MediaWiki REL1_34
CaptchaAuthenticationRequest Class Reference

Generic captcha authentication request class. More...

Inheritance diagram for CaptchaAuthenticationRequest:
Collaboration diagram for CaptchaAuthenticationRequest:

Public Member Functions

 __construct ( $id, $data)
 
 getFieldInfo ()
 Fetch input field info.The field info is an associative array mapping field names to info arrays. The info arrays have the following keys:

  • type: (string) Type of input. Types and equivalent HTML widgets are:
    • string: <input type="text">
    • password: <input type="password">
    • select: <select>
    • checkbox: <input type="checkbox">
    • multiselect: More a grid of checkboxes than <select multi>
    • button: <input type="submit"> (uses 'label' as button text)
    • hidden: Not visible to the user, but needs to be preserved for the next request
    • null: No widget, just display the 'label' message.
  • options: (array) Maps option values to Messages for the 'select' and 'multiselect' types.
  • value: (string) Value (for 'null' and 'hidden') or default value (for other types).
  • label: (Message) Text suitable for a label in an HTML form
  • help: (Message) Text suitable as a description of what the field is
  • optional: (bool) If set and truthy, the field may be left empty
  • sensitive: (bool) If set and truthy, the field is considered sensitive. Code using the request should avoid exposing the value of the field.
  • skippable: (bool) If set and truthy, the client is free to hide this field from the user to streamline the workflow. If all fields are skippable (except possibly a single button), no user interaction is required at all.
All AuthenticationRequests are populated from the same data, so most of the time you'll want to prefix fields names with something unique to the extension/provider (although in some cases sharing the field with other requests is the right thing to do, e.g. for a 'password' field).
Returns
array As above -return array<string,array{type:string,options?:array,value?:string,label:Message,help:Message,optional?:bool,sensitive?:bool,skippable?:bool}>
SecurityCheck-DoubleEscaped T202112
 
 getMetadata ()
 Returns metadata about this request.
 
 loadFromSubmission (array $data)
 Initialize form submitted form data.
 
- Public Member Functions inherited from MediaWiki\Auth\AuthenticationRequest
 describeCredentials ()
 Describe the credentials represented by this request.
 
 getUniqueId ()
 Supply a unique key for deduplication.
 

Static Public Member Functions

static __set_state ( $data)
 Implementing this mainly for use from the unit tests.
 
- Static Public Member Functions inherited from MediaWiki\Auth\AuthenticationRequest
static getRequestByClass (array $reqs, $class, $allowSubclasses=false)
 Select a request by class name.
 
static getUsernameFromRequests (array $reqs)
 Get the username from the set of requests.
 
static loadRequestsFromSubmission (array $reqs, array $data)
 Update a set of requests with form submit data, discarding ones that fail.
 
static mergeFieldInfo (array $reqs)
 Merge the output of multiple AuthenticationRequest::getFieldInfo() calls.
 

Public Attributes

array $captchaData
 Information about the captcha (e.g.
 
string $captchaId
 Identifier of the captcha.
 
string $captchaWord
 Captcha solution submitted by the user.
 
- Public Attributes inherited from MediaWiki\Auth\AuthenticationRequest
string null $action = null
 The AuthManager::ACTION_* constant this request was created to be used for.
 
int $required = self::REQUIRED
 For login, continue, and link actions, one of self::OPTIONAL, self::REQUIRED, or self::PRIMARY_REQUIRED.
 
string null $returnToUrl = null
 Return-to URL, in case of redirect.
 
string null $username = null
 Username.
 
const OPTIONAL = 0
 Indicates that the request is not required for authentication to proceed.
 
const PRIMARY_REQUIRED = 2
 Indicates that the request is required by a primary authentication provider.
 
const REQUIRED = 1
 Indicates that the request is required for authentication to proceed.
 

Detailed Description

Generic captcha authentication request class.

A captcha consist some data stored in the session (e.g. a question and its answer), an ID that references the data, and a solution.

Definition at line 10 of file CaptchaAuthenticationRequest.php.

Constructor & Destructor Documentation

◆ __construct()

CaptchaAuthenticationRequest::__construct ( $id,
$data )

Definition at line 21 of file CaptchaAuthenticationRequest.php.

Member Function Documentation

◆ __set_state()

static CaptchaAuthenticationRequest::__set_state ( $data)
static

Implementing this mainly for use from the unit tests.

