MediaWiki
1.34.0
|
Utility class for bot passwords. More...
Public Member Functions | |
delete () | |
Delete the BotPassword from the database. More... | |
getAppId () | |
Get the app ID. More... | |
getGrants () | |
Get the grants. More... | |
getRestrictions () | |
Get the restrictions. More... | |
getToken () | |
Get the token. More... | |
getUserCentralId () | |
Get the central user ID. More... | |
isInvalid () | |
Whether the password is currently invalid. More... | |
isSaved () | |
Indicate whether this is known to be saved. More... | |
save ( $operation, Password $password=null) | |
Save the BotPassword to the database. More... | |
Static Public Member Functions | |
static | canonicalizeLoginData ( $username, $password) |
There are two ways to login with a bot password: "username@appId", "password" and "username", "appId@password". More... | |
static | generatePassword ( $config) |
Returns a (raw, unhashed) random password string. More... | |
static | getDB ( $db) |
Get a database connection for the bot passwords database. More... | |
static | getSeparator () |
Get the separator for combined user name + app ID. More... | |
static | invalidateAllPasswordsForCentralId ( $centralId) |
Invalidate all passwords for a user, by central ID. More... | |
static | invalidateAllPasswordsForUser ( $username) |
Invalidate all passwords for a user, by name. More... | |
static | login ( $username, $password, WebRequest $request) |
Try to log the user in. More... | |
static | newFromCentralId ( $centralId, $appId, $flags=self::READ_NORMAL) |
Load a BotPassword from the database. More... | |
static | newFromUser (User $user, $appId, $flags=self::READ_NORMAL) |
Load a BotPassword from the database. More... | |
static | newUnsaved (array $data, $flags=self::READ_NORMAL) |
Create an unsaved BotPassword. More... | |
static | removeAllPasswordsForCentralId ( $centralId) |
Remove all passwords for a user, by central ID. More... | |
static | removeAllPasswordsForUser ( $username) |
Remove all passwords for a user, by name. More... | |
Public Attributes | |
const | APPID_MAXLENGTH = 32 |
Public Attributes inherited from IDBAccessObject | |
const | READ_LOCKING = self::READ_LATEST | 2 |
Constants for object loading bitfield flags (higher => higher QoS) More... | |
const | READ_NONE = -1 |
Protected Member Functions | |
__construct ( $row, $isSaved, $flags=self::READ_NORMAL) | |
getPassword () | |
Get the password. More... | |
Static Private Member Functions | |
static | loginHook ( $user, $bp, Status $status) |
Call AuthManagerLoginAuthenticateAudit. More... | |
Private Attributes | |
string | $appId |
int | $centralId |
int | $flags = self::READ_NORMAL |
string[] | $grants |
bool | $isSaved |
MWRestrictions | $restrictions |
string | $token |
|
protected |
object | $row | bot_passwords database row |
bool | $isSaved | Whether the bot password was read from the database |
int | $flags | IDBAccessObject read flags |
Definition at line 60 of file BotPassword.php.
References $flags, $isSaved, FormatJson\decode(), isSaved(), and MWRestrictions\newFromJson().
|
static |
There are two ways to login with a bot password: "username@appId", "password" and "username", "appId@password".
Transform it so it is always in the first form. Returns [bot username, bot password]. If this cannot be a bot password login just return false.
string | $username | |
string | $password |
Definition at line 420 of file BotPassword.php.
References $appId, and getSeparator().
Referenced by ApiLogin\execute().
BotPassword::delete | ( | ) |
Delete the BotPassword from the database.
Definition at line 319 of file BotPassword.php.
References $appId, $centralId, DB_MASTER, getDB(), and isSaved().
|
static |
Returns a (raw, unhashed) random password string.
Config | $config |
Definition at line 406 of file BotPassword.php.
References PasswordFactory\generateRandomPasswordString().
Referenced by SpecialBotPasswords\save().
BotPassword::getAppId | ( | ) |
Get the app ID.
Definition at line 199 of file BotPassword.php.
References $appId.
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\newSessionForRequest().
|
static |
Get a database connection for the bot passwords database.
int | $db | Index of the connection to get, e.g. DB_MASTER or DB_REPLICA. |
Definition at line 76 of file BotPassword.php.
References $wgBotPasswordsCluster, and $wgBotPasswordsDatabase.
Referenced by delete(), SpecialBotPasswords\getFormFields(), getPassword(), invalidateAllPasswordsForCentralId(), newFromCentralId(), removeAllPasswordsForCentralId(), and save().
BotPassword::getGrants | ( | ) |
Get the grants.
Definition at line 223 of file BotPassword.php.
References $grants.
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\newSessionForRequest().
|
protected |
Get the password.
Definition at line 240 of file BotPassword.php.
References getDB(), DBAccessObjectUtils\getDBOptions(), and PasswordFactory\newInvalidPassword().
Referenced by isInvalid().
BotPassword::getRestrictions | ( | ) |
Get the restrictions.
Definition at line 215 of file BotPassword.php.
References $restrictions.
|
static |
Get the separator for combined user name + app ID.
Definition at line 231 of file BotPassword.php.
References $wgUserrightsInterwikiDelimiter.
Referenced by canonicalizeLoginData(), SpecialBotPasswords\getFormFields(), login(), loginHook(), and SpecialBotPasswords\onSuccess().
BotPassword::getToken | ( | ) |
Get the token.
Definition at line 207 of file BotPassword.php.
References $token.
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\newSessionForRequest().
BotPassword::getUserCentralId | ( | ) |
Get the central user ID.
Definition at line 191 of file BotPassword.php.
References $centralId.
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\newSessionForRequest().
|
static |
Invalidate all passwords for a user, by central ID.
int | $centralId |
Definition at line 351 of file BotPassword.php.
References $centralId, $wgEnableBotPasswords, DB_MASTER, getDB(), and PasswordFactory\newInvalidPassword().
Referenced by invalidateAllPasswordsForUser().
|
static |
Invalidate all passwords for a user, by name.
string | $username | User name |
Definition at line 339 of file BotPassword.php.
References $centralId, CentralIdLookup\AUDIENCE_RAW, CentralIdLookup\factory(), and invalidateAllPasswordsForCentralId().
Referenced by MediaWiki\Auth\AuthManager\changeAuthenticationData().
BotPassword::isInvalid | ( | ) |
Whether the password is currently invalid.
Definition at line 267 of file BotPassword.php.
References getPassword().
BotPassword::isSaved | ( | ) |
Indicate whether this is known to be saved.
Definition at line 183 of file BotPassword.php.
References $isSaved.
Referenced by __construct(), delete(), and save().
|
static |
Try to log the user in.
string | $username | Combined user name and app ID |
string | $password | Supplied password |
WebRequest | $request |
Definition at line 446 of file BotPassword.php.
References $appId, $status, $wgEnableBotPasswords, $wgPasswordAttemptThrottle, WebRequest\getIP(), ObjectCache\getLocalClusterInstance(), getSeparator(), loginHook(), StatusValue\newFatal(), User\newFromName(), newFromUser(), StatusValue\newGood(), MediaWiki\Session\SessionManager\singleton(), and wfMessage().
Referenced by ApiLogin\execute().
|
staticprivate |
Call AuthManagerLoginAuthenticateAudit.
To facilitate logging all authentications, even ones not via AuthManager, call the AuthManagerLoginAuthenticateAudit hook.
User | string | $user | User being logged in |
BotPassword | null | $bp | Bot sub-account, if it can be identified |
Status | $status | Login status |
Definition at line 532 of file BotPassword.php.
References $response, $status, getSeparator(), and Hooks\run().
Referenced by login().
|
static |
Load a BotPassword from the database.
int | $centralId | from CentralIdLookup |
string | $appId | |
int | $flags | IDBAccessObject read flags |
Definition at line 107 of file BotPassword.php.
References $appId, $centralId, $flags, $wgEnableBotPasswords, getDB(), and DBAccessObjectUtils\getDBOptions().
Referenced by SpecialBotPasswords\getFormFields(), newFromUser(), SpecialBotPasswords\onSubmit(), and MediaWiki\Session\Session\BotPasswordSessionProvider\refreshSessionInfo().
|
static |
Load a BotPassword from the database.
User | $user | |
string | $appId | |
int | $flags | IDBAccessObject read flags |
Definition at line 93 of file BotPassword.php.
References $appId, $centralId, $flags, CentralIdLookup\AUDIENCE_RAW, CentralIdLookup\factory(), and newFromCentralId().
Referenced by login().
|
static |
Create an unsaved BotPassword.
array | $data | Data to use to create the bot password. Keys are:
|
int | $flags | IDBAccessObject read flags |
Definition at line 138 of file BotPassword.php.
References $flags, CentralIdLookup\AUDIENCE_RAW, FormatJson\encode(), CentralIdLookup\factory(), and MWRestrictions\newDefault().
Referenced by SpecialBotPasswords\getFormFields(), and SpecialBotPasswords\save().
|
static |
Remove all passwords for a user, by central ID.
int | $centralId |
Definition at line 385 of file BotPassword.php.
References $centralId, $wgEnableBotPasswords, DB_MASTER, and getDB().
Referenced by removeAllPasswordsForUser().
|
static |
Remove all passwords for a user, by name.
string | $username | User name |
Definition at line 373 of file BotPassword.php.
References $centralId, CentralIdLookup\AUDIENCE_RAW, CentralIdLookup\factory(), and removeAllPasswordsForCentralId().
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\preventSessionsForUser().
BotPassword::save | ( | $operation, | |
Password | $password = null |
||
) |
Save the BotPassword to the database.
Definition at line 277 of file BotPassword.php.
References $appId, $centralId, DB_MASTER, FormatJson\encode(), MWCryptRand\generateHex(), getDB(), isSaved(), PasswordFactory\newInvalidPassword(), and User\TOKEN_LENGTH.
|
private |
Definition at line 41 of file BotPassword.php.
Referenced by canonicalizeLoginData(), delete(), getAppId(), login(), newFromCentralId(), newFromUser(), and save().
|
private |
Definition at line 38 of file BotPassword.php.
Referenced by delete(), getUserCentralId(), invalidateAllPasswordsForCentralId(), invalidateAllPasswordsForUser(), newFromCentralId(), newFromUser(), removeAllPasswordsForCentralId(), removeAllPasswordsForUser(), and save().
|
private |
Definition at line 53 of file BotPassword.php.
Referenced by __construct(), newFromCentralId(), newFromUser(), and newUnsaved().
|
private |
Definition at line 50 of file BotPassword.php.
Referenced by getGrants().
|
private |
Definition at line 35 of file BotPassword.php.
Referenced by __construct(), and isSaved().
|
private |
Definition at line 47 of file BotPassword.php.
Referenced by getRestrictions().
|
private |
Definition at line 44 of file BotPassword.php.
Referenced by getToken().
const BotPassword::APPID_MAXLENGTH = 32 |
Definition at line 32 of file BotPassword.php.
Referenced by SpecialBotPasswords\execute(), and SpecialBotPasswords\getFormFields().