A special page subclass for authentication-related special pages. More...
Inherits MediaWiki\SpecialPage\SpecialPage.
Inherited by MediaWiki\SpecialPage\LoginSignupSpecialPage, MediaWiki\Specials\SpecialChangeCredentials, MediaWiki\Specials\SpecialLinkAccounts, and MediaWiki\Specials\SpecialUnlinkAccounts.
Public Member Functions | |
| getRequest () | |
| Get the WebRequest being used for this instance. | |
| handleFormSubmit ( $data) | |
| Submit handler callback for HTMLForm. | |
| onAuthChangeFormFields (array $requests, array $fieldInfo, array &$formDescriptor, $action) | |
| Change the form descriptor that determines how a field will look in the authentication form. | |
 Public Member Functions inherited from MediaWiki\SpecialPage\SpecialPage | |
| __construct ( $name='', $restriction='', $listed=true, $function=false, $file='', $includable=false) | |
| Default constructor for special pages Derivative classes should call this from their constructor Note that if the user does not have the required level, an error message will be displayed by the default execute() method, without the global function ever being called. | |
| addHelpLink ( $to, $overrideBaseUrl=false) | |
| Adds help link with an icon via page indicators. | |
| checkPermissions () | |
| Checks if userCanExecute, and if not throws a PermissionsError. | |
| checkReadOnly () | |
| If the wiki is currently in readonly mode, throws a ReadOnlyError. | |
| doesWrites () | |
| Indicates whether this special page may perform database writes. | |
| execute ( $subPage) | |
| Default execute method Checks user permissions. | |
| getAssociatedNavigationLinks () | |
| Return an array of strings representing page titles that are discoverable to end users via UI. | |
| getAuthority () | |
| Shortcut to get the Authority executing this instance. | |
| getConfig () | |
| Shortcut to get main config object. | |
| getContentLanguage () | |
| Shortcut to get content language. | |
| getContext () | |
| Gets the context this SpecialPage is executed in. | |
| getDescription () | |
| Returns the name that goes in the \<h1\> in the special page itself, and also the name that will be listed in Special:Specialpages. | |
| getFinalGroupName () | |
| Get the group that the special page belongs in on Special:SpecialPage Use this method, instead of getGroupName to allow customization of the group name from the wiki side. | |
| getFullTitle () | |
| Return the full title, including $par. | |
| getLanguage () | |
| Shortcut to get user's language. | |
| getLinkRenderer () | |
| getLocalName () | |
| Get the localised name of the special page. | |
| getName () | |
| Get the canonical, unlocalized name of this special page without namespace. | |
| getOutput () | |
| Get the OutputPage being used for this instance. | |
| getPageTitle ( $subpage=false) | |
| Get a self-referential title object. | |
| getRestriction () | |
| Get the permission that a user must have to execute this page. | |
| getShortDescription (string $path='') | |
| Similar to getDescription but takes into account sub pages and designed for display in tabs. | |
| getSkin () | |
| Shortcut to get the skin being used for this instance. | |
| getUser () | |
| Shortcut to get the User executing this instance. | |
| including ( $x=null) | |
| Whether the special page is being evaluated via transclusion. | |
| isCached () | |
| Is this page cached? Expensive pages are cached or disabled in miser mode. | |
| isExpensive () | |
| Is this page expensive (for some definition of expensive)? Expensive pages are disabled or cached in miser mode. | |
| isIncludable () | |
| Whether it's allowed to transclude the special page via {{Special:Foo/params}}. | |
| isListed () | |
| Whether this special page is listed in Special:SpecialPages. | |
| isRestricted () | |
| Can be overridden by subclasses with more complicated permissions schemes. | |
| maxIncludeCacheTime () | |
| How long to cache page when it is being included. | |
| msg ( $key,... $params) | |
| Wrapper around wfMessage that sets the current context. | |
| prefixSearchSubpages ( $search, $limit, $offset) | |
| Return an array of subpages beginning with $search that this special page will accept. | |
| requireLogin ( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin') | |
| If the user is not logged in, throws UserNotLoggedIn error. | |
| requireNamedUser ( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin') | |
| If the user is not logged in or is a temporary user, throws UserNotLoggedIn. | |
| run ( $subPage) | |
| Entry point. | |
