MediaWiki  1.33.0
MediaWiki\Auth\PreAuthenticationProvider Interface Reference

A pre-authentication provider can prevent authentication early on. More...

Inheritance diagram for MediaWiki\Auth\PreAuthenticationProvider:
Collaboration diagram for MediaWiki\Auth\PreAuthenticationProvider:

Public Member Functions

 postAccountCreation ( $user, $creator, AuthenticationResponse $response)
 Post-creation callback. More...
 
 postAccountLink ( $user, AuthenticationResponse $response)
 Post-link callback. More...
 
 postAuthentication ( $user, AuthenticationResponse $response)
 Post-login callback. More...
 
 testForAccountCreation ( $user, $creator, array $reqs)
 Determine whether an account creation may begin. More...
 
 testForAccountLink ( $user)
 Determine whether an account may linked to another authentication method. More...
 
 testForAuthentication (array $reqs)
 Determine whether an authentication may begin. More...
 
 testUserForCreation ( $user, $autocreate, array $options=[])
 Determine whether an account may be created. More...
 
- Public Member Functions inherited from MediaWiki\Auth\AuthenticationProvider
 getAuthenticationRequests ( $action, array $options)
 Return the applicable list of AuthenticationRequests. More...
 
 getUniqueId ()
 Return a unique identifier for this instance. More...
 
 setConfig (Config $config)
 Set configuration. More...
 
 setManager (AuthManager $manager)
 Set AuthManager. More...
 

Detailed Description

A pre-authentication provider can prevent authentication early on.

A PreAuthenticationProvider is used to supply arbitrary checks to be performed before the PrimaryAuthenticationProviders are consulted during the login / account creation / account linking process. Possible uses include checking that a per-IP throttle has not been reached or that a captcha has been solved.

This interface also provides callbacks that are invoked after login / account creation / account linking succeeded or failed.

Since
1.27
See also
https://www.mediawiki.org/wiki/Manual:SessionManager_and_AuthManager

Definition at line 44 of file PreAuthenticationProvider.php.

Member Function Documentation

◆ postAccountCreation()

MediaWiki\Auth\PreAuthenticationProvider::postAccountCreation (   $user,
  $creator,
AuthenticationResponse  $response 
)

Post-creation callback.

This will be called at the end of an account creation attempt. It will not be called if the account creation process results in a session timeout (possibly after a successful user creation, while a secondary provider is waiting for a response).

Parameters
User$userUser that was attempted to be created. This may become a "UserValue" in the future, or User may be refactored into such.
User$creatorUser doing the creation. This may become a "UserValue" in the future, or User may be refactored into such.
AuthenticationResponse$responseAuthentication response that will be returned (PASS or FAIL)

Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider.

◆ postAccountLink()

MediaWiki\Auth\PreAuthenticationProvider::postAccountLink (   $user,
AuthenticationResponse  $response 
)

Post-link callback.

This will be called at the end of an account linking attempt.

Parameters
User$userUser that was attempted to be linked. This may become a "UserValue" in the future, or User may be refactored into such.
AuthenticationResponse$responseAuthentication response that will be returned (PASS or FAIL)

Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider.

◆ postAuthentication()

MediaWiki\Auth\PreAuthenticationProvider::postAuthentication (   $user,
AuthenticationResponse  $response 
)

Post-login callback.

This will be called at the end of a login attempt. It will not be called for unfinished login attempts that fail by the session timing out.

Note
Under certain circumstances, this can be called even when testForAuthentication was not; see AuthenticationRequest::$loginRequest.
Parameters
User | null$userUser that was attempted to be logged in, if known. This may become a "UserValue" in the future, or User may be refactored into such.
AuthenticationResponse$responseAuthentication response that will be returned (PASS or FAIL)

Implemented in MediaWiki\Auth\ThrottlePreAuthenticationProvider, CaptchaPreAuthenticationProvider, and MediaWiki\Auth\AbstractPreAuthenticationProvider.

◆ testForAccountCreation()

MediaWiki\Auth\PreAuthenticationProvider::testForAccountCreation (   $user,
  $creator,
array  $reqs 
)

Determine whether an account creation may begin.

Called from AuthManager::beginAccountCreation()

Note
No need to test if the account exists, AuthManager checks that
Parameters
User$userUser being created (not added to the database yet). This may become a "UserValue" in the future, or User may be refactored into such.
User$creatorUser doing the creation. This may become a "UserValue" in the future, or User may be refactored into such.
AuthenticationRequest[]$reqs
Returns
StatusValue

Implemented in MediaWiki\Auth\ThrottlePreAuthenticationProvider, CaptchaPreAuthenticationProvider, MediaWiki\Auth\AbstractPreAuthenticationProvider, TitleBlacklistPreAuthenticationProvider, and SpamBlacklistPreAuthenticationProvider.

◆ testForAccountLink()

MediaWiki\Auth\PreAuthenticationProvider::testForAccountLink (   $user)

Determine whether an account may linked to another authentication method.

Parameters
User$userUser being linked. This may become a "UserValue" in the future, or User may be refactored into such.
Returns
StatusValue

Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider.

◆ testForAuthentication()

MediaWiki\Auth\PreAuthenticationProvider::testForAuthentication ( array  $reqs)

◆ testUserForCreation()

MediaWiki\Auth\PreAuthenticationProvider::testUserForCreation (   $user,
  $autocreate,
array  $options = [] 
)

Determine whether an account may be created.

Parameters
User$userUser being created (not added to the database yet). This may become a "UserValue" in the future, or User may be refactored into such.
bool | string$autocreateFalse if this is not an auto-creation, or the source of the auto-creation passed to AuthManager::autoCreateUser().
array$options
  • flags: (int) Bitfield of User:READ_* constants, default User::READ_NORMAL
  • creating: (bool) If false (or missing), this call is only testing if a user could be created. If set, this (non-autocreation) is for actually creating an account and will be followed by a call to testForAccountCreation(). In this case, the provider might return StatusValue::newGood() here and let the later call to testForAccountCreation() do a more thorough test.
Returns
StatusValue

Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider, and TitleBlacklistPreAuthenticationProvider.


The documentation for this interface was generated from the following file: