MediaWiki  master
AuthManagerSpecialPage Class Reference

A special page subclass for authentication-related special pages. More...

Inheritance diagram for AuthManagerSpecialPage:
Collaboration diagram for AuthManagerSpecialPage:

Public Member Functions

 getRequest ()
 Get the WebRequest being used for this instance. More...
 
 handleFormSubmit ( $data)
 Submit handler callback for HTMLForm. More...
 
 onAuthChangeFormFields (array $requests, array $fieldInfo, array &$formDescriptor, $action)
 Change the form descriptor that determines how a field will look in the authentication form. More...
 
- Public Member Functions inherited from SpecialPage
 __construct ( $name='', $restriction='', $listed=true, $function=false, $file='', $includable=false)
 Default constructor for special pages Derivative classes should call this from their constructor Note that if the user does not have the required level, an error message will be displayed by the default execute() method, without the global function ever being called. More...
 
 addHelpLink ( $to, $overrideBaseUrl=false)
 Adds help link with an icon via page indicators. More...
 
 checkPermissions ()
 Checks if userCanExecute, and if not throws a PermissionsError. More...
 
 checkReadOnly ()
 If the wiki is currently in readonly mode, throws a ReadOnlyError. More...
 
 doesWrites ()
 Indicates whether this special page may perform database writes. More...
 
 execute ( $subPage)
 Default execute method Checks user permissions. More...
 
 getAuthority ()
 Shortcut to get the Authority executing this instance. More...
 
 getConfig ()
 Shortcut to get main config object. More...
 
 getContentLanguage ()
 Shortcut to get content language. More...
 
 getContext ()
 Gets the context this SpecialPage is executed in. More...
 
 getDescription ()
 Returns the name that goes in the \<h1\> in the special page itself, and also the name that will be listed in Special:Specialpages. More...
 
 getFinalGroupName ()
 Get the group that the special page belongs in on Special:SpecialPage Use this method, instead of getGroupName to allow customization of the group name from the wiki side. More...
 
 getFullTitle ()
 Return the full title, including $par. More...
 
 getLanguage ()
 Shortcut to get user's language. More...
 
 getLinkRenderer ()
 
 getLocalName ()
 Get the localised name of the special page. More...
 
 getName ()
 Get the name of this Special Page. More...
 
 getOutput ()
 Get the OutputPage being used for this instance. More...
 
 getPageTitle ( $subpage=false)
 Get a self-referential title object. More...
 
 getRestriction ()
 Get the permission that a user must have to execute this page. More...
 
 getSkin ()
 Shortcut to get the skin being used for this instance. More...
 
 getUser ()
 Shortcut to get the User executing this instance. More...
 
 including ( $x=null)
 Whether the special page is being evaluated via transclusion. More...
 
 isCached ()
 Is this page cached? Expensive pages are cached or disabled in miser mode. More...
 
 isExpensive ()
 Is this page expensive (for some definition of expensive)? Expensive pages are disabled or cached in miser mode. More...
 
 isIncludable ()
 Whether it's allowed to transclude the special page via {{Special:Foo/params}}. More...
 
 isListed ()
 Whether this special page is listed in Special:SpecialPages. More...
 
 isRestricted ()
 Can be overridden by subclasses with more complicated permissions schemes. More...
 
 listed ( $x=null)
 Get or set whether this special page is listed in Special:SpecialPages. More...
 
 maxIncludeCacheTime ()
 How long to cache page when it is being included. More...
 
 msg ( $key,... $params)
 Wrapper around wfMessage that sets the current context. More...
 
 prefixSearchSubpages ( $search, $limit, $offset)
 Return an array of subpages beginning with $search that this special page will accept. More...
 
 requireLogin ( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin')
 If the user is not logged in, throws UserNotLoggedIn error. More...
 
 run ( $subPage)
 Entry point. More...
 
 setContentLanguage (Language $contentLanguage)
 Set content language. More...
 
 setContext ( $context)
 Sets the context this SpecialPage is executed in. More...
 
 setHookContainer (HookContainer $hookContainer)
 
 setLinkRenderer (LinkRenderer $linkRenderer)
 
 setListed ( $listed)
 Set whether this page is listed in Special:Specialpages, at run-time. More...
 
 setSpecialPageFactory (SpecialPageFactory $specialPageFactory)
 
 userCanExecute (User $user)
 Checks if the given user (identified by an object) can execute this special page (as defined by $mRestriction). More...
 