| setContentLanguage (Language $contentLanguage) | |
| Set content language. | |
| setContext ( $context) | |
| Sets the context this SpecialPage is executed in. | |
| setHookContainer (HookContainer $hookContainer) | |
| setLinkRenderer (LinkRenderer $linkRenderer) | |
| setSpecialPageFactory (SpecialPageFactory $specialPageFactory) | |
| userCanExecute (User $user) | |
| Checks if the given user (identified by an object) can execute this special page (as defined by $mRestriction). | |
Protected Member Functions | |
| addTabIndex (&$formDescriptor) | |
| Adds a sequential tabindex starting from 1 to all form elements. | |
| beforeExecute ( $subPage) | |
| displayForm ( $status) | |
| Display the form. | |
| fieldInfoToFormDescriptor (array $requests, array $fieldInfo, $action) | |
| Turns a field info array into a form descriptor. | |
| getAuthForm (array $requests, $action) | |
| getAuthFormDescriptor ( $requests, $action) | |
| Generates a HTMLForm descriptor array from a set of authentication requests. | |
| getContinueAction ( $action) | |
| Gets the _CONTINUE version of an action. | |
| getDefaultAction ( $subPage) | |
| Get the default action for this special page if none is given via URL/POST data. | |
| getLoginSecurityLevel () | |
| getPreservedParams ( $withToken=false) | |
| Returns URL query parameters which can be used to reload the page (or leave and return) while preserving all information that is necessary for authentication to continue. | |
| getRequestBlacklist () | |
| Allows blacklisting certain request types. | |
| getToken () | |
| Returns the CSRF token. | |
| getTokenName () | |
| Returns the name of the CSRF token (under which it should be found in the POST or GET data). | |
| handleReauthBeforeExecute ( $subPage) | |
| Handle redirection when the user needs to (re)authenticate. | |
| handleReturnBeforeExecute ( $subPage) | |
| Handle redirection from the /return subpage. | |
| hasOwnSubmitButton (AuthenticationRequest $req) | |
| Checks whether the given AuthenticationRequest has its own submit button. | |
| isActionAllowed ( $action) | |
| Checks whether AuthManager is ready to perform the action. | |
| isContinued () | |
| Returns true if this is not the first step of the authentication. | |
| loadAuth ( $subPage, $authAction=null, $reset=false) | |
| Load or initialize $authAction, $authRequests and $subPage. | |
| messageKey ( $defaultKey) | |
| Return custom message key. | |
| needsSubmitButton (array $requests) | |
| Returns true if the form built from the given AuthenticationRequests needs a submit button. | |
| performAuthenticationStep ( $action, array $requests) | |
| setRequest (array $data, $wasPosted=null) | |
| Override the POST data, GET data from the real request is preserved. | |
| trySubmit () | |
| Attempts to do an authentication step with the submitted data. | |
| Protected Member Functions inherited from MediaWiki\SpecialPage\SpecialPage | |
| addFeedLinks ( $params) | |
| Adds RSS/atom links. | |
| afterExecute ( $subPage) | |
| Gets called after. | |
| authorizeAction (?string $action=null) | |
| Utility function for authorizing an action to be performed by the special page. | |
| buildPrevNextNavigation ( $offset, $limit, array $query=[], $atend=false, $subpage=false) | |
| Generate (prev x| next x) (20|50|100...) type links for paging. | |
| checkLoginSecurityLevel ( $level=null) | |
| Verifies that the user meets the security level, possibly reauthenticating them in the process. | |
| displayRestrictionError () | |
| Output an error message telling the user what access level they have to have. | |
| getAuthManager () | |
| getCacheTTL () | |
| getGroupName () | |
| Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-group-*' for valid names This method defaults to group 'other'. | |
| getHookContainer () | |
| getHookRunner () | |
| getRobotPolicy () | |
| Return the robot policy. | |
| getSpecialPageFactory () | |
| getSubpagesForPrefixSearch () | |
| Return an array of subpages that this special page will accept for prefix searches. | |
| outputHeader ( $summaryMessageKey='') | |
| Outputs a summary message on top of special pages Per default the message key is the canonical name of the special page May be overridden, i.e. | |
| prefixSearchString ( $search, $limit, $offset, SearchEngineFactory $searchEngineFactory=null) | |
| Perform a regular substring search for prefixSearchSubpages. | |
| setAuthManager (AuthManager $authManager) | |
| Set the injected AuthManager from the special page constructor. | |
| setHeaders () | |
