MediaWiki REL1_30
AuthPlugin Class Reference

Authentication plugin interface. More...

Inheritance diagram for AuthPlugin:
Collaboration diagram for AuthPlugin:

Public Member Functions

 addUser ( $user, $password, $email='', $realname='')
 Add a user to the external authentication database.
 
 allowPasswordChange ()
 Can users change their passwords?
 
 allowPropChange ( $prop='')
 Allow a property change? Properties are the same as preferences and use the same keys.
 
 allowSetLocalPassword ()
 Should MediaWiki store passwords in its local database?
 
 authenticate ( $username, $password)
 Check if a username+password pair is a valid login.
 
 autoCreate ()
 Return true if the wiki should create a new local account automatically when asked to login a user who doesn't exist locally but does in the external auth database.
 
 canCreateAccounts ()
 Check to see if external accounts can be created.
 
 domainList ()
 Get a list of domains (in HTMLForm options format) used.
 
 getCanonicalName ( $username)
 If you want to munge the case of an account name before the final check, now is your chance.
 
 getDomain ()
 Get the user's domain.
 
 getUserInstance (User &$user)
 Get an instance of a User object.
 
 initUser (&$user, $autocreate=false)
 When creating a user account, optionally fill in preferences and such.
 
 modifyUITemplate (&$template, &$type)
 Modify options in the login template.
 
 setDomain ( $domain)
 Set the domain this plugin is supposed to use when authenticating.
 
 setPassword ( $user, $password)
 Set the given password in the authentication database.
 
 strict ()
 Return true to prevent logins that don't authenticate here from being checked against the local database's password fields.
 
 strictUserAuth ( $username)
 Check if a user should authenticate locally if the global authentication fails.
 
 updateExternalDB ( $user)
 Update user information in the external authentication database.
 
 updateExternalDBGroups ( $user, $addgroups, $delgroups=[])
 Update user groups in the external authentication database.
 
 updateUser (&$user)
 When a user logs in, optionally fill in preferences and such.
 
 userExists ( $username)
 Check whether there exists a user account with the given name.
 
 validDomain ( $domain)
 Check to see if the specific domain is a valid domain.
 

Protected Attributes

string $domain
 

Detailed Description

Authentication plugin interface.

Instantiate a subclass of AuthPlugin and set $wgAuth to it to authenticate against some external tool.

The default behavior is not to do anything, and use the local user database for all authentication. A subclass can require that all accounts authenticate externally, or use it only as a fallback; also you can transparently create internal wiki accounts the first time someone logs in who can be authenticated externally.

Deprecated
since 1.27

Definition at line 38 of file AuthPlugin.php.

Member Function Documentation

◆ addUser()

AuthPlugin::addUser ( $user,
$password,
$email = '',
$realname = '' )

Add a user to the external authentication database.

Return true if successful.

Parameters
User$userOnly the name should be assumed valid at this point
string$password
string$email
string$realname
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 252 of file AuthPlugin.php.

◆ allowPasswordChange()

AuthPlugin::allowPasswordChange ( )

Can users change their passwords?

Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 178 of file AuthPlugin.php.

◆ allowPropChange()

AuthPlugin::allowPropChange ( $prop = '')

Allow a property change? Properties are the same as preferences and use the same keys.

'Realname' 'Emailaddress' and 'Nickname' all reference this.

Parameters
string$prop
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 161 of file AuthPlugin.php.

◆ allowSetLocalPassword()

AuthPlugin::allowSetLocalPassword ( )

Should MediaWiki store passwords in its local database?

Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 187 of file AuthPlugin.php.

◆ authenticate()

AuthPlugin::authenticate ( $username,
$password )

Check if a username+password pair is a valid login.

The name will be normalized to MediaWiki's requirements, so you might need to munge it (for instance, for lowercase initial letters).

Parameters
string$usernameUsername.
string$passwordUser password.
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 68 of file AuthPlugin.php.

◆ autoCreate()

AuthPlugin::autoCreate ( )

Return true if the wiki should create a new local account automatically when asked to login a user who doesn't exist locally but does in the external auth database.

If you don't automatically create accounts, you must still create accounts in some way. It's not possible to authenticate without a local account.

This is just a question, and shouldn't perform any actions.

Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 148 of file AuthPlugin.php.

◆ canCreateAccounts()

AuthPlugin::canCreateAccounts ( )

Check to see if external accounts can be created.

Return true if external accounts can be created.

Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 238 of file AuthPlugin.php.

