REL1_40/php/SpecialChangeCredentials_8php_source.html

<?php


use MediaWiki\Auth\AuthenticationRequest;

use MediaWiki\Auth\AuthenticationResponse;

use MediaWiki\Auth\AuthManager;

use MediaWiki\Auth\PasswordAuthenticationRequest;

use MediaWiki\Html\Html;

use MediaWiki\MainConfigNames;

use MediaWiki\Session\SessionManager;

use MediaWiki\Title\Title;


class SpecialChangeCredentials extends AuthManagerSpecialPage {

    protected static $allowedActions = [ AuthManager::ACTION_CHANGE ];


    protected static $messagePrefix = 'changecredentials';


    protected static $loadUserData = true;


    public function __construct( AuthManager $authManager ) {

        parent::__construct( 'ChangeCredentials', 'editmyprivateinfo' );

        $this->setAuthManager( $authManager );

    }


    protected function getGroupName() {

        return 'users';

    }


    public function isListed() {

        $this->loadAuth( '' );

        return (bool)$this->authRequests;

    }


    public function doesWrites() {

        return true;

    }


    protected function getDefaultAction( $subPage ) {

        return AuthManager::ACTION_CHANGE;

    }


    protected function getPreservedParams( $withToken = false ) {

        $request = $this->getRequest();

        $params = parent::getPreservedParams( $withToken );

        $params += [

            'returnto' => $request->getVal( 'returnto' ),

            'returntoquery' => $request->getVal( 'returntoquery' ),

        ];

        return $params;

    }


    public function execute( $subPage ) {

        $this->setHeaders();

        $this->outputHeader();


        $this->loadAuth( $subPage );


        if ( !$subPage ) {

            $this->showSubpageList();

            return;

        }


        if ( !$this->authRequests ) {

            // messages used: changecredentials-invalidsubpage, removecredentials-invalidsubpage

            $this->showSubpageList( $this->msg( static::$messagePrefix . '-invalidsubpage', $subPage ) );

            return;

        }


        $out = $this->getOutput();

        $out->addModules( 'mediawiki.special.changecredentials' );

        $out->addBacklinkSubtitle( $this->getPageTitle() );

        $status = $this->trySubmit();


        if ( $status === false || !$status->isOK() ) {

            $this->displayForm( $status );

            return;

        }


        $response = $status->getValue();


        switch ( $response->status ) {

            case AuthenticationResponse::PASS:

                $this->success();

                break;

            case AuthenticationResponse::FAIL:

                $this->displayForm( Status::newFatal( $response->message ) );

                break;

            default:

                throw new LogicException( 'invalid AuthenticationResponse' );

        }

    }


    protected function loadAuth( $subPage, $authAction = null, $reset = false ) {

        parent::loadAuth( $subPage, $authAction );

        if ( $subPage ) {

            $foundReqs = [];

            foreach ( $this->authRequests as $req ) {

                if ( $req->getUniqueId() === $subPage ) {

                    $foundReqs[] = $req;

                }

            }

            if ( count( $foundReqs ) > 1 ) {

                throw new LogicException( 'Multiple AuthenticationRequest objects with same ID!' );

            }

            $this->authRequests = $foundReqs;

        }

    }


    public function onAuthChangeFormFields(

        array $requests, array $fieldInfo, array &$formDescriptor, $action

    ) {

        parent::onAuthChangeFormFields( $requests, $fieldInfo, $formDescriptor, $action );


        // Add some UI flair for password changes, the most common use case for this page.

        if ( AuthenticationRequest::getRequestByClass( $this->authRequests,

            PasswordAuthenticationRequest::class )

        ) {

            $formDescriptor = self::mergeDefaultFormDescriptor( $fieldInfo, $formDescriptor, [

