MediaWiki REL1_39
|
A base class that implements some of the boilerplate for a SecondaryAuthenticationProvider. More...
Public Member Functions | ||||||||||
autoCreatedAccount ( $user, $source) | ||||||||||
Post-auto-creation callback.
| ||||||||||
continueSecondaryAccountCreation ( $user, $creator, array $reqs) | ||||||||||
Continue an authentication flow.
| ||||||||||
continueSecondaryAuthentication ( $user, array $reqs) | ||||||||||
Continue an authentication flow.
| ||||||||||
postAccountCreation ( $user, $creator, AuthenticationResponse $response) | ||||||||||
Post-creation callback.This will be called at the end of an account creation attempt. It will not be called if the account creation process results in a session timeout (possibly after a successful user creation, while a secondary provider is waiting for a response).
| ||||||||||
postAuthentication ( $user, AuthenticationResponse $response) | ||||||||||
Post-login callback.This will be called at the end of a login attempt. It will not be called for unfinished login attempts that fail by the session timing out.
| ||||||||||
providerAllowsAuthenticationDataChange (AuthenticationRequest $req, $checkData=true) | ||||||||||
Validate a change of authentication data (e.g.passwords)Return StatusValue::newGood( 'ignored' ) if you don't support this AuthenticationRequest type.
| ||||||||||
providerAllowsPropertyChange ( $property) | ||||||||||
Determine whether a property can change.
| ||||||||||
providerChangeAuthenticationData (AuthenticationRequest $req) | ||||||||||
Change or remove authentication data (e.g.passwords)If $req was returned for AuthManager::ACTION_CHANGE, the corresponding credentials should result in a successful login in the future.If $req was returned for AuthManager::ACTION_REMOVE, the corresponding credentials should no longer result in a successful login.It can be assumed that providerAllowsAuthenticationDataChange with $checkData === true was called before this, and passed. This method should never fail (other than throwing an exception).
| ||||||||||
providerRevokeAccessForUser ( $username) | ||||||||||
Revoke the user's credentials.This may cause the user to no longer exist for the provider, or the user may continue to exist in a "disabled" state.The intention is that the named account will never again be usable for normal login (i.e. there is no way to undo the revocation of access).
| ||||||||||
testForAccountCreation ( $user, $creator, array $reqs) | ||||||||||
Determine whether an account creation may begin.Called from AuthManager::beginAccountCreation()
| ||||||||||
testUserForCreation ( $user, $autocreate, array $options=[]) | ||||||||||
Determine whether an account may be created.
| ||||||||||
Public Member Functions inherited from MediaWiki\Auth\AbstractAuthenticationProvider | ||||||||||
getUniqueId () | ||||||||||
Return a unique identifier for this instance.This must be the same across requests. If multiple instances return the same ID, exceptions will be thrown from AuthManager.
| ||||||||||
init (LoggerInterface $logger, AuthManager $manager, HookContainer $hookContainer, Config $config, UserNameUtils $userNameUtils) | ||||||||||
Initialise with dependencies of an AuthenticationProvider. | ||||||||||
setConfig (Config $config) | ||||||||||
setHookContainer (HookContainer $hookContainer) | ||||||||||
setLogger (LoggerInterface $logger) | ||||||||||
setManager (AuthManager $manager) | ||||||||||
Public Member Functions inherited from MediaWiki\Auth\AuthenticationProvider | ||||||||||
getAuthenticationRequests ( $action, array $options) | ||||||||||
Return the applicable list of AuthenticationRequests. | ||||||||||
Public Member Functions inherited from MediaWiki\Auth\SecondaryAuthenticationProvider | ||||||||||
beginSecondaryAccountCreation ( $user, $creator, array $reqs) | ||||||||||
Start an account creation flow. | ||||||||||
beginSecondaryAuthentication ( $user, array $reqs) | ||||||||||
Start an authentication flow. | ||||||||||
Additional Inherited Members | |
Protected Member Functions inherited from MediaWiki\Auth\AbstractAuthenticationProvider | |
getHookContainer () | |
getHookRunner () | |
postInitSetup () | |
A provider can override this to do any necessary setup after init() is called. | |
Protected Attributes inherited from MediaWiki\Auth\AbstractAuthenticationProvider | |
Config | $config |
LoggerInterface | $logger |
AuthManager | $manager |
UserNameUtils | $userNameUtils |
A base class that implements some of the boilerplate for a SecondaryAuthenticationProvider.
Definition at line 31 of file AbstractSecondaryAuthenticationProvider.php.
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::autoCreatedAccount | ( | $user, | |
$source ) |
Post-auto-creation callback.
User | $user | User being created (has been added to the database now). This may become a "UserValue" in the future, or User may be refactored into such. |
string | $source | The source of the auto-creation passed to AuthManager::autoCreateUser(). |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 126 of file AbstractSecondaryAuthenticationProvider.php.
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::continueSecondaryAccountCreation | ( | $user, | |
$creator, | |||
array | $reqs ) |
Continue an authentication flow.
User | $user | User being created (has been added to the database). This may become a "UserValue" in the future, or User may be refactored into such. |
User | $creator | User doing the creation. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationRequest[] | $reqs |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Reimplemented in MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider, and MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider.
Definition at line 103 of file AbstractSecondaryAuthenticationProvider.php.
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::continueSecondaryAuthentication | ( | $user, | |
array | $reqs ) |
Continue an authentication flow.
User | $user | User being authenticated. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationRequest[] | $reqs |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Reimplemented in MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider, and MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider.
Definition at line 39 of file AbstractSecondaryAuthenticationProvider.php.
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::postAccountCreation | ( | $user, | |
$creator, | |||
AuthenticationResponse | $response ) |
Post-creation callback.This will be called at the end of an account creation attempt. It will not be called if the account creation process results in a session timeout (possibly after a successful user creation, while a secondary provider is waiting for a response).
User | $user | User that was attempted to be created. This may become a "UserValue" in the future, or User may be refactored into such. |
User | $creator | User doing the creation. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationResponse | $response | Authentication response that will be returned (PASS or FAIL) |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 111 of file AbstractSecondaryAuthenticationProvider.php.
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::postAuthentication | ( | $user, | |
AuthenticationResponse | $response ) |
Post-login callback.This will be called at the end of a login attempt. It will not be called for unfinished login attempts that fail by the session timing out.
User | null | $user | User that was attempted to be logged in, if known. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationResponse | $response | Authentication response that will be returned (PASS or FAIL) |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 47 of file AbstractSecondaryAuthenticationProvider.php.
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::providerAllowsAuthenticationDataChange | ( | AuthenticationRequest | $req, |
$checkData = true ) |
Validate a change of authentication data (e.g.passwords)Return StatusValue::newGood( 'ignored' ) if you don't support this AuthenticationRequest type.
AuthenticationRequest | $req | |
bool | $checkData | If false, $req hasn't been loaded from the submission so checks on user-submitted fields should be skipped. $req->username is considered user-submitted for this purpose, even if it cannot be changed via $req->loadFromSubmission. |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 78 of file AbstractSecondaryAuthenticationProvider.php.
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::providerAllowsPropertyChange | ( | $property | ) |
Determine whether a property can change.
string | $property |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 54 of file AbstractSecondaryAuthenticationProvider.php.
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::providerChangeAuthenticationData | ( | AuthenticationRequest | $req | ) |
Change or remove authentication data (e.g.passwords)If $req was returned for AuthManager::ACTION_CHANGE, the corresponding credentials should result in a successful login in the future.If $req was returned for AuthManager::ACTION_REMOVE, the corresponding credentials should no longer result in a successful login.It can be assumed that providerAllowsAuthenticationDataChange with $checkData === true was called before this, and passed. This method should never fail (other than throwing an exception).
AuthenticationRequest | $req |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 88 of file AbstractSecondaryAuthenticationProvider.php.
Referenced by MediaWiki\Auth\AbstractSecondaryAuthenticationProvider\providerRevokeAccessForUser().
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::providerRevokeAccessForUser | ( | $username | ) |
Revoke the user's credentials.This may cause the user to no longer exist for the provider, or the user may continue to exist in a "disabled" state.The intention is that the named account will never again be usable for normal login (i.e. there is no way to undo the revocation of access).
string | $username |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 64 of file AbstractSecondaryAuthenticationProvider.php.
References MediaWiki\Auth\AuthManager\ACTION_REMOVE, MediaWiki\Auth\AuthenticationProvider\getAuthenticationRequests(), and MediaWiki\Auth\AbstractSecondaryAuthenticationProvider\providerChangeAuthenticationData().
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::testForAccountCreation | ( | $user, | |
$creator, | |||
array | $reqs ) |
Determine whether an account creation may begin.Called from AuthManager::beginAccountCreation()
User | $user | User being created (not added to the database yet). This may become a "UserValue" in the future, or User may be refactored into such. |
User | $creator | User doing the creation. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationRequest[] | $reqs |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 95 of file AbstractSecondaryAuthenticationProvider.php.
MediaWiki\Auth\AbstractSecondaryAuthenticationProvider::testUserForCreation | ( | $user, | |
$autocreate, | |||
array | $options = [] ) |
Determine whether an account may be created.
User | $user | User being created (not added to the database yet). This may become a "UserValue" in the future, or User may be refactored into such. |
bool | string | $autocreate | False if this is not an auto-creation, or the source of the auto-creation passed to AuthManager::autoCreateUser(). |
array | $options |
|
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Reimplemented in MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider.
Definition at line 118 of file AbstractSecondaryAuthenticationProvider.php.