MediaWiki master
ApiClientLogin.php
Go to the documentation of this file.
1<?php
27
33class ApiClientLogin extends ApiBase {
34
35 private AuthManager $authManager;
36 private UrlUtils $urlUtils;
37
44 public function __construct(
45 ApiMain $main,
46 $action,
47 AuthManager $authManager,
48 UrlUtils $urlUtils
49 ) {
50 parent::__construct( $main, $action, 'login' );
51 $this->authManager = $authManager;
52 $this->urlUtils = $urlUtils;
53 }
54
55 public function getFinalDescription() {
56 // A bit of a hack to append 'api-help-authmanager-general-usage'
57 $msgs = parent::getFinalDescription();
58 $msgs[] = $this->msg( 'api-help-authmanager-general-usage',
59 $this->getModulePrefix(),
60 $this->getModuleName(),
61 $this->getModulePath(),
62 AuthManager::ACTION_LOGIN,
63 $this->needsToken(),
64 );
65 return $msgs;
66 }
67
68 public function execute() {
70
71 $this->requireAtLeastOneParameter( $params, 'continue', 'returnurl' );
72
73 if ( $params['returnurl'] !== null ) {
74 $bits = $this->urlUtils->parse( $params['returnurl'] );
75 if ( !$bits || $bits['scheme'] === '' ) {
76 $encParamName = $this->encodeParamName( 'returnurl' );
77 $this->dieWithError(
78 [ 'apierror-badurl', $encParamName, wfEscapeWikiText( $params['returnurl'] ) ],
79 "badurl_{$encParamName}"
80 );
81 }
82 }
83
84 $helper = new ApiAuthManagerHelper( $this, $this->authManager );
85
86 // Make sure it's possible to log in
87 if ( !$this->authManager->canAuthenticateNow() ) {
88 $res = AuthenticationResponse::newFail( $this->msg( 'userlogin-cannot-' . AuthManager::ACTION_LOGIN ) );
89 $this->getResult()->addValue( null, 'clientlogin',
90 $helper->formatAuthenticationResponse( $res ) );
91 $helper->logAuthenticationResult( 'login', $res );
92 return;
93 }
94
95 // Perform the login step
96 if ( $params['continue'] ) {
97 $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LOGIN_CONTINUE );
98 $res = $this->authManager->continueAuthentication( $reqs );
99 } else {
100 $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LOGIN );
101 if ( $params['preservestate'] ) {
102 $req = $helper->getPreservedRequest();
103 if ( $req ) {
104 $reqs[] = $req;
105 }
106 }
107 $res = $this->authManager->beginAuthentication( $reqs, $params['returnurl'] );
108 }
109
110 // Remove CreateFromLoginAuthenticationRequest from $res->neededRequests.
111 // It's there so a RESTART treated as UI will work right, but showing
112 // it to the API client is just confusing.
114 $res->neededRequests, [ CreateFromLoginAuthenticationRequest::class ]
115 );
116
117 $this->getResult()->addValue( null, 'clientlogin',
118 $helper->formatAuthenticationResponse( $res ) );
119 $helper->logAuthenticationResult( 'login', $res );
120 }
121
122 public function isReadMode() {
123 return false;
124 }
125
126 public function isWriteMode() {
127 // (T283394) Logging in triggers some database writes, so should be marked appropriately.
128 return true;
129 }
130
131 public function needsToken() {
132 return 'login';
133 }
134
135 public function getAllowedParams() {
136 return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_LOGIN,
137 'requests', 'messageformat', 'mergerequestfields', 'preservestate', 'returnurl', 'continue'
138 );
139 }
140
142 return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_LOGIN ];
143 }
144
145 protected function getExamplesMessages() {
146 return [
147 'action=clientlogin&username=Example&password=ExamplePassword&'
148 . 'loginreturnurl=http://example.org/&logintoken=123ABC'
149 => 'apihelp-clientlogin-example-login',
150 'action=clientlogin&logincontinue=1&OATHToken=987654&logintoken=123ABC'
151 => 'apihelp-clientlogin-example-login2',
152 ];
153 }
154
155 public function getHelpUrls() {
156 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Login';
157 }
158}
wfEscapeWikiText( $input)
Escapes the given text so that it may be output using addWikiText() without any linking,...
array $params
The job parameters.
Helper class for AuthManager-using API modules.
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
static blacklistAuthenticationRequests(array $reqs, array $remove)
Filter out authentication requests by class name.
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:67
dieWithError( $msg, $code=null, $data=null, $httpCode=0)
Abort execution with an error.
Definition ApiBase.php:1567
getModulePrefix()
Get parameter prefix (usually two letters or an empty string).
Definition ApiBase.php:570
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition ApiBase.php:819
requireAtLeastOneParameter( $params,... $required)
Die if 0 of a certain set of parameters is set and not false.
Definition ApiBase.php:1040
getResult()
Get the result object.
Definition ApiBase.php:700
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:841
getModulePath()
Get the path to this module.
Definition ApiBase.php:640
getModuleName()
Get the name of the module being executed by this instance.
Definition ApiBase.php:561
Log in to the wiki with AuthManager.
__construct(ApiMain $main, $action, AuthManager $authManager, UrlUtils $urlUtils)
isWriteMode()
Indicates whether this module requires write access to the wiki.
getFinalDescription()
Get the final module description, after hooks have had a chance to tweak it as needed.
getHelpUrls()
Return links to more detailed help pages about the module.
isReadMode()
Indicates whether this module requires read rights.
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
getExamplesMessages()
Returns usage examples for this module.
needsToken()
Returns the token type this module requires in order to execute.
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:68
This serves as the entry point to the authentication system.
This is a value object to hold authentication response data.
This transfers state between the login and account creation flows.
msg( $key,... $params)
Get a Message object with context set Parameters are the same as wfMessage()
A service to expand, parse, and otherwise manipulate URLs.
Definition UrlUtils.php:16