Protected Member Functions

 addTabIndex (&$formDescriptor)
 Adds a sequential tabindex starting from 1 to all form elements. More...
 
 beforeExecute ( $subPage)
 
 displayForm ( $status)
 Display the form. More...
 
 fieldInfoToFormDescriptor (array $requests, array $fieldInfo, $action)
 Turns a field info array into a form descriptor. More...
 
 getAuthForm (array $requests, $action)
 
 getAuthFormDescriptor ( $requests, $action)
 Generates a HTMLForm descriptor array from a set of authentication requests. More...
 
 getContinueAction ( $action)
 Gets the _CONTINUE version of an action. More...
 
 getDefaultAction ( $subPage)
 Get the default action for this special page, if none is given via URL/POST data. More...
 
 getLoginSecurityLevel ()
 
 getPreservedParams ( $withToken=false)
 Returns URL query parameters which can be used to reload the page (or leave and return) while preserving all information that is necessary for authentication to continue. More...
 
 getRequestBlacklist ()
 Allows blacklisting certain request types. More...
 
 getToken ()
 Returns the CSRF token. More...
 
 getTokenName ()
 Returns the name of the CSRF token (under which it should be found in the POST or GET data). More...
 
 handleReauthBeforeExecute ( $subPage)
 Handle redirection when the user needs to (re)authenticate. More...
 
 handleReturnBeforeExecute ( $subPage)
 Handle redirection from the /return subpage. More...
 
 hasOwnSubmitButton (AuthenticationRequest $req)
 Checks whether the given AuthenticationRequest has its own submit button. More...
 
 isActionAllowed ( $action)
 Checks whether AuthManager is ready to perform the action. More...
 
 isContinued ()
 Returns true if this is not the first step of the authentication. More...
 
 loadAuth ( $subPage, $authAction=null, $reset=false)
 Load or initialize $authAction, $authRequests and $subPage. More...
 
 messageKey ( $defaultKey)
 Return custom message key. More...
 
 needsSubmitButton (array $requests)
 Returns true if the form built from the given AuthenticationRequests needs a submit button. More...
 
 performAuthenticationStep ( $action, array $requests)
 
 setRequest (array $data, $wasPosted=null)
 Override the POST data, GET data from the real request is preserved. More...
 
 trySubmit ()
 Attempts to do an authentication step with the submitted data. More...
 
- Protected Member Functions inherited from SpecialPage
 addFeedLinks ( $params)
 Adds RSS/atom links. More...
 
 afterExecute ( $subPage)
 Gets called after. More...
 
 buildPrevNextNavigation ( $offset, $limit, array $query=[], $atend=false, $subpage=false)
 Generate (prev x| next x) (20|50|100...) type links for paging. More...
 
 checkLoginSecurityLevel ( $level=null)
 Verifies that the user meets the security level, possibly reauthenticating them in the process. More...
 
 displayRestrictionError ()
 Output an error message telling the user what access level they have to have. More...
 
 getAuthManager ()
 
 getCacheTTL ()
 
 getGroupName ()
 Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-group-*' for valid names This method defaults to group 'other'. More...
 
 getHookContainer ()
 
 getHookRunner ()
 
 getLanguageConverter ()
 Shortcut to get language's converter. More...
 
 getRobotPolicy ()
 Return the robot policy. More...
 
 getSpecialPageFactory ()
 
 getSubpagesForPrefixSearch ()
 Return an array of subpages that this special page will accept for prefix searches. More...
 
 outputHeader ( $summaryMessageKey='')
 Outputs a summary message on top of special pages Per default the message key is the canonical name of the special page May be overridden, i.e. More...
 
 prefixSearchString ( $search, $limit, $offset, SearchEngineFactory $searchEngineFactory=null)
 Perform a regular substring search for prefixSearchSubpages. More...
 
 setAuthManager (AuthManager $authManager)
 Set the injected AuthManager from the special page constructor. More...
 
 setHeaders ()
 Sets headers - this should be called from the execute() method of all derived classes! More...
 
 setReauthPostData (array $data)
 Record preserved POST data after a reauthentication. More...
 
 useTransactionalTimeLimit ()
 Call wfTransactionalTimeLimit() if this request was POSTed. More...
 

Static Protected Member Functions

static getField (array $array, $fieldName, $default=null)
 Get an array value, or a default if it does not exist. More...
 
static mapFieldInfoTypeToFormDescriptorType ( $type)
 Maps AuthenticationRequest::getFieldInfo() types to HTMLForm types. More...
 
static mapSingleFieldInfo ( $singleFieldInfo, $fieldName)
 Maps an authentication field configuration for a single field (as returned by AuthenticationRequest::getFieldInfo()) to a HTMLForm field descriptor. More...
 
static mergeDefaultFormDescriptor (array $fieldInfo, array $formDescriptor, array $defaultFormDescriptor)
 Apply defaults to a form descriptor, without creating non-existend fields. More...
 
static sortFormDescriptorFields (array &$formDescriptor)
 Sort the fields of a form descriptor by their 'weight' property. More...
 
- Static Protected Member Functions inherited from SpecialPage
static prefixSearchArray ( $search, $limit, array $subpages, $offset)
 Helper function for implementations of prefixSearchSubpages() that filter the values in memory (as opposed to making a query). More...
 

Protected Attributes

string $authAction
 one of the AuthManager::ACTION_* constants. More...
 
AuthenticationRequest[] $authRequests
 
bool $isReturn
 True if the current request is a result of returning from a redirect flow. More...
 
WebRequest null $savedRequest
 If set, will be used instead of the real request. More...
 
string $subPage
 Subpage of the special page. More...
 
- Protected Attributes inherited from SpecialPage
IContextSource $mContext
 Current request context. More...
 
bool $mIncludable
 Whether the special page can be included in an article. More...
 
bool $mIncluding
 Whether or not this special page is being included from an article. More...
 
string $mName
 The canonical name of this special page Also used for the default. More...
 
string $mRestriction
 Minimum user level required to access this page, or "" for anyone. More...
 

Static Protected Attributes

static string[] $allowedActions
 The list of actions this special page deals with. More...
 
static array $messages = []
 Customized messages. More...
 

Additional Inherited Members

- Static Public Member Functions inherited from SpecialPage
static getSafeTitleFor ( $name, $subpage=false)
 Get a localised Title object for a page name with a possibly unvalidated subpage. More...
 
static getTitleFor ( $name, $subpage=false, $fragment='')
 Get a localised Title object for a specified special page name If you don't need a full Title object, consider using TitleValue through getTitleValueFor() below. More...
 
static getTitleValueFor ( $name, $subpage=false, $fragment='')
 Get a localised TitleValue object for a specified special page name. More...
 

Detailed Description

A special page subclass for authentication-related special pages.

It generates a form from a set of AuthenticationRequest objects, submits the result to AuthManager and partially handles the response.

Note
Call self::setAuthManager from special page constructor when extending
Stability: stable
to extend

Definition at line 18 of file AuthManagerSpecialPage.php.

Member Function Documentation

◆ addTabIndex()

AuthManagerSpecialPage::addTabIndex ( $formDescriptor)
protected

Adds a sequential tabindex starting from 1 to all form elements.

This way the user can use the tab key to traverse the form without having to step through all links and such.

Parameters
array[]&$formDescriptor

Definition at line 627 of file AuthManagerSpecialPage.php.

References HTMLForm\$typeMappings.

Referenced by getAuthFormDescriptor(), and LoginSignupSpecialPage\postProcessFormDescriptor().

◆ beforeExecute()

AuthManagerSpecialPage::beforeExecute (   $subPage)
protected
Stability: stable
to override
Parameters
string | null$subPage
Returns
bool|void

Reimplemented from SpecialPage.

Reimplemented in SpecialUserLogin, and LoginSignupSpecialPage.

Definition at line 101 of file AuthManagerSpecialPage.php.

References SpecialPage\getOutput(), handleReauthBeforeExecute(), and handleReturnBeforeExecute().

◆ displayForm()

AuthManagerSpecialPage::displayForm (   $status)
protected

Display the form.

Parameters
false | Status | StatusValue$statusA form submit status, as in HTMLForm::trySubmit()

Definition at line 570 of file AuthManagerSpecialPage.php.

References getAuthForm(), and Status\wrap().

Referenced by SpecialChangeCredentials\execute(), SpecialLinkAccounts\execute(), SpecialUnlinkAccounts\execute(), and SpecialLinkAccounts\success().

◆ fieldInfoToFormDescriptor()

AuthManagerSpecialPage::fieldInfoToFormDescriptor ( array  $requests,
array  $fieldInfo,
  $action 
)
protected

Turns a field info array into a form descriptor.

Behavior can be modified by the AuthChangeFormFields hook.

Parameters
AuthenticationRequest[]$requests
array$fieldInfoField information, in the format used by AuthenticationRequest::getFieldInfo()
string$actionOne of the AuthManager::ACTION_* constants
Returns
array A form descriptor that can be passed to HTMLForm

Definition at line 671 of file AuthManagerSpecialPage.php.

References SpecialPage\getHookRunner(), mapSingleFieldInfo(), onAuthChangeFormFields(), serialize(), and sortFormDescriptorFields().

Referenced by LoginSignupSpecialPage\getAuthForm(), and getAuthFormDescriptor().

◆ getAuthForm()

AuthManagerSpecialPage::getAuthForm ( array  $requests,
  $action 
)
protected
Stability: stable
to override
Parameters
AuthenticationRequest[]$requests
string$actionAuthManager action name (one of the AuthManager::ACTION_* constants)
Returns
HTMLForm

Reimplemented in SpecialLinkAccounts, and SpecialChangeCredentials.

Definition at line 549 of file AuthManagerSpecialPage.php.

References HTMLForm\factory(), getAuthFormDescriptor(), SpecialPage\getContext(), SpecialPage\getFullTitle(), getPreservedParams(), getRequest(), getToken(), getTokenName(), and needsSubmitButton().

Referenced by displayForm(), and trySubmit().

◆ getAuthFormDescriptor()

AuthManagerSpecialPage::getAuthFormDescriptor (   $requests,
  $action 
)
protected

Generates a HTMLForm descriptor array from a set of authentication requests.

Stability: stable
to override
Parameters
AuthenticationRequest[]$requests
string$actionAuthManager action name (one of the AuthManager::ACTION_* constants)
Returns
array[]

Reimplemented in SpecialChangeCredentials.

Definition at line 534 of file AuthManagerSpecialPage.php.

References addTabIndex(), and fieldInfoToFormDescriptor().

Referenced by getAuthForm().

◆ getContinueAction()

AuthManagerSpecialPage::getContinueAction (   $action)
protected

Gets the _CONTINUE version of an action.

Parameters
string$actionAn AuthManager::ACTION_* constant.
Returns
string An AuthManager::ACTION_*_CONTINUE constant.

Definition at line 298 of file AuthManagerSpecialPage.php.

Referenced by LoginSignupSpecialPage\execute(), getPreservedParams(), loadAuth(), and LoginSignupSpecialPage\showExtraInformation().

◆ getDefaultAction()

AuthManagerSpecialPage::getDefaultAction (   $subPage)
abstractprotected

Get the default action for this special page, if none is given via URL/POST data.

Subclasses should override this (or override loadAuth() so this is never called).

Stability: stable
to override
Parameters
string$subPageSubpage of the special page.
Returns
string an AuthManager::ACTION_* constant.

Reimplemented in SpecialUserLogin, SpecialUnlinkAccounts, SpecialRemoveCredentials, SpecialLinkAccounts, SpecialCreateAccount, and SpecialChangeCredentials.

Referenced by LoginSignupSpecialPage\execute(), getPreservedParams(), loadAuth(), and LoginSignupSpecialPage\mainLoginForm().

