MediaWiki  1.27.2
LocalPasswordPrimaryAuthenticationProviderTest.php
Go to the documentation of this file.
1 <?php
2 
3 namespace MediaWiki\Auth;
4 
10 class LocalPasswordPrimaryAuthenticationProviderTest extends \MediaWikiTestCase {
11 
12  private $manager = null;
13  private $config = null;
14  private $validity = null;
15 
25  protected function getProvider( $loginOnly = false ) {
26  if ( !$this->config ) {
27  $this->config = new \HashConfig();
28  }
29  $config = new \MultiConfig( [
30  $this->config,
31  \ConfigFactory::getDefaultInstance()->makeConfig( 'main' )
32  ] );
33 
34  if ( !$this->manager ) {
35  $this->manager = new AuthManager( new \FauxRequest(), $config );
36  }
37  $this->validity = \Status::newGood();
38 
39  $provider = $this->getMock(
40  LocalPasswordPrimaryAuthenticationProvider::class,
41  [ 'checkPasswordValidity' ],
42  [ [ 'loginOnly' => $loginOnly ] ]
43  );
44  $provider->expects( $this->any() )->method( 'checkPasswordValidity' )
45  ->will( $this->returnCallback( function () {
46  return $this->validity;
47  } ) );
48  $provider->setConfig( $config );
49  $provider->setLogger( new \Psr\Log\NullLogger() );
50  $provider->setManager( $this->manager );
51 
52  return $provider;
53  }
54 
55  public function testBasics() {
56  $provider = new LocalPasswordPrimaryAuthenticationProvider();
57 
58  $this->assertSame(
59  PrimaryAuthenticationProvider::TYPE_CREATE,
60  $provider->accountCreationType()
61  );
62 
63  $this->assertTrue( $provider->testUserExists( 'UTSysop' ) );
64  $this->assertTrue( $provider->testUserExists( 'uTSysop' ) );
65  $this->assertFalse( $provider->testUserExists( 'DoesNotExist' ) );
66  $this->assertFalse( $provider->testUserExists( '<invalid>' ) );
67 
68  $provider = new LocalPasswordPrimaryAuthenticationProvider( [ 'loginOnly' => true ] );
69 
70  $this->assertSame(
71  PrimaryAuthenticationProvider::TYPE_NONE,
72  $provider->accountCreationType()
73  );
74 
75  $this->assertTrue( $provider->testUserExists( 'UTSysop' ) );
76  $this->assertFalse( $provider->testUserExists( 'DoesNotExist' ) );
77 
78  $req = new PasswordAuthenticationRequest;
79  $req->action = AuthManager::ACTION_CHANGE;
80  $req->username = '<invalid>';
81  $provider->providerChangeAuthenticationData( $req );
82  }
83 
84  public function testTestUserCanAuthenticate() {
85  $dbw = wfGetDB( DB_MASTER );
86  $oldHash = $dbw->selectField( 'user', 'user_password', [ 'user_name' => 'UTSysop' ] );
87  $cb = new \ScopedCallback( function () use ( $dbw, $oldHash ) {
88  $dbw->update( 'user', [ 'user_password' => $oldHash ], [ 'user_name' => 'UTSysop' ] );
89  } );
90  $id = \User::idFromName( 'UTSysop' );
91 
92  $provider = $this->getProvider();
93 
94  $this->assertFalse( $provider->testUserCanAuthenticate( '<invalid>' ) );
95 
96  $this->assertFalse( $provider->testUserCanAuthenticate( 'DoesNotExist' ) );
97 
98  $this->assertTrue( $provider->testUserCanAuthenticate( 'UTSysop' ) );
99  $this->assertTrue( $provider->testUserCanAuthenticate( 'uTSysop' ) );
100 
101  $dbw->update(
102  'user',
103  [ 'user_password' => \PasswordFactory::newInvalidPassword()->toString() ],
104  [ 'user_name' => 'UTSysop' ]
105  );
106  $this->assertFalse( $provider->testUserCanAuthenticate( 'UTSysop' ) );
107 
108  // Really old format
109  $dbw->update(
110  'user',
111  [ 'user_password' => '0123456789abcdef0123456789abcdef' ],
112  [ 'user_name' => 'UTSysop' ]
113  );
114  $this->assertTrue( $provider->testUserCanAuthenticate( 'UTSysop' ) );
115  }
116 
117  public function testSetPasswordResetFlag() {
118  // Set instance vars
119  $this->getProvider();
120 
122  $this->setMwGlobals( [ 'wgPasswordExpireGrace' => 100 ] );
123 
124  $this->config->set( 'PasswordExpireGrace', 100 );
125  $this->config->set( 'InvalidPasswordReset', true );
126 
127  $provider = new LocalPasswordPrimaryAuthenticationProvider();
128  $provider->setConfig( $this->config );
129  $provider->setLogger( new \Psr\Log\NullLogger() );
130  $provider->setManager( $this->manager );
131  $providerPriv = \TestingAccessWrapper::newFromObject( $provider );
132 
133  $dbw = wfGetDB( DB_MASTER );
134  $row = $dbw->selectRow(
135  'user',
136  '*',
137  [ 'user_name' => 'UTSysop' ],
138  __METHOD__
139  );
140 
141  $this->manager->removeAuthenticationSessionData( null );
142  $row->user_password_expires = wfTimestamp( TS_MW, time() + 200 );
143  $providerPriv->setPasswordResetFlag( 'UTSysop', \Status::newGood(), $row );
144  $this->assertNull( $this->manager->getAuthenticationSessionData( 'reset-pass' ) );
145 
146  $this->manager->removeAuthenticationSessionData( null );
147  $row->user_password_expires = wfTimestamp( TS_MW, time() - 200 );
148  $providerPriv->setPasswordResetFlag( 'UTSysop', \Status::newGood(), $row );
149  $ret = $this->manager->getAuthenticationSessionData( 'reset-pass' );
150  $this->assertNotNull( $ret );
151  $this->assertSame( 'resetpass-expired', $ret->msg->getKey() );
152  $this->assertTrue( $ret->hard );
153 
154  $this->manager->removeAuthenticationSessionData( null );
155  $row->user_password_expires = wfTimestamp( TS_MW, time() - 1 );
156  $providerPriv->setPasswordResetFlag( 'UTSysop', \Status::newGood(), $row );
157  $ret = $this->manager->getAuthenticationSessionData( 'reset-pass' );
158  $this->assertNotNull( $ret );
159  $this->assertSame( 'resetpass-expired-soft', $ret->msg->getKey() );
160  $this->assertFalse( $ret->hard );
161 
162  $this->manager->removeAuthenticationSessionData( null );
163  $row->user_password_expires = null;
164  $status = \Status::newGood();
165  $status->error( 'testing' );
166  $providerPriv->setPasswordResetFlag( 'UTSysop', $status, $row );
167  $ret = $this->manager->getAuthenticationSessionData( 'reset-pass' );
168  $this->assertNotNull( $ret );
169  $this->assertSame( 'resetpass-validity-soft', $ret->msg->getKey() );
170  $this->assertFalse( $ret->hard );
171  }
172 
173  public function testAuthentication() {
174  $dbw = wfGetDB( DB_MASTER );
175  $oldHash = $dbw->selectField( 'user', 'user_password', [ 'user_name' => 'UTSysop' ] );
176  $cb = new \ScopedCallback( function () use ( $dbw, $oldHash ) {
177  $dbw->update( 'user', [ 'user_password' => $oldHash ], [ 'user_name' => 'UTSysop' ] );
178  } );
179  $id = \User::idFromName( 'UTSysop' );
180 
181  $req = new PasswordAuthenticationRequest();
182  $req->action = AuthManager::ACTION_LOGIN;
183  $reqs = [ PasswordAuthenticationRequest::class => $req ];
184 
185  $provider = $this->getProvider();
186 
187  // General failures
188  $this->assertEquals(
189  AuthenticationResponse::newAbstain(),
190  $provider->beginPrimaryAuthentication( [] )
191  );
192 
193  $req->username = 'foo';
194  $req->password = null;
195  $this->assertEquals(
196  AuthenticationResponse::newAbstain(),
197  $provider->beginPrimaryAuthentication( $reqs )
198  );
199 
200  $req->username = null;
201  $req->password = 'bar';
202  $this->assertEquals(
203  AuthenticationResponse::newAbstain(),
204  $provider->beginPrimaryAuthentication( $reqs )
205  );
206 
207  $req->username = '<invalid>';
208  $req->password = 'WhoCares';
209  $ret = $provider->beginPrimaryAuthentication( $reqs );
210  $this->assertEquals(
211  AuthenticationResponse::newAbstain(),
212  $provider->beginPrimaryAuthentication( $reqs )
213  );
214 
215  $req->username = 'DoesNotExist';
216  $req->password = 'DoesNotExist';
217  $ret = $provider->beginPrimaryAuthentication( $reqs );
218  $this->assertEquals(
219  AuthenticationResponse::newAbstain(),
220  $provider->beginPrimaryAuthentication( $reqs )
221  );
222 
223  // Validation failure
224  $req->username = 'UTSysop';
225  $req->password = 'UTSysopPassword';
226  $this->validity = \Status::newFatal( 'arbitrary-failure' );
227  $ret = $provider->beginPrimaryAuthentication( $reqs );
228  $this->assertEquals(
229  AuthenticationResponse::FAIL,
230  $ret->status
231  );
232  $this->assertEquals(
233  'arbitrary-failure',
234  $ret->message->getKey()
235  );
236 
237  // Successful auth
238  $this->manager->removeAuthenticationSessionData( null );
239  $this->validity = \Status::newGood();
240  $this->assertEquals(
241  AuthenticationResponse::newPass( 'UTSysop' ),
242  $provider->beginPrimaryAuthentication( $reqs )
243  );
244  $this->assertNull( $this->manager->getAuthenticationSessionData( 'reset-pass' ) );
245 
246  // Successful auth after normalizing name
247  $this->manager->removeAuthenticationSessionData( null );
248  $this->validity = \Status::newGood();
249  $req->username = 'uTSysop';
250  $this->assertEquals(
251  AuthenticationResponse::newPass( 'UTSysop' ),
252  $provider->beginPrimaryAuthentication( $reqs )
253  );
254  $this->assertNull( $this->manager->getAuthenticationSessionData( 'reset-pass' ) );
255  $req->username = 'UTSysop';
256 
257  // Successful auth with reset
258  $this->manager->removeAuthenticationSessionData( null );
259  $this->validity->error( 'arbitrary-warning' );
260  $this->assertEquals(
261  AuthenticationResponse::newPass( 'UTSysop' ),
262  $provider->beginPrimaryAuthentication( $reqs )
263  );
264  $this->assertNotNull( $this->manager->getAuthenticationSessionData( 'reset-pass' ) );
265 
266  // Wrong password
267  $this->validity = \Status::newGood();
268  $req->password = 'Wrong';
269  $ret = $provider->beginPrimaryAuthentication( $reqs );
270  $this->assertEquals(
271  AuthenticationResponse::FAIL,
272  $ret->status
273  );
274  $this->assertEquals(
275  'wrongpassword',
276  $ret->message->getKey()
277  );
278 
279  // Correct handling of legacy encodings
280  $password = ':B:salt:' . md5( 'salt-' . md5( "\xe1\xe9\xed\xf3\xfa" ) );
281  $dbw->update( 'user', [ 'user_password' => $password ], [ 'user_name' => 'UTSysop' ] );
282  $req->password = 'áéíóú';
283  $ret = $provider->beginPrimaryAuthentication( $reqs );
284  $this->assertEquals(
285  AuthenticationResponse::FAIL,
286  $ret->status
287  );
288  $this->assertEquals(
289  'wrongpassword',
290  $ret->message->getKey()
291  );
292 
293  $this->config->set( 'LegacyEncoding', true );
294  $this->assertEquals(
295  AuthenticationResponse::newPass( 'UTSysop' ),
296  $provider->beginPrimaryAuthentication( $reqs )
297  );
298 
299  $req->password = 'áéíóú Wrong';
300  $ret = $provider->beginPrimaryAuthentication( $reqs );
301  $this->assertEquals(
302  AuthenticationResponse::FAIL,
303  $ret->status
304  );
305  $this->assertEquals(
306  'wrongpassword',
307  $ret->message->getKey()
308  );
309 
310  // Correct handling of really old password hashes
311  $this->config->set( 'PasswordSalt', false );
312  $password = md5( 'FooBar' );
313  $dbw->update( 'user', [ 'user_password' => $password ], [ 'user_name' => 'UTSysop' ] );
314  $req->password = 'FooBar';
315  $this->assertEquals(
316  AuthenticationResponse::newPass( 'UTSysop' ),
317  $provider->beginPrimaryAuthentication( $reqs )
318  );
319 
320  $this->config->set( 'PasswordSalt', true );
321  $password = md5( "$id-" . md5( 'FooBar' ) );
322  $dbw->update( 'user', [ 'user_password' => $password ], [ 'user_name' => 'UTSysop' ] );
323  $req->password = 'FooBar';
324  $this->assertEquals(
325  AuthenticationResponse::newPass( 'UTSysop' ),
326  $provider->beginPrimaryAuthentication( $reqs )
327  );
328 
329  }
330 
339  public function testProviderAllowsAuthenticationDataChange( $type, $user, \Status $validity,
340  \StatusValue $expect1, \StatusValue $expect2
341  ) {
342  if ( $type === PasswordAuthenticationRequest::class ) {
343  $req = new $type();
344  } elseif ( $type === PasswordDomainAuthenticationRequest::class ) {
345  $req = new $type( [] );
346  } else {
347  $req = $this->getMock( $type );
348  }
349  $req->action = AuthManager::ACTION_CHANGE;
350  $req->username = $user;
351  $req->password = 'NewPassword';
352  $req->retype = 'NewPassword';
353 
354  $provider = $this->getProvider();
355  $this->validity = $validity;
356  $this->assertEquals( $expect1, $provider->providerAllowsAuthenticationDataChange( $req, false ) );
357  $this->assertEquals( $expect2, $provider->providerAllowsAuthenticationDataChange( $req, true ) );
358 
359  $req->retype = 'BadRetype';
360  $this->assertEquals(
361  $expect1,
362  $provider->providerAllowsAuthenticationDataChange( $req, false )
363  );
364  $this->assertEquals(
365  $expect2->getValue() === 'ignored' ? $expect2 : \StatusValue::newFatal( 'badretype' ),
366  $provider->providerAllowsAuthenticationDataChange( $req, true )
367  );
368 
369  $provider = $this->getProvider( true );
370  $this->assertEquals(
371  \StatusValue::newGood( 'ignored' ),
372  $provider->providerAllowsAuthenticationDataChange( $req, true ),
373  'loginOnly mode should claim to ignore all changes'
374  );
375  }
376 
377  public static function provideProviderAllowsAuthenticationDataChange() {
378  $err = \StatusValue::newGood();
379  $err->error( 'arbitrary-warning' );
380 
381  return [
382  [ AuthenticationRequest::class, 'UTSysop', \Status::newGood(),
383  \StatusValue::newGood( 'ignored' ), \StatusValue::newGood( 'ignored' ) ],
384  [ PasswordAuthenticationRequest::class, 'UTSysop', \Status::newGood(),
385  \StatusValue::newGood(), \StatusValue::newGood() ],
386  [ PasswordAuthenticationRequest::class, 'uTSysop', \Status::newGood(),
387  \StatusValue::newGood(), \StatusValue::newGood() ],
388  [ PasswordAuthenticationRequest::class, 'UTSysop', \Status::wrap( $err ),
389  \StatusValue::newGood(), $err ],
390  [ PasswordAuthenticationRequest::class, 'UTSysop', \Status::newFatal( 'arbitrary-error' ),
391  \StatusValue::newGood(), \StatusValue::newFatal( 'arbitrary-error' ) ],
392  [ PasswordAuthenticationRequest::class, 'DoesNotExist', \Status::newGood(),
393  \StatusValue::newGood(), \StatusValue::newGood( 'ignored' ) ],
394  [ PasswordDomainAuthenticationRequest::class, 'UTSysop', \Status::newGood(),
395  \StatusValue::newGood( 'ignored' ), \StatusValue::newGood( 'ignored' ) ],
396  ];
397  }
398 
406  public function testProviderChangeAuthenticationData( $user, $type, $loginOnly, $changed ) {
407  $cuser = ucfirst( $user );
408  $oldpass = 'UTSysopPassword';
409  $newpass = 'NewPassword';
410 
411  $dbw = wfGetDB( DB_MASTER );
412  $oldHash = $dbw->selectField( 'user', 'user_password', [ 'user_name' => $cuser ] );
413  $oldExpiry = $dbw->selectField( 'user', 'user_password_expires', [ 'user_name' => $cuser ] );
414  $cb = new \ScopedCallback( function () use ( $dbw, $cuser, $oldHash, $oldExpiry ) {
415  $dbw->update(
416  'user',
417  [
418  'user_password' => $oldHash,
419  'user_password_expires' => $oldExpiry,
420  ],
421  [ 'user_name' => $cuser ]
422  );
423  } );
424 
425  $this->mergeMwGlobalArrayValue( 'wgHooks', [
426  'ResetPasswordExpiration' => [ function ( $user, &$expires ) {
427  $expires = '30001231235959';
428  } ]
429  ] );
430 
431  $provider = $this->getProvider( $loginOnly );
432 
433  // Sanity check
434  $loginReq = new PasswordAuthenticationRequest();
435  $loginReq->action = AuthManager::ACTION_LOGIN;
436  $loginReq->username = $user;
437  $loginReq->password = $oldpass;
438  $loginReqs = [ PasswordAuthenticationRequest::class => $loginReq ];
439  $this->assertEquals(
440  AuthenticationResponse::newPass( $cuser ),
441  $provider->beginPrimaryAuthentication( $loginReqs ),
442  'Sanity check'
443  );
444 
445  if ( $type === PasswordAuthenticationRequest::class ) {
446  $changeReq = new $type();
447  } else {
448  $changeReq = $this->getMock( $type );
449  }
450  $changeReq->action = AuthManager::ACTION_CHANGE;
451  $changeReq->username = $user;
452  $changeReq->password = $newpass;
453  $provider->providerChangeAuthenticationData( $changeReq );
454 
455  if ( $loginOnly ) {
456  $old = 'fail';
457  $new = 'fail';
458  $expectExpiry = null;
459  } elseif ( $changed ) {
460  $old = 'fail';
461  $new = 'pass';
462  $expectExpiry = '30001231235959';
463  } else {
464  $old = 'pass';
465  $new = 'fail';
466  $expectExpiry = $oldExpiry;
467  }
468 
469  $loginReq->password = $oldpass;
470  $ret = $provider->beginPrimaryAuthentication( $loginReqs );
471  if ( $old === 'pass' ) {
472  $this->assertEquals(
473  AuthenticationResponse::newPass( $cuser ),
474  $ret,
475  'old password should pass'
476  );
477  } else {
478  $this->assertEquals(
479  AuthenticationResponse::FAIL,
480  $ret->status,
481  'old password should fail'
482  );
483  $this->assertEquals(
484  'wrongpassword',
485  $ret->message->getKey(),
486  'old password should fail'
487  );
488  }
489 
490  $loginReq->password = $newpass;
491  $ret = $provider->beginPrimaryAuthentication( $loginReqs );
492  if ( $new === 'pass' ) {
493  $this->assertEquals(
494  AuthenticationResponse::newPass( $cuser ),
495  $ret,
496  'new password should pass'
497  );
498  } else {
499  $this->assertEquals(
500  AuthenticationResponse::FAIL,
501  $ret->status,
502  'new password should fail'
503  );
504  $this->assertEquals(
505  'wrongpassword',
506  $ret->message->getKey(),
507  'new password should fail'
508  );
509  }
510 
511  $this->assertSame(
512  $expectExpiry,
513  $dbw->selectField( 'user', 'user_password_expires', [ 'user_name' => $cuser ] )