| Sets headers - this should be called from the execute() method of all derived classes! | |
| setReauthPostData (array $data) | |
| Record preserved POST data after a reauthentication. | |
| useTransactionalTimeLimit () | |
| Call wfTransactionalTimeLimit() if this request was POSTed. | |
Static Protected Member Functions | |
| static | getField (array $array, $fieldName, $default=null) |
| Get an array value, or a default if it does not exist. | |
| static | mapFieldInfoTypeToFormDescriptorType ( $type) |
| Maps AuthenticationRequest::getFieldInfo() types to HTMLForm types. | |
| static | mapSingleFieldInfo ( $singleFieldInfo, $fieldName) |
| Maps an authentication field configuration for a single field (as returned by AuthenticationRequest::getFieldInfo()) to a HTMLForm field descriptor. | |
| static | mergeDefaultFormDescriptor (array $fieldInfo, array $formDescriptor, array $defaultFormDescriptor) |
| Apply defaults to a form descriptor, without creating non-existent fields. | |
| static | sortFormDescriptorFields (array &$formDescriptor) |
| Sort the fields of a form descriptor by their 'weight' property. | |
| Static Protected Member Functions inherited from MediaWiki\SpecialPage\SpecialPage | |
| static | prefixSearchArray ( $search, $limit, array $subpages, $offset) |
| Helper function for implementations of prefixSearchSubpages() that filter the values in memory (as opposed to making a query). | |
Protected Attributes | |
| string | $authAction |
| one of the AuthManager::ACTION_* constants. | |
| AuthenticationRequest[] | $authRequests |
| bool | $isReturn |
| True if the current request is a result of returning from a redirect flow. | |
| WebRequest null | $savedRequest |
| If set, will be used instead of the real request. | |
| string | $subPage |
| Subpage of the special page. | |
| Protected Attributes inherited from MediaWiki\SpecialPage\SpecialPage | |
| IContextSource | $mContext |
| Current request context. | |
| bool | $mIncludable |
| Whether the special page can be included in an article. | |
| bool | $mIncluding |
| Whether or not this special page is being included from an article. | |
| string | $mName |
| The canonical name of this special page Also used as the message key for the default. | |
| string | $mRestriction |
| Minimum user level required to access this page, or "" for anyone. | |
Static Protected Attributes | |
| static string[] | $allowedActions |
| The list of actions this special page deals with. | |
| static array | $messages = [] |
| Customized messages. | |
Additional Inherited Members | |
| Static Public Member Functions inherited from MediaWiki\SpecialPage\SpecialPage | |
| static | getSafeTitleFor ( $name, $subpage=false) |
| Get a localised Title object for a page name with a possibly unvalidated subpage. | |
| static | getTitleFor ( $name, $subpage=false, $fragment='') |
| Get a localised Title object for a specified special page name If you don't need a full Title object, consider using TitleValue through getTitleValueFor() below. | |
| static | getTitleValueFor ( $name, $subpage=false, $fragment='') |
| Get a localised TitleValue object for a specified special page name. | |
| static | newSearchPage (User $user) |
| Get the users preferred search page. | |
Detailed Description
A special page subclass for authentication-related special pages.
It generates a form from a set of AuthenticationRequest objects, submits the result to AuthManager and partially handles the response.
- Note
- Call self::setAuthManager from special page constructor when extending
- Stability: stable
- to extend
Definition at line 34 of file AuthManagerSpecialPage.php.
Member Function Documentation
◆ addTabIndex()
|
protected |
Adds a sequential tabindex starting from 1 to all form elements.
This way the user can use the tab key to traverse the form without having to step through all links and such.
- Parameters
-
array[] &$formDescriptor
Definition at line 649 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthFormDescriptor().
◆ beforeExecute()
|
protected |
- Stability: stable
- to override
- Parameters
-
string | null $subPage
- Returns
- bool|void
Reimplemented from MediaWiki\SpecialPage\SpecialPage.
Reimplemented in MediaWiki\SpecialPage\LoginSignupSpecialPage, and MediaWiki\Specials\SpecialUserLogin.
Definition at line 117 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\SpecialPage\getOutput(), MediaWiki\SpecialPage\AuthManagerSpecialPage\handleReauthBeforeExecute(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\handleReturnBeforeExecute().
