46 | } |
47 | |
48 | public function getUser(): UserIdentity { |
49 | return $this->user; |
50 | } |
51 | |
52 | /** |
53 | * @return int The central ID of this user |
54 | */ |
55 | public function getCentralId(): int { |
56 | return $this->centralId; |
57 | } |
58 | |
59 | /** |
60 | * @return string |
61 | */ |
62 | public function getIssuer() { |
63 | global $wgSitename, $wgOATHAuthAccountPrefix; |
64 | |
65 | if ( $wgOATHAuthAccountPrefix !== false ) { |
66 | return $wgOATHAuthAccountPrefix; |
67 | } |
68 | return $wgSitename; |
69 | } |
70 | |
71 | /** |
72 | * @return string |
73 | */ |
74 | public function getAccount() { |
75 | return $this->user->getName(); |
76 | } |
77 | |
78 | /** |
79 | * Get the key associated with this user. |
80 | * |
81 | * @return IAuthKey[] |
82 | */ |
83 | public function getKeys(): array { |
84 | return $this->keys; |
85 | } |
86 | |
87 | /** |
88 | * Set the key associated with this user. |
89 | * |
90 | * @param IAuthKey[] $keys |
91 | */ |
92 | public function setKeys( array $keys = [] ) { |
93 | $this->keys = []; |
94 | foreach ( $keys as $key ) { |
95 | $this->addKey( $key ); |
96 | } |
97 | } |
98 | |
99 | /** |
100 | * Adds single key to the key array |
101 | * |
102 | * @param IAuthKey $key |
103 | */ |
104 | public function addKey( IAuthKey $key ) { |
105 | $this->checkKeyTypeCorrect( $key ); |
106 | $this->keys[] = $key; |
107 | } |
108 | |
109 | /** |
110 | * Gets the module instance associated with this user |
111 | * |
112 | * @return IModule|null |
113 | */ |
114 | public function getModule() { |
115 | return $this->module; |
116 | } |
117 | |
118 | /** |
119 | * Sets the module instance associated with this user |
120 | * |
121 | * @param IModule|null $module |
122 | */ |
123 | public function setModule( ?IModule $module = null ) { |
124 | $this->module = $module; |
125 | } |
126 | |
127 | /** |
128 | * @return bool Whether this user has two-factor authentication enabled or not |
129 | */ |
130 | public function isTwoFactorAuthEnabled(): bool { |
131 | return count( $this->getKeys() ) >= 1; |
132 | } |
133 | |
134 | /** |
135 | * Disables current (if any) auth method |
136 | */ |
137 | public function disable() { |
138 | $this->keys = []; |
139 | $this->module = null; |
140 | } |
141 | |
142 | /** |
143 | * All keys set for the user must be of the same type |
144 | * @param IAuthKey $key |
145 | */ |
146 | private function checkKeyTypeCorrect( IAuthKey $key ): void { |
147 | $newKeyClass = get_class( $key ); |
148 | foreach ( $this->keys as $keyToTest ) { |
149 | if ( get_class( $keyToTest ) !== $newKeyClass ) { |
150 | $first = ( new ReflectionClass( $keyToTest ) )->getShortName(); |
151 | $second = ( new ReflectionClass( $key ) )->getShortName(); |
152 | |
153 | throw new InvalidArgumentException( |
154 | "User already has a key from a different two-factor module enabled ($first !== $second)" |
155 | ); |
156 | } |
157 | } |
158 | } |
159 | } |