MediaWiki master
|
Links third-party authentication to the user's account. More...
Inherits MediaWiki\Auth\AbstractSecondaryAuthenticationProvider.
Public Member Functions | ||||||||||
beginSecondaryAccountCreation ( $user, $creator, array $reqs) | ||||||||||
Start an account creation flow. | ||||||||||
beginSecondaryAuthentication ( $user, array $reqs) | ||||||||||
Start an authentication flow. | ||||||||||
continueSecondaryAccountCreation ( $user, $creator, array $reqs) | ||||||||||
Continue an authentication flow.
| ||||||||||
continueSecondaryAuthentication ( $user, array $reqs) | ||||||||||
Continue an authentication flow.
| ||||||||||
getAuthenticationRequests ( $action, array $options) | ||||||||||
Return the applicable list of AuthenticationRequests. | ||||||||||
Public Member Functions inherited from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider | ||||||||||
autoCreatedAccount ( $user, $source) | ||||||||||
Post-auto-creation callback.
| ||||||||||
postAccountCreation ( $user, $creator, AuthenticationResponse $response) | ||||||||||
Post-creation callback.This will be called at the end of an account creation attempt. It will not be called if the account creation process results in a session timeout (possibly after a successful user creation, while a secondary provider is waiting for a response).
| ||||||||||
postAuthentication ( $user, AuthenticationResponse $response) | ||||||||||
Post-login callback.This will be called at the end of a login attempt. It will not be called for unfinished login attempts that fail by the session timing out.
| ||||||||||
providerAllowsAuthenticationDataChange (AuthenticationRequest $req, $checkData=true) | ||||||||||
Validate a change of authentication data (e.g.passwords)Return StatusValue::newGood( 'ignored' ) if you don't support this AuthenticationRequest type.
| ||||||||||
providerAllowsPropertyChange ( $property) | ||||||||||
Determine whether a property can change.
| ||||||||||
providerChangeAuthenticationData (AuthenticationRequest $req) | ||||||||||
Change or remove authentication data (e.g.passwords)If $req was returned for AuthManager::ACTION_CHANGE, the corresponding credentials should result in a successful login in the future.If $req was returned for AuthManager::ACTION_REMOVE, the corresponding credentials should no longer result in a successful login.It can be assumed that providerAllowsAuthenticationDataChange with $checkData === true was called before this, and passed. This method should never fail (other than throwing an exception).
| ||||||||||
providerRevokeAccessForUser ( $username) | ||||||||||
Revoke the user's credentials.This may cause the user to no longer exist for the provider, or the user may continue to exist in a "disabled" state.The intention is that the named account will never again be usable for normal login (i.e. there is no way to undo the revocation of access).
| ||||||||||
testForAccountCreation ( $user, $creator, array $reqs) | ||||||||||
Determine whether an account creation may begin.Called from AuthManager::beginAccountCreation()
| ||||||||||
testUserForCreation ( $user, $autocreate, array $options=[]) | ||||||||||
Determine whether an account may be created.
| ||||||||||
Public Member Functions inherited from MediaWiki\Auth\AbstractAuthenticationProvider | ||||||||||
getUniqueId () | ||||||||||
Return a unique identifier for this instance.This must be the same across requests. If multiple instances return the same ID, exceptions will be thrown from AuthManager.
| ||||||||||
init (LoggerInterface $logger, AuthManager $manager, HookContainer $hookContainer, Config $config, UserNameUtils $userNameUtils) | ||||||||||
Initialise with dependencies of an AuthenticationProvider. | ||||||||||
Protected Member Functions | |
beginLinkAttempt ( $user, $key) | |
Begin the link attempt. | |
continueLinkAttempt ( $user, $key, array $reqs) | |
Continue the link attempt. | |
Protected Member Functions inherited from MediaWiki\Auth\AbstractAuthenticationProvider | |
getHookContainer () | |
getHookRunner () | |
postInitSetup () | |
A provider can override this to do any necessary setup after init() is called. | |
Additional Inherited Members | |
Protected Attributes inherited from MediaWiki\Auth\AbstractAuthenticationProvider | |
Config | $config |
LoggerInterface | $logger |
AuthManager | $manager |
UserNameUtils | $userNameUtils |
Links third-party authentication to the user's account.
If the user logged into linking provider accounts that aren't linked to a local user, this provider will prompt the user to link them after a successful login or account creation.
