MediaWiki  master
ApiLinkAccount.php
Go to the documentation of this file.
1 <?php
25 
31 class ApiLinkAccount extends ApiBase {
32 
34  private $authManager;
35 
41  public function __construct(
42  ApiMain $main,
43  $action,
45  ) {
46  parent::__construct( $main, $action, 'link' );
47  $this->authManager = $authManager;
48  }
49 
50  public function getFinalDescription() {
51  // A bit of a hack to append 'api-help-authmanager-general-usage'
52  $msgs = parent::getFinalDescription();
53  $msgs[] = ApiBase::makeMessage( 'api-help-authmanager-general-usage', $this->getContext(), [
54  $this->getModulePrefix(),
55  $this->getModuleName(),
56  $this->getModulePath(),
57  AuthManager::ACTION_LINK,
58  self::needsToken(),
59  ] );
60  return $msgs;
61  }
62 
63  public function execute() {
64  if ( !$this->getUser()->isRegistered() ) {
65  $this->dieWithError( 'apierror-mustbeloggedin-linkaccounts', 'notloggedin' );
66  }
67 
68  $params = $this->extractRequestParams();
69 
70  $this->requireAtLeastOneParameter( $params, 'continue', 'returnurl' );
71 
72  if ( $params['returnurl'] !== null ) {
73  $bits = wfParseUrl( $params['returnurl'] );
74  if ( !$bits || $bits['scheme'] === '' ) {
75  $encParamName = $this->encodeParamName( 'returnurl' );
76  $this->dieWithError(
77  [ 'apierror-badurl', $encParamName, wfEscapeWikiText( $params['returnurl'] ) ],
78  "badurl_{$encParamName}"
79  );
80  }
81  }
82 
83  $helper = new ApiAuthManagerHelper( $this, $this->authManager );
84 
85  // Check security-sensitive operation status
86  $helper->securitySensitiveOperation( 'LinkAccounts' );
87 
88  // Make sure it's possible to link accounts
89  if ( !$this->authManager->canLinkAccounts() ) {
90  $this->getResult()->addValue( null, 'linkaccount', $helper->formatAuthenticationResponse(
91  AuthenticationResponse::newFail( $this->msg( 'userlogin-cannot-' . AuthManager::ACTION_LINK ) )
92  ) );
93  return;
94  }
95 
96  // Perform the link step
97  if ( $params['continue'] ) {
98  $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LINK_CONTINUE );
99  $res = $this->authManager->continueAccountLink( $reqs );
100  } else {
101  $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LINK );
102  $res = $this->authManager->beginAccountLink( $this->getUser(), $reqs, $params['returnurl'] );
103  }
104 
105  $this->getResult()->addValue( null, 'linkaccount',
106  $helper->formatAuthenticationResponse( $res ) );
107  }
108 
109  public function isReadMode() {
110  return false;
111  }
112 
113  public function isWriteMode() {
114  return true;
115  }
116 
117  public function needsToken() {
118  return 'csrf';
119  }
120 
121  public function getAllowedParams() {
122  return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_LINK,
123  'requests', 'messageformat', 'mergerequestfields', 'returnurl', 'continue'
124  );
125  }
126 
127  public function dynamicParameterDocumentation() {
128  return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_LINK ];
129  }
130 
131  protected function getExamplesMessages() {
132  return [
133  'action=linkaccount&provider=Example&linkreturnurl=http://example.org/&linktoken=123ABC'
134  => 'apihelp-linkaccount-example-link',
135  ];
136  }
137 
138  public function getHelpUrls() {
139  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Linkaccount';
140  }
141 }
ApiLinkAccount\isReadMode
isReadMode()
Indicates whether this module requires read rights.
Definition: ApiLinkAccount.php:109
ApiMain
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:49
ContextSource\getContext
getContext()
Get the base IContextSource object.
Definition: ContextSource.php:47
ApiLinkAccount\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiLinkAccount.php:131
ApiLinkAccount\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition: ApiLinkAccount.php:117
ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:1436
ApiLinkAccount\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition: ApiLinkAccount.php:138
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:628
ApiBase\makeMessage
static makeMessage( $msg, IContextSource $context, array $params=null)
Create a Message from a string or array.
Definition: ApiBase.php:1216
ApiLinkAccount\$authManager
AuthManager $authManager
Definition: ApiLinkAccount.php:34
ApiLinkAccount
Link an account with AuthManager.
Definition: ApiLinkAccount.php:31
ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
Definition: ApiAuthManagerHelper.php:363
$res
$res
Definition: testCompression.php:57
ContextSource\getUser
getUser()
Definition: ContextSource.php:136
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:55
wfParseUrl
wfParseUrl( $url)
parse_url() work-alike, but non-broken.
Definition: GlobalFunctions.php:776
ApiBase\getModulePath
getModulePath()
Get the path to this module.
Definition: ApiBase.php:572
MediaWiki\Auth\AuthenticationResponse
This is a value object to hold authentication response data.
Definition: AuthenticationResponse.php:37
ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition: ApiAuthManagerHelper.php:37
ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:764
ApiBase\requireAtLeastOneParameter
requireAtLeastOneParameter( $params,... $required)
Die if none of a certain set of parameters is set and not false.
Definition: ApiBase.php:961
ApiLinkAccount\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition: ApiLinkAccount.php:127
ApiBase\getModulePrefix
getModulePrefix()
Get parameter prefix (usually two letters or an empty string).
Definition: ApiBase.php:505
ApiBase\encodeParamName
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition: ApiBase.php:742
ApiLinkAccount\getFinalDescription
getFinalDescription()
Get final module description, after hooks have had a chance to tweak it as needed.
Definition: ApiLinkAccount.php:50
wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition: GlobalFunctions.php:1456
MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition: AuthManager.php:102
ApiLinkAccount\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiLinkAccount.php:63
ApiLinkAccount\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition: ApiLinkAccount.php:113
ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:497
ApiLinkAccount\__construct
__construct(ApiMain $main, $action, AuthManager $authManager)
Definition: ApiLinkAccount.php:41
ApiLinkAccount\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition: ApiLinkAccount.php:121