MediaWiki  master
ApiLinkAccount.php
Go to the documentation of this file.
1 <?php
25 
31 class ApiLinkAccount extends ApiBase {
32 
34  private $authManager;
35 
41  public function __construct(
42  ApiMain $main,
43  $action,
45  ) {
46  parent::__construct( $main, $action, 'link' );
47  $this->authManager = $authManager;
48  }
49 
50  public function getFinalDescription() {
51  // A bit of a hack to append 'api-help-authmanager-general-usage'
52  $msgs = parent::getFinalDescription();
53  $msgs[] = ApiBase::makeMessage( 'api-help-authmanager-general-usage', $this->getContext(), [
54  $this->getModulePrefix(),
55  $this->getModuleName(),
56  $this->getModulePath(),
57  AuthManager::ACTION_LINK,
58  self::needsToken(),
59  ] );
60  return $msgs;
61  }
62 
63  public function execute() {
64  if ( !$this->getUser()->isRegistered() ) {
65  $this->dieWithError( 'apierror-mustbeloggedin-linkaccounts', 'notloggedin' );
66  }
67 
68  $params = $this->extractRequestParams();
69 
70  $this->requireAtLeastOneParameter( $params, 'continue', 'returnurl' );
71 
72  if ( $params['returnurl'] !== null ) {
73  $bits = wfParseUrl( $params['returnurl'] );
74  if ( !$bits || $bits['scheme'] === '' ) {
75  $encParamName = $this->encodeParamName( 'returnurl' );
76  $this->dieWithError(
77  [ 'apierror-badurl', $encParamName, wfEscapeWikiText( $params['returnurl'] ) ],
78  "badurl_{$encParamName}"
79  );
80  }
81  }
82 
83  $helper = new ApiAuthManagerHelper( $this, $this->authManager );
84 
85  // Check security-sensitive operation status
86  $helper->securitySensitiveOperation( 'LinkAccounts' );
87 
88  // Make sure it's possible to link accounts
89  if ( !$this->authManager->canLinkAccounts() ) {
90  $this->getResult()->addValue( null, 'linkaccount', $helper->formatAuthenticationResponse(
91  AuthenticationResponse::newFail( $this->msg( 'userlogin-cannot-' . AuthManager::ACTION_LINK ) )
92  ) );
93  return;
94  }
95 
96  // Perform the link step
97  if ( $params['continue'] ) {
98  $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LINK_CONTINUE );
99  $res = $this->authManager->continueAccountLink( $reqs );
100  } else {
101  $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LINK );
102  $res = $this->authManager->beginAccountLink( $this->getUser(), $reqs, $params['returnurl'] );
103  }
104 
105  $this->getResult()->addValue( null, 'linkaccount',
106  $helper->formatAuthenticationResponse( $res ) );
107  }
108 
109  public function isReadMode() {
110  return false;
111  }
112 
113  public function isWriteMode() {
114  return true;
115  }
116 
117  public function needsToken() {
118  return 'csrf';
119  }
120 
121  public function getAllowedParams() {
122  return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_LINK,
123  'requests', 'messageformat', 'mergerequestfields', 'returnurl', 'continue'
124  );
125  }
126 
127  public function dynamicParameterDocumentation() {
128  return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_LINK ];
129  }
130 
131  protected function getExamplesMessages() {
132  return [
133  'action=linkaccount&provider=Example&linkreturnurl=http://example.org/&linktoken=123ABC'
134  => 'apihelp-linkaccount-example-link',
135  ];
136  }
137 
138  public function getHelpUrls() {
139  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Linkaccount';
140  }
141 }
wfParseUrl( $url)
parse_url() work-alike, but non-broken.
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Helper class for AuthManager-using API modules.
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:56
getModulePrefix()
Get parameter prefix (usually two letters or an empty string).
Definition: ApiBase.php:506
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition: ApiBase.php:743
static makeMessage( $msg, IContextSource $context, array $params=null)
Create a Message from a string or array.
Definition: ApiBase.php:1225
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:1458
requireAtLeastOneParameter( $params,... $required)
Die if none of a certain set of parameters is set and not false.
Definition: ApiBase.php:963
getResult()
Get the result object.
Definition: ApiBase.php:629
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:765
getModulePath()
Get the path to this module.
Definition: ApiBase.php:573
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:498
Link an account with AuthManager.
isWriteMode()
Indicates whether this module requires write mode.
isReadMode()
Indicates whether this module requires read rights.
__construct(ApiMain $main, $action, AuthManager $authManager)
AuthManager $authManager
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
getHelpUrls()
Return links to more detailed help pages about the module.
getFinalDescription()
Get final module description, after hooks have had a chance to tweak it as needed.
needsToken()
Returns the token type this module requires in order to execute.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
getExamplesMessages()
Returns usage examples for this module.
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:52
getContext()
Get the base IContextSource object.
This serves as the entry point to the authentication system.
This is a value object to hold authentication response data.