                'password' => [

                    'autocomplete' => 'new-password',

                    'placeholder-message' => 'createacct-yourpassword-ph',

                    'help-message' => 'createacct-useuniquepass',

                ],

                'retype' => [

                    'autocomplete' => 'new-password',

                    'placeholder-message' => 'createacct-yourpasswordagain-ph',

                ],

                // T263927 - the Chromium password form guide recommends always having a username field

                'username' => [

                    'type' => 'text',

                    'baseField' => 'password',

                    'autocomplete' => 'username',

                    'nodata' => true,

                    'readonly' => true,

                    'cssclass' => 'mw-htmlform-hidden-field',

                    'label-message' => 'userlogin-yourname',

                    'placeholder-message' => 'userlogin-yourname-ph',

                ],

            ] );

        }

    }


    protected function getAuthFormDescriptor( $requests, $action ) {

        if ( !static::$loadUserData ) {

            return [];

        } else {

            $descriptor = parent::getAuthFormDescriptor( $requests, $action );


            $any = false;

            foreach ( $descriptor as &$field ) {

                if ( $field['type'] === 'password' && $field['name'] !== 'retype' ) {

                    $any = true;

                    if ( isset( $field['cssclass'] ) ) {

                        $field['cssclass'] .= ' mw-changecredentials-validate-password';

                    } else {

                        $field['cssclass'] = 'mw-changecredentials-validate-password';

                    }

                }

            }


            if ( $any ) {

                $this->getOutput()->addModules( 'mediawiki.misc-authed-ooui' );

            }


            return $descriptor;

        }

    }


    protected function getAuthForm( array $requests, $action ) {

        $form = parent::getAuthForm( $requests, $action );

        $req = reset( $requests );

        $info = $req->describeCredentials();


        $form->addPreHtml(

            Html::openElement( 'dl' )

            . Html::element( 'dt', [], $this->msg( 'credentialsform-provider' )->text() )

            . Html::element( 'dd', [], $info['provider']->text() )

            . Html::element( 'dt', [], $this->msg( 'credentialsform-account' )->text() )

            . Html::element( 'dd', [], $info['account']->text() )

            . Html::closeElement( 'dl' )

        );


        // messages used: changecredentials-submit removecredentials-submit

        $form->setSubmitTextMsg( static::$messagePrefix . '-submit' );

        $form->showCancel()->setCancelTarget( $this->getReturnUrl() ?: Title::newMainPage() );

        $form->setSubmitID( 'change_credentials_submit' );

        return $form;

    }


    protected function needsSubmitButton( array $requests ) {

        // Change/remove forms show are built from a single AuthenticationRequest and do not allow

        // for redirect flow; they always need a submit button.

        return true;

    }


    public function handleFormSubmit( $data ) {

        // remove requests do not accept user input

        $requests = $this->authRequests;

        if ( static::$loadUserData ) {

            $requests = AuthenticationRequest::loadRequestsFromSubmission( $this->authRequests, $data );

        }


        $response = $this->performAuthenticationStep( $this->authAction, $requests );


        // we can't handle FAIL or similar as failure here since it might require changing the form

        return Status::newGood( $response );

    }


    protected function showSubpageList( $error = null ) {

        $out = $this->getOutput();


        if ( $error ) {

            $out->addHTML( $error->parse() );

        }


        $groupedRequests = [];

        foreach ( $this->authRequests as $req ) {

            $info = $req->describeCredentials();

            $groupedRequests[$info['provider']->text()][] = $req;

        }


        $linkRenderer = $this->getLinkRenderer();

        $out->addHTML( Html::openElement( 'dl' ) );

        foreach ( $groupedRequests as $group => $members ) {

            $out->addHTML( Html::element( 'dt', [], $group ) );

            foreach ( $members as $req ) {

                $info = $req->describeCredentials();

                $out->addHTML( Html::rawElement( 'dd', [],

                    $linkRenderer->makeLink(

                        $this->getPageTitle( $req->getUniqueId() ),

                        $info['account']->text()

                    )

                ) );

            }

        }

        $out->addHTML( Html::closeElement( 'dl' ) );

    }


    protected function success() {

        $session = $this->getRequest()->getSession();

        $user = $this->getUser();

        $out = $this->getOutput();

        $returnUrl = $this->getReturnUrl();


        // change user token and update the session

        SessionManager::singleton()->invalidateSessionsForUser( $user );

        $session->setUser( $user );

        $session->resetId();


        if ( $returnUrl ) {

            $out->redirect( $returnUrl );

        } else {

            // messages used: changecredentials-success removecredentials-success

            $out->addHTML(

                Html::successBox(

                    $out->msg( static::$messagePrefix . '-success' )->parse()

                )

            );

            $out->returnToMain();

        }

    }


    protected function getReturnUrl() {

        $request = $this->getRequest();

        $returnTo = $request->getText( 'returnto' );

        $returnToQuery = $request->getText( 'returntoquery', '' );


        if ( !$returnTo ) {

            return null;

        }


        $title = Title::newFromText( $returnTo );

        return $title->getFullUrlForRedirect( $returnToQuery );

    }


    protected function getRequestBlacklist() {

        return $this->getConfig()->get( MainConfigNames::ChangeCredentialsBlacklist );

    }


}


AuthManagerSpecialPage
A special page subclass for authentication-related special pages.
Definition AuthManagerSpecialPage.php:20

AuthManagerSpecialPage\$authAction
string $authAction
one of the AuthManager::ACTION_* constants.
Definition AuthManagerSpecialPage.php:35

AuthManagerSpecialPage\performAuthenticationStep
performAuthenticationStep( $action, array $requests)
Definition AuthManagerSpecialPage.php:363

AuthManagerSpecialPage\displayForm
displayForm( $status)
Display the form.
Definition AuthManagerSpecialPage.php:574

AuthManagerSpecialPage\$authRequests
AuthenticationRequest[] $authRequests
Definition AuthManagerSpecialPage.php:38

AuthManagerSpecialPage\$subPage
string $subPage
Subpage of the special page.
Definition AuthManagerSpecialPage.php:41

AuthManagerSpecialPage\mergeDefaultFormDescriptor
static mergeDefaultFormDescriptor(array $fieldInfo, array $formDescriptor, array $defaultFormDescriptor)
Apply defaults to a form descriptor, without creating non-existent fields.
Definition AuthManagerSpecialPage.php:809

AuthManagerSpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition AuthManagerSpecialPage.php:74

AuthManagerSpecialPage\trySubmit
trySubmit()
Attempts to do an authentication step with the submitted data.
Definition AuthManagerSpecialPage.php:418

MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition AuthManager.php:106

MediaWiki\Auth\AuthenticationRequest
This is a value object for authentication requests.
Definition AuthenticationRequest.php:44

MediaWiki\Auth\AuthenticationRequest\describeCredentials
describeCredentials()
Describe the credentials represented by this request.
Definition AuthenticationRequest.php:245

MediaWiki\Auth\AuthenticationResponse
This is a value object to hold authentication response data.
Definition AuthenticationResponse.php:37

MediaWiki\Auth\PasswordAuthenticationRequest
This is a value object for authentication requests with a username and password.
Definition PasswordAuthenticationRequest.php:32

MediaWiki\Html\Html
This class is a collection of static functions that serve two purposes:
Definition Html.php:55

MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:22

MediaWiki\Session\SessionManager
This serves as the entry point to the MediaWiki session handling system.
Definition SessionManager.php:79

MediaWiki\Title\Title
Represents a title within MediaWiki.
Definition Title.php:82

SpecialChangeCredentials
Special change to change credentials (such as the password).
Definition SpecialChangeCredentials.php:17

SpecialChangeCredentials\$allowedActions
static $allowedActions
Definition SpecialChangeCredentials.php:18

SpecialChangeCredentials\$messagePrefix
static $messagePrefix
Definition SpecialChangeCredentials.php:20

SpecialChangeCredentials\getGroupName
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
Definition SpecialChangeCredentials.php:33

SpecialChangeCredentials\showSubpageList
showSubpageList( $error=null)
Definition SpecialChangeCredentials.php:221

SpecialChangeCredentials\getAuthForm
getAuthForm(array $requests, $action)
Definition SpecialChangeCredentials.php:178

SpecialChangeCredentials\doesWrites
doesWrites()
Indicates whether this special page may perform database writes.
Definition SpecialChangeCredentials.php:42

SpecialChangeCredentials\success
success()
Definition SpecialChangeCredentials.php:252

SpecialChangeCredentials\getReturnUrl
getReturnUrl()
Definition SpecialChangeCredentials.php:279

SpecialChangeCredentials\handleFormSubmit
handleFormSubmit( $data)
Submit handler callback for HTMLForm.
Definition SpecialChangeCredentials.php:205

SpecialChangeCredentials\getPreservedParams
getPreservedParams( $withToken=false)
Returns URL query parameters which can be used to reload the page (or leave and return) while preserv...
Definition SpecialChangeCredentials.php:50

SpecialChangeCredentials\isListed
isListed()
Whether this special page is listed in Special:SpecialPages.
Definition SpecialChangeCredentials.php:37

SpecialChangeCredentials\getRequestBlacklist
getRequestBlacklist()
Allows blacklisting certain request types.
Definition SpecialChangeCredentials.php:292

SpecialChangeCredentials\getAuthFormDescriptor
getAuthFormDescriptor( $requests, $action)
Generates a HTMLForm descriptor array from a set of authentication requests.
Definition SpecialChangeCredentials.php:152

SpecialChangeCredentials\loadAuth
loadAuth( $subPage, $authAction=null, $reset=false)
Load or initialize $authAction, $authRequests and $subPage.
Definition SpecialChangeCredentials.php:101

SpecialChangeCredentials\getDefaultAction
getDefaultAction( $subPage)
Get the default action for this special page, if none is given via URL/POST data.
Definition SpecialChangeCredentials.php:46

SpecialChangeCredentials\__construct
__construct(AuthManager $authManager)
Definition SpecialChangeCredentials.php:28

SpecialChangeCredentials\needsSubmitButton
needsSubmitButton(array $requests)
Returns true if the form built from the given AuthenticationRequests needs a submit button.
Definition SpecialChangeCredentials.php:199

SpecialChangeCredentials\$loadUserData
static $loadUserData
Change action needs user data; remove action does not.
Definition SpecialChangeCredentials.php:23

SpecialChangeCredentials\execute
execute( $subPage)
Default execute method Checks user permissions.
Definition SpecialChangeCredentials.php:60

SpecialChangeCredentials\onAuthChangeFormFields
onAuthChangeFormFields(array $requests, array $fieldInfo, array &$formDescriptor, $action)
Change the form descriptor that determines how a field will look in the authentication form....
Definition SpecialChangeCredentials.php:118

SpecialPage\outputHeader
outputHeader( $summaryMessageKey='')
Outputs a summary message on top of special pages Per default the message key is the canonical name o...
Definition SpecialPage.php:763

SpecialPage\setHeaders
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes!
Definition SpecialPage.php:672

SpecialPage\getOutput
getOutput()
Get the OutputPage being used for this instance.
Definition SpecialPage.php:862

SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition SpecialPage.php:872

SpecialPage\getLinkRenderer
getLinkRenderer()
Definition SpecialPage.php:1100

SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition SpecialPage.php:984

SpecialPage\getConfig
getConfig()
Shortcut to get main config object.
Definition SpecialPage.php:950

SpecialPage\setAuthManager
setAuthManager(AuthManager $authManager)
Set the injected AuthManager from the special page constructor.
Definition SpecialPage.php:553

SpecialPage\getPageTitle
getPageTitle( $subpage=false)
Get a self-referential title object.
Definition SpecialPage.php:816

$title
$title
Definition testCompression.php:39