MediaWiki REL1_31
ApiClientLogin.php
Go to the documentation of this file.
1<?php
23use MediaWiki\Auth\AuthManager;
24use MediaWiki\Auth\AuthenticationResponse;
25use MediaWiki\Auth\CreateFromLoginAuthenticationRequest;
26
32class ApiClientLogin extends ApiBase {
33
34 public function __construct( ApiMain $main, $action ) {
35 parent::__construct( $main, $action, 'login' );
36 }
37
38 public function getFinalDescription() {
39 // A bit of a hack to append 'api-help-authmanager-general-usage'
40 $msgs = parent::getFinalDescription();
41 $msgs[] = ApiBase::makeMessage( 'api-help-authmanager-general-usage', $this->getContext(), [
42 $this->getModulePrefix(),
43 $this->getModuleName(),
44 $this->getModulePath(),
45 AuthManager::ACTION_LOGIN,
46 self::needsToken(),
47 ] );
48 return $msgs;
49 }
50
51 public function execute() {
52 $params = $this->extractRequestParams();
53
54 $this->requireAtLeastOneParameter( $params, 'continue', 'returnurl' );
55
56 if ( $params['returnurl'] !== null ) {
57 $bits = wfParseUrl( $params['returnurl'] );
58 if ( !$bits || $bits['scheme'] === '' ) {
59 $encParamName = $this->encodeParamName( 'returnurl' );
60 $this->dieWithError(
61 [ 'apierror-badurl', $encParamName, wfEscapeWikiText( $params['returnurl'] ) ],
62 "badurl_{$encParamName}"
63 );
64 }
65 }
66
67 $helper = new ApiAuthManagerHelper( $this );
68 $manager = AuthManager::singleton();
69
70 // Make sure it's possible to log in
71 if ( !$manager->canAuthenticateNow() ) {
72 $this->getResult()->addValue( null, 'clientlogin', $helper->formatAuthenticationResponse(
73 AuthenticationResponse::newFail( $this->msg( 'userlogin-cannot-' . AuthManager::ACTION_LOGIN ) )
74 ) );
75 $helper->logAuthenticationResult( 'login', 'userlogin-cannot-' . AuthManager::ACTION_LOGIN );
76 return;
77 }
78
79 // Perform the login step
80 if ( $params['continue'] ) {
81 $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LOGIN_CONTINUE );
82 $res = $manager->continueAuthentication( $reqs );
83 } else {
84 $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LOGIN );
85 if ( $params['preservestate'] ) {
86 $req = $helper->getPreservedRequest();
87 if ( $req ) {
88 $reqs[] = $req;
89 }
90 }
91 $res = $manager->beginAuthentication( $reqs, $params['returnurl'] );
92 }
93
94 // Remove CreateFromLoginAuthenticationRequest from $res->neededRequests.
95 // It's there so a RESTART treated as UI will work right, but showing
96 // it to the API client is just confusing.
97 $res->neededRequests = ApiAuthManagerHelper::blacklistAuthenticationRequests(
98 $res->neededRequests, [ CreateFromLoginAuthenticationRequest::class ]
99 );
100
101 $this->getResult()->addValue( null, 'clientlogin',
102 $helper->formatAuthenticationResponse( $res ) );
103 $helper->logAuthenticationResult( 'login', $res );
104 }
105
106 public function isReadMode() {
107 return false;
108 }
109
110 public function needsToken() {
111 return 'login';
112 }
113
114 public function getAllowedParams() {
115 return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_LOGIN,
116 'requests', 'messageformat', 'mergerequestfields', 'preservestate', 'returnurl', 'continue'
117 );
118 }
119
120 public function dynamicParameterDocumentation() {
121 return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_LOGIN ];
122 }
123
124 protected function getExamplesMessages() {
125 return [
126 'action=clientlogin&username=Example&password=ExamplePassword&'
127 . 'loginreturnurl=http://example.org/&logintoken=123ABC'
128 => 'apihelp-clientlogin-example-login',
129 'action=clientlogin&logincontinue=1&OATHToken=987654&logintoken=123ABC'
130 => 'apihelp-clientlogin-example-login2',
131 ];
132 }
133
134 public function getHelpUrls() {
135 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Login';
136 }
137}
use
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
Definition APACHE-LICENSE-2.0.txt:10
wfParseUrl
wfParseUrl( $url)
parse_url() work-alike, but non-broken.
Definition GlobalFunctions.php:801
wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition GlobalFunctions.php:1643
ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition ApiAuthManagerHelper.php:36
ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action, $param)
Fetch the standard parameters this helper recognizes.
Definition ApiAuthManagerHelper.php:351
ApiAuthManagerHelper\blacklistAuthenticationRequests
static blacklistAuthenticationRequests(array $reqs, array $blacklist)
Filter out authentication requests by class name.
Definition ApiAuthManagerHelper.php:121
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:37
ApiBase\getModulePrefix
getModulePrefix()
Get parameter prefix (usually two letters or an empty string).
Definition ApiBase.php:529
ApiBase\encodeParamName
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition ApiBase.php:730
ApiBase\makeMessage
static makeMessage( $msg, IContextSource $context, array $params=null)
Create a Message from a string or array.
Definition ApiBase.php:1741
ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition ApiBase.php:1895
ApiBase\extractRequestParams
extractRequestParams( $parseLimit=true)
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:749
ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:641
ApiBase\getModulePath
getModulePath()
Get the path to this module.
Definition ApiBase.php:585
ApiBase\requireAtLeastOneParameter
requireAtLeastOneParameter( $params, $required)
Die if none of a certain set of parameters is set and not false.
Definition ApiBase.php:851
ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition ApiBase.php:521
ApiClientLogin
Log in to the wiki with AuthManager.
Definition ApiClientLogin.php:32
ApiClientLogin\getFinalDescription
getFinalDescription()
Get final module description, after hooks have had a chance to tweak it as needed.
Definition ApiClientLogin.php:38
ApiClientLogin\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition ApiClientLogin.php:134
ApiClientLogin\isReadMode
isReadMode()
Indicates whether this module requires read rights.
Definition ApiClientLogin.php:106
ApiClientLogin\__construct
__construct(ApiMain $main, $action)
Definition ApiClientLogin.php:34
ApiClientLogin\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition ApiClientLogin.php:120
ApiClientLogin\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition ApiClientLogin.php:51
ApiClientLogin\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition ApiClientLogin.php:114
ApiClientLogin\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition ApiClientLogin.php:124
ApiClientLogin\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition ApiClientLogin.php:110
ApiMain
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:43
ContextSource\getContext
getContext()
Get the base IContextSource object.
Definition ContextSource.php:40
MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition AuthManager.php:83
MediaWiki\Auth\AuthenticationResponse
This is a value object to hold authentication response data.
Definition AuthenticationResponse.php:37
MediaWiki\Auth\CreateFromLoginAuthenticationRequest
This transfers state between the login and account creation flows.
Definition CreateFromLoginAuthenticationRequest.php:34
$res
$res
Definition database.txt:21
$req
this hook is for auditing only $req
Definition hooks.txt:990
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition injection.txt:37
$params
$params
Definition styleTest.css.php:40