◆ getField()

static AuthManagerSpecialPage::getField ( array  $array,
  $fieldName,
  $default = null 
)
staticprotected

Get an array value, or a default if it does not exist.

Parameters
array$array
string$fieldName
mixed | null$default
Returns
mixed

Definition at line 762 of file AuthManagerSpecialPage.php.

Referenced by sortFormDescriptorFields().

◆ getLoginSecurityLevel()

AuthManagerSpecialPage::getLoginSecurityLevel ( )
protected
Stability: stable
to override
Returns
bool|string

Reimplemented from SpecialPage.

Reimplemented in SpecialUserLogin, SpecialUnlinkAccounts, and SpecialCreateAccount.

Definition at line 68 of file AuthManagerSpecialPage.php.

References SpecialPage\getName().

Referenced by handleReauthBeforeExecute().

◆ getPreservedParams()

AuthManagerSpecialPage::getPreservedParams (   $withToken = false)
protected

Returns URL query parameters which can be used to reload the page (or leave and return) while preserving all information that is necessary for authentication to continue.

These parameters will be preserved in the action URL of the form and in the return URL for redirect flow.

Stability: stable
to override
Parameters
bool$withTokenInclude CSRF token
Returns
array

Reimplemented in SpecialChangeCredentials, and LoginSignupSpecialPage.

Definition at line 516 of file AuthManagerSpecialPage.php.

References getContinueAction(), getDefaultAction(), getToken(), and getTokenName().

Referenced by getAuthForm(), handleReturnBeforeExecute(), and performAuthenticationStep().

◆ getRequest()

◆ getRequestBlacklist()

AuthManagerSpecialPage::getRequestBlacklist ( )
protected

Allows blacklisting certain request types.

Stability: stable
to override
Returns
array A list of AuthenticationRequest subclass names

Reimplemented in SpecialUnlinkAccounts, SpecialRemoveCredentials, SpecialLinkAccounts, and SpecialChangeCredentials.

Definition at line 236 of file AuthManagerSpecialPage.php.

Referenced by loadAuth().

◆ getToken()

AuthManagerSpecialPage::getToken ( )
protected

Returns the CSRF token.

Stability: stable
to override
Returns
Token

Reimplemented in SpecialUserLogin, and SpecialCreateAccount.

Definition at line 648 of file AuthManagerSpecialPage.php.

References SpecialPage\getName(), and getRequest().

Referenced by LoginSignupSpecialPage\execute(), getAuthForm(), LoginSignupSpecialPage\getAuthForm(), getPreservedParams(), and trySubmit().

◆ getTokenName()

AuthManagerSpecialPage::getTokenName ( )
protected

Returns the name of the CSRF token (under which it should be found in the POST or GET data).

Stability: stable
to override
Returns
string

Reimplemented in SpecialUserLogin, SpecialCreateAccount, and LoginSignupSpecialPage.

Definition at line 658 of file AuthManagerSpecialPage.php.

Referenced by getAuthForm(), getPreservedParams(), and trySubmit().

◆ handleFormSubmit()

AuthManagerSpecialPage::handleFormSubmit (   $data)

Submit handler callback for HTMLForm.

Access: internal
Parameters
array$dataSubmitted data
Returns
Status

Reimplemented in SpecialUnlinkAccounts, and SpecialChangeCredentials.

Definition at line 500 of file AuthManagerSpecialPage.php.

References StatusValue\newGood(), and performAuthenticationStep().

Referenced by trySubmit().

◆ handleReauthBeforeExecute()

AuthManagerSpecialPage::handleReauthBeforeExecute (   $subPage)
protected

Handle redirection when the user needs to (re)authenticate.

Send the user to the login form if needed; in case the request was a POST, stash in the session and simulate it once the user gets back.

Parameters
string$subPage
Returns
bool False if execution should be stopped.
Exceptions
ErrorPageErrorWhen the user is not allowed to use this page.

Definition at line 162 of file AuthManagerSpecialPage.php.

References SpecialPage\$authManager, $title, MWCryptRand\generateHex(), MediaWiki\Auth\AuthManager\getAuthenticationSessionData(), SpecialPage\getAuthManager(), SpecialPage\getFullTitle(), getLoginSecurityLevel(), SpecialPage\getName(), SpecialPage\getOutput(), getRequest(), SpecialPage\getTitleFor(), PROTO_HTTPS, MediaWiki\Auth\AuthManager\removeAuthenticationSessionData(), MediaWiki\Auth\AuthManager\securitySensitiveOperationStatus(), MediaWiki\Auth\AuthManager\setAuthenticationSessionData(), setRequest(), and wfArrayToCgi().

Referenced by beforeExecute().

◆ handleReturnBeforeExecute()

AuthManagerSpecialPage::handleReturnBeforeExecute (   $subPage)
protected

Handle redirection from the /return subpage.

This is used in the redirect flow where we need to be able to process data that was sent via a GET request. We set the /return subpage as the reentry point so we know we need to treat GET as POST, but we don't want to handle all future GETs as POSTs so we need to normalize the URL. (Also we don't want to show any received parameters around in the URL; they are ugly and might be sensitive.)

Thus when on the /return subpage, we stash the request data in the session, redirect, then use the session to detect that we have been redirected, recover the data and replace the real WebRequest with a fake one that contains the saved data.

Parameters
string$subPage
Returns
bool False if execution should be stopped.

Definition at line 124 of file AuthManagerSpecialPage.php.

References SpecialPage\$authManager, MediaWiki\Auth\AuthManager\getAuthenticationSessionData(), SpecialPage\getAuthManager(), SpecialPage\getName(), SpecialPage\getOutput(), SpecialPage\getPageTitle(), getPreservedParams(), getRequest(), loadAuth(), PROTO_HTTPS, MediaWiki\Auth\AuthManager\removeAuthenticationSessionData(), MediaWiki\Auth\AuthManager\setAuthenticationSessionData(), and setRequest().

Referenced by beforeExecute().

◆ hasOwnSubmitButton()

AuthManagerSpecialPage::hasOwnSubmitButton ( AuthenticationRequest  $req)
protected

Checks whether the given AuthenticationRequest has its own submit button.

Parameters
AuthenticationRequest$req
Returns
bool

Definition at line 613 of file AuthManagerSpecialPage.php.

References MediaWiki\Auth\AuthenticationRequest\getFieldInfo().

Referenced by needsSubmitButton().

◆ isActionAllowed()

AuthManagerSpecialPage::isActionAllowed (   $action)
protected

Checks whether AuthManager is ready to perform the action.

ACTION_CHANGE needs special verification (AuthManager::allowsAuthenticationData*) which is the caller's responsibility.

Parameters
string$actionOne of the AuthManager::ACTION_* constants in static::$allowedActions
Returns
bool
Exceptions
LogicExceptionif $action is invalid

Definition at line 321 of file AuthManagerSpecialPage.php.

References $authAction, SpecialPage\$authManager, MediaWiki\Auth\AuthManager\canAuthenticateNow(), MediaWiki\Auth\AuthManager\canCreateAccounts(), MediaWiki\Auth\AuthManager\canLinkAccounts(), MediaWiki\Auth\AuthManager\getAuthenticationRequests(), and SpecialPage\getAuthManager().

Referenced by LoginSignupSpecialPage\execute(), SpecialLinkAccounts\execute(), and SpecialUnlinkAccounts\execute().

◆ isContinued()

AuthManagerSpecialPage::isContinued ( )
protected

Returns true if this is not the first step of the authentication.

Returns
bool

Definition at line 285 of file AuthManagerSpecialPage.php.

Referenced by LoginSignupSpecialPage\canBypassForm(), and LoginSignupSpecialPage\getFieldDefinitions().

◆ loadAuth()

AuthManagerSpecialPage::loadAuth (   $subPage,
  $authAction = null,
  $reset = false 
)
protected

Load or initialize $authAction, $authRequests and $subPage.

Subclasses should call this from execute() or otherwise ensure the variables are initialized.

Stability: stable
to override
Parameters
string$subPageSubpage of the special page.
string | null$authActionOverride auth action specified in request (this is useful when the form needs to be changed from <action> to <action>_CONTINUE after a successful authentication step)
bool$resetRegenerate the requests even if a cached version is available

Reimplemented in SpecialChangeCredentials.

Definition at line 250 of file AuthManagerSpecialPage.php.

References $authAction, $subPage, SpecialPage\getAuthManager(), getContinueAction(), getDefaultAction(), getRequest(), getRequestBlacklist(), and SpecialPage\getUser().

Referenced by LoginSignupSpecialPage\execute(), SpecialLinkAccounts\execute(), SpecialUnlinkAccounts\execute(), handleReturnBeforeExecute(), LoginSignupSpecialPage\load(), and SpecialLinkAccounts\success().

◆ mapFieldInfoTypeToFormDescriptorType()

static AuthManagerSpecialPage::mapFieldInfoTypeToFormDescriptorType (   $type)
staticprotected

Maps AuthenticationRequest::getFieldInfo() types to HTMLForm types.

Parameters
string$type
Returns
string
Exceptions

Definition at line 776 of file AuthManagerSpecialPage.php.

References $type.

Referenced by mapSingleFieldInfo().

◆ mapSingleFieldInfo()

static AuthManagerSpecialPage::mapSingleFieldInfo (   $singleFieldInfo,
  $fieldName 
)
staticprotected

Maps an authentication field configuration for a single field (as returned by AuthenticationRequest::getFieldInfo()) to a HTMLForm field descriptor.

Parameters
array$singleFieldInfo
string$fieldName
Returns
array

Definition at line 700 of file AuthManagerSpecialPage.php.

References $type, and mapFieldInfoTypeToFormDescriptorType().

Referenced by fieldInfoToFormDescriptor().

◆ mergeDefaultFormDescriptor()

static AuthManagerSpecialPage::mergeDefaultFormDescriptor ( array  $fieldInfo,
array  $formDescriptor,
array  $defaultFormDescriptor 
)
staticprotected

Apply defaults to a form descriptor, without creating non-existend fields.

Overrides $formDescriptor fields with their $defaultFormDescriptor equivalent, but only if the field is defined in $fieldInfo, uses the special 'basefield' property to refer to a $fieldInfo field, or it is not a real field (e.g. help text). Applies some common-sense behaviors to ensure related fields are overridden in a consistent manner.

Parameters
array$fieldInfo
array$formDescriptor
array$defaultFormDescriptor
Returns
array

Definition at line 805 of file AuthManagerSpecialPage.php.

Referenced by LoginSignupSpecialPage\onAuthChangeFormFields(), and SpecialChangeCredentials\onAuthChangeFormFields().

◆ messageKey()

AuthManagerSpecialPage::messageKey (   $defaultKey)
protected

Return custom message key.

Allows subclasses to customize messages.

Parameters
string$defaultKey
Returns
string

Definition at line 226 of file AuthManagerSpecialPage.php.

Referenced by trySubmit().

◆ needsSubmitButton()

AuthManagerSpecialPage::needsSubmitButton ( array  $requests)
protected

Returns true if the form built from the given AuthenticationRequests needs a submit button.

Providers using redirect flow (e.g. Google login) need their own submit buttons; if using one of those custom buttons is the only way to proceed, there is no point in displaying the default button which won't do anything useful.

Stability: stable
to override
Parameters
AuthenticationRequest[]$requestsAn array of AuthenticationRequests from which the form will be built
Returns
bool

Reimplemented in SpecialChangeCredentials.

Definition at line 589 of file AuthManagerSpecialPage.php.

References hasOwnSubmitButton().

Referenced by getAuthForm(), and LoginSignupSpecialPage\postProcessFormDescriptor().

◆ onAuthChangeFormFields()

AuthManagerSpecialPage::onAuthChangeFormFields ( array  $requests,
array  $fieldInfo,
array &  $formDescriptor,
  $action 
)

Change the form descriptor that determines how a field will look in the authentication form.

Called from fieldInfoToFormDescriptor().

Stability: stable
to override
Parameters
AuthenticationRequest[]$requests
array$fieldInfoField information array (union of all AuthenticationRequest::getFieldInfo() responses).
array&$formDescriptorHTMLForm descriptor. The special key 'weight' can be set to change the order of the fields.
string$actionAuthentication type (one of the AuthManager::ACTION_* constants)

Reimplemented in SpecialChangeCredentials, and LoginSignupSpecialPage.

Definition at line 59 of file AuthManagerSpecialPage.php.

Referenced by fieldInfoToFormDescriptor().

◆ performAuthenticationStep()

◆ setRequest()

AuthManagerSpecialPage::setRequest ( array  $data,
  $wasPosted = null 
)
protected

Override the POST data, GET data from the real request is preserved.

Used to preserve POST data over a HTTP redirect.

Stability: stable
to override
Parameters
array$data
bool | null$wasPosted

Reimplemented in LoginSignupSpecialPage.

Definition at line 86 of file AuthManagerSpecialPage.php.

References SpecialPage\getContext().

Referenced by handleReauthBeforeExecute(), and handleReturnBeforeExecute().

◆ sortFormDescriptorFields()

static AuthManagerSpecialPage::sortFormDescriptorFields ( array &  $formDescriptor)
staticprotected

Sort the fields of a form descriptor by their 'weight' property.

(Fields with higher weight are shown closer to the bottom; weight defaults to 0. Negative weight is allowed.) Keep order if weights are equal.

Parameters
array&$formDescriptor

Definition at line 741 of file AuthManagerSpecialPage.php.

References getField().

Referenced by fieldInfoToFormDescriptor().

◆ trySubmit()

AuthManagerSpecialPage::trySubmit ( )
protected

Attempts to do an authentication step with the submitted data.

Subclasses should probably call this from execute().

Returns
false|Status
  • false if there was no submit at all
  • a good Status wrapping an AuthenticationResponse if the form submit was successful. This does not necessarily mean that the authentication itself was successful; see the response for that.
  • a bad Status for form errors.

Definition at line 416 of file AuthManagerSpecialPage.php.

References getAuthForm(), SpecialPage\getHookRunner(), getRequest(), getToken(), getTokenName(), handleFormSubmit(), messageKey(), StatusValue\newFatal(), StatusValue\newGood(), and Status\wrap().

Referenced by LoginSignupSpecialPage\execute(), SpecialChangeCredentials\execute(), SpecialLinkAccounts\execute(), and SpecialUnlinkAccounts\execute().

Member Data Documentation

◆ $allowedActions

string [] AuthManagerSpecialPage::$allowedActions
staticprotected
Initial value:
= [
AuthManager::ACTION_LOGIN, AuthManager::ACTION_LOGIN_CONTINUE,
AuthManager::ACTION_CREATE, AuthManager::ACTION_CREATE_CONTINUE,
AuthManager::ACTION_LINK, AuthManager::ACTION_LINK_CONTINUE,
AuthManager::ACTION_CHANGE, AuthManager::ACTION_REMOVE, AuthManager::ACTION_UNLINK,
]

The list of actions this special page deals with.

Subclasses should override this.

Definition at line 22 of file AuthManagerSpecialPage.php.

◆ $authAction

string AuthManagerSpecialPage::$authAction
protected

one of the AuthManager::ACTION_* constants.

Definition at line 33 of file AuthManagerSpecialPage.php.

Referenced by isActionAllowed(), loadAuth(), and SpecialChangeCredentials\loadAuth().

◆ $authRequests

AuthenticationRequest [] AuthManagerSpecialPage::$authRequests
protected

◆ $isReturn

bool AuthManagerSpecialPage::$isReturn
protected

True if the current request is a result of returning from a redirect flow.

Definition at line 42 of file AuthManagerSpecialPage.php.

◆ $messages

array AuthManagerSpecialPage::$messages = []
staticprotected

Customized messages.

Definition at line 30 of file AuthManagerSpecialPage.php.

◆ $savedRequest

WebRequest null AuthManagerSpecialPage::$savedRequest
protected

If set, will be used instead of the real request.

Used for redirection.

Definition at line 45 of file AuthManagerSpecialPage.php.

◆ $subPage


The documentation for this class was generated from the following file: