MediaWiki  master
ApiLinkAccount.php
Go to the documentation of this file.
1 <?php
26 
32 class ApiLinkAccount extends ApiBase {
33 
34  public function __construct( ApiMain $main, $action ) {
35  parent::__construct( $main, $action, 'link' );
36  }
37 
38  public function getFinalDescription() {
39  // A bit of a hack to append 'api-help-authmanager-general-usage'
40  $msgs = parent::getFinalDescription();
41  $msgs[] = ApiBase::makeMessage( 'api-help-authmanager-general-usage', $this->getContext(), [
42  $this->getModulePrefix(),
43  $this->getModuleName(),
44  $this->getModulePath(),
45  AuthManager::ACTION_LINK,
46  self::needsToken(),
47  ] );
48  return $msgs;
49  }
50 
51  public function execute() {
52  if ( !$this->getUser()->isLoggedIn() ) {
53  $this->dieWithError( 'apierror-mustbeloggedin-linkaccounts', 'notloggedin' );
54  }
55 
56  $params = $this->extractRequestParams();
57 
58  $this->requireAtLeastOneParameter( $params, 'continue', 'returnurl' );
59 
60  if ( $params['returnurl'] !== null ) {
61  $bits = wfParseUrl( $params['returnurl'] );
62  if ( !$bits || $bits['scheme'] === '' ) {
63  $encParamName = $this->encodeParamName( 'returnurl' );
64  $this->dieWithError(
65  [ 'apierror-badurl', $encParamName, wfEscapeWikiText( $params['returnurl'] ) ],
66  "badurl_{$encParamName}"
67  );
68  }
69  }
70 
71  $manager = MediaWikiServices::getInstance()->getAuthManager();
72  $helper = new ApiAuthManagerHelper( $this, $manager );
73 
74  // Check security-sensitive operation status
75  $helper->securitySensitiveOperation( 'LinkAccounts' );
76 
77  // Make sure it's possible to link accounts
78  if ( !$manager->canLinkAccounts() ) {
79  $this->getResult()->addValue( null, 'linkaccount', $helper->formatAuthenticationResponse(
80  AuthenticationResponse::newFail( $this->msg( 'userlogin-cannot-' . AuthManager::ACTION_LINK ) )
81  ) );
82  return;
83  }
84 
85  // Perform the link step
86  if ( $params['continue'] ) {
87  $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LINK_CONTINUE );
88  $res = $manager->continueAccountLink( $reqs );
89  } else {
90  $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LINK );
91  $res = $manager->beginAccountLink( $this->getUser(), $reqs, $params['returnurl'] );
92  }
93 
94  $this->getResult()->addValue( null, 'linkaccount',
95  $helper->formatAuthenticationResponse( $res ) );
96  }
97 
98  public function isReadMode() {
99  return false;
100  }
101 
102  public function isWriteMode() {
103  return true;
104  }
105 
106  public function needsToken() {
107  return 'csrf';
108  }
109 
110  public function getAllowedParams() {
111  return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_LINK,
112  'requests', 'messageformat', 'mergerequestfields', 'returnurl', 'continue'
113  );
114  }
115 
116  public function dynamicParameterDocumentation() {
117  return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_LINK ];
118  }
119 
120  protected function getExamplesMessages() {
121  return [
122  'action=linkaccount&provider=Example&linkreturnurl=http://example.org/&linktoken=123ABC'
123  => 'apihelp-linkaccount-example-link',
124  ];
125  }
126 
127  public function getHelpUrls() {
128  return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Linkaccount';
129  }
130 }
ApiLinkAccount\isReadMode
isReadMode()
Indicates whether this module requires read rights Stable for overriding.
Definition: ApiLinkAccount.php:98
ApiMain
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:47
ApiLinkAccount\__construct
__construct(ApiMain $main, $action)
Definition: ApiLinkAccount.php:34
ContextSource\getContext
getContext()
Get the base IContextSource object.
Definition: ContextSource.php:42
ApiLinkAccount\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiLinkAccount.php:120
ApiLinkAccount\needsToken
needsToken()
Returns the token type this module requires in order to execute.
Definition: ApiLinkAccount.php:106
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition: MediaWikiServices.php:152
ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition: ApiBase.php:1436
ApiLinkAccount\getHelpUrls
getHelpUrls()
Return links to more detailed help pages about the module.
Definition: ApiLinkAccount.php:127
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:564
ApiBase\makeMessage
static makeMessage( $msg, IContextSource $context, array $params=null)
Create a Message from a string or array.
Definition: ApiBase.php:1222
ApiLinkAccount
Link an account with AuthManager.
Definition: ApiLinkAccount.php:32
ApiAuthManagerHelper\getStandardParams
static getStandardParams( $action,... $wantedParams)
Fetch the standard parameters this helper recognizes.
Definition: ApiAuthManagerHelper.php:362
$res
$res
Definition: testCompression.php:57
ContextSource\getUser
getUser()
Stable for overriding.
Definition: ContextSource.php:131
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:52
wfParseUrl
wfParseUrl( $url)
parse_url() work-alike, but non-broken.
Definition: GlobalFunctions.php:791
ApiBase\getModulePath
getModulePath()
Get the path to this module.
Definition: ApiBase.php:508
MediaWiki\Auth\AuthenticationResponse
This is a value object to hold authentication response data.
Definition: AuthenticationResponse.php:37
ApiAuthManagerHelper
Helper class for AuthManager-using API modules.
Definition: ApiAuthManagerHelper.php:37
ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:716
ApiBase\requireAtLeastOneParameter
requireAtLeastOneParameter( $params,... $required)
Die if none of a certain set of parameters is set and not false.
Definition: ApiBase.php:913
ApiLinkAccount\dynamicParameterDocumentation
dynamicParameterDocumentation()
Indicate if the module supports dynamically-determined parameters that cannot be included in self::ge...
Definition: ApiLinkAccount.php:116
ApiBase\getModulePrefix
getModulePrefix()
Get parameter prefix (usually two letters or an empty string).
Definition: ApiBase.php:451
ApiBase\encodeParamName
encodeParamName( $paramName)
This method mangles parameter name based on the prefix supplied to the constructor.
Definition: ApiBase.php:694
ApiLinkAccount\getFinalDescription
getFinalDescription()
Get final module description, after hooks have had a chance to tweak it as needed.
Definition: ApiLinkAccount.php:38
wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition: GlobalFunctions.php:1487
MediaWiki\Auth\AuthManager
This serves as the entry point to the authentication system.
Definition: AuthManager.php:88
ApiLinkAccount\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiLinkAccount.php:51
ApiLinkAccount\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition: ApiLinkAccount.php:102
ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:443
ApiLinkAccount\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition: ApiLinkAccount.php:110