MediaWiki
1.34.0
|
AuthManager secondary authentication provider for TOTP second-factor authentication. More...
Public Member Functions | ||||
beginSecondaryAccountCreation ( $user, $creator, array $reqs) | ||||
beginSecondaryAuthentication ( $user, array $reqs) | ||||
If the user has enabled two-factor authentication, request a second factor. More... | ||||
continueSecondaryAuthentication ( $user, array $reqs) | ||||
Verify the second factor. More... | ||||
getAuthenticationRequests ( $action, array $options) | ||||
Public Member Functions inherited from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider | ||||
autoCreatedAccount ( $user, $source) | ||||
Post-auto-creation callback. More... | ||||
continueSecondaryAccountCreation ( $user, $creator, array $reqs) | ||||
Continue an authentication flow. More... | ||||
postAccountCreation ( $user, $creator, AuthenticationResponse $response) | ||||
Post-creation callback. More... | ||||
postAuthentication ( $user, AuthenticationResponse $response) | ||||
Post-login callback. More... | ||||
providerAllowsAuthenticationDataChange (AuthenticationRequest $req, $checkData=true) | ||||
Validate a change of authentication data (e.g. More... | ||||
providerAllowsPropertyChange ( $property) | ||||
Determine whether a property can change. More... | ||||
providerChangeAuthenticationData (AuthenticationRequest $req) | ||||
Change or remove authentication data (e.g. More... | ||||
providerRevokeAccessForUser ( $username) | ||||
Revoke the user's credentials.This may cause the user to no longer exist for the provider, or the user may continue to exist in a "disabled" state.The intention is that the named account will never again be usable for normal login (i.e. there is no way to undo the revocation of access).
| ||||
testForAccountCreation ( $user, $creator, array $reqs) | ||||
Determine whether an account creation may begin. More... | ||||
testUserForCreation ( $user, $autocreate, array $options=[]) | ||||
Determine whether an account may be created. More... | ||||
Public Member Functions inherited from MediaWiki\Auth\AbstractAuthenticationProvider | ||||
getUniqueId () | ||||
Return a unique identifier for this instance.This must be the same across requests. If multiple instances return the same ID, exceptions will be thrown from AuthManager.
| ||||
setConfig (Config $config) | ||||
Set configuration. More... | ||||
setLogger (LoggerInterface $logger) | ||||
setManager (AuthManager $manager) | ||||
Set AuthManager. More... | ||||
Additional Inherited Members | |
Protected Attributes inherited from MediaWiki\Auth\AbstractAuthenticationProvider | |
Config | $config |
LoggerInterface | $logger |
AuthManager | $manager |
AuthManager secondary authentication provider for TOTP second-factor authentication.
After a successful primary authentication, requests a time-based one-time password (typically generated by a mobile app such as Google Authenticator) from the user.
Definition at line 39 of file TOTPSecondaryAuthenticationProvider.php.
MediaWiki\Extension\OATHAuth\Auth\TOTPSecondaryAuthenticationProvider::beginSecondaryAccountCreation | ( | $user, | |
$creator, | |||
array | $reqs | ||
) |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 125 of file TOTPSecondaryAuthenticationProvider.php.
References MediaWiki\Auth\AuthenticationResponse\newAbstain().
MediaWiki\Extension\OATHAuth\Auth\TOTPSecondaryAuthenticationProvider::beginSecondaryAuthentication | ( | $user, | |
array | $reqs | ||
) |
If the user has enabled two-factor authentication, request a second factor.
User | $user | |
array | $reqs |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 65 of file TOTPSecondaryAuthenticationProvider.php.
References MediaWiki\MediaWikiServices\getInstance(), MediaWiki\Auth\AuthenticationResponse\newAbstain(), MediaWiki\Auth\AuthenticationResponse\newUI(), and wfMessage().
MediaWiki\Extension\OATHAuth\Auth\TOTPSecondaryAuthenticationProvider::continueSecondaryAuthentication | ( | $user, | |
array | $reqs | ||
) |
Verify the second factor.
Continue an authentication flow.
User | $user | User being authenticated. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationRequest[] | $reqs |
Reimplemented from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider.
Definition at line 81 of file TOTPSecondaryAuthenticationProvider.php.
References MediaWiki\MediaWikiServices\getInstance(), MediaWiki\Auth\AuthenticationRequest\getRequestByClass(), MediaWiki\Auth\AuthenticationResponse\newAbstain(), MediaWiki\Auth\AuthenticationResponse\newPass(), MediaWiki\Auth\AuthenticationResponse\newUI(), and wfMessage().
MediaWiki\Extension\OATHAuth\Auth\TOTPSecondaryAuthenticationProvider::getAuthenticationRequests | ( | $action, | |
array | $options | ||
) |
string | $action | |
array | $options |
Implements MediaWiki\Auth\AuthenticationProvider.
Definition at line 47 of file TOTPSecondaryAuthenticationProvider.php.
References MediaWiki\$action, and MediaWiki\Auth\AuthManager\ACTION_LOGIN.