MediaWiki master
ApiChangeAuthenticationData.php
Go to the documentation of this file.
1<?php
23namespace MediaWiki\Api;
24
25use MediaWiki\Auth\AuthManager;
26use MediaWiki\MainConfigNames;
27
33class ApiChangeAuthenticationData extends ApiBase {
34 private AuthManager $authManager;
35
36 public function __construct(
37 ApiMain $main,
38 string $action,
39 AuthManager $authManager
40 ) {
41 parent::__construct( $main, $action, 'changeauth' );
42 $this->authManager = $authManager;
43 }
44
45 public function execute() {
46 if ( !$this->getUser()->isNamed() ) {
47 $this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' );
48 }
49
50 $helper = new ApiAuthManagerHelper( $this, $this->authManager );
51
52 // Check security-sensitive operation status
53 $helper->securitySensitiveOperation( 'ChangeCredentials' );
54
55 // Fetch the request
56 $reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests(
57 $helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ),
58 $this->getConfig()->get( MainConfigNames::ChangeCredentialsBlacklist )
59 );
60 if ( count( $reqs ) !== 1 ) {
61 $this->dieWithError( 'apierror-changeauth-norequest', 'badrequest' );
62 }
63 $req = reset( $reqs );
64
65 // Make the change
66 $status = $this->authManager->allowsAuthenticationDataChange( $req, true );
67 $this->getHookRunner()->onChangeAuthenticationDataAudit( $req, $status );
68 if ( !$status->isGood() ) {
69 $this->dieStatus( $status );
70 }
71 $this->authManager->changeAuthenticationData( $req );
72
73 $this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] );
74 }
75
76 public function isWriteMode() {
77 return true;
78 }
79
80 public function needsToken() {
81 return 'csrf';
82 }
83
84 public function getAllowedParams() {
85 return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE,
86 'request'
87 );
88 }
89
90 public function dynamicParameterDocumentation() {
91 return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ];
92 }
93
94 protected function getExamplesMessages() {
95 return [
96 'action=changeauthenticationdata' .
97 '&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' .
98 '&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC'
99 => 'apihelp-changeauthenticationdata-example-password',
100 ];
101 }
102
103 public function getHelpUrls() {
104 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
105 }
106}
107
109class_alias( ApiChangeAuthenticationData::class, 'ApiChangeAuthenticationData' );
MediaWiki\Api\ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition ApiAuthManagerHelper.php:45
MediaWiki\Api\ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
Definition ApiAuthManagerHelper.php:377
MediaWiki\Api\ApiAuthManagerHelper\blacklistAuthenticationRequests
static blacklistAuthenticationRequests(array $reqs, array $remove)
Filter out authentication requests by class name.
Definition ApiAuthManagerHelper.php:147
MediaWiki\Api\ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:75
MediaWiki\Api\ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1522
MediaWiki\Api\ApiBase\getHookRunner
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition ApiBase.php:781
MediaWiki\Api\ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:696
MediaWiki\Api\ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition ApiBase.php:1573
MediaWiki\Api\ApiChangeAuthenticationData
Change authentication data with AuthManager.
Definition ApiChangeAuthenticationData.php:33
MediaWiki\Api\ApiChangeAuthenticationData\__construct
__construct(ApiMain $main, string $action, AuthManager $authManager)
Definition ApiChangeAuthenticationData.php:36
MediaWiki\Api\ApiChangeAuthenticationData\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition ApiChangeAuthenticationData.php:90
MediaWiki\Api\ApiChangeAuthenticationData\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition ApiChangeAuthenticationData.php:84
MediaWiki\Api\ApiChangeAuthenticationData\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition ApiChangeAuthenticationData.php:45
MediaWiki\Api\ApiChangeAuthenticationData\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition ApiChangeAuthenticationData.php:94
MediaWiki\Api\ApiChangeAuthenticationData\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition ApiChangeAuthenticationData.php:103
MediaWiki\Api\ApiChangeAuthenticationData\isWriteMode
isWriteMode()
Indicates whether this module requires write access to the wiki.
Definition ApiChangeAuthenticationData.php:76
MediaWiki\Api\ApiChangeAuthenticationData\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition ApiChangeAuthenticationData.php:80
MediaWiki\Api\ApiMain
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:78
MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition AuthManager.php:118
MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:22
MediaWiki\MainConfigNames\ChangeCredentialsBlacklist
const ChangeCredentialsBlacklist
Name constant for the ChangeCredentialsBlacklist setting, for use with Config::get()
Definition MainConfigNames.php:2626