Utility class for bot passwords. More...
Public Member Functions | |
| delete () | |
| Delete the BotPassword from the database. | |
| getAppId () | |
| Get the app ID. | |
| getGrants () | |
| Get the grants. | |
| getRestrictions () | |
| Get the restrictions. | |
| getToken () | |
| Get the token. | |
| getUserCentralId () | |
| Get the central user ID. | |
| isInvalid () | |
| Whether the password is currently invalid. | |
| isSaved () | |
| Indicate whether this is known to be saved. | |
| save ( $operation, Password $password=null) | |
| Save the BotPassword to the database. | |
Static Public Member Functions | |
| static | canonicalizeLoginData ( $username, $password) |
| There are two ways to login with a bot password: "username@appId", "password" and "username", "appId@password". | |
| static | generatePassword ( $config) |
| Returns a (raw, unhashed) random password string. | |
| static | getDB ( $db) |
| Get a database connection for the bot passwords database. | |
| static | getSeparator () |
| Get the separator for combined user name + app ID. | |
| static | invalidateAllPasswordsForCentralId ( $centralId) |
| Invalidate all passwords for a user, by central ID. | |
| static | invalidateAllPasswordsForUser ( $username) |
| Invalidate all passwords for a user, by name. | |
| static | login ( $username, $password, WebRequest $request) |
| Try to log the user in. | |
| static | newFromCentralId ( $centralId, $appId, $flags=self::READ_NORMAL) |
| Load a BotPassword from the database. | |
| static | newFromUser (User $user, $appId, $flags=self::READ_NORMAL) |
| Load a BotPassword from the database. | |
| static | newUnsaved (array $data, $flags=self::READ_NORMAL) |
| Create an unsaved BotPassword. | |
| static | removeAllPasswordsForCentralId ( $centralId) |
| Remove all passwords for a user, by central ID. | |
| static | removeAllPasswordsForUser ( $username) |
| Remove all passwords for a user, by name. | |
Public Attributes | |
| const | APPID_MAXLENGTH = 32 |
 Public Attributes inherited from IDBAccessObject | |
| const | READ_LOCKING = self::READ_LATEST | 2 |
| Constants for object loading bitfield flags (higher => higher QoS) | |
| const | READ_NONE = -1 |
Protected Member Functions | |
| __construct ( $row, $isSaved, $flags=self::READ_NORMAL) | |
| getPassword () | |
| Get the password. | |
Static Private Member Functions | |
| static | loginHook ( $user, $bp, Status $status) |
| Call AuthManagerLoginAuthenticateAudit. | |
Private Attributes | |
| string | $appId |
| int | $centralId |
| int | $flags = self::READ_NORMAL |
| string[] | $grants |
| bool | $isSaved |
| MWRestrictions | $restrictions |
| string | $token |
Detailed Description
Constructor & Destructor Documentation
◆ __construct()
|
protected |
- Parameters
-
object $row bot_passwords database row bool $isSaved Whether the bot password was read from the database int $flags IDBAccessObject read flags
Definition at line 60 of file BotPassword.php.
References and(), isSaved(), and MWRestrictions\newFromJson().
Member Function Documentation
◆ canonicalizeLoginData()
|
static |
There are two ways to login with a bot password: "username@appId", "password" and "username", "appId@password".
Transform it so it is always in the first form. Returns [bot username, bot password]. If this cannot be a bot password login just return false.
- Parameters
-
string $username string $password
- Returns
- array|false
Definition at line 420 of file BotPassword.php.
◆ delete()
| BotPassword::delete | ( | ) |
Delete the BotPassword from the database.
- Returns
- bool Success
Definition at line 319 of file BotPassword.php.
◆ generatePassword()
|
static |
Returns a (raw, unhashed) random password string.
- Parameters
-
Config $config
- Returns
- string
Definition at line 406 of file BotPassword.php.
References and().
◆ getAppId()
| BotPassword::getAppId | ( | ) |
◆ getDB()
|
static |
Get a database connection for the bot passwords database.
- Parameters
-
int $db Index of the connection to get, e.g. DB_MASTER or DB_REPLICA.
- Returns
- IMaintainableDatabase
Definition at line 76 of file BotPassword.php.
References $wgBotPasswordsCluster, and $wgBotPasswordsDatabase.
◆ getGrants()
| BotPassword::getGrants | ( | ) |
◆ getPassword()
|
protected |
Get the password.
- Returns
- Password
Definition at line 240 of file BotPassword.php.
References $options, and list.
Referenced by isInvalid().
◆ getRestrictions()
| BotPassword::getRestrictions | ( | ) |
◆ getSeparator()
|
static |
Get the separator for combined user name + app ID.
- Returns
- string
Definition at line 231 of file BotPassword.php.
References $wgUserrightsInterwikiDelimiter.
◆ getToken()
| BotPassword::getToken | ( | ) |
◆ getUserCentralId()
| BotPassword::getUserCentralId | ( | ) |
◆ invalidateAllPasswordsForCentralId()
|
static |
Invalidate all passwords for a user, by central ID.
- Parameters
-
int $centralId
- Returns
- bool Whether any passwords were invalidated
Definition at line 351 of file BotPassword.php.
References $wgEnableBotPasswords, and DB_MASTER.
◆ invalidateAllPasswordsForUser()
|
static |
Invalidate all passwords for a user, by name.
- Parameters
-
string $username User name
- Returns
- bool Whether any passwords were invalidated
Definition at line 339 of file BotPassword.php.
References $username.
◆ isInvalid()
| BotPassword::isInvalid | ( | ) |
Whether the password is currently invalid.
- Since
- 1.32
- Returns
- bool
Definition at line 267 of file BotPassword.php.
References getPassword().
◆ isSaved()
| BotPassword::isSaved | ( | ) |
Indicate whether this is known to be saved.
- Returns
- bool
Definition at line 183 of file BotPassword.php.
Referenced by __construct(), delete(), and save().
◆ login()
|
static |
Try to log the user in.
- Parameters
-
string $username Combined user name and app ID string $password Supplied password WebRequest $request
- Returns
- Status On success, the good status's value is the new Session object
Definition at line 446 of file BotPassword.php.
References $name, $request, $username, $wgEnableBotPasswords, $wgPasswordAttemptThrottle, and(), list, User\newFromName(), and wfMessage().
◆ loginHook()
|
staticprivate |
Call AuthManagerLoginAuthenticateAudit.
To facilitate logging all authentications, even ones not via AuthManager, call the AuthManagerLoginAuthenticateAudit hook.
- Parameters
-
User | string $user User being logged in BotPassword | null $bp Bot sub-account, if it can be identified Status $status Login status
- Returns
- Status The passed-in status
Definition at line 531 of file BotPassword.php.
References $extraData, $response, and $user.
◆ newFromCentralId()
|
static |
Load a BotPassword from the database.
- Parameters
-
int $centralId from CentralIdLookup string $appId int $flags IDBAccessObject read flags
- Returns
- BotPassword|null
Definition at line 107 of file BotPassword.php.
References $options, $wgEnableBotPasswords, and list.
Referenced by MediaWiki\Session\BotPasswordSessionProvider\refreshSessionInfo().
◆ newFromUser()
|
static |
Load a BotPassword from the database.
- Parameters
-
User $user string $appId int $flags IDBAccessObject read flags
- Returns
- BotPassword|null
Definition at line 93 of file BotPassword.php.
◆ newUnsaved()
|
static |
Create an unsaved BotPassword.
- Parameters
-
array $data Data to use to create the bot password. Keys are: - user: (User) User object to create the password for. Overrides username and centralId.
- username: (string) Username to create the password for. Overrides centralId.
- centralId: (int) User central ID to create the password for.
- appId: (string) App ID for the password.
- restrictions: (MWRestrictions, optional) Restrictions.
- grants: (string[], optional) Grants.
int $flags IDBAccessObject read flags
- Returns
- BotPassword|null
Definition at line 138 of file BotPassword.php.
References $data, and(), MWRestrictions\newDefault(), and object.
◆ removeAllPasswordsForCentralId()
|
static |
Remove all passwords for a user, by central ID.
- Parameters
-
int $centralId
- Returns
- bool Whether any passwords were removed
Definition at line 385 of file BotPassword.php.
References $wgEnableBotPasswords, and DB_MASTER.
◆ removeAllPasswordsForUser()
|
static |
Remove all passwords for a user, by name.
- Parameters
-
string $username User name
- Returns
- bool Whether any passwords were removed
Definition at line 373 of file BotPassword.php.
References $username.
Referenced by MediaWiki\Session\BotPasswordSessionProvider\preventSessionsForUser().
◆ save()
Save the BotPassword to the database.
- Returns
- bool Success
Definition at line 277 of file BotPassword.php.
References and(), DB_MASTER, MWCryptRand\generateHex(), isSaved(), and User\TOKEN_LENGTH.
Member Data Documentation
◆ $appId
|
private |
Definition at line 41 of file BotPassword.php.
◆ $centralId
|
private |
Definition at line 38 of file BotPassword.php.
◆ $flags
|
private |
Definition at line 53 of file BotPassword.php.
◆ $grants
|
private |
Definition at line 50 of file BotPassword.php.
◆ $isSaved
|
private |
Definition at line 35 of file BotPassword.php.
◆ $restrictions
|
private |
Definition at line 47 of file BotPassword.php.
◆ $token
|
private |
Definition at line 44 of file BotPassword.php.
◆ APPID_MAXLENGTH
| const BotPassword::APPID_MAXLENGTH = 32 |
Definition at line 32 of file BotPassword.php.
The documentation for this class was generated from the following file:
- includes/user/BotPassword.php
