MediaWiki master
ResetPasswordSecondaryAuthenticationProvider.php
Go to the documentation of this file.
1<?php
22namespace MediaWiki\Auth;
23
25
40
41 public function getAuthenticationRequests( $action, array $options ) {
42 return [];
43 }
44
45 public function beginSecondaryAuthentication( $user, array $reqs ) {
46 return $this->tryReset( $user, $reqs );
47 }
48
49 public function continueSecondaryAuthentication( $user, array $reqs ) {
50 return $this->tryReset( $user, $reqs );
51 }
52
53 public function beginSecondaryAccountCreation( $user, $creator, array $reqs ) {
54 return $this->tryReset( $user, $reqs );
55 }
56
57 public function continueSecondaryAccountCreation( $user, $creator, array $reqs ) {
58 return $this->tryReset( $user, $reqs );
59 }
60
67 protected function tryReset( User $user, array $reqs ) {
68 $data = $this->manager->getAuthenticationSessionData( 'reset-pass' );
69 if ( !$data ) {
71 }
72
73 if ( is_array( $data ) ) {
74 $data = (object)$data;
75 }
76 if ( !is_object( $data ) ) {
77 throw new \UnexpectedValueException( 'reset-pass is not valid' );
78 }
79
80 if ( !isset( $data->msg ) ) {
81 throw new \UnexpectedValueException( 'reset-pass msg is missing' );
82 } elseif ( !$data->msg instanceof \Message ) {
83 throw new \UnexpectedValueException( 'reset-pass msg is not valid' );
84 } elseif ( !isset( $data->hard ) ) {
85 throw new \UnexpectedValueException( 'reset-pass hard is missing' );
86 } elseif ( isset( $data->req ) && (
87 !$data->req instanceof PasswordAuthenticationRequest ||
88 !array_key_exists( 'retype', $data->req->getFieldInfo() )
89 ) ) {
90 throw new \UnexpectedValueException( 'reset-pass req is not valid' );
91 }
92
93 if ( !$data->hard ) {
94 $req = ButtonAuthenticationRequest::getRequestByName( $reqs, 'skipReset' );
95 if ( $req ) {
96 $this->manager->removeAuthenticationSessionData( 'reset-pass' );
98 }
99 }
100
102 $needReq = $data->req ?? new PasswordAuthenticationRequest();
103 '@phan-var PasswordAuthenticationRequest $needReq';
104 if ( !$needReq->action ) {
105 $needReq->action = AuthManager::ACTION_CHANGE;
106 }
107 $needReq->required = $data->hard ? AuthenticationRequest::REQUIRED
109 $needReqs = [ $needReq ];
110 if ( !$data->hard ) {
111 $needReqs[] = new ButtonAuthenticationRequest(
112 'skipReset',
113 wfMessage( 'authprovider-resetpass-skip-label' ),
114 wfMessage( 'authprovider-resetpass-skip-help' )
115 );
116 }
117
119 $req = AuthenticationRequest::getRequestByClass( $reqs, get_class( $needReq ) );
120 '@phan-var PasswordAuthenticationRequest $req';
121 if ( !$req || !array_key_exists( 'retype', $req->getFieldInfo() ) ) {
122 return AuthenticationResponse::newUI( $needReqs, $data->msg, 'warning' );
123 }
124
125 if ( $req->password !== $req->retype ) {
126 return AuthenticationResponse::newUI( $needReqs, new \Message( 'badretype' ), 'error' );
127 }
128
129 $req->username = $user->getName();
130 $status = $this->manager->allowsAuthenticationDataChange( $req );
131 if ( !$status->isGood() ) {
132 return AuthenticationResponse::newUI( $needReqs, $status->getMessage(), 'error' );
133 }
134 $this->manager->changeAuthenticationData( $req );
135
136 $this->manager->removeAuthenticationSessionData( 'reset-pass' );
138 }
139}
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
A base class that implements some of the boilerplate for a SecondaryAuthenticationProvider.
const ACTION_CHANGE
Change a user's credentials.
const OPTIONAL
Indicates that the request is not required for authentication to proceed.
const REQUIRED
Indicates that the request is required for authentication to proceed.
static getRequestByClass(array $reqs, $class, $allowSubclasses=false)
Select a request by class name.
static newUI(array $reqs, Message $msg, $msgtype='warning')
This is an authentication request that just implements a simple button.
static getRequestByName(array $reqs, $name)
Fetch a ButtonAuthenticationRequest or subclass by name.
This is a value object for authentication requests with a username and password.
Reset the local password, if signalled via $this->manager->setAuthenticationSessionData()
continueSecondaryAccountCreation( $user, $creator, array $reqs)
Continue an authentication flow.AuthenticationResponse Expected responses:PASS: The user creation is ...
continueSecondaryAuthentication( $user, array $reqs)
Continue an authentication flow.AuthenticationResponse Expected responses:PASS: The user is authentic...
beginSecondaryAccountCreation( $user, $creator, array $reqs)
Start an account creation flow.
getAuthenticationRequests( $action, array $options)
Return the applicable list of AuthenticationRequests.
The Message class deals with fetching and processing of interface message into a variety of formats.
Definition Message.php:157
internal since 1.36
Definition User.php:93
getName()
Get the user name, or the IP of an anonymous user.
Definition User.php:1594