Parameters
array$data
Returns
AuthenticationRequest

Reimplemented from MediaWiki\Auth\AuthenticationRequest.

Definition at line 85 of file CaptchaAuthenticationRequest.php.

◆ getFieldInfo()

CaptchaAuthenticationRequest::getFieldInfo ( )

Fetch input field info.The field info is an associative array mapping field names to info arrays. The info arrays have the following keys:

  • type: (string) Type of input. Types and equivalent HTML widgets are:
    • string: <input type="text">
    • password: <input type="password">
    • select: <select>
    • checkbox: <input type="checkbox">
    • multiselect: More a grid of checkboxes than <select multi>
    • button: <input type="submit"> (uses 'label' as button text)
    • hidden: Not visible to the user, but needs to be preserved for the next request
    • null: No widget, just display the 'label' message.
  • options: (array) Maps option values to Messages for the 'select' and 'multiselect' types.
  • value: (string) Value (for 'null' and 'hidden') or default value (for other types).
  • label: (Message) Text suitable for a label in an HTML form
  • help: (Message) Text suitable as a description of what the field is
  • optional: (bool) If set and truthy, the field may be left empty
  • sensitive: (bool) If set and truthy, the field is considered sensitive. Code using the request should avoid exposing the value of the field.
  • skippable: (bool) If set and truthy, the client is free to hide this field from the user to streamline the workflow. If all fields are skippable (except possibly a single button), no user interaction is required at all.
All AuthenticationRequests are populated from the same data, so most of the time you'll want to prefix fields names with something unique to the extension/provider (although in some cases sharing the field with other requests is the right thing to do, e.g. for a 'password' field).
Returns
array As above -return array<string,array{type:string,options?:array,value?:string,label:Message,help:Message,optional?:bool,sensitive?:bool,skippable?:bool}>
SecurityCheck-DoubleEscaped T202112

Reimplemented from MediaWiki\Auth\AuthenticationRequest.

Reimplemented in MediaWiki\Extensions\ConfirmEdit\hCaptcha\HCaptchaAuthenticationRequest, and ReCaptchaNoCaptchaAuthenticationRequest.

Definition at line 43 of file CaptchaAuthenticationRequest.php.

References MediaWiki\Auth\AuthenticationRequest\$action, and wfMessage().

◆ getMetadata()

CaptchaAuthenticationRequest::getMetadata ( )

Returns metadata about this request.

This is mainly for the benefit of API clients which need more detailed render hints than what's available through getFieldInfo(). Semantics are unspecified and left to the individual subclasses, but the contents of the array should be primitive types so that they can be transformed into JSON or similar formats.

Returns
array A (possibly nested) array with primitive types

Reimplemented from MediaWiki\Auth\AuthenticationRequest.

Definition at line 80 of file CaptchaAuthenticationRequest.php.

◆ loadFromSubmission()

CaptchaAuthenticationRequest::loadFromSubmission ( array $data)

Initialize form submitted form data.

The default behavior is to to check for each key of self::getFieldInfo() in the submitted data, and copy the value - after type-appropriate transformations - to $this->$key. Most subclasses won't need to override this; if you do override it, make sure to always return false if self::getFieldInfo() returns an empty array.

Parameters
array$dataSubmitted data as an associative array (keys will correspond to getFieldInfo())
Returns
bool Whether the request data was successfully loaded

Reimplemented from MediaWiki\Auth\AuthenticationRequest.

Reimplemented in MediaWiki\Extensions\ConfirmEdit\hCaptcha\HCaptchaAuthenticationRequest, and ReCaptchaNoCaptchaAuthenticationRequest.

Definition at line 26 of file CaptchaAuthenticationRequest.php.

References $success.

Member Data Documentation

◆ $captchaData

array CaptchaAuthenticationRequest::$captchaData

Information about the captcha (e.g.

question text; solution). Exact semantics differ between types.

Definition at line 16 of file CaptchaAuthenticationRequest.php.

◆ $captchaId

string CaptchaAuthenticationRequest::$captchaId

Identifier of the captcha.

Used internally to remember which captcha was used.

Definition at line 12 of file CaptchaAuthenticationRequest.php.

◆ $captchaWord

string CaptchaAuthenticationRequest::$captchaWord

Captcha solution submitted by the user.

Definition at line 19 of file CaptchaAuthenticationRequest.php.


The documentation for this class was generated from the following file: