MediaWiki master
ResetPasswordSecondaryAuthenticationProvider.php
Go to the documentation of this file.
1<?php
22namespace MediaWiki\Auth;
23
26
41
42 public function getAuthenticationRequests( $action, array $options ) {
43 return [];
44 }
45
46 public function beginSecondaryAuthentication( $user, array $reqs ) {
47 return $this->tryReset( $user, $reqs );
48 }
49
50 public function continueSecondaryAuthentication( $user, array $reqs ) {
51 return $this->tryReset( $user, $reqs );
52 }
53
54 public function beginSecondaryAccountCreation( $user, $creator, array $reqs ) {
55 return $this->tryReset( $user, $reqs );
56 }
57
58 public function continueSecondaryAccountCreation( $user, $creator, array $reqs ) {
59 return $this->tryReset( $user, $reqs );
60 }
61
68 protected function tryReset( User $user, array $reqs ) {
69 $data = $this->manager->getAuthenticationSessionData( 'reset-pass' );
70 if ( !$data ) {
72 }
73
74 if ( is_array( $data ) ) {
75 $data = (object)$data;
76 }
77 if ( !is_object( $data ) ) {
78 throw new \UnexpectedValueException( 'reset-pass is not valid' );
79 }
80
81 if ( !isset( $data->msg ) ) {
82 throw new \UnexpectedValueException( 'reset-pass msg is missing' );
83 } elseif ( !$data->msg instanceof Message ) {
84 throw new \UnexpectedValueException( 'reset-pass msg is not valid' );
85 } elseif ( !isset( $data->hard ) ) {
86 throw new \UnexpectedValueException( 'reset-pass hard is missing' );
87 } elseif ( isset( $data->req ) && (
88 !$data->req instanceof PasswordAuthenticationRequest ||
89 !array_key_exists( 'retype', $data->req->getFieldInfo() )
90 ) ) {
91 throw new \UnexpectedValueException( 'reset-pass req is not valid' );
92 }
93
94 if ( !$data->hard ) {
95 $req = ButtonAuthenticationRequest::getRequestByName( $reqs, 'skipReset' );
96 if ( $req ) {
97 $this->manager->removeAuthenticationSessionData( 'reset-pass' );
99 }
100 }
101
103 $needReq = $data->req ?? new PasswordAuthenticationRequest();
104 '@phan-var PasswordAuthenticationRequest $needReq';
105 if ( !$needReq->action ) {
106 $needReq->action = AuthManager::ACTION_CHANGE;
107 }
108 $needReq->required = $data->hard ? AuthenticationRequest::REQUIRED
110 $needReqs = [ $needReq ];
111 if ( !$data->hard ) {
112 $needReqs[] = new ButtonAuthenticationRequest(
113 'skipReset',
114 wfMessage( 'authprovider-resetpass-skip-label' ),
115 wfMessage( 'authprovider-resetpass-skip-help' )
116 );
117 }
118
120 $req = AuthenticationRequest::getRequestByClass( $reqs, get_class( $needReq ) );
121 '@phan-var PasswordAuthenticationRequest $req';
122 if ( !$req || !array_key_exists( 'retype', $req->getFieldInfo() ) ) {
123 return AuthenticationResponse::newUI( $needReqs, $data->msg, 'warning' );
124 }
125
126 if ( $req->password !== $req->retype ) {
127 return AuthenticationResponse::newUI( $needReqs, new Message( 'badretype' ), 'error' );
128 }
129
130 $req->username = $user->getName();
131 $status = $this->manager->allowsAuthenticationDataChange( $req );
132 if ( !$status->isGood() ) {
133 return AuthenticationResponse::newUI( $needReqs, $status->getMessage(), 'error' );
134 }
135 $this->manager->changeAuthenticationData( $req );
136
137 $this->manager->removeAuthenticationSessionData( 'reset-pass' );
139 }
140}
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
A base class that implements some of the boilerplate for a SecondaryAuthenticationProvider.
const ACTION_CHANGE
Change a user's credentials.
const OPTIONAL
Indicates that the request is not required for authentication to proceed.
const REQUIRED
Indicates that the request is required for authentication to proceed.
static getRequestByClass(array $reqs, $class, $allowSubclasses=false)
Select a request by class name.
static newUI(array $reqs, Message $msg, $msgtype='warning')
This is an authentication request that just implements a simple button.
static getRequestByName(array $reqs, $name)
Fetch a ButtonAuthenticationRequest or subclass by name.
This is a value object for authentication requests with a username and password.
Reset the local password, if signalled via $this->manager->setAuthenticationSessionData()
continueSecondaryAccountCreation( $user, $creator, array $reqs)
Continue an authentication flow.AuthenticationResponse Expected responses:PASS: The user creation is ...
continueSecondaryAuthentication( $user, array $reqs)
Continue an authentication flow.AuthenticationResponse Expected responses:PASS: The user is authentic...
beginSecondaryAccountCreation( $user, $creator, array $reqs)
Start an account creation flow.
getAuthenticationRequests( $action, array $options)
Return the applicable list of AuthenticationRequests.
The Message class deals with fetching and processing of interface message into a variety of formats.
Definition Message.php:158
internal since 1.36
Definition User.php:94
getName()
Get the user name, or the IP of an anonymous user.
Definition User.php:1564