MediaWiki REL1_39
AuthenticationRequest.php
Go to the documentation of this file.
1<?php
24namespace MediaWiki\Auth;
25
26use Message;
27
42abstract class AuthenticationRequest {
43
45 public const OPTIONAL = 0;
46
51 public const REQUIRED = 1;
52
57 public const PRIMARY_REQUIRED = 2;
58
63 public $action = null;
64
68 public $required = self::REQUIRED;
69
71 public $returnToUrl = null;
72
76 public $username = null;
77
94 public function getUniqueId() {
95 return get_called_class();
96 }
97
136 abstract public function getFieldInfo();
137
149 public function getMetadata() {
150 return [];
151 }
152
166 public function loadFromSubmission( array $data ) {
167 $fields = array_filter( $this->getFieldInfo(), static function ( $info ) {
168 return $info['type'] !== 'null';
169 } );
170 if ( !$fields ) {
171 return false;
172 }
173
174 foreach ( $fields as $field => $info ) {
175 // Checkboxes and buttons are special. Depending on the method used
176 // to populate $data, they might be unset meaning false or they
177 // might be boolean. Further, image buttons might submit the
178 // coordinates of the click rather than the expected value.
179 if ( $info['type'] === 'checkbox' || $info['type'] === 'button' ) {
180 $this->$field = isset( $data[$field] ) && $data[$field] !== false
181 || isset( $data["{$field}_x"] ) && $data["{$field}_x"] !== false;
182 if ( !$this->$field && empty( $info['optional'] ) ) {
183 return false;
184 }
185 continue;
186 }
187
188 // Multiselect are too, slightly
189 if ( !isset( $data[$field] ) && $info['type'] === 'multiselect' ) {
190 $data[$field] = [];
191 }
192
193 if ( !isset( $data[$field] ) ) {
194 return false;
195 }
196 if ( $data[$field] === '' || $data[$field] === [] ) {
197 if ( empty( $info['optional'] ) ) {
198 return false;
199 }
200 } else {
201 switch ( $info['type'] ) {
202 case 'select':
203 if ( !isset( $info['options'][$data[$field]] ) ) {
204 return false;
205 }
206 break;
207
208 case 'multiselect':
209 $data[$field] = (array)$data[$field];
210 // @phan-suppress-next-line PhanTypePossiblyInvalidDimOffset required for multiselect
211 $allowed = array_keys( $info['options'] );
212 if ( array_diff( $data[$field], $allowed ) !== [] ) {
213 return false;
214 }
215 break;
216 }
217 }
218
219 $this->$field = $data[$field];
220 }
221
222 return true;
223 }
224
243 public function describeCredentials() {
244 return [
245 'provider' => new \RawMessage( '$1', [ get_called_class() ] ),
246 'account' => new \RawMessage( '$1', [ $this->getUniqueId() ] ),
247 ];
248 }
249
257 public static function loadRequestsFromSubmission( array $reqs, array $data ) {
258 $result = [];
259 foreach ( $reqs as $req ) {
260 if ( $req->loadFromSubmission( $data ) ) {
261 $result[] = $req;
262 }
263 }
264 return $result;
265 }
266
280 public static function getRequestByClass( array $reqs, $class, $allowSubclasses = false ) {
281 $requests = array_filter( $reqs, static function ( $req ) use ( $class, $allowSubclasses ) {
282 if ( $allowSubclasses ) {
283 return is_a( $req, $class, false );
284 } else {
285 return get_class( $req ) === $class;
286 }
287 } );
288 // @phan-suppress-next-line PhanTypeMismatchReturn False positive
289 return count( $requests ) === 1 ? reset( $requests ) : null;
290 }
291
301 public static function getUsernameFromRequests( array $reqs ) {
302 $username = null;
303 $otherClass = null;
304 foreach ( $reqs as $req ) {
305 $info = $req->getFieldInfo();
306 if ( $info && array_key_exists( 'username', $info ) && $req->username !== null ) {
307 if ( $username === null ) {
308 $username = $req->username;
309 $otherClass = get_class( $req );
310 } elseif ( $username !== $req->username ) {
311 $requestClass = get_class( $req );
312 throw new \UnexpectedValueException( "Conflicting username fields: \"{$req->username}\" from "
313 // @phan-suppress-next-line PhanTypeSuspiciousStringExpression $otherClass always set
314 . "$requestClass::\$username vs. \"$username\" from $otherClass::\$username" );
315 }
316 }
317 }
318 return $username;
319 }
320
327 public static function mergeFieldInfo( array $reqs ) {
328 $merged = [];
329
330 // fields that are required by some primary providers but not others are not actually required
331 $sharedRequiredPrimaryFields = null;
332 foreach ( $reqs as $req ) {
333 if ( $req->required !== self::PRIMARY_REQUIRED ) {
334 continue;
335 }
336 $required = [];
337 foreach ( $req->getFieldInfo() as $fieldName => $options ) {
338 if ( empty( $options['optional'] ) ) {
339 $required[] = $fieldName;
340 }
341 }
342 if ( $sharedRequiredPrimaryFields === null ) {
343 $sharedRequiredPrimaryFields = $required;
344 } else {
345 $sharedRequiredPrimaryFields = array_intersect( $sharedRequiredPrimaryFields, $required );
346 }
347 }
348
349 foreach ( $reqs as $req ) {
350 $info = $req->getFieldInfo();
351 if ( !$info ) {
352 continue;
353 }
354
355 foreach ( $info as $name => $options ) {
356 if (
357 // If the request isn't required, its fields aren't required either.
358 $req->required === self::OPTIONAL
359 // If there is a primary not requiring this field, no matter how many others do,
360 // authentication can proceed without it.
361 || $req->required === self::PRIMARY_REQUIRED
362 // @phan-suppress-next-line PhanTypeMismatchArgumentNullableInternal False positive
363 && !in_array( $name, $sharedRequiredPrimaryFields, true )
364 ) {
365 $options['optional'] = true;
366 } else {
367 $options['optional'] = !empty( $options['optional'] );
368 }
369
370 $options['sensitive'] = !empty( $options['sensitive'] );
371 $type = $options['type'];
372
373 if ( !array_key_exists( $name, $merged ) ) {
374 $merged[$name] = $options;
375 } elseif ( $merged[$name]['type'] !== $type ) {
376 throw new \UnexpectedValueException( "Field type conflict for \"$name\", " .
377 "\"{$merged[$name]['type']}\" vs \"$type\""
378 );
379 } else {
380 if ( isset( $options['options'] ) ) {
381 if ( isset( $merged[$name]['options'] ) ) {
382 $merged[$name]['options'] += $options['options'];
383 } else {
384 // @codeCoverageIgnoreStart
385 $merged[$name]['options'] = $options['options'];
386 // @codeCoverageIgnoreEnd
387 }
388 }
389
390 $merged[$name]['optional'] = $merged[$name]['optional'] && $options['optional'];
391 $merged[$name]['sensitive'] = $merged[$name]['sensitive'] || $options['sensitive'];
392
393 // No way to merge 'value', 'image', 'help', or 'label', so just use
394 // the value from the first request.
395 }
396 }
397 }
398
399 return $merged;
400 }
401
407 public static function __set_state( $data ) {
408 // @phan-suppress-next-line PhanTypeInstantiateAbstractStatic
409 $ret = new static();
410 foreach ( $data as $k => $v ) {
411 $ret->$k = $v;
412 }
413 return $ret;
414 }
415}
MediaWiki\Auth\AuthenticationRequest
This is a value object for authentication requests.
Definition AuthenticationRequest.php:42
MediaWiki\Auth\AuthenticationRequest\getFieldInfo
getFieldInfo()
Fetch input field info.
MediaWiki\Auth\AuthenticationRequest\$returnToUrl
string null $returnToUrl
Return-to URL, in case of redirect.
Definition AuthenticationRequest.php:71
MediaWiki\Auth\AuthenticationRequest\OPTIONAL
const OPTIONAL
Indicates that the request is not required for authentication to proceed.
Definition AuthenticationRequest.php:45
MediaWiki\Auth\AuthenticationRequest\$action
string null $action
The AuthManager::ACTION_* constant this request was created to be used for.
Definition AuthenticationRequest.php:63
MediaWiki\Auth\AuthenticationRequest\__set_state
static __set_state( $data)
Implementing this mainly for use from the unit tests.
Definition AuthenticationRequest.php:407
MediaWiki\Auth\AuthenticationRequest\getUniqueId
getUniqueId()
Supply a unique key for deduplication.
Definition AuthenticationRequest.php:94
MediaWiki\Auth\AuthenticationRequest\$required
int $required
For login, continue, and link actions, one of self::OPTIONAL, self::REQUIRED, or self::PRIMARY_REQUIR...
Definition AuthenticationRequest.php:68
MediaWiki\Auth\AuthenticationRequest\mergeFieldInfo
static mergeFieldInfo(array $reqs)
Merge the output of multiple AuthenticationRequest::getFieldInfo() calls.
Definition AuthenticationRequest.php:327
MediaWiki\Auth\AuthenticationRequest\loadRequestsFromSubmission
static loadRequestsFromSubmission(array $reqs, array $data)
Update a set of requests with form submit data, discarding ones that fail.
Definition AuthenticationRequest.php:257
MediaWiki\Auth\AuthenticationRequest\describeCredentials
describeCredentials()
Describe the credentials represented by this request.
Definition AuthenticationRequest.php:243
MediaWiki\Auth\AuthenticationRequest\PRIMARY_REQUIRED
const PRIMARY_REQUIRED
Indicates that the request is required by a primary authentication provider.
Definition AuthenticationRequest.php:57
MediaWiki\Auth\AuthenticationRequest\getMetadata
getMetadata()
Returns metadata about this request.
Definition AuthenticationRequest.php:149
MediaWiki\Auth\AuthenticationRequest\REQUIRED
const REQUIRED
Indicates that the request is required for authentication to proceed.
Definition AuthenticationRequest.php:51
MediaWiki\Auth\AuthenticationRequest\getUsernameFromRequests
static getUsernameFromRequests(array $reqs)
Get the username from the set of requests.
Definition AuthenticationRequest.php:301
MediaWiki\Auth\AuthenticationRequest\getRequestByClass
static getRequestByClass(array $reqs, $class, $allowSubclasses=false)
Select a request by class name.
Definition AuthenticationRequest.php:280
MediaWiki\Auth\AuthenticationRequest\loadFromSubmission
loadFromSubmission(array $data)
Initialize form submitted form data.
Definition AuthenticationRequest.php:166
Message
The Message class deals with fetching and processing of interface message into a variety of formats.
Definition Message.php:140