master/php/AbstractPasswordPrimaryAuthenticationProvider_8php_source.html

 <?php

 namespace MediaWiki\Auth;


 use MediaWiki\MainConfigNames;

 use Password;

 use PasswordFactory;

 use Status;


 abstract class AbstractPasswordPrimaryAuthenticationProvider

     extends AbstractPrimaryAuthenticationProvider

 {

     protected $authoritative;


     private $passwordFactory = null;


     public function __construct( array $params = [] ) {

         $this->authoritative = !isset( $params['authoritative'] ) || (bool)$params['authoritative'];

     }


     protected function getPasswordFactory() {

         if ( $this->passwordFactory === null ) {

             $this->passwordFactory = new PasswordFactory(

                 $this->config->get( MainConfigNames::PasswordConfig ),

                 $this->config->get( MainConfigNames::PasswordDefault )

             );

         }

         return $this->passwordFactory;

     }


     protected function getPassword( $hash ) {

         $passwordFactory = $this->getPasswordFactory();

         try {

             return $passwordFactory->newFromCiphertext( $hash );

         } catch ( \PasswordError $e ) {

             $class = static::class;

             $this->logger->debug( "Invalid password hash in {$class}::getPassword()" );

             return $passwordFactory->newFromCiphertext( null );

         }

     }


     protected function failResponse( PasswordAuthenticationRequest $req ) {

         if ( $this->authoritative ) {

             return AuthenticationResponse::newFail(

                 wfMessage( $req->password === '' ? 'wrongpasswordempty' : 'wrongpassword' )

             );

         } else {

             return AuthenticationResponse::newAbstain();

         }

     }


     protected function checkPasswordValidity( $username, $password ) {

         return \User::newFromName( $username )->checkPasswordValidity( $password );

     }


     protected function setPasswordResetFlag( $username, Status $status, $data = null ) {

         $reset = $this->getPasswordResetData( $username, $data );


         if ( !$reset && $this->config->get( MainConfigNames::InvalidPasswordReset ) &&

         !$status->isGood() ) {

             $hard = $status->getValue()['forceChange'] ?? false;


             if ( $hard || !empty( $status->getValue()['suggestChangeOnLogin'] ) ) {

                 $reset = (object)[

                     'msg' => $status->getMessage( $hard ? 'resetpass-validity' : 'resetpass-validity-soft' ),

                     'hard' => $hard,

                 ];

             }

         }


         if ( $reset ) {

             $this->manager->setAuthenticationSessionData( 'reset-pass', $reset );

         }

     }


     protected function getPasswordResetData( $username, $data ) {

         return null;

     }


     protected function getNewPasswordExpiry( $username ) {

         $days = $this->config->get( MainConfigNames::PasswordExpirationDays );

         $expires = $days ? wfTimestamp( TS_MW, time() + $days * 86400 ) : null;


         // Give extensions a chance to force an expiration

         $this->getHookRunner()->onResetPasswordExpiration(

             \User::newFromName( $username ), $expires );


         return $expires;

     }


     public function getAuthenticationRequests( $action, array $options ) {

         switch ( $action ) {

             case AuthManager::ACTION_LOGIN:

             case AuthManager::ACTION_REMOVE:

             case AuthManager::ACTION_CREATE:

             case AuthManager::ACTION_CHANGE:

                 return [ new PasswordAuthenticationRequest() ];

             default:

                 return [];

         }

     }

 }

wfTimestamp
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
Definition: GlobalFunctions.php:1376

wfMessage
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
Definition: GlobalFunctions.php:902

MediaWiki\Auth\AbstractAuthenticationProvider\getHookRunner
getHookRunner()
Definition: AbstractAuthenticationProvider.php:171

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider
Basic framework for a primary authentication provider that uses passwords.
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:38

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\checkPasswordValidity
checkPasswordValidity( $username, $password)
Check that the password is valid.
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:108

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\failResponse
failResponse(PasswordAuthenticationRequest $req)
Return the appropriate response for failure.
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:88

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\getPasswordResetData
getPasswordResetData( $username, $data)
Get password reset data, if any.
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:151

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\setPasswordResetFlag
setPasswordResetFlag( $username, Status $status, $data=null)
Check if the password should be reset.
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:123

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\getPasswordFactory
getPasswordFactory()
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:57

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\$authoritative
bool $authoritative
Whether this provider should ABSTAIN (false) or FAIL (true) on password failure.
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:40

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\__construct
__construct(array $params=[])
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:50

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\getNewPasswordExpiry
getNewPasswordExpiry( $username)
Get expiration date for a new password, if any.
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:162

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\getPassword
getPassword( $hash)
Get a Password object from the hash.
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:72

MediaWiki\Auth\AbstractPasswordPrimaryAuthenticationProvider\getAuthenticationRequests
getAuthenticationRequests( $action, array $options)
Definition: AbstractPasswordPrimaryAuthenticationProvider.php:180

MediaWiki\Auth\AbstractPrimaryAuthenticationProvider
A base class that implements some of the boilerplate for a PrimaryAuthenticationProvider.
Definition: AbstractPrimaryAuthenticationProvider.php:33

MediaWiki\Auth\AuthManager\ACTION_CHANGE
const ACTION_CHANGE
Change a user's credentials.
Definition: AuthManager.php:126

MediaWiki\Auth\AuthManager\ACTION_REMOVE
const ACTION_REMOVE
Remove a user's credentials.
Definition: AuthManager.php:128

MediaWiki\Auth\AuthManager\ACTION_LOGIN
const ACTION_LOGIN
Log in with an existing (not necessarily local) user.
Definition: AuthManager.php:108

MediaWiki\Auth\AuthManager\ACTION_CREATE
const ACTION_CREATE
Create a new user.
Definition: AuthManager.php:114

MediaWiki\Auth\AuthenticationResponse\newFail
static newFail(Message $msg, array $failReasons=[])
Definition: AuthenticationResponse.php:157

MediaWiki\Auth\AuthenticationResponse\newAbstain
static newAbstain()
Definition: AuthenticationResponse.php:182

MediaWiki\Auth\PasswordAuthenticationRequest
This is a value object for authentication requests with a username and password.
Definition: PasswordAuthenticationRequest.php:32

MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition: MainConfigNames.php:22

MediaWiki\MainConfigNames\PasswordExpirationDays
const PasswordExpirationDays
Name constant for the PasswordExpirationDays setting, for use with Config::get()
Definition: MainConfigNames.php:968

MediaWiki\MainConfigNames\PasswordDefault
const PasswordDefault
Name constant for the PasswordDefault setting, for use with Config::get()
Definition: MainConfigNames.php:2575

MediaWiki\MainConfigNames\PasswordConfig
const PasswordConfig
Name constant for the PasswordConfig setting, for use with Config::get()
Definition: MainConfigNames.php:2581

MediaWiki\MainConfigNames\InvalidPasswordReset
const InvalidPasswordReset
Name constant for the InvalidPasswordReset setting, for use with Config::get()
Definition: MainConfigNames.php:2569

PasswordError
Show an error when any operation involving passwords fails to run.
Definition: PasswordError.php:29

PasswordFactory
Factory class for creating and checking Password objects.
Definition: PasswordFactory.php:33

Password
Represents a password hash for use in authentication.
Definition: Password.php:61

StatusValue\getValue
getValue()
Definition: StatusValue.php:141

StatusValue\isGood
isGood()
Returns whether the operation completed and didn't have any error or warnings.
Definition: StatusValue.php:125

Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition: Status.php:46

Status\getMessage
getMessage( $shortContext=false, $longContext=false, $lang=null)
Get a bullet list of the errors as a Message object.
Definition: Status.php:245

User\newFromName
static newFromName( $name, $validate='valid')
Definition: User.php:592

MediaWiki\Auth
Definition: AbstractAuthenticationProvider.php:22