514  );
515  }
516 
517  public static function provideProviderChangeAuthenticationData() {
518  return [
519  [ 'UTSysop', AuthenticationRequest::class, false, false ],
520  [ 'UTSysop', PasswordAuthenticationRequest::class, false, true ],
521  [ 'UTSysop', AuthenticationRequest::class, true, false ],
522  [ 'UTSysop', PasswordAuthenticationRequest::class, true, true ],
523  [ 'uTSysop', PasswordAuthenticationRequest::class, false, true ],
524  [ 'uTSysop', PasswordAuthenticationRequest::class, true, true ],
525  ];
526  }
527 
528  public function testTestForAccountCreation() {
529  $user = \User::newFromName( 'foo' );
530  $req = new PasswordAuthenticationRequest();
531  $req->action = AuthManager::ACTION_CREATE;
532  $req->username = 'Foo';
533  $req->password = 'Bar';
534  $req->retype = 'Bar';
535  $reqs = [ PasswordAuthenticationRequest::class => $req ];
536 
537  $provider = $this->getProvider();
538  $this->assertEquals(
539  \StatusValue::newGood(),
540  $provider->testForAccountCreation( $user, $user, [] ),
541  'No password request'
542  );
543 
544  $this->assertEquals(
545  \StatusValue::newGood(),
546  $provider->testForAccountCreation( $user, $user, $reqs ),
547  'Password request, validated'
548  );
549 
550  $req->retype = 'Baz';
551  $this->assertEquals(
552  \StatusValue::newFatal( 'badretype' ),
553  $provider->testForAccountCreation( $user, $user, $reqs ),
554  'Password request, bad retype'
555  );
556  $req->retype = 'Bar';
557 
558  $this->validity->error( 'arbitrary warning' );
559  $expect = \StatusValue::newGood();
560  $expect->error( 'arbitrary warning' );
561  $this->assertEquals(
562  $expect,
563  $provider->testForAccountCreation( $user, $user, $reqs ),
564  'Password request, not validated'
565  );
566 
567  $provider = $this->getProvider( true );
568  $this->validity->error( 'arbitrary warning' );
569  $this->assertEquals(
570  \StatusValue::newGood(),
571  $provider->testForAccountCreation( $user, $user, $reqs ),
572  'Password request, not validated, loginOnly'
573  );
574  }
575 
576  public function testAccountCreation() {
577  $user = \User::newFromName( 'Foo' );
578 
579  $req = new PasswordAuthenticationRequest();
580  $req->action = AuthManager::ACTION_CREATE;
581  $reqs = [ PasswordAuthenticationRequest::class => $req ];
582 
583  $provider = $this->getProvider( true );
584  try {
585  $provider->beginPrimaryAccountCreation( $user, $user, [] );
586  $this->fail( 'Expected exception was not thrown' );
587  } catch ( \BadMethodCallException $ex ) {
588  $this->assertSame(
589  'Shouldn\'t call this when accountCreationType() is NONE', $ex->getMessage()
590  );
591  }
592 
593  try {
594  $provider->finishAccountCreation( $user, $user, AuthenticationResponse::newPass() );
595  $this->fail( 'Expected exception was not thrown' );
596  } catch ( \BadMethodCallException $ex ) {
597  $this->assertSame(
598  'Shouldn\'t call this when accountCreationType() is NONE', $ex->getMessage()
599  );
600  }
601 
602  $provider = $this->getProvider( false );
603 
604  $this->assertEquals(
605  AuthenticationResponse::newAbstain(),
606  $provider->beginPrimaryAccountCreation( $user, $user, [] )
607  );
608 
609  $req->username = 'foo';
610  $req->password = null;
611  $this->assertEquals(
612  AuthenticationResponse::newAbstain(),
613  $provider->beginPrimaryAccountCreation( $user, $user, $reqs )
614  );