◆ displayForm()
|
protected |
Display the form.
- Parameters
-
false | Status | StatusValue $status A form submit status, as in HTMLForm::trySubmit()
Definition at line 592 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthForm().
Referenced by MediaWiki\Specials\SpecialChangeCredentials\execute(), MediaWiki\Specials\SpecialLinkAccounts\execute(), MediaWiki\Specials\SpecialUnlinkAccounts\execute(), and MediaWiki\Specials\SpecialLinkAccounts\success().
◆ fieldInfoToFormDescriptor()
|
protected |
Turns a field info array into a form descriptor.
Behavior can be modified by the AuthChangeFormFields hook.
- Parameters
-
AuthenticationRequest[] $requests array $fieldInfo Field information, in the format used by AuthenticationRequest::getFieldInfo() string $action One of the AuthManager::ACTION_* constants
- Returns
- array A form descriptor that can be passed to HTMLForm
Definition at line 693 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\SpecialPage\getHookRunner(), MediaWiki\SpecialPage\AuthManagerSpecialPage\mapSingleFieldInfo(), MediaWiki\SpecialPage\AuthManagerSpecialPage\onAuthChangeFormFields(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\sortFormDescriptorFields().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthFormDescriptor().
◆ getAuthForm()
|
protected |
- Stability: stable
- to override
- Parameters
-
AuthenticationRequest[] $requests string $action AuthManager action name (one of the AuthManager::ACTION_* constants)
- Returns
- HTMLForm
Reimplemented in MediaWiki\SpecialPage\LoginSignupSpecialPage, MediaWiki\Specials\SpecialChangeCredentials, and MediaWiki\Specials\SpecialLinkAccounts.
Definition at line 571 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthFormDescriptor(), MediaWiki\SpecialPage\SpecialPage\getContext(), MediaWiki\SpecialPage\SpecialPage\getFullTitle(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getPreservedParams(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequest(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getToken(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getTokenName(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\needsSubmitButton().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\displayForm(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\trySubmit().
◆ getAuthFormDescriptor()
|
protected |
Generates a HTMLForm descriptor array from a set of authentication requests.
- Stability: stable
- to override
- Parameters
-
AuthenticationRequest[] $requests string $action AuthManager action name (one of the AuthManager::ACTION_* constants)
- Returns
- array[]
Reimplemented in MediaWiki\Specials\SpecialChangeCredentials.
Definition at line 556 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\addTabIndex(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\fieldInfoToFormDescriptor().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthForm().
◆ getContinueAction()
|
protected |
Gets the _CONTINUE version of an action.
- Parameters
-
string $action An AuthManager::ACTION_* constant.
- Returns
- string An AuthManager::ACTION_*_CONTINUE constant.
Definition at line 316 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\LoginSignupSpecialPage\execute(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getPreservedParams(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\loadAuth().
◆ getDefaultAction()
|
abstractprotected |
Get the default action for this special page if none is given via URL/POST data.
Subclasses should override this (or override loadAuth() so this is never called).
- Stability: stable
- to override
- Parameters
-
string $subPage Subpage of the special page.
- Returns
- string an AuthManager::ACTION_* constant.
Reimplemented in MediaWiki\Specials\SpecialChangeCredentials, MediaWiki\Specials\SpecialCreateAccount, MediaWiki\Specials\SpecialLinkAccounts, MediaWiki\Specials\SpecialRemoveCredentials, MediaWiki\Specials\SpecialUnlinkAccounts, and MediaWiki\Specials\SpecialUserLogin.
Referenced by MediaWiki\SpecialPage\LoginSignupSpecialPage\execute(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getPreservedParams(), MediaWiki\SpecialPage\AuthManagerSpecialPage\loadAuth(), and MediaWiki\SpecialPage\LoginSignupSpecialPage\mainLoginForm().
◆ getField()
|
staticprotected |
Get an array value, or a default if it does not exist.
- Parameters
-
array $array string $fieldName mixed | null $default
- Returns
- mixed
Definition at line 785 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\sortFormDescriptorFields().
◆ getLoginSecurityLevel()
|
protected |
- Stability: stable
- to override
- Returns
- bool|string
Reimplemented from MediaWiki\SpecialPage\SpecialPage.
Reimplemented in MediaWiki\Specials\SpecialCreateAccount, MediaWiki\Specials\SpecialUnlinkAccounts, and MediaWiki\Specials\SpecialUserLogin.
Definition at line 84 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\SpecialPage\getName().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\handleReauthBeforeExecute().
◆ getPreservedParams()
|
protected |
Returns URL query parameters which can be used to reload the page (or leave and return) while preserving all information that is necessary for authentication to continue.
These parameters will be preserved in the action URL of the form and in the return URL for redirect flow.
- Stability: stable
- to override
- Parameters
-
bool $withToken Include CSRF token
- Returns
- array
Reimplemented in MediaWiki\SpecialPage\LoginSignupSpecialPage, and MediaWiki\Specials\SpecialChangeCredentials.
Definition at line 538 of file AuthManagerSpecialPage.php.
References $params, MediaWiki\SpecialPage\AuthManagerSpecialPage\getContinueAction(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getDefaultAction(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getToken(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\getTokenName().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthForm(), MediaWiki\SpecialPage\AuthManagerSpecialPage\handleReturnBeforeExecute(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\performAuthenticationStep().
◆ getRequest()
| MediaWiki\SpecialPage\AuthManagerSpecialPage::getRequest | ( | ) |
Get the WebRequest being used for this instance.
- Returns
- WebRequest
- Since
- 1.18
Reimplemented from MediaWiki\SpecialPage\SpecialPage.
Definition at line 88 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\SpecialPage\getContext().
Referenced by MediaWiki\Specials\SpecialUserLogin\beforeExecute(), MediaWiki\Specials\SpecialCreateAccount\clearToken(), MediaWiki\Specials\SpecialUserLogin\clearToken(), MediaWiki\SpecialPage\LoginSignupSpecialPage\execute(), MediaWiki\Specials\SpecialUnlinkAccounts\execute(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthForm(), MediaWiki\Specials\SpecialChangeCredentials\getPreservedParams(), MediaWiki\Specials\SpecialChangeCredentials\getReturnUrl(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getToken(), MediaWiki\Specials\SpecialCreateAccount\getToken(), MediaWiki\Specials\SpecialUserLogin\getToken(), MediaWiki\SpecialPage\AuthManagerSpecialPage\handleReauthBeforeExecute(), MediaWiki\SpecialPage\AuthManagerSpecialPage\handleReturnBeforeExecute(), MediaWiki\SpecialPage\LoginSignupSpecialPage\load(), MediaWiki\SpecialPage\AuthManagerSpecialPage\loadAuth(), MediaWiki\Specials\SpecialChangeCredentials\success(), MediaWiki\Specials\SpecialCreateAccount\successfulAction(), MediaWiki\Specials\SpecialUserLogin\successfulAction(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\trySubmit().
◆ getRequestBlacklist()
|
protected |
Allows blacklisting certain request types.
- Stability: stable
- to override
- Returns
- array A list of AuthenticationRequest subclass names
Reimplemented in MediaWiki\Specials\SpecialChangeCredentials, MediaWiki\Specials\SpecialLinkAccounts, MediaWiki\Specials\SpecialRemoveCredentials, and MediaWiki\Specials\SpecialUnlinkAccounts.
Definition at line 254 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\loadAuth().
◆ getToken()
|
protected |
Returns the CSRF token.
- Stability: stable
- to override
- Returns
- Token
Reimplemented in MediaWiki\Specials\SpecialCreateAccount, and MediaWiki\Specials\SpecialUserLogin.
Definition at line 670 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\SpecialPage\getName(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequest().
Referenced by MediaWiki\SpecialPage\LoginSignupSpecialPage\execute(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthForm(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getPreservedParams(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\trySubmit().
◆ getTokenName()
|
protected |
Returns the name of the CSRF token (under which it should be found in the POST or GET data).
- Stability: stable
- to override
- Returns
- string
Reimplemented in MediaWiki\SpecialPage\LoginSignupSpecialPage, MediaWiki\Specials\SpecialCreateAccount, and MediaWiki\Specials\SpecialUserLogin.
Definition at line 680 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthForm(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getPreservedParams(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\trySubmit().
◆ handleFormSubmit()
| MediaWiki\SpecialPage\AuthManagerSpecialPage::handleFormSubmit | ( | $data | ) |
Submit handler callback for HTMLForm.
- Access: internal
- Parameters
-
array $data Submitted data
- Returns
- Status
Reimplemented in MediaWiki\Specials\SpecialChangeCredentials, and MediaWiki\Specials\SpecialUnlinkAccounts.
Definition at line 522 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\performAuthenticationStep().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\trySubmit().
◆ handleReauthBeforeExecute()
|
protected |
Handle redirection when the user needs to (re)authenticate.
Send the user to the login form if needed; in case the request was a POST, stash in the session and simulate it once the user gets back.
- Parameters
-
string $subPage
- Returns
- bool False if execution should be stopped.
- Exceptions
-
ErrorPageError When the user is not allowed to use this page.
Definition at line 178 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\SpecialPage\getAuthManager(), MediaWiki\SpecialPage\SpecialPage\getFullTitle(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getLoginSecurityLevel(), MediaWiki\SpecialPage\SpecialPage\getName(), MediaWiki\SpecialPage\SpecialPage\getOutput(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequest(), MediaWiki\SpecialPage\SpecialPage\getTitleFor(), PROTO_HTTPS, MediaWiki\SpecialPage\AuthManagerSpecialPage\setRequest(), and wfArrayToCgi().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\beforeExecute().
◆ handleReturnBeforeExecute()
|
protected |
Handle redirection from the /return subpage.
This is used in the redirect flow where we need to be able to process data that was sent via a GET request. We set the /return subpage as the reentry point, so we know we need to treat GET as POST, but we don't want to handle all future GETs requests as POSTs, so we need to normalize the URL. (Also, we don't want to show any received parameters around in the URL; they are ugly and might be sensitive.)
Thus, when on the /return subpage, we stash the request data in the session, redirect, then use the session to detect that we have been redirected, recover the data and replace the real WebRequest with a fake one that contains the saved data.
- Parameters
-
string $subPage
- Returns
- bool False if execution should be stopped.
Definition at line 140 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\SpecialPage\getAuthManager(), MediaWiki\SpecialPage\SpecialPage\getName(), MediaWiki\SpecialPage\SpecialPage\getOutput(), MediaWiki\SpecialPage\SpecialPage\getPageTitle(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getPreservedParams(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequest(), MediaWiki\SpecialPage\AuthManagerSpecialPage\loadAuth(), PROTO_HTTPS, and MediaWiki\SpecialPage\AuthManagerSpecialPage\setRequest().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\beforeExecute().
◆ hasOwnSubmitButton()
|
protected |
Checks whether the given AuthenticationRequest has its own submit button.
- Parameters
-
AuthenticationRequest $req
- Returns
- bool
Definition at line 635 of file AuthManagerSpecialPage.php.
References MediaWiki\Auth\AuthenticationRequest\getFieldInfo().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\needsSubmitButton().
◆ isActionAllowed()
|
protected |
Checks whether AuthManager is ready to perform the action.
ACTION_CHANGE needs special verification (AuthManager::allowsAuthenticationData*) which is the caller's responsibility.
- Parameters
-
string $action One of the AuthManager::ACTION_* constants in static::$allowedActions
- Returns
- bool
- Exceptions
-
LogicException if $action is invalid
Definition at line 339 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\$authAction, and MediaWiki\SpecialPage\SpecialPage\getAuthManager().
Referenced by MediaWiki\SpecialPage\LoginSignupSpecialPage\execute(), MediaWiki\Specials\SpecialLinkAccounts\execute(), and MediaWiki\Specials\SpecialUnlinkAccounts\execute().
◆ isContinued()
|
protected |
Returns true if this is not the first step of the authentication.
- Returns
- bool
Definition at line 303 of file AuthManagerSpecialPage.php.
◆ loadAuth()
|
protected |
Load or initialize $authAction, $authRequests and $subPage.
Subclasses should call this from execute() or otherwise ensure the variables are initialized.
- Stability: stable
- to override
- Parameters
-
string $subPage Subpage of the special page. string | null $authAction Override auth action specified in request (this is useful when the form needs to be changed from <action> to <action>_CONTINUE after a successful authentication step) bool $reset Regenerate the requests even if a cached version is available
Reimplemented in MediaWiki\Specials\SpecialChangeCredentials.
Definition at line 268 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\$authAction, MediaWiki\SpecialPage\AuthManagerSpecialPage\$subPage, MediaWiki\SpecialPage\SpecialPage\getAuthManager(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getContinueAction(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getDefaultAction(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequest(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequestBlacklist(), and MediaWiki\SpecialPage\SpecialPage\getUser().
Referenced by MediaWiki\SpecialPage\LoginSignupSpecialPage\execute(), MediaWiki\Specials\SpecialLinkAccounts\execute(), MediaWiki\Specials\SpecialUnlinkAccounts\execute(), MediaWiki\SpecialPage\AuthManagerSpecialPage\handleReturnBeforeExecute(), MediaWiki\SpecialPage\LoginSignupSpecialPage\load(), and MediaWiki\Specials\SpecialLinkAccounts\success().
◆ mapFieldInfoTypeToFormDescriptorType()
|
staticprotected |
Maps AuthenticationRequest::getFieldInfo() types to HTMLForm types.
- Parameters
-
string $type
- Returns
- string
Definition at line 800 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\mapSingleFieldInfo().
◆ mapSingleFieldInfo()
|
staticprotected |
Maps an authentication field configuration for a single field (as returned by AuthenticationRequest::getFieldInfo()) to a HTMLForm field descriptor.
- Parameters
-
array $singleFieldInfo string $fieldName
- Returns
- array
Definition at line 722 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\mapFieldInfoTypeToFormDescriptorType().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\fieldInfoToFormDescriptor().
◆ mergeDefaultFormDescriptor()
|
staticprotected |
Apply defaults to a form descriptor, without creating non-existent fields.
Overrides $formDescriptor fields with their $defaultFormDescriptor equivalent, but only if the field is defined in $fieldInfo, uses the special 'basefield' property to refer to a $fieldInfo field, or it is not a real field (e.g. help text). Applies some common-sense behaviors to ensure related fields are overridden in a consistent manner.
- Parameters
-
array $fieldInfo array $formDescriptor array $defaultFormDescriptor
- Returns
- array
Definition at line 829 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\Specials\SpecialChangeCredentials\onAuthChangeFormFields().
◆ messageKey()
|
protected |
Return custom message key.
Allows subclasses to customize messages.
- Parameters
-
string $defaultKey
- Returns
- string
Definition at line 244 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\trySubmit().
◆ needsSubmitButton()
|
protected |
Returns true if the form built from the given AuthenticationRequests needs a submit button.
Providers using redirect flow (e.g. Google login) need their own submit buttons; if using one of those custom buttons is the only way to proceed, there is no point in displaying the default button which won't do anything useful.
- Stability: stable
- to override
- Parameters
-
AuthenticationRequest[] $requests An array of AuthenticationRequests from which the form will be built
- Returns
- bool
Reimplemented in MediaWiki\Specials\SpecialChangeCredentials.
Definition at line 611 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\hasOwnSubmitButton().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthForm().
◆ onAuthChangeFormFields()
| MediaWiki\SpecialPage\AuthManagerSpecialPage::onAuthChangeFormFields | ( | array | $requests, |
| array | $fieldInfo, | ||
| array & | $formDescriptor, | ||
| $action ) |
Change the form descriptor that determines how a field will look in the authentication form.
Called from fieldInfoToFormDescriptor().
- Stability: stable
- to override
- Parameters
-
AuthenticationRequest[] $requests array $fieldInfo Field information array (union of all AuthenticationRequest::getFieldInfo() responses). array &$formDescriptor HTMLForm descriptor. The special key 'weight' can be set to change the order of the fields. string $action Authentication type (one of the AuthManager::ACTION_* constants)
Reimplemented in MediaWiki\SpecialPage\LoginSignupSpecialPage, and MediaWiki\Specials\SpecialChangeCredentials.
Definition at line 75 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\fieldInfoToFormDescriptor().
◆ performAuthenticationStep()
|
protected |
- Parameters
-
string $action One of the AuthManager::ACTION_* constants AuthenticationRequest[] $requests
- Returns
- AuthenticationResponse
- Exceptions
-
LogicException if $action is invalid
Definition at line 379 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\SpecialPage\getAuthManager(), MediaWiki\SpecialPage\SpecialPage\getAuthority(), MediaWiki\SpecialPage\SpecialPage\getHookRunner(), MediaWiki\SpecialPage\SpecialPage\getPageTitle(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getPreservedParams(), MediaWiki\SpecialPage\SpecialPage\getUser(), and PROTO_HTTPS.
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\handleFormSubmit(), MediaWiki\Specials\SpecialChangeCredentials\handleFormSubmit(), and MediaWiki\Specials\SpecialUnlinkAccounts\handleFormSubmit().
◆ setRequest()
|
protected |
Override the POST data, GET data from the real request is preserved.
Used to preserve POST data over a HTTP redirect.
- Stability: stable
- to override
- Parameters
-
array $data bool | null $wasPosted
Reimplemented in MediaWiki\SpecialPage\LoginSignupSpecialPage.
Definition at line 102 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\SpecialPage\getContext().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\handleReauthBeforeExecute(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\handleReturnBeforeExecute().
◆ sortFormDescriptorFields()
|
staticprotected |
Sort the fields of a form descriptor by their 'weight' property.
(Fields with higher weight are shown closer to the bottom; weight defaults to 0. Negative weight is allowed.) Keep order if weights are equal.
- Parameters
-
array &$formDescriptor
Definition at line 763 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\getField().
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\fieldInfoToFormDescriptor().
◆ trySubmit()
|
protected |
Attempts to do an authentication step with the submitted data.
Subclasses should probably call this from execute().
- Returns
- false|Status
- false if there was no submit at all
- a good Status wrapping an AuthenticationResponse if the form submit was successful. This does not necessarily mean that the authentication itself was successful; see the response for that.
- a bad Status for form errors.
Definition at line 436 of file AuthManagerSpecialPage.php.
References MediaWiki\SpecialPage\AuthManagerSpecialPage\getAuthForm(), MediaWiki\SpecialPage\SpecialPage\getHookRunner(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getRequest(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getToken(), MediaWiki\SpecialPage\AuthManagerSpecialPage\getTokenName(), MediaWiki\SpecialPage\AuthManagerSpecialPage\handleFormSubmit(), and MediaWiki\SpecialPage\AuthManagerSpecialPage\messageKey().
Referenced by MediaWiki\SpecialPage\LoginSignupSpecialPage\execute(), MediaWiki\Specials\SpecialChangeCredentials\execute(), MediaWiki\Specials\SpecialLinkAccounts\execute(), and MediaWiki\Specials\SpecialUnlinkAccounts\execute().
Member Data Documentation
◆ $allowedActions
|
staticprotected |
The list of actions this special page deals with.
Subclasses should override this.
Definition at line 38 of file AuthManagerSpecialPage.php.
◆ $authAction
|
protected |
one of the AuthManager::ACTION_* constants.
Definition at line 49 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\AuthManagerSpecialPage\isActionAllowed(), MediaWiki\SpecialPage\AuthManagerSpecialPage\loadAuth(), and MediaWiki\Specials\SpecialChangeCredentials\loadAuth().
◆ $authRequests
|
protected |
Definition at line 52 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\Specials\SpecialChangeCredentials\handleFormSubmit(), and MediaWiki\Specials\SpecialChangeCredentials\isListed().
◆ $isReturn
|
protected |
True if the current request is a result of returning from a redirect flow.
Definition at line 58 of file AuthManagerSpecialPage.php.
◆ $messages
|
staticprotected |
Customized messages.
Definition at line 46 of file AuthManagerSpecialPage.php.
◆ $savedRequest
|
protected |
If set, will be used instead of the real request.
Used for redirection.
Definition at line 61 of file AuthManagerSpecialPage.php.
◆ $subPage
|
protected |
Subpage of the special page.
Definition at line 55 of file AuthManagerSpecialPage.php.
Referenced by MediaWiki\SpecialPage\LoginSignupSpecialPage\beforeExecute(), MediaWiki\Specials\SpecialUserLogin\beforeExecute(), MediaWiki\SpecialPage\LoginSignupSpecialPage\execute(), MediaWiki\Specials\SpecialChangeCredentials\execute(), MediaWiki\Specials\SpecialLinkAccounts\execute(), MediaWiki\Specials\SpecialUnlinkAccounts\execute(), MediaWiki\SpecialPage\LoginSignupSpecialPage\load(), MediaWiki\SpecialPage\AuthManagerSpecialPage\loadAuth(), and MediaWiki\Specials\SpecialChangeCredentials\loadAuth().
The documentation for this class was generated from the following file:
- includes/specialpage/AuthManagerSpecialPage.php