To avoid confusing behavior, this provider should be later in the configuration list than any provider that can abort the authentication process, so that it is only invoked for successful authentication.
Definition at line 18 of file ConfirmLinkSecondaryAuthenticationProvider.php.
|
protected |
Begin the link attempt.
User | $user | |
string | $key | Session key to look in |
Definition at line 46 of file ConfirmLinkSecondaryAuthenticationProvider.php.
References MediaWiki\Auth\AuthenticationResponse\newAbstain(), MediaWiki\Auth\AuthenticationResponse\newUI(), and wfMessage().
Referenced by MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\beginSecondaryAccountCreation(), MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\beginSecondaryAuthentication(), and MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\continueLinkAttempt().
MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider::beginSecondaryAccountCreation | ( | $user, | |
$creator, | |||
array | $reqs ) |
Start an account creation flow.
User | $user | User being created (has been added to the database). This may become a "UserValue" in the future, or User may be refactored into such. |
User | $creator | User doing the creation. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationRequest[] | $reqs |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 32 of file ConfirmLinkSecondaryAuthenticationProvider.php.
References MediaWiki\Auth\AuthManager\ACCOUNT_CREATION_STATE, and MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\beginLinkAttempt().
MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider::beginSecondaryAuthentication | ( | $user, | |
array | $reqs ) |
Start an authentication flow.
Note that this may be called for a user even if beginSecondaryAccountCreation() was never called. The module should take the opportunity to do any necessary setup in that case.
User | $user | User being authenticated. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationRequest[] | $reqs |
Implements MediaWiki\Auth\SecondaryAuthenticationProvider.
Definition at line 24 of file ConfirmLinkSecondaryAuthenticationProvider.php.
References MediaWiki\Auth\AuthManager\AUTHN_STATE, and MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\beginLinkAttempt().
|
protected |
Continue the link attempt.
User | $user | |
string | $key | Session key to look in |
AuthenticationRequest[] | $reqs |
Definition at line 79 of file ConfirmLinkSecondaryAuthenticationProvider.php.
References MediaWiki\Auth\AuthManager\ACTION_CHANGE, MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\beginLinkAttempt(), MediaWiki\Auth\AuthenticationRequest\getRequestByClass(), MediaWiki\Auth\ButtonAuthenticationRequest\getRequestByName(), MediaWiki\Auth\AuthenticationResponse\newAbstain(), MediaWiki\Auth\AuthenticationResponse\newPass(), MediaWiki\Auth\AuthenticationResponse\newUI(), and wfMessage().
Referenced by MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\continueSecondaryAccountCreation(), and MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\continueSecondaryAuthentication().
MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider::continueSecondaryAccountCreation | ( | $user, | |
$creator, | |||
array | $reqs ) |
Continue an authentication flow.
User | $user | User being created (has been added to the database). This may become a "UserValue" in the future, or User may be refactored into such. |
User | $creator | User doing the creation. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationRequest[] | $reqs |
Reimplemented from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider.
Definition at line 36 of file ConfirmLinkSecondaryAuthenticationProvider.php.
References MediaWiki\Auth\AuthManager\ACCOUNT_CREATION_STATE, and MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\continueLinkAttempt().
MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider::continueSecondaryAuthentication | ( | $user, | |
array | $reqs ) |
Continue an authentication flow.
User | $user | User being authenticated. This may become a "UserValue" in the future, or User may be refactored into such. |
AuthenticationRequest[] | $reqs |
Reimplemented from MediaWiki\Auth\AbstractSecondaryAuthenticationProvider.
Definition at line 28 of file ConfirmLinkSecondaryAuthenticationProvider.php.
References MediaWiki\Auth\AuthManager\AUTHN_STATE, and MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider\continueLinkAttempt().
MediaWiki\Auth\ConfirmLinkSecondaryAuthenticationProvider::getAuthenticationRequests | ( | $action, | |
array | $options ) |
Return the applicable list of AuthenticationRequests.
Possible values for $action depend on whether the implementing class is also a PreAuthenticationProvider, PrimaryAuthenticationProvider, or SecondaryAuthenticationProvider.
string | $action | |
array | $options | Options are:
|
Implements MediaWiki\Auth\AuthenticationProvider.
Definition at line 20 of file ConfirmLinkSecondaryAuthenticationProvider.php.