REL1_39/php/ApiClientLogin_8php_source.html

<?php

use MediaWiki\Auth\AuthenticationResponse;

use MediaWiki\Auth\AuthManager;

use MediaWiki\Auth\CreateFromLoginAuthenticationRequest;


class ApiClientLogin extends ApiBase {


    private $authManager;


    public function __construct(

        ApiMain $main,

        $action,

        AuthManager $authManager

    ) {

        parent::__construct( $main, $action, 'login' );

        $this->authManager = $authManager;

    }


    public function getFinalDescription() {

        // A bit of a hack to append 'api-help-authmanager-general-usage'

        $msgs = parent::getFinalDescription();

        $msgs[] = ApiBase::makeMessage( 'api-help-authmanager-general-usage', $this->getContext(), [

            $this->getModulePrefix(),

            $this->getModuleName(),

            $this->getModulePath(),

            AuthManager::ACTION_LOGIN,

            $this->needsToken(),

        ] );

        return $msgs;

    }


    public function execute() {

        $params = $this->extractRequestParams();


        $this->requireAtLeastOneParameter( $params, 'continue', 'returnurl' );


        if ( $params['returnurl'] !== null ) {

            $bits = wfParseUrl( $params['returnurl'] );

            if ( !$bits || $bits['scheme'] === '' ) {

                $encParamName = $this->encodeParamName( 'returnurl' );

                $this->dieWithError(

                    [ 'apierror-badurl', $encParamName, wfEscapeWikiText( $params['returnurl'] ) ],

                    "badurl_{$encParamName}"

                );

            }

        }


        $helper = new ApiAuthManagerHelper( $this, $this->authManager );


        // Make sure it's possible to log in

        if ( !$this->authManager->canAuthenticateNow() ) {

            $res = AuthenticationResponse::newFail( $this->msg( 'userlogin-cannot-' . AuthManager::ACTION_LOGIN ) );

            $this->getResult()->addValue( null, 'clientlogin',

                $helper->formatAuthenticationResponse( $res ) );

            $helper->logAuthenticationResult( 'login', $res );

            return;

        }


        // Perform the login step

        if ( $params['continue'] ) {

            $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LOGIN_CONTINUE );

            $res = $this->authManager->continueAuthentication( $reqs );

        } else {

            $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LOGIN );

            if ( $params['preservestate'] ) {

                $req = $helper->getPreservedRequest();

                if ( $req ) {

                    $reqs[] = $req;

                }

            }

            $res = $this->authManager->beginAuthentication( $reqs, $params['returnurl'] );

        }


        // Remove CreateFromLoginAuthenticationRequest from $res->neededRequests.

        // It's there so a RESTART treated as UI will work right, but showing

        // it to the API client is just confusing.

        $res->neededRequests = ApiAuthManagerHelper::blacklistAuthenticationRequests(

            $res->neededRequests, [ CreateFromLoginAuthenticationRequest::class ]

        );


        $this->getResult()->addValue( null, 'clientlogin',

            $helper->formatAuthenticationResponse( $res ) );

        $helper->logAuthenticationResult( 'login', $res );

    }


    public function isReadMode() {

        return false;

    }


    public function isWriteMode() {

        // (T283394) Logging in triggers some database writes, so should be marked appropriately.

        return true;

    }


    public function needsToken() {

        return 'login';

    }


    public function getAllowedParams() {

        return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_LOGIN,

            'requests', 'messageformat', 'mergerequestfields', 'preservestate', 'returnurl', 'continue'

        );

    }


    public function dynamicParameterDocumentation() {

        return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_LOGIN ];

    }


    protected function getExamplesMessages() {

        return [

            'action=clientlogin&username=Example&password=ExamplePassword&'

                . 'loginreturnurl=http://example.org/&logintoken=123ABC'

                => 'apihelp-clientlogin-example-login',

            'action=clientlogin&logincontinue=1&OATHToken=987654&logintoken=123ABC'

                => 'apihelp-clientlogin-example-login2',

        ];

    }


    public function getHelpUrls() {

        return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Login';

    }


}


wfParseUrl
wfParseUrl( $url)
parse_url() work-alike, but non-broken.
Definition GlobalFunctions.php:605

wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition GlobalFunctions.php:1212

ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition ApiAuthManagerHelper.php:38

ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
Definition ApiAuthManagerHelper.php:359

ApiAuthManagerHelper\blacklistAuthenticationRequests
static blacklistAuthenticationRequests(array $reqs, array $remove)
Filter out authentication requests by class name.
Definition ApiAuthManagerHelper.php:132

ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:56

ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1454

ApiBase\getModulePrefix
getModulePrefix()
Get parameter prefix (usually two letters or an empty string).
Definition ApiBase.php:506

ApiBase\encodeParamName
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition ApiBase.php:743

ApiBase\makeMessage
static makeMessage( $msg, IContextSource $context, array $params=null)
Create a Message from a string or array.
Definition ApiBase.php:1221

ApiBase\requireAtLeastOneParameter
requireAtLeastOneParameter( $params,... $required)
Die if none of a certain set of parameters is set and not false.
Definition ApiBase.php:963

ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:629

ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:765

ApiBase\getModulePath
getModulePath()
Get the path to this module.
Definition ApiBase.php:573

ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition ApiBase.php:498

ApiClientLogin
Log in to the wiki with AuthManager.
Definition ApiClientLogin.php:32

ApiClientLogin\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition ApiClientLogin.php:122

ApiClientLogin\getFinalDescription
getFinalDescription()
Get final module description, after hooks have had a chance to tweak it as needed.
Definition ApiClientLogin.php:51

ApiClientLogin\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition ApiClientLogin.php:151

ApiClientLogin\isReadMode
isReadMode()
Indicates whether this module requires read rights.
Definition ApiClientLogin.php:118

ApiClientLogin\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition ApiClientLogin.php:137

ApiClientLogin\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition ApiClientLogin.php:64

ApiClientLogin\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition ApiClientLogin.php:131

ApiClientLogin\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition ApiClientLogin.php:141

ApiClientLogin\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition ApiClientLogin.php:127

ApiClientLogin\__construct
__construct(ApiMain $main, $action, AuthManager $authManager)
Definition ApiClientLogin.php:42

ApiMain
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:52

ContextSource\msg
msg( $key,... $params)
Get a Message object with context set Parameters are the same as wfMessage()
Definition ContextSource.php:209

ContextSource\getContext
getContext()
Get the base IContextSource object.
Definition ContextSource.php:47

MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition AuthManager.php:106

MediaWiki\Auth\AuthenticationResponse
This is a value object to hold authentication response data.
Definition AuthenticationResponse.php:37

MediaWiki\Auth\CreateFromLoginAuthenticationRequest
This transfers state between the login and account creation flows.
Definition CreateFromLoginAuthenticationRequest.php:35

$res
$res
Definition testCompression.php:57