◆ domainList()

AuthPlugin::domainList ( )

Get a list of domains (in HTMLForm options format) used.

Returns
array

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 322 of file AuthPlugin.php.

◆ getCanonicalName()

AuthPlugin::getCanonicalName ( $username)

If you want to munge the case of an account name before the final check, now is your chance.

Parameters
string$username
Returns
string

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 302 of file AuthPlugin.php.

References $username.

◆ getDomain()

AuthPlugin::getDomain ( )

Get the user's domain.

Returns
string

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 98 of file AuthPlugin.php.

◆ getUserInstance()

AuthPlugin::getUserInstance ( User & $user)

Get an instance of a User object.

Parameters
User&$user
Returns
AuthPluginUser

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 313 of file AuthPlugin.php.

◆ initUser()

AuthPlugin::initUser ( & $user,
$autocreate = false )

When creating a user account, optionally fill in preferences and such.

For instance, you might pull the email address or real name from the external user database.

The User object is passed by reference so it can be modified; don't forget the & on your function declaration.

Deprecated
since 1.26, use the UserLoggedIn hook instead. And assigning a different User object to $user is no longer supported.
Parameters
User&$user
bool$autocreateTrue if user is being autocreated on login

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 292 of file AuthPlugin.php.

◆ modifyUITemplate()

AuthPlugin::modifyUITemplate ( & $template,
& $type )

Modify options in the login template.

Parameters
BaseTemplate&$template
string&$type'signup' or 'login'. Added in 1.16.

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 79 of file AuthPlugin.php.

References $template.

◆ setDomain()

AuthPlugin::setDomain ( $domain)

Set the domain this plugin is supposed to use when authenticating.

Parameters
string$domainAuthentication domain.

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 89 of file AuthPlugin.php.

◆ setPassword()

AuthPlugin::setPassword ( $user,
$password )

Set the given password in the authentication database.

As a special case, the password may be set to null to request locking the password to an unusable value, with the expectation that it will be set later through a mail reset or other method.

Return true if successful.

Parameters
User$user
string$passwordPassword.
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 203 of file AuthPlugin.php.

◆ strict()

AuthPlugin::strict ( )

Return true to prevent logins that don't authenticate here from being checked against the local database's password fields.

This is just a question, and shouldn't perform any actions.

Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 264 of file AuthPlugin.php.

◆ strictUserAuth()

AuthPlugin::strictUserAuth ( $username)

Check if a user should authenticate locally if the global authentication fails.

If either this or strict() returns true, local authentication is not used.

Parameters
string$usernameUsername.
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 275 of file AuthPlugin.php.

◆ updateExternalDB()

AuthPlugin::updateExternalDB ( $user)

Update user information in the external authentication database.

Return true if successful.

Deprecated
since 1.26, use the UserSaveSettings hook instead.
Parameters
User$user
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 215 of file AuthPlugin.php.

◆ updateExternalDBGroups()

AuthPlugin::updateExternalDBGroups ( $user,
$addgroups,
$delgroups = [] )

Update user groups in the external authentication database.

Return true if successful.

Deprecated
since 1.26, use the UserGroupsChanged hook instead.
Parameters
User$user
array$addgroupsGroups to add.
array$delgroupsGroups to remove.
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 229 of file AuthPlugin.php.

◆ updateUser()

AuthPlugin::updateUser ( & $user)

When a user logs in, optionally fill in preferences and such.

For instance, you might pull the email address or real name from the external user database.

The User object is passed by reference so it can be modified; don't forget the & on your function declaration.

Deprecated
since 1.26, use the UserLoggedIn hook instead. And assigning a different User object to $user is no longer supported.
Parameters
User&$user
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 130 of file AuthPlugin.php.

◆ userExists()

AuthPlugin::userExists ( $username)

Check whether there exists a user account with the given name.

The name will be normalized to MediaWiki's requirements, so you might need to munge it (for instance, for lowercase initial letters).

Parameters
string$usernameUsername.
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 53 of file AuthPlugin.php.

◆ validDomain()

AuthPlugin::validDomain ( $domain)

Check to see if the specific domain is a valid domain.

Parameters
string$domainAuthentication domain.
Returns
bool

Reimplemented in MediaWiki\Auth\AuthManagerAuthPlugin.

Definition at line 112 of file AuthPlugin.php.

Member Data Documentation

◆ $domain

string AuthPlugin::$domain
protected

Definition at line 42 of file AuthPlugin.php.


The documentation for this class was generated from the following file: