MediaWiki  master
ResetPasswordSecondaryAuthenticationProvider.php
Go to the documentation of this file.
1 <?php
22 namespace MediaWiki\Auth;
23 
25 
40 
41  public function getAuthenticationRequests( $action, array $options ) {
42  return [];
43  }
44 
45  public function beginSecondaryAuthentication( $user, array $reqs ) {
46  return $this->tryReset( $user, $reqs );
47  }
48 
49  public function continueSecondaryAuthentication( $user, array $reqs ) {
50  return $this->tryReset( $user, $reqs );
51  }
52 
53  public function beginSecondaryAccountCreation( $user, $creator, array $reqs ) {
54  return $this->tryReset( $user, $reqs );
55  }
56 
57  public function continueSecondaryAccountCreation( $user, $creator, array $reqs ) {
58  return $this->tryReset( $user, $reqs );
59  }
60 
67  protected function tryReset( User $user, array $reqs ) {
68  $data = $this->manager->getAuthenticationSessionData( 'reset-pass' );
69  if ( !$data ) {
71  }
72 
73  if ( is_array( $data ) ) {
74  $data = (object)$data;
75  }
76  if ( !is_object( $data ) ) {
77  throw new \UnexpectedValueException( 'reset-pass is not valid' );
78  }
79 
80  if ( !isset( $data->msg ) ) {
81  throw new \UnexpectedValueException( 'reset-pass msg is missing' );
82  } elseif ( !$data->msg instanceof \Message ) {
83  throw new \UnexpectedValueException( 'reset-pass msg is not valid' );
84  } elseif ( !isset( $data->hard ) ) {
85  throw new \UnexpectedValueException( 'reset-pass hard is missing' );
86  } elseif ( isset( $data->req ) && (
87  !$data->req instanceof PasswordAuthenticationRequest ||
88  !array_key_exists( 'retype', $data->req->getFieldInfo() )
89  ) ) {
90  throw new \UnexpectedValueException( 'reset-pass req is not valid' );
91  }
92 
93  if ( !$data->hard ) {
94  $req = ButtonAuthenticationRequest::getRequestByName( $reqs, 'skipReset' );
95  if ( $req ) {
96  $this->manager->removeAuthenticationSessionData( 'reset-pass' );
98  }
99  }
100 
102  $needReq = $data->req ?? new PasswordAuthenticationRequest();
103  '@phan-var PasswordAuthenticationRequest $needReq';
104  if ( !$needReq->action ) {
105  $needReq->action = AuthManager::ACTION_CHANGE;
106  }
107  $needReq->required = $data->hard ? AuthenticationRequest::REQUIRED
109  $needReqs = [ $needReq ];
110  if ( !$data->hard ) {
111  $needReqs[] = new ButtonAuthenticationRequest(
112  'skipReset',
113  wfMessage( 'authprovider-resetpass-skip-label' ),
114  wfMessage( 'authprovider-resetpass-skip-help' )
115  );
116  }
117 
119  $req = AuthenticationRequest::getRequestByClass( $reqs, get_class( $needReq ) );
120  '@phan-var PasswordAuthenticationRequest $req';
121  if ( !$req || !array_key_exists( 'retype', $req->getFieldInfo() ) ) {
122  return AuthenticationResponse::newUI( $needReqs, $data->msg, 'warning' );
123  }
124 
125  if ( $req->password !== $req->retype ) {
126  return AuthenticationResponse::newUI( $needReqs, new \Message( 'badretype' ), 'error' );
127  }
128 
129  $req->username = $user->getName();
130  $status = $this->manager->allowsAuthenticationDataChange( $req );
131  if ( !$status->isGood() ) {
132  return AuthenticationResponse::newUI( $needReqs, $status->getMessage(), 'error' );
133  }
134  $this->manager->changeAuthenticationData( $req );
135 
136  $this->manager->removeAuthenticationSessionData( 'reset-pass' );
138  }
139 }
wfMessage( $key,... $params)
This is the function for getting translated interface messages.
A base class that implements some of the boilerplate for a SecondaryAuthenticationProvider.
const ACTION_CHANGE
Change a user's credentials.
const OPTIONAL
Indicates that the request is not required for authentication to proceed.
const REQUIRED
Indicates that the request is required for authentication to proceed.
static getRequestByClass(array $reqs, $class, $allowSubclasses=false)
Select a request by class name.
static newUI(array $reqs, Message $msg, $msgtype='warning')
This is an authentication request that just implements a simple button.
static getRequestByName(array $reqs, $name)
Fetch a ButtonAuthenticationRequest or subclass by name.
This is a value object for authentication requests with a username and password.
Reset the local password, if signalled via $this->manager->setAuthenticationSessionData()
continueSecondaryAccountCreation( $user, $creator, array $reqs)
Continue an authentication flow.User being created (has been added to the database)....
continueSecondaryAuthentication( $user, array $reqs)
Continue an authentication flow.User being authenticated. This may become a "UserValue" in the future...
beginSecondaryAccountCreation( $user, $creator, array $reqs)
Start an account creation flow.
getAuthenticationRequests( $action, array $options)
Return the applicable list of AuthenticationRequests.
internal since 1.36
Definition: User.php:98
getName()
Get the user name, or the IP of an anonymous user.
Definition: User.php:1656
The Message class deals with fetching and processing of interface message into a variety of formats.
Definition: Message.php:144