MediaWiki master
ApiChangeAuthenticationData.php
Go to the documentation of this file.
1<?php
9namespace MediaWiki\Api;
10
11use MediaWiki\Auth\AuthManager;
12use MediaWiki\MainConfigNames;
13
19class ApiChangeAuthenticationData extends ApiBase {
20 private AuthManager $authManager;
21
22 public function __construct(
23 ApiMain $main,
24 string $action,
25 AuthManager $authManager
26 ) {
27 parent::__construct( $main, $action, 'changeauth' );
28 $this->authManager = $authManager;
29 }
30
31 public function execute() {
32 if ( !$this->getUser()->isNamed() ) {
33 $this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' );
34 }
35
36 $helper = new ApiAuthManagerHelper( $this, $this->authManager );
37
38 // Check security-sensitive operation status
39 $helper->securitySensitiveOperation( 'ChangeCredentials' );
40
41 // Fetch the request
42 $reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests(
43 $helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ),
44 $this->getConfig()->get( MainConfigNames::ChangeCredentialsBlacklist )
45 );
46 if ( count( $reqs ) !== 1 ) {
47 $this->dieWithError( 'apierror-changeauth-norequest', 'badrequest' );
48 }
49 $req = reset( $reqs );
50
51 // Make the change
52 $status = $this->authManager->allowsAuthenticationDataChange( $req, true );
53 $this->getHookRunner()->onChangeAuthenticationDataAudit( $req, $status );
54 if ( !$status->isGood() ) {
55 $this->dieStatus( $status );
56 }
57 $this->authManager->changeAuthenticationData( $req );
58
59 $this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] );
60 }
61
63 public function isWriteMode() {
64 return true;
65 }
66
68 public function needsToken() {
69 return 'csrf';
70 }
71
73 public function getAllowedParams() {
74 return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE,
75 'request'
76 );
77 }
78
80 public function dynamicParameterDocumentation() {
81 return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ];
82 }
83
85 protected function getExamplesMessages() {
86 return [
87 'action=changeauthenticationdata' .
88 '&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' .
89 '&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC'
90 => 'apihelp-changeauthenticationdata-example-password',
91 ];
92 }
93
95 public function getHelpUrls() {
96 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data';
97 }
98}
99
101class_alias( ApiChangeAuthenticationData::class, 'ApiChangeAuthenticationData' );
MediaWiki\Api\ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition ApiAuthManagerHelper.php:31
MediaWiki\Api\ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
Definition ApiAuthManagerHelper.php:363
MediaWiki\Api\ApiAuthManagerHelper\blacklistAuthenticationRequests
static blacklistAuthenticationRequests(array $reqs, array $remove)
Filter out authentication requests by class name.
Definition ApiAuthManagerHelper.php:133
MediaWiki\Api\ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:61
MediaWiki\Api\ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1511
MediaWiki\Api\ApiBase\getHookRunner
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition ApiBase.php:767
MediaWiki\Api\ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:682
MediaWiki\Api\ApiBase\dieStatus
dieStatus(StatusValue $status)
Throw an ApiUsageException based on the Status object.
Definition ApiBase.php:1562
MediaWiki\Api\ApiChangeAuthenticationData
Change authentication data with AuthManager.
Definition ApiChangeAuthenticationData.php:19
MediaWiki\Api\ApiChangeAuthenticationData\__construct
__construct(ApiMain $main, string $action, AuthManager $authManager)
Definition ApiChangeAuthenticationData.php:22
MediaWiki\Api\ApiChangeAuthenticationData\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition ApiChangeAuthenticationData.php:80
MediaWiki\Api\ApiChangeAuthenticationData\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition ApiChangeAuthenticationData.php:73
MediaWiki\Api\ApiChangeAuthenticationData\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition ApiChangeAuthenticationData.php:31
MediaWiki\Api\ApiChangeAuthenticationData\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.Return value has query strings as keys, with values being eith...
Definition ApiChangeAuthenticationData.php:85
MediaWiki\Api\ApiChangeAuthenticationData\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.1.25, returning boolean false is deprecated...
Definition ApiChangeAuthenticationData.php:95
MediaWiki\Api\ApiChangeAuthenticationData\isWriteMode
isWriteMode()
Indicates whether this module requires write access to the wiki.API modules must override this method...
Definition ApiChangeAuthenticationData.php:63
MediaWiki\Api\ApiChangeAuthenticationData\needsToken
needsToken()
Returns the token type this module requires in order to execute.Modules are strongly encouraged to us...
Definition ApiChangeAuthenticationData.php:68
MediaWiki\Api\ApiMain
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:66
MediaWiki\Auth\AuthManager
AuthManager is the authentication system in MediaWiki and serves entry point for authentication.
Definition AuthManager.php:109
MediaWiki\MainConfigNames
A class containing constants representing the names of configuration variables.
Definition MainConfigNames.php:22
MediaWiki\MainConfigNames\ChangeCredentialsBlacklist
const ChangeCredentialsBlacklist
Name constant for the ChangeCredentialsBlacklist setting, for use with Config::get()
Definition MainConfigNames.php:2595