master/php/ApiChangeAuthenticationData_8php_source.html

<?php

use MediaWiki\Auth\AuthManager;

use MediaWiki\MainConfigNames;


class ApiChangeAuthenticationData extends ApiBase {

    private AuthManager $authManager;


    public function __construct(

        ApiMain $main,

        $action,

        AuthManager $authManager

    ) {

        parent::__construct( $main, $action, 'changeauth' );

        $this->authManager = $authManager;

    }


    public function execute() {

        if ( !$this->getUser()->isNamed() ) {

            $this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' );

        }


        $helper = new ApiAuthManagerHelper( $this, $this->authManager );


        // Check security-sensitive operation status

        $helper->securitySensitiveOperation( 'ChangeCredentials' );


        // Fetch the request

        $reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests(

            $helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ),

            $this->getConfig()->get( MainConfigNames::ChangeCredentialsBlacklist )

        );

        if ( count( $reqs ) !== 1 ) {

            $this->dieWithError( 'apierror-changeauth-norequest', 'badrequest' );

        }

        $req = reset( $reqs );


        // Make the change

        $status = $this->authManager->allowsAuthenticationDataChange( $req, true );

        $this->getHookRunner()->onChangeAuthenticationDataAudit( $req, $status );

        if ( !$status->isGood() ) {

            $this->dieStatus( $status );

        }

        $this->authManager->changeAuthenticationData( $req );


        $this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] );

    }


    public function isWriteMode() {

        return true;

    }


    public function needsToken() {

        return 'csrf';

    }


    public function getAllowedParams() {

        return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE,

            'request'

        );

    }


    public function dynamicParameterDocumentation() {

        return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ];

    }


    protected function getExamplesMessages() {

        return [

            'action=changeauthenticationdata' .

                '&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' .

                '&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC'

                => 'apihelp-changeauthenticationdata-example-password',

        ];

    }


    public function getHelpUrls() {

        return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';

    }


}


ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition ApiAuthManagerHelper.php:39

ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
Definition ApiAuthManagerHelper.php:359

ApiAuthManagerHelper\blacklistAuthenticationRequests
static blacklistAuthenticationRequests(array $reqs, array $remove)
Filter out authentication requests by class name.
Definition ApiAuthManagerHelper.php:132

ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:64

ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1542

ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:680

ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition ApiBase.php:1598

ApiBase\getHookRunner
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition ApiBase.php:765

ApiChangeAuthenticationData
Change authentication data with AuthManager.
Definition ApiChangeAuthenticationData.php:31

ApiChangeAuthenticationData\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition ApiChangeAuthenticationData.php:97

ApiChangeAuthenticationData\__construct
__construct(ApiMain $main, $action, AuthManager $authManager)
Definition ApiChangeAuthenticationData.php:39

ApiChangeAuthenticationData\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition ApiChangeAuthenticationData.php:106

ApiChangeAuthenticationData\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition ApiChangeAuthenticationData.php:79

ApiChangeAuthenticationData\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition ApiChangeAuthenticationData.php:83

ApiChangeAuthenticationData\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition ApiChangeAuthenticationData.php:87

ApiChangeAuthenticationData\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition ApiChangeAuthenticationData.php:48

ApiChangeAuthenticationData\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition ApiChangeAuthenticationData.php:93

ApiMain
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:65

MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition AuthManager.php:110

MediaWiki\Context\ContextSource\getUser
getUser()
Definition ContextSource.php:161

MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:22