MediaWiki master
ApiChangeAuthenticationData.php
Go to the documentation of this file.
1<?php
23namespace MediaWiki\Api;
24
27
34 private AuthManager $authManager;
35
36 public function __construct(
37 ApiMain $main,
38 string $action,
39 AuthManager $authManager
40 ) {
41 parent::__construct( $main, $action, 'changeauth' );
42 $this->authManager = $authManager;
43 }
44
45 public function execute() {
46 if ( !$this->getUser()->isNamed() ) {
47 $this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' );
48 }
49
50 $helper = new ApiAuthManagerHelper( $this, $this->authManager );
51
52 // Check security-sensitive operation status
53 $helper->securitySensitiveOperation( 'ChangeCredentials' );
54
55 // Fetch the request
57 $helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ),
58 $this->getConfig()->get( MainConfigNames::ChangeCredentialsBlacklist )
59 );
60 if ( count( $reqs ) !== 1 ) {
61 $this->dieWithError( 'apierror-changeauth-norequest', 'badrequest' );
62 }
63 $req = reset( $reqs );
64
65 // Make the change
66 $status = $this->authManager->allowsAuthenticationDataChange( $req, true );
67 $this->getHookRunner()->onChangeAuthenticationDataAudit( $req, $status );
68 if ( !$status->isGood() ) {
69 $this->dieStatus( $status );
70 }
71 $this->authManager->changeAuthenticationData( $req );
72
73 $this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] );
74 }
75
76 public function isWriteMode() {
77 return true;
78 }
79
80 public function needsToken() {
81 return 'csrf';
82 }
83
84 public function getAllowedParams() {
85 return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE,
86 'request'
87 );
88 }
89
91 return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ];
92 }
93
94 protected function getExamplesMessages() {
95 return [
96 'action=changeauthenticationdata' .
97 '&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' .
98 '&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC'
99 => 'apihelp-changeauthenticationdata-example-password',
100 ];
101 }
102
103 public function getHelpUrls() {
104 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
105 }
106}
107
109class_alias( ApiChangeAuthenticationData::class, 'ApiChangeAuthenticationData' );
Helper class for AuthManager-using API modules.
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
static blacklistAuthenticationRequests(array $reqs, array $remove)
Filter out authentication requests by class name.
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:75
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1522
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition ApiBase.php:781
getResult()
Get the result object.
Definition ApiBase.php:696
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition ApiBase.php:1573
Change authentication data with AuthManager.
__construct(ApiMain $main, string $action, AuthManager $authManager)
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
getExamplesMessages()
Returns usage examples for this module.
getHelpUrls()
Return links to more detailed help pages about the module.
isWriteMode()
Indicates whether this module requires write access to the wiki.
needsToken()
Returns the token type this module requires in order to execute.
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:78
This serves as the entry point to the authentication system.
A class containing constants representing the names of configuration variables.
const ChangeCredentialsBlacklist
Name constant for the ChangeCredentialsBlacklist setting, for use with Config::get()