Utility class for bot passwords. More...
Public Member Functions | |
| delete () | |
| Delete the BotPassword from the database. More... | |
| getAppId () | |
| Get the app ID. More... | |
| getGrants () | |
| Get the grants. More... | |
| getRestrictions () | |
| Get the restrictions. More... | |
| getToken () | |
| Get the token. More... | |
| getUserCentralId () | |
| Get the central user ID. More... | |
| isInvalid () | |
| Whether the password is currently invalid. More... | |
| isSaved () | |
| Indicate whether this is known to be saved. More... | |
| save ( $operation, Password $password=null) | |
| Save the BotPassword to the database. More... | |
Static Public Member Functions | |
| static | canonicalizeLoginData ( $username, $password) |
| There are two ways to login with a bot password: "username@appId", "password" and "username", "appId@password". More... | |
| static | generatePassword ( $config) |
| Returns a (raw, unhashed) random password string. More... | |
| static | getDB ( $db) |
| Get a database connection for the bot passwords database. More... | |
| static | getSeparator () |
| Get the separator for combined user name + app ID. More... | |
| static | invalidateAllPasswordsForCentralId ( $centralId) |
| Invalidate all passwords for a user, by central ID. More... | |
| static | invalidateAllPasswordsForUser ( $username) |
| Invalidate all passwords for a user, by name. More... | |
| static | login ( $username, $password, WebRequest $request) |
| Try to log the user in. More... | |
| static | newFromCentralId ( $centralId, $appId, $flags=self::READ_NORMAL) |
| Load a BotPassword from the database. More... | |
| static | newFromUser (User $user, $appId, $flags=self::READ_NORMAL) |
| Load a BotPassword from the database. More... | |
| static | newUnsaved (array $data, $flags=self::READ_NORMAL) |
| Create an unsaved BotPassword. More... | |
| static | removeAllPasswordsForCentralId ( $centralId) |
| Remove all passwords for a user, by central ID. More... | |
| static | removeAllPasswordsForUser ( $username) |
| Remove all passwords for a user, by name. More... | |
Public Attributes | |
| const | APPID_MAXLENGTH = 32 |
| const | GRANTS_MAXLENGTH = 65535 |
| Maximum length of the json representation of grants. More... | |
| const | RESTRICTIONS_MAXLENGTH = 65535 |
| Maximum length of the json representation of restrictions. More... | |
 Public Attributes inherited from IDBAccessObject | |
| const | READ_LOCKING = 3 |
| Constants for object loading bitfield flags (higher => higher QoS) More... | |
| const | READ_NONE = -1 |
Protected Member Functions | |
| __construct ( $row, $isSaved, $flags=self::READ_NORMAL) | |
| getPassword () | |
| Get the password. More... | |
Private Attributes | |
| string | $appId |
| int | $centralId |
| int | $flags = self::READ_NORMAL |
| string[] | $grants |
| bool | $isSaved |
| MWRestrictions | $restrictions |
| string | $token |
Detailed Description
Constructor & Destructor Documentation
◆ __construct()
|
protected |
- Parameters
-
object $row bot_passwords database row bool $isSaved Whether the bot password was read from the database int $flags IDBAccessObject read flags
Definition at line 71 of file BotPassword.php.
References $flags, $isSaved, FormatJson\decode(), flags, isSaved(), and MWRestrictions\newFromJson().
Member Function Documentation
◆ canonicalizeLoginData()
|
static |
There are two ways to login with a bot password: "username@appId", "password" and "username", "appId@password".
Transform it so it is always in the first form. Returns [bot username, bot password, could be normal password?] where the last one is a flag meaning this could either be a bot password or a normal password, it cannot be decided for certain (although in such cases it almost always will be a bot password). If this cannot be a bot password login just return false.
- Parameters
-
string $username string $password
- Returns
- array|false
Definition at line 463 of file BotPassword.php.
References $appId, $username, getSeparator(), and true.
Referenced by ApiLogin\execute(), and BotPasswordTest\testCanonicalizeLoginData().
◆ delete()
| BotPassword::delete | ( | ) |
Delete the BotPassword from the database.
- Returns
- bool Success
Definition at line 360 of file BotPassword.php.
References $appId, $centralId, DB_MASTER, getDB(), and isSaved().
◆ generatePassword()
|
static |
Returns a (raw, unhashed) random password string.
- Parameters
-
Config $config
- Returns
- string
Definition at line 447 of file BotPassword.php.
References PasswordFactory\generateRandomPasswordString().
Referenced by SpecialBotPasswords\save().
◆ getAppId()
| BotPassword::getAppId | ( | ) |
Get the app ID.
- Returns
- string
Definition at line 212 of file BotPassword.php.
References $appId.
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\newSessionForRequest().
◆ getDB()
|
static |
Get a database connection for the bot passwords database.
- Parameters
-
int $db Index of the connection to get, e.g. DB_MASTER or DB_REPLICA.
- Returns
- IMaintainableDatabase
Definition at line 87 of file BotPassword.php.
References $wgBotPasswordsCluster, $wgBotPasswordsDatabase, and global.
Referenced by delete(), SpecialBotPasswords\getFormFields(), getPassword(), invalidateAllPasswordsForCentralId(), newFromCentralId(), removeAllPasswordsForCentralId(), and save().
◆ getGrants()
| BotPassword::getGrants | ( | ) |
Get the grants.
- Returns
- string[]
Definition at line 236 of file BotPassword.php.
References $grants.
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\newSessionForRequest().
◆ getPassword()
|
protected |
Get the password.
- Returns
- Password
Definition at line 253 of file BotPassword.php.
References $options, flags, getDB(), DBAccessObjectUtils\getDBOptions(), RequestContext\getMain(), list, and PasswordFactory\newInvalidPassword().
Referenced by isInvalid().
◆ getRestrictions()
| BotPassword::getRestrictions | ( | ) |
Get the restrictions.
- Returns
- MWRestrictions
Definition at line 228 of file BotPassword.php.
References $restrictions.
◆ getSeparator()
|
static |
Get the separator for combined user name + app ID.
- Returns
- string
Definition at line 244 of file BotPassword.php.
References $wgUserrightsInterwikiDelimiter, and global.
Referenced by canonicalizeLoginData(), SpecialBotPasswords\getFormFields(), login(), SpecialBotPasswords\onSuccess(), BotPasswordTest\testBasics(), and ApiLoginTest\testBotPassword().
◆ getToken()
| BotPassword::getToken | ( | ) |
Get the token.
- Returns
- string
Definition at line 220 of file BotPassword.php.
References $token.
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\newSessionForRequest().
◆ getUserCentralId()
| BotPassword::getUserCentralId | ( | ) |
Get the central user ID.
- Returns
- int
Definition at line 204 of file BotPassword.php.
References $centralId.
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\newSessionForRequest().
◆ invalidateAllPasswordsForCentralId()
|
static |
Invalidate all passwords for a user, by central ID.
- Parameters
-
int $centralId
- Returns
- bool Whether any passwords were invalidated
Definition at line 392 of file BotPassword.php.
References $centralId, $wgEnableBotPasswords, DB_MASTER, getDB(), global, and PasswordFactory\newInvalidPassword().
Referenced by invalidateAllPasswordsForUser().
◆ invalidateAllPasswordsForUser()
|
static |
Invalidate all passwords for a user, by name.
- Parameters
-
string $username User name
- Returns
- bool Whether any passwords were invalidated
Definition at line 380 of file BotPassword.php.
References $centralId, $username, CentralIdLookup\AUDIENCE_RAW, CentralIdLookup\factory(), and invalidateAllPasswordsForCentralId().
Referenced by MediaWiki\Auth\AuthManager\changeAuthenticationData(), and BotPasswordTest\testInvalidateAllPasswordsForUser().
◆ isInvalid()
| BotPassword::isInvalid | ( | ) |
Whether the password is currently invalid.
- Since
- 1.32
- Returns
- bool
Definition at line 281 of file BotPassword.php.
References getPassword().
◆ isSaved()
| BotPassword::isSaved | ( | ) |
Indicate whether this is known to be saved.
- Returns
- bool
Definition at line 196 of file BotPassword.php.
References $isSaved.
Referenced by __construct(), delete(), and save().
◆ login()
|
static |
Try to log the user in.
- Parameters
-
string $username Combined user name and app ID string $password Supplied password WebRequest $request
- Returns
- Status On success, the good status's value is the new Session object
Definition at line 489 of file BotPassword.php.
References $appId, $name, $request, $user, $username, $wgEnableBotPasswords, $wgPasswordAttemptThrottle, class, ObjectCache\getLocalClusterInstance(), getSeparator(), global, list, StatusValue\newFatal(), User\newFromName(), newFromUser(), StatusValue\newGood(), MediaWiki\Session\SessionManager\singleton(), and wfMessage().
Referenced by ApiLogin\execute(), and BotPasswordTest\testLogin().
◆ newFromCentralId()
|
static |
Load a BotPassword from the database.
- Parameters
-
int $centralId from CentralIdLookup string $appId int $flags IDBAccessObject read flags
- Returns
- BotPassword|null
Definition at line 118 of file BotPassword.php.
References $appId, $centralId, $flags, $options, $wgEnableBotPasswords, getDB(), DBAccessObjectUtils\getDBOptions(), global, and list.
Referenced by SpecialBotPasswords\getFormFields(), newFromUser(), SpecialBotPasswords\onSubmit(), MediaWiki\Session\Session\BotPasswordSessionProvider\refreshSessionInfo(), BotPasswordTest\testGetPassword(), BotPasswordTest\testInvalidateAllPasswordsForUser(), BotPasswordTest\testRemoveAllPasswordsForUser(), and BotPasswordTest\testSave().
◆ newFromUser()
|
static |
Load a BotPassword from the database.
- Parameters
-
User $user string $appId int $flags IDBAccessObject read flags
- Returns
- BotPassword|null
Definition at line 104 of file BotPassword.php.
References $appId, $centralId, $flags, $user, CentralIdLookup\AUDIENCE_RAW, CentralIdLookup\factory(), and newFromCentralId().
Referenced by login(), BotPasswordTest\testBasics(), MediaWiki\Session\BotPasswordSessionProviderTest\testCheckSessionInfo(), and MediaWiki\Session\BotPasswordSessionProviderTest\testNewSessionInfoForRequest().
◆ newUnsaved()
|
static |
Create an unsaved BotPassword.
- Parameters
-
array $data Data to use to create the bot password. Keys are: - user: (User) User object to create the password for. Overrides username and centralId.
- username: (string) Username to create the password for. Overrides centralId.
- centralId: (int) User central ID to create the password for.
- appId: (string) App ID for the password.
- restrictions: (MWRestrictions, optional) Restrictions.
- grants: (string[], optional) Grants.
int $flags IDBAccessObject read flags
- Returns
- BotPassword|null
Definition at line 149 of file BotPassword.php.
References $flags, CentralIdLookup\AUDIENCE_RAW, FormatJson\encode(), CentralIdLookup\factory(), MWRestrictions\newDefault(), and object.
Referenced by SpecialBotPasswords\getFormFields(), SpecialBotPasswords\save(), BotPasswordTest\testSave(), BotPasswordTest\testSaveValidation(), and BotPasswordTest\testUnsaved().
◆ removeAllPasswordsForCentralId()
|
static |
Remove all passwords for a user, by central ID.
- Parameters
-
int $centralId
- Returns
- bool Whether any passwords were removed
Definition at line 426 of file BotPassword.php.
References $centralId, $wgEnableBotPasswords, DB_MASTER, getDB(), and global.
Referenced by removeAllPasswordsForUser().
◆ removeAllPasswordsForUser()
|
static |
Remove all passwords for a user, by name.
- Parameters
-
string $username User name
- Returns
- bool Whether any passwords were removed
Definition at line 414 of file BotPassword.php.
References $centralId, $username, CentralIdLookup\AUDIENCE_RAW, CentralIdLookup\factory(), and removeAllPasswordsForCentralId().
Referenced by MediaWiki\Session\Session\BotPasswordSessionProvider\preventSessionsForUser(), and BotPasswordTest\testRemoveAllPasswordsForUser().
◆ save()
| BotPassword::save | ( | $operation, | |
| Password | $password = null |
||
| ) |
Save the BotPassword to the database.
- Returns
- Status
- Exceptions
-
UnexpectedValueException
Definition at line 292 of file BotPassword.php.
References $appId, $centralId, $grants, $res, $restrictions, DB_MASTER, FormatJson\encode(), MWCryptRand\generateHex(), getDB(), isSaved(), StatusValue\newFatal(), StatusValue\newGood(), PasswordFactory\newInvalidPassword(), MWRestrictions\toJson(), and User\TOKEN_LENGTH.
Member Data Documentation
◆ $appId
|
private |
Definition at line 52 of file BotPassword.php.
Referenced by canonicalizeLoginData(), delete(), getAppId(), login(), newFromCentralId(), newFromUser(), and save().
◆ $centralId
|
private |
Definition at line 49 of file BotPassword.php.
Referenced by delete(), getUserCentralId(), invalidateAllPasswordsForCentralId(), invalidateAllPasswordsForUser(), newFromCentralId(), newFromUser(), removeAllPasswordsForCentralId(), removeAllPasswordsForUser(), and save().
◆ $flags
|
private |
Definition at line 64 of file BotPassword.php.
Referenced by __construct(), newFromCentralId(), newFromUser(), and newUnsaved().
◆ $grants
|
private |
Definition at line 61 of file BotPassword.php.
Referenced by getGrants(), and save().
◆ $isSaved
|
private |
Definition at line 46 of file BotPassword.php.
Referenced by __construct(), and isSaved().
◆ $restrictions
|
private |
Definition at line 58 of file BotPassword.php.
Referenced by getRestrictions(), and save().
◆ $token
|
private |
Definition at line 55 of file BotPassword.php.
Referenced by getToken().
◆ APPID_MAXLENGTH
| const BotPassword::APPID_MAXLENGTH = 32 |
Definition at line 31 of file BotPassword.php.
Referenced by SpecialBotPasswords\execute(), SpecialBotPasswords\getFormFields(), and BotPasswordTest\testUnsaved().
◆ GRANTS_MAXLENGTH
| const BotPassword::GRANTS_MAXLENGTH = 65535 |
Maximum length of the json representation of grants.
- Since
- 1.31.11
Definition at line 43 of file BotPassword.php.
◆ RESTRICTIONS_MAXLENGTH
| const BotPassword::RESTRICTIONS_MAXLENGTH = 65535 |
Maximum length of the json representation of restrictions.
- Since
- 1.31.11
Definition at line 37 of file BotPassword.php.
Referenced by BotPasswordTest\testSaveValidation().
The documentation for this class was generated from the following file:
- includes/user/BotPassword.php
