MediaWiki REL1_31
TOTPSecondaryAuthenticationProvider Class Reference

AuthManager secondary authentication provider for TOTP second-factor authentication. More...

Inheritance diagram for TOTPSecondaryAuthenticationProvider:
Collaboration diagram for TOTPSecondaryAuthenticationProvider:

Public Member Functions

 beginSecondaryAccountCreation ( $user, $creator, array $reqs)
 
 beginSecondaryAuthentication ( $user, array $reqs)
 If the user has enabled two-factor authentication, request a second factor.
 
 continueSecondaryAuthentication ( $user, array $reqs)
 Verify the second factor.
 
 getAuthenticationRequests ( $action, array $options)
 
- Public Member Functions inherited from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider
 autoCreatedAccount ( $user, $source)
 Post-auto-creation callback.
 
 continueSecondaryAccountCreation ( $user, $creator, array $reqs)
 Continue an authentication flow.
 
 postAccountCreation ( $user, $creator, AuthenticationResponse $response)
 Post-creation callback.
 
 postAuthentication ( $user, AuthenticationResponse $response)
 Post-login callback.
 
 providerAllowsAuthenticationDataChange (AuthenticationRequest $req, $checkData=true)
 Validate a change of authentication data (e.g.
 
 providerAllowsPropertyChange ( $property)
 Determine whether a property can change.
 
 providerChangeAuthenticationData (AuthenticationRequest $req)
 Change or remove authentication data (e.g.
 
 providerRevokeAccessForUser ( $username)
 @inheritDoc
 
 testForAccountCreation ( $user, $creator, array $reqs)
 Determine whether an account creation may begin.
 
 testUserForCreation ( $user, $autocreate, array $options=[])
 Determine whether an account may be created.
 
- Public Member Functions inherited from MediaWiki\Auth\AbstractAuthenticationProvider
 getUniqueId ()
 @inheritDoc
 
 setConfig (Config $config)
 Set configuration.
 
 setLogger (LoggerInterface $logger)
 
 setManager (AuthManager $manager)
 Set AuthManager.
 

Additional Inherited Members

- Protected Attributes inherited from MediaWiki\Auth\AbstractAuthenticationProvider
Config $config
 
LoggerInterface $logger
 
AuthManager $manager
 

Detailed Description

AuthManager secondary authentication provider for TOTP second-factor authentication.

After a successful primary authentication, requests a time-based one-time password (typically generated by a mobile app such as Google Authenticator) from the user.

See also
AuthManager
https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm

Definition at line 33 of file TOTPSecondaryAuthenticationProvider.php.

Member Function Documentation

◆ beginSecondaryAccountCreation()

TOTPSecondaryAuthenticationProvider::beginSecondaryAccountCreation ( $user,
$creator,
array $reqs )
Parameters
User$user
User$creator
array$reqs
Returns
AuthenticationResponse

Implements MediaWiki\Auth\SecondaryAuthenticationProvider.

Definition at line 118 of file TOTPSecondaryAuthenticationProvider.php.

◆ beginSecondaryAuthentication()

TOTPSecondaryAuthenticationProvider::beginSecondaryAuthentication ( $user,
array $reqs )

If the user has enabled two-factor authentication, request a second factor.

Parameters
User$user
array$reqs
Returns
AuthenticationResponse

Implements MediaWiki\Auth\SecondaryAuthenticationProvider.

Definition at line 59 of file TOTPSecondaryAuthenticationProvider.php.

References OATHAuthHooks\getOATHUserRepository(), and wfMessage().

◆ continueSecondaryAuthentication()

TOTPSecondaryAuthenticationProvider::continueSecondaryAuthentication ( $user,
array $reqs )

Verify the second factor.

@inheritDoc

Reimplemented from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider.

Definition at line 74 of file TOTPSecondaryAuthenticationProvider.php.

References $request, OATHAuthHooks\getOATHUserRepository(), and wfMessage().

◆ getAuthenticationRequests()

TOTPSecondaryAuthenticationProvider::getAuthenticationRequests ( $action,
array $options )
Parameters
string$action
array$options
Returns
array

Implements MediaWiki\Auth\AuthenticationProvider.

Definition at line 41 of file TOTPSecondaryAuthenticationProvider.php.


The documentation for this class was generated from the following file: