Reset the local password, if signalled via $this->manager->setAuthenticationSessionData() More...

Inheritance diagram for MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider:

[legend]

Collaboration diagram for MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider:

[legend]

Public Member Functions
	beginSecondaryAccountCreation ( $user, $creator, array $reqs)
	Start an account creation flow.

	beginSecondaryAuthentication ( $user, array $reqs)
	Start an authentication flow.

	continueSecondaryAccountCreation ( $user, $creator, array $reqs)
	Continue an authentication flow.

	continueSecondaryAuthentication ( $user, array $reqs)
	Continue an authentication flow.

	getAuthenticationRequests ( $action, array $options)
	Return the applicable list of AuthenticationRequests.

Public Member Functions inherited from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider
	autoCreatedAccount ( $user, $source)
	Post-auto-creation callback.

	postAccountCreation ( $user, $creator, AuthenticationResponse $response)
	Post-creation callback.

	postAuthentication ( $user, AuthenticationResponse $response)
	Post-login callback.

	providerAllowsAuthenticationDataChange (AuthenticationRequest $req, $checkData=true)
	Validate a change of authentication data (e.g.

	providerAllowsPropertyChange ( $property)
	Determine whether a property can change.

	providerChangeAuthenticationData (AuthenticationRequest $req)
	Change or remove authentication data (e.g.

	providerRevokeAccessForUser ( $username)
	@inheritDoc

	testForAccountCreation ( $user, $creator, array $reqs)
	Determine whether an account creation may begin.

	testUserForCreation ( $user, $autocreate, array $options=[])
	Determine whether an account may be created.

Public Member Functions inherited from MediaWiki\Auth\AbstractAuthenticationProvider
	getUniqueId ()
	@inheritDoc

	setConfig (Config $config)
	Set configuration.

	setLogger (LoggerInterface $logger)

	setManager (AuthManager $manager)
	Set AuthManager.

Protected Member Functions
	tryReset (\User $user, array $reqs)
	Try to reset the password.

Additional Inherited Members
Protected Attributes inherited from MediaWiki\Auth\AbstractAuthenticationProvider
Config	$config

LoggerInterface	$logger

AuthManager	$manager

Detailed Description

Reset the local password, if signalled via $this->manager->setAuthenticationSessionData()

The authentication data key is 'reset-pass'; the data is an object with the following properties:

msg: Message object to display to the user
hard: Boolean, if true the reset cannot be skipped.
req: Optional PasswordAuthenticationRequest to use to actually reset the password. Won't be displayed to the user.

Since: 1.27

Definition at line 37 of file ResetPasswordSecondaryAuthenticationProvider.php.

Member Function Documentation

◆ beginSecondaryAccountCreation()

MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider::beginSecondaryAccountCreation	(		$user,
			$creator,
		array	$reqs
	)

Start an account creation flow.

Note: There is no guarantee this will be called in a successful account creation process as the user can just abandon the process at any time after the primary provider has issued a PASS and still have a valid account. Be prepared to handle any database inconsistencies that result from this or continueSecondaryAccountCreation() not being called.

Parameters

User	$user	User being created (has been added to the database). This may become a "UserValue" in the future, or User may be refactored into such.
User	$creator	User doing the creation. This may become a "UserValue" in the future, or User may be refactored into such.
AuthenticationRequest[]	$reqs

Returns

AuthenticationResponse Expected responses:

PASS: The user creation is ok. Additional secondary providers may run.
ABSTAIN: Additional secondary providers may run.
UI: Additional AuthenticationRequests are needed to complete the process.
REDIRECT: Redirection to a third party is needed to complete the process.

Implements MediaWiki\Auth\SecondaryAuthenticationProvider.

Definition at line 51 of file ResetPasswordSecondaryAuthenticationProvider.php.

References $user, and MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider\tryReset().

◆ beginSecondaryAuthentication()

MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider::beginSecondaryAuthentication	(		$user,
		array	$reqs
	)

Start an authentication flow.

Note that this may be called for a user even if beginSecondaryAccountCreation() was never called. The module should take the opportunity to do any necessary setup in that case.

Parameters

User	$user	User being authenticated. This may become a "UserValue" in the future, or User may be refactored into such.
AuthenticationRequest[]	$reqs

Returns

AuthenticationResponse Expected responses:

PASS: The user is authenticated. Additional secondary providers may run.
FAIL: The user is not authenticated. Fail the authentication process.
ABSTAIN: Additional secondary providers may run.
UI: Additional AuthenticationRequests are needed to complete the process.
REDIRECT: Redirection to a third party is needed to complete the process.

Implements MediaWiki\Auth\SecondaryAuthenticationProvider.

Definition at line 43 of file ResetPasswordSecondaryAuthenticationProvider.php.

References $user, and MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider\tryReset().

◆ continueSecondaryAccountCreation()

MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider::continueSecondaryAccountCreation	(		$user,
			$creator,
		array	$reqs
	)

Continue an authentication flow.

Parameters

User	$user	User being created (has been added to the database). This may become a "UserValue" in the future, or User may be refactored into such.
User	$creator	User doing the creation. This may become a "UserValue" in the future, or User may be refactored into such.
AuthenticationRequest[]	$reqs

Returns

AuthenticationResponse Expected responses:

PASS: The user creation is ok. Additional secondary providers may run.
ABSTAIN: Additional secondary providers may run.
UI: Additional AuthenticationRequests are needed to complete the process.
REDIRECT: Redirection to a third party is needed to complete the process.

Reimplemented from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider.

Definition at line 55 of file ResetPasswordSecondaryAuthenticationProvider.php.

References $user, and MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider\tryReset().

◆ continueSecondaryAuthentication()

MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider::continueSecondaryAuthentication	(		$user,
		array	$reqs
	)

Continue an authentication flow.

Parameters

User	$user	User being authenticated. This may become a "UserValue" in the future, or User may be refactored into such.
AuthenticationRequest[]	$reqs

Returns

AuthenticationResponse Expected responses:

PASS: The user is authenticated. Additional secondary providers may run.
FAIL: The user is not authenticated. Fail the authentication process.
ABSTAIN: Additional secondary providers may run.
UI: Additional AuthenticationRequests are needed to complete the process.
REDIRECT: Redirection to a third party is needed to complete the process.

Reimplemented from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider.

Definition at line 47 of file ResetPasswordSecondaryAuthenticationProvider.php.

References $user, and MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider\tryReset().

◆ getAuthenticationRequests()

MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider::getAuthenticationRequests	(		$action,
		array	$options
	)

Return the applicable list of AuthenticationRequests.

Possible values for $action depend on whether the implementing class is also a PreAuthenticationProvider, PrimaryAuthenticationProvider, or SecondaryAuthenticationProvider.

ACTION_LOGIN: Valid for passing to beginAuthentication. Called on all providers.
ACTION_CREATE: Valid for passing to beginAccountCreation. Called on all providers.
ACTION_LINK: Valid for passing to beginAccountLink. Called on linking primary providers only.
ACTION_CHANGE: Valid for passing to AuthManager::changeAuthenticationData to change credentials. Called on primary and secondary providers.
ACTION_REMOVE: Valid for passing to AuthManager::changeAuthenticationData to remove credentials. Must work without additional user input (i.e. without calling loadFromSubmission). Called on primary and secondary providers.

See also: AuthManager::getAuthenticationRequests()

Parameters

string	$action
array	$options	Options are: username: User name related to the action, or null/unset if anon. ACTION_LOGIN: The currently logged-in user, if any. ACTION_CREATE: The account creator, if non-anonymous. ACTION_LINK: The local user being linked to. ACTION_CHANGE: The user having data changed. ACTION_REMOVE: The user having data removed. If you leave the username property of the returned requests empty, this will automatically be copied there (except for ACTION_CREATE where it wouldn't really make sense).