MediaWiki REL1_37
ConfirmLinkSecondaryAuthenticationProvider.php
Go to the documentation of this file.
1<?php
2
3namespace MediaWiki\Auth;
4
5use User;
6
18class ConfirmLinkSecondaryAuthenticationProvider extends AbstractSecondaryAuthenticationProvider {
19
20 public function getAuthenticationRequests( $action, array $options ) {
21 return [];
22 }
23
24 public function beginSecondaryAuthentication( $user, array $reqs ) {
25 return $this->beginLinkAttempt( $user, 'AuthManager::authnState' );
26 }
27
28 public function continueSecondaryAuthentication( $user, array $reqs ) {
29 return $this->continueLinkAttempt( $user, 'AuthManager::authnState', $reqs );
30 }
31
32 public function beginSecondaryAccountCreation( $user, $creator, array $reqs ) {
33 return $this->beginLinkAttempt( $user, 'AuthManager::accountCreationState' );
34 }
35
36 public function continueSecondaryAccountCreation( $user, $creator, array $reqs ) {
37 return $this->continueLinkAttempt( $user, 'AuthManager::accountCreationState', $reqs );
38 }
39
46 protected function beginLinkAttempt( $user, $key ) {
47 $session = $this->manager->getRequest()->getSession();
48 $state = $session->getSecret( $key );
49 if ( !is_array( $state ) ) {
50 return AuthenticationResponse::newAbstain();
51 }
52
53 $maybeLink = array_filter( $state['maybeLink'], function ( $req ) use ( $user ) {
54 if ( !$req->action ) {
55 $req->action = AuthManager::ACTION_CHANGE;
56 }
57 $req->username = $user->getName();
58 return $this->manager->allowsAuthenticationDataChange( $req )->isGood();
59 } );
60 if ( !$maybeLink ) {
61 return AuthenticationResponse::newAbstain();
62 }
63
64 $req = new ConfirmLinkAuthenticationRequest( $maybeLink );
65 return AuthenticationResponse::newUI(
66 [ $req ],
67 wfMessage( 'authprovider-confirmlink-message' ),
68 'warning'
69 );
70 }
71
79 protected function continueLinkAttempt( $user, $key, array $reqs ) {
80 $req = ButtonAuthenticationRequest::getRequestByName( $reqs, 'linkOk' );
81 if ( $req ) {
82 return AuthenticationResponse::newPass();
83 }
84
85 $req = AuthenticationRequest::getRequestByClass( $reqs, ConfirmLinkAuthenticationRequest::class );
86 if ( !$req ) {
87 // WTF? Retry.
88 return $this->beginLinkAttempt( $user, $key );
89 }
90
91 $session = $this->manager->getRequest()->getSession();
92 $state = $session->getSecret( $key );
93 if ( !is_array( $state ) ) {
94 return AuthenticationResponse::newAbstain();
95 }
96
97 $maybeLink = [];
98 foreach ( $state['maybeLink'] as $linkReq ) {
99 $maybeLink[$linkReq->getUniqueId()] = $linkReq;
100 }
101 if ( !$maybeLink ) {
102 return AuthenticationResponse::newAbstain();
103 }
104
105 $state['maybeLink'] = [];
106 $session->setSecret( $key, $state );
107
108 $statuses = [];
109 $anyFailed = false;
110 foreach ( $req->confirmedLinkIDs as $id ) {
111 if ( isset( $maybeLink[$id] ) ) {
112 $req = $maybeLink[$id];
113 $req->username = $user->getName();
114 if ( !$req->action ) {
115 // Make sure the action is set, but don't override it if
116 // the provider filled it in.
117 $req->action = AuthManager::ACTION_CHANGE;
118 }
119 $status = $this->manager->allowsAuthenticationDataChange( $req );
120 $statuses[] = [ $req, $status ];
121 if ( $status->isGood() ) {
122 // We're not changing credentials, just adding a new link
123 // to an already-known user.
124 $this->manager->changeAuthenticationData( $req, /* $isAddition */ true );
125 } else {
126 $anyFailed = true;
127 }
128 }
129 }
130 if ( !$anyFailed ) {
131 return AuthenticationResponse::newPass();
132 }
133
134 $combinedStatus = \Status::newGood();
135 foreach ( $statuses as $data ) {
136 list( $req, $status ) = $data;
137 $descriptionInfo = $req->describeCredentials();
138 $description = wfMessage(
139 'authprovider-confirmlink-option',
140 $descriptionInfo['provider']->text(), $descriptionInfo['account']->text()
141 )->text();
142 if ( $status->isGood() ) {
143 $combinedStatus->error( wfMessage( 'authprovider-confirmlink-success-line', $description ) );
144 } else {
145 $combinedStatus->error( wfMessage(
146 'authprovider-confirmlink-failed-line', $description, $status->getMessage()->text()
147 ) );
148 }
149 }
150 return AuthenticationResponse::newUI(
151 [
152 new ButtonAuthenticationRequest(
153 'linkOk', wfMessage( 'ok' ), wfMessage( 'authprovider-confirmlink-ok-help' )
154 )
155 ],
156 $combinedStatus->getMessage( 'authprovider-confirmlink-failed' ),
157 'error'
158 );
159 }
160}
wfMessage
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
Definition GlobalFunctions.php:1182
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider
A base class that implements some of the boilerplate for a SecondaryAuthenticationProvider.
Definition AbstractSecondaryAuthenticationProvider.php:33
MediaWiki\Auth\AuthManager\ACTION_CHANGE
const ACTION_CHANGE
Change a user's credentials.
Definition AuthManager.php:122
MediaWiki\Auth\AuthenticationRequest\getRequestByClass
static getRequestByClass(array $reqs, $class, $allowSubclasses=false)
Select a request by class name.
Definition AuthenticationRequest.php:272
MediaWiki\Auth\AuthenticationResponse\newUI
static newUI(array $reqs, Message $msg, $msgtype='warning')
Definition AuthenticationResponse.php:183
MediaWiki\Auth\ButtonAuthenticationRequest
This is an authentication request that just implements a simple button.
Definition ButtonAuthenticationRequest.php:33
MediaWiki\Auth\ButtonAuthenticationRequest\getRequestByName
static getRequestByName(array $reqs, $name)
Fetch a ButtonAuthenticationRequest or subclass by name.
Definition ButtonAuthenticationRequest.php:86
MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\continueSecondaryAccountCreation
continueSecondaryAccountCreation( $user, $creator, array $reqs)
Continue an authentication flow.AuthenticationResponse Expected responses:PASS: The user creation is ...
Definition ConfirmLinkSecondaryAuthenticationProvider.php:36
MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\continueSecondaryAuthentication
continueSecondaryAuthentication( $user, array $reqs)
Continue an authentication flow.AuthenticationResponse Expected responses:PASS: The user is authentic...
Definition ConfirmLinkSecondaryAuthenticationProvider.php:28
MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\getAuthenticationRequests
getAuthenticationRequests( $action, array $options)
Return the applicable list of AuthenticationRequests.
Definition ConfirmLinkSecondaryAuthenticationProvider.php:20
MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\beginSecondaryAccountCreation
beginSecondaryAccountCreation( $user, $creator, array $reqs)
Start an account creation flow.
Definition ConfirmLinkSecondaryAuthenticationProvider.php:32
User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition User.php:69