615 
616  $req->username = null;
617  $req->password = 'bar';
618  $this->assertEquals(
619  AuthenticationResponse::newAbstain(),
620  $provider->beginPrimaryAccountCreation( $user, $user, $reqs )
621  );
622 
623  $req->username = 'foo';
624  $req->password = 'bar';
625 
626  $expect = AuthenticationResponse::newPass( 'Foo' );
627  $expect->createRequest = clone( $req );
628  $expect->createRequest->username = 'Foo';
629  $this->assertEquals( $expect, $provider->beginPrimaryAccountCreation( $user, $user, $reqs ) );
630 
631  // We have to cheat a bit to avoid having to add a new user to
632  // the database to test the actual setting of the password works right
633  $dbw = wfGetDB( DB_MASTER );
634  $oldHash = $dbw->selectField( 'user', 'user_password', [ 'user_name' => $user ] );
635  $cb = new \ScopedCallback( function () use ( $dbw, $user, $oldHash ) {
636  $dbw->update( 'user', [ 'user_password' => $oldHash ], [ 'user_name' => $user ] );
637  } );
638 
639  $user = \User::newFromName( 'UTSysop' );
640  $req->username = $user->getName();
641  $req->password = 'NewPassword';
642  $expect = AuthenticationResponse::newPass( 'UTSysop' );
643  $expect->createRequest = $req;
644 
645  $res2 = $provider->beginPrimaryAccountCreation( $user, $user, $reqs );
646  $this->assertEquals( $expect, $res2, 'Sanity check' );
647 
648  $ret = $provider->beginPrimaryAuthentication( $reqs );
649  $this->assertEquals( AuthenticationResponse::FAIL, $ret->status, 'sanity check' );
650 
651  $this->assertNull( $provider->finishAccountCreation( $user, $user, $res2 ) );
652  $ret = $provider->beginPrimaryAuthentication( $reqs );
653  $this->assertEquals( AuthenticationResponse::PASS, $ret->status, 'new password is set' );
654 
655  }
656 
657 }
User\newFromName
static newFromName($name, $validate= 'valid')
Static factory method for creation from username.
Definition: User.php:568
MediaWikiTestCase\mergeMwGlobalArrayValue
mergeMwGlobalArrayValue($name, $values)
Merges the given values into a MW global array variable.
Definition: MediaWikiTestCase.php:427
wfGetDB
wfGetDB($db, $groups=[], $wiki=false)
Get a Database object.
Definition: GlobalFunctions.php:3153
Status\wrap
static wrap($sv)
Succinct helper method to wrap a StatusValue.
Definition: Status.php:79
use
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
Definition: APACHE-LICENSE-2.0.txt:3
StatusValue\newFatal
static newFatal($message)
Factory function for fatal errors.
Definition: StatusValue.php:63
$ret
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
Definition: hooks.txt:1798
false
processing should stop and the error should be shown to the user * false
Definition: hooks.txt:189
MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider
A primary authentication provider that uses the password field in the 'user' table.
Definition: LocalPasswordPrimaryAuthenticationProvider.php:31
Status\newFatal
static newFatal($message)
Factory function for fatal errors.
Definition: Status.php:89
wfTimestamp
wfTimestamp($outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
Definition: GlobalFunctions.php:2050
true
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition: hooks.txt:1798
MediaWiki\Auth\AuthenticationResponse\FAIL
const FAIL
Indicates that the authentication failed.
Definition: AuthenticationResponse.php:38
MediaWiki\Auth\AuthManager\ACTION_CHANGE
const ACTION_CHANGE
Change a user's credentials.
Definition: AuthManager.php:60
MediaWiki\Auth\AuthenticationResponse\PASS
const PASS
Indicates that the authentication succeeded.
Definition: AuthenticationResponse.php:35
StatusValue\newGood
static newGood($value=null)
Factory function for good results.
Definition: StatusValue.php:76
MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition: AuthManager.php:43
MediaWiki\Auth\PrimaryAuthenticationProvider\TYPE_NONE
const TYPE_NONE
Provider cannot create or link to accounts.
Definition: PrimaryAuthenticationProvider.php:58
PasswordFactory\newInvalidPassword
static newInvalidPassword()
Create an InvalidPassword.
Definition: PasswordFactory.php:214
$user
please add to it if you re going to add events to the MediaWiki code where normally authentication against an external auth plugin would be creating a local account $user
Definition: hooks.txt:242
MediaWiki\Auth\PasswordAuthenticationRequest
This is a value object for authentication requests with a username and password.
Definition: PasswordAuthenticationRequest.php:29
ConfigFactory\getDefaultInstance
static getDefaultInstance()
Definition: ConfigFactory.php:49
TS_MW
const TS_MW
MediaWiki concatenated string timestamp (YYYYMMDDHHMMSS)
Definition: GlobalFunctions.php:1999
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
$req
this hook is for auditing only $req
Definition: hooks.txt:965
MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProviderTest
AuthManager Database MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider.
Definition: LocalPasswordPrimaryAuthenticationProviderTest.php:10
class
you have access to all of the normal MediaWiki so you can get a DB use the etc For full docs on the Maintenance class
Definition: maintenance.txt:52
User\idFromName
static idFromName($name, $flags=self::READ_NORMAL)
Get database id given a user name.
Definition: User.php:770
$status
this hook is for auditing only RecentChangesLinked and Watchlist RecentChangesLinked and Watchlist e g Watchlist removed from all revisions and log entries to which it was applied This gives extensions a chance to take it off their books as the deletion has already been partly carried out by this point or something similar the user will be unable to create the tag set $status
Definition: hooks.txt:1004
MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProviderTest\testProviderChangeAuthenticationData
testProviderChangeAuthenticationData($user, $type, $loginOnly, $changed)
provideProviderChangeAuthenticationData
Definition: LocalPasswordPrimaryAuthenticationProviderTest.php:406
MediaWiki\Auth\AuthManager\ACTION_CREATE
const ACTION_CREATE
Create a new user.
Definition: AuthManager.php:50
DB_MASTER
const DB_MASTER
Definition: Defines.php:47
TestingAccessWrapper\newFromObject
static newFromObject($object)
Return the same object, without access restrictions.
Definition: TestingAccessWrapper.php:24
MediaWiki\Auth\AuthManager\ACTION_LOGIN
const ACTION_LOGIN
Log in with an existing (not necessarily local) user.
Definition: AuthManager.php:45
MediaWikiTestCase\setMwGlobals
setMwGlobals($pairs, $value=null)
Definition: MediaWikiTestCase.php:360
MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProviderTest\testProviderAllowsAuthenticationDataChange
testProviderAllowsAuthenticationDataChange($type, $user,\Status $validity,\StatusValue $expect1,\StatusValue $expect2)
provideProviderAllowsAuthenticationDataChange
Definition: LocalPasswordPrimaryAuthenticationProviderTest.php:339
$type
do that in ParserLimitReportFormat instead use this to modify the parameters of the image and a DIV can begin in one section and end in another Make sure your code can handle that case gracefully See the EditSectionClearerLink extension for an example zero but section is usually empty its values are the globals values before the output is cached one of or reset my talk my contributions etc etc otherwise the built in rate limiting checks are if enabled allows for interception of redirect as a string mapping parameter names to values & $type
Definition: hooks.txt:2338
Status\newGood
static newGood($value=null)
Factory function for good results.
Definition: Status.php:101