36use UnexpectedValueException;
51 private $messageFormat;
67 $this->module = $module;
70 $this->messageFormat =
$params[
'messageformat'] ??
'wikitext';
83 return new self( $module, $authManager );
92 private function formatMessage( array &$res, $key,
Message $message ) {
93 switch ( $this->messageFormat ) {
98 $res[$key] = $message->
setContext( $this->module )->text();
102 $res[$key] = $message->
setContext( $this->module )->parseAsBlock();
103 $res[$key] = Parser::stripOuterParagraph( $res[$key] );
109 'key' => $message->
getKey(),
123 $status = $this->authManager->securitySensitiveOperationStatus( $operation );
125 case AuthManager::SEC_OK:
128 case AuthManager::SEC_REAUTH:
129 $this->module->dieWithError(
'apierror-reauthenticate' );
132 case AuthManager::SEC_FAIL:
133 $this->module->dieWithError(
'apierror-cannotreauthenticate' );
137 throw new UnexpectedValueException(
"Unknown status \"$status\"" );
149 $remove = array_fill_keys( $remove,
true );
150 $reqs = array_filter( $reqs,
static function ( $req ) use ( $remove ) {
151 return !isset( $remove[get_class( $req )] );
163 $params = $this->module->extractRequestParams();
165 $reqs = $this->authManager->getAuthenticationRequests( $action, $this->module->getUser() );
168 $wantedRequests =
null;
169 if ( isset(
$params[
'requests'] ) ) {
170 $wantedRequests = array_fill_keys(
$params[
'requests'],
true );
171 } elseif ( isset(
$params[
'request'] ) ) {
172 $wantedRequests = [
$params[
'request'] => true ];
174 if ( $wantedRequests !==
null ) {
175 $reqs = array_filter(
178 return isset( $wantedRequests[$req->
getUniqueId()] );
186 foreach ( $reqs as $req ) {
187 $info = (array)$req->getFieldInfo();
189 $sensitive += array_filter( $info,
static function ( $opts ) {
190 return !empty( $opts[
'sensitive'] );
196 $data = array_intersect_key( $this->module->getRequest()->getValues(), $fields );
197 $this->module->getMain()->markParamsUsed( array_keys( $data ) );
200 $this->module->getMain()->markParamsSensitive( array_keys( $sensitive ) );
201 $this->module->requirePostedParameters( array_keys( $sensitive ),
'noprefix' );
204 return AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );
214 'status' => $res->status,
217 if ( $res->status === AuthenticationResponse::PASS && $res->username !==
null ) {
218 $ret[
'username'] = $res->username;
221 if ( $res->status === AuthenticationResponse::REDIRECT ) {
222 $ret[
'redirecttarget'] = $res->redirectTarget;
223 if ( $res->redirectApiData !==
null ) {
224 $ret[
'redirectdata'] = $res->redirectApiData;
228 if ( $res->status === AuthenticationResponse::REDIRECT ||
229 $res->status === AuthenticationResponse::UI ||
230 $res->status === AuthenticationResponse::RESTART
235 if ( $res->status === AuthenticationResponse::FAIL ||
236 $res->status === AuthenticationResponse::UI ||
237 $res->status === AuthenticationResponse::RESTART
239 $this->formatMessage( $ret,
'message', $res->message );
243 if ( $res->status === AuthenticationResponse::FAIL ||
244 $res->status === AuthenticationResponse::RESTART
246 $this->module->getRequest()->getSession()->set(
247 'ApiAuthManagerHelper::createRequest',
250 $ret[
'canpreservestate'] = $res->createRequest !==
null;
252 $this->module->getRequest()->getSession()->remove(
'ApiAuthManagerHelper::createRequest' );
265 if ( !in_array( $result->status, [ AuthenticationResponse::PASS, AuthenticationResponse::FAIL ] ) ) {
268 $accountType = $this->identityUtils->getShortUserTypeInternal( $performer );
271 LoggerFactory::getInstance(
'authevents' )->info(
"$module API attempt", [
273 'successful' => $result->status === AuthenticationResponse::PASS,
274 'status' => $result->message ? $result->message->getKey() :
'-',
275 'accountType' => $accountType,
285 $ret = $this->module->getRequest()->getSession()->get(
'ApiAuthManagerHelper::createRequest' );
296 $params = $this->module->extractRequestParams();
297 $mergeFields = !empty(
$params[
'mergerequestfields'] );
299 $ret = [
'requests' => [] ];
300 foreach ( $reqs as $req ) {
301 $describe = $req->describeCredentials();
303 'id' => $req->getUniqueId(),
306 switch ( $req->required ) {
307 case AuthenticationRequest::OPTIONAL:
308 $reqInfo[
'required'] =
'optional';
310 case AuthenticationRequest::REQUIRED:
311 $reqInfo[
'required'] =
'required';
313 case AuthenticationRequest::PRIMARY_REQUIRED:
314 $reqInfo[
'required'] =
'primary-required';
317 $this->formatMessage( $reqInfo,
'provider', $describe[
'provider'] );
318 $this->formatMessage( $reqInfo,
'account', $describe[
'account'] );
319 if ( !$mergeFields ) {
320 $reqInfo[
'fields'] = $this->formatFields( (array)$req->getFieldInfo() );
322 $ret[
'requests'][] = $reqInfo;
325 if ( $mergeFields ) {
326 $fields = AuthenticationRequest::mergeFieldInfo( $reqs );
327 $ret[
'fields'] = $this->formatFields( $fields );
340 private function formatFields( array $fields ) {
346 $module = $this->module;
349 foreach ( $fields as $name => $field ) {
350 $ret = array_intersect_key( $field, $copy );
352 if ( isset( $field[
'options'] ) ) {
353 $ret[
'options'] = array_map(
static function ( $msg ) use ( $module ) {
354 return $msg->setContext( $module )->plain();
355 }, $field[
'options'] );
358 $this->formatMessage( $ret,
'label', $field[
'label'] );
359 $this->formatMessage( $ret,
'help', $field[
'help'] );
360 $ret[
'optional'] = !empty( $field[
'optional'] );
361 $ret[
'sensitive'] = !empty( $field[
'sensitive'] );
363 $retFields[$name] = $ret;
380 ParamValidator::PARAM_TYPE =>
'string',
381 ParamValidator::PARAM_ISMULTI =>
true,
385 ParamValidator::PARAM_TYPE =>
'string',
386 ParamValidator::PARAM_REQUIRED =>
true,
390 ParamValidator::PARAM_DEFAULT =>
'wikitext',
391 ParamValidator::PARAM_TYPE => [
'html',
'wikitext',
'raw',
'none' ],
394 'mergerequestfields' => [
395 ParamValidator::PARAM_DEFAULT =>
false,
399 ParamValidator::PARAM_DEFAULT =>
false,
403 ParamValidator::PARAM_TYPE =>
'string',
407 ParamValidator::PARAM_DEFAULT =>
false,
413 foreach ( $wantedParams as $name ) {
414 if ( isset(
$params[$name] ) ) {
423class_alias( ApiAuthManagerHelper::class,
'ApiAuthManagerHelper' );
array $params
The job parameters.