MediaWiki  master
ApiChangeAuthenticationData.php
Go to the documentation of this file.
1 <?php
25 
32 
33  public function __construct( ApiMain $main, $action ) {
34  parent::__construct( $main, $action, 'changeauth' );
35  }
36 
37  public function execute() {
38  if ( !$this->getUser()->isLoggedIn() ) {
39  $this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' );
40  }
41 
42  $manager = MediaWikiServices::getInstance()->getAuthManager();
43  $helper = new ApiAuthManagerHelper( $this, $manager );
44 
45  // Check security-sensitive operation status
46  $helper->securitySensitiveOperation( 'ChangeCredentials' );
47 
48  // Fetch the request
50  $helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ),
51  $this->getConfig()->get( 'ChangeCredentialsBlacklist' )
52  );
53  if ( count( $reqs ) !== 1 ) {
54  $this->dieWithError( 'apierror-changeauth-norequest', 'badrequest' );
55  }
56  $req = reset( $reqs );
57 
58  // Make the change
59  $status = $manager->allowsAuthenticationDataChange( $req, true );
60  $this->getHookRunner()->onChangeAuthenticationDataAudit( $req, $status );
61  if ( !$status->isGood() ) {
62  $this->dieStatus( $status );
63  }
64  $manager->changeAuthenticationData( $req );
65 
66  $this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] );
67  }
68 
69  public function isWriteMode() {
70  return true;
71  }
72 
73  public function needsToken() {
74  return 'csrf';
75  }
76 
77  public function getAllowedParams() {
78  return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE,
79  'request'
80  );
81  }
82 
83  public function dynamicParameterDocumentation() {
84  return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ];
85  }
86 
87  protected function getExamplesMessages() {
88  return [
89  'action=changeauthenticationdata' .
90  '&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' .
91  '&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC'
92  => 'apihelp-changeauthenticationdata-example-password',
93  ];
94  }
95 
96  public function getHelpUrls() {
97  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
98  }
99 }
ApiMain
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:47
ApiChangeAuthenticationData\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition: ApiChangeAuthenticationData.php:73
ApiChangeAuthenticationData\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition: ApiChangeAuthenticationData.php:77
ApiChangeAuthenticationData\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiChangeAuthenticationData.php:87
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition: MediaWikiServices.php:154
ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:1382
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:565
ApiChangeAuthenticationData\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiChangeAuthenticationData.php:37
ApiChangeAuthenticationData\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition: ApiChangeAuthenticationData.php:69
ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
Definition: ApiAuthManagerHelper.php:362
ContextSource\getUser
getUser()
Stable to override.
Definition: ContextSource.php:131
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:52
ApiChangeAuthenticationData\__construct
__construct(ApiMain $main, $action)
Definition: ApiChangeAuthenticationData.php:33
ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition: ApiAuthManagerHelper.php:37
ApiChangeAuthenticationData\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition: ApiChangeAuthenticationData.php:83
ApiAuthManagerHelper\blacklistAuthenticationRequests
static blacklistAuthenticationRequests(array $reqs, array $blacklist)
Filter out authentication requests by class name.
Definition: ApiAuthManagerHelper.php:129
MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition: AuthManager.php:88
ApiChangeAuthenticationData
Change authentication data with AuthManager.
Definition: ApiChangeAuthenticationData.php:31
ApiChangeAuthenticationData\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition: ApiChangeAuthenticationData.php:96
ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition: ApiBase.php:1440
ApiBase\getHookRunner
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition: ApiBase.php:662