REL1_35/php/ApiChangeAuthenticationData_8php_source.html

<?php

use MediaWiki\Auth\AuthManager;

use MediaWiki\MediaWikiServices;


class ApiChangeAuthenticationData extends ApiBase {


    public function __construct( ApiMain $main, $action ) {

        parent::__construct( $main, $action, 'changeauth' );

    }


    public function execute() {

        if ( !$this->getUser()->isLoggedIn() ) {

            $this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' );

        }


        $manager = MediaWikiServices::getInstance()->getAuthManager();

        $helper = new ApiAuthManagerHelper( $this, $manager );


        // Check security-sensitive operation status

        $helper->securitySensitiveOperation( 'ChangeCredentials' );


        // Fetch the request

        $reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests(

            $helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ),

            $this->getConfig()->get( 'ChangeCredentialsBlacklist' )

        );

        if ( count( $reqs ) !== 1 ) {

            $this->dieWithError( 'apierror-changeauth-norequest', 'badrequest' );

        }

        $req = reset( $reqs );


        // Make the change

        $status = $manager->allowsAuthenticationDataChange( $req, true );

        $this->getHookRunner()->onChangeAuthenticationDataAudit( $req, $status );

        if ( !$status->isGood() ) {

            $this->dieStatus( $status );

        }

        $manager->changeAuthenticationData( $req );


        $this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] );

    }


    public function isWriteMode() {

        return true;

    }


    public function needsToken() {

        return 'csrf';

    }


    public function getAllowedParams() {

        return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE,

            'request'

        );

    }


    public function dynamicParameterDocumentation() {

        return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ];

    }


    protected function getExamplesMessages() {

        return [

            'action=changeauthenticationdata' .

                '&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' .

                '&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC'

                => 'apihelp-changeauthenticationdata-example-password',

        ];

    }


    public function getHelpUrls() {

        return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';

    }


}


ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition ApiAuthManagerHelper.php:37

ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
Definition ApiAuthManagerHelper.php:362

ApiAuthManagerHelper\blacklistAuthenticationRequests
static blacklistAuthenticationRequests(array $reqs, array $blacklist)
Filter out authentication requests by class name.
Definition ApiAuthManagerHelper.php:129

ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:52

ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1437

ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:620

ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition ApiBase.php:1495

ApiBase\getHookRunner
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition ApiBase.php:717

ApiChangeAuthenticationData
Change authentication data with AuthManager.
Definition ApiChangeAuthenticationData.php:31

ApiChangeAuthenticationData\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition ApiChangeAuthenticationData.php:87

ApiChangeAuthenticationData\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition ApiChangeAuthenticationData.php:96

ApiChangeAuthenticationData\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition ApiChangeAuthenticationData.php:69

ApiChangeAuthenticationData\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition ApiChangeAuthenticationData.php:73

ApiChangeAuthenticationData\__construct
__construct(ApiMain $main, $action)
Definition ApiChangeAuthenticationData.php:33

ApiChangeAuthenticationData\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition ApiChangeAuthenticationData.php:77

ApiChangeAuthenticationData\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition ApiChangeAuthenticationData.php:37

ApiChangeAuthenticationData\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition ApiChangeAuthenticationData.php:83

ApiMain
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:47

ContextSource\getUser
getUser()
Stable to override.
Definition ContextSource.php:131

MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition AuthManager.php:88

MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition MediaWikiServices.php:152