MediaWiki  master
ApiChangeAuthenticationData.php
Go to the documentation of this file.
1 <?php
24 
32  private $authManager;
33 
39  public function __construct(
40  ApiMain $main,
41  $action,
43  ) {
44  parent::__construct( $main, $action, 'changeauth' );
45  $this->authManager = $authManager;
46  }
47 
48  public function execute() {
49  if ( !$this->getUser()->isRegistered() ) {
50  $this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' );
51  }
52 
53  $helper = new ApiAuthManagerHelper( $this, $this->authManager );
54 
55  // Check security-sensitive operation status
56  $helper->securitySensitiveOperation( 'ChangeCredentials' );
57 
58  // Fetch the request
60  $helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ),
61  $this->getConfig()->get( 'ChangeCredentialsBlacklist' )
62  );
63  if ( count( $reqs ) !== 1 ) {
64  $this->dieWithError( 'apierror-changeauth-norequest', 'badrequest' );
65  }
66  $req = reset( $reqs );
67 
68  // Make the change
69  $status = $this->authManager->allowsAuthenticationDataChange( $req, true );
70  $this->getHookRunner()->onChangeAuthenticationDataAudit( $req, $status );
71  if ( !$status->isGood() ) {
72  $this->dieStatus( $status );
73  }
74  $this->authManager->changeAuthenticationData( $req );
75 
76  $this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] );
77  }
78 
79  public function isWriteMode() {
80  return true;
81  }
82 
83  public function needsToken() {
84  return 'csrf';
85  }
86 
87  public function getAllowedParams() {
88  return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE,
89  'request'
90  );
91  }
92 
93  public function dynamicParameterDocumentation() {
94  return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ];
95  }
96 
97  protected function getExamplesMessages() {
98  return [
99  'action=changeauthenticationdata' .
100  '&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' .
101  '&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC'
102  => 'apihelp-changeauthenticationdata-example-password',
103  ];
104  }
105 
106  public function getHelpUrls() {
107  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
108  }
109 }
ApiMain
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:49
ApiChangeAuthenticationData\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition: ApiChangeAuthenticationData.php:83
ApiChangeAuthenticationData\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition: ApiChangeAuthenticationData.php:87
ApiChangeAuthenticationData\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiChangeAuthenticationData.php:97
ApiAuthManagerHelper\blacklistAuthenticationRequests
static blacklistAuthenticationRequests(array $reqs, array $remove)
Filter out authentication requests by class name.
Definition: ApiAuthManagerHelper.php:131
ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:1436
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:628
ApiChangeAuthenticationData\__construct
__construct(ApiMain $main, $action, AuthManager $authManager)
Definition: ApiChangeAuthenticationData.php:39
ApiChangeAuthenticationData\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiChangeAuthenticationData.php:48
ApiChangeAuthenticationData\$authManager
AuthManager $authManager
Definition: ApiChangeAuthenticationData.php:32
ApiChangeAuthenticationData\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition: ApiChangeAuthenticationData.php:79
ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
Definition: ApiAuthManagerHelper.php:363
ContextSource\getUser
getUser()
Definition: ContextSource.php:136
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:55
ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition: ApiAuthManagerHelper.php:37
ApiChangeAuthenticationData\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition: ApiChangeAuthenticationData.php:93
MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition: AuthManager.php:102
ApiChangeAuthenticationData
Change authentication data with AuthManager.
Definition: ApiChangeAuthenticationData.php:30
ApiChangeAuthenticationData\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition: ApiChangeAuthenticationData.php:106
ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition: ApiBase.php:1499
ApiBase\getHookRunner
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition: ApiBase.php:710