Pre-authentication providers can prevent authentication early on. More...
Inherits MediaWiki\Auth\AuthenticationProvider.
Inherited by MediaWiki\Auth\AbstractPreAuthenticationProvider.
Public Member Functions | |
| postAccountCreation ( $user, $creator, AuthenticationResponse $response) | |
| Post-creation callback. | |
| postAccountLink ( $user, AuthenticationResponse $response) | |
| Post-link callback. | |
| postAuthentication ( $user, AuthenticationResponse $response) | |
| Post-login callback. | |
| testForAccountCreation ( $user, $creator, array $reqs) | |
| Determine whether an account creation may begin. | |
| testForAccountLink ( $user) | |
| Determine whether an account may linked to another authentication method. | |
| testForAuthentication (array $reqs) | |
| Determine whether an authentication may begin. | |
| testUserForCreation ( $user, $autocreate, array $options=[]) | |
| Determine whether an account may be created. | |
 Public Member Functions inherited from MediaWiki\Auth\AuthenticationProvider | |
| getAuthenticationRequests ( $action, array $options) | |
| Return the applicable list of AuthenticationRequests. | |
| getUniqueId () | |
| Return a unique identifier for this instance. | |
Detailed Description
Pre-authentication providers can prevent authentication early on.
A PreAuthenticationProvider is used to supply arbitrary checks to be performed before the PrimaryAuthenticationProviders are consulted during the login / account creation / account linking process. Possible uses include checking that a per-IP throttle has not been reached or that a captcha has been solved.
This interface also provides callbacks that are invoked after login / account creation / account linking succeeded or failed.
- Since
- 1.27
Definition at line 27 of file PreAuthenticationProvider.php.
Member Function Documentation
◆ postAccountCreation()
| MediaWiki\Auth\PreAuthenticationProvider::postAccountCreation | ( | $user, | |
| $creator, | |||
| AuthenticationResponse | $response ) |
Post-creation callback.
This will be called at the end of an account creation attempt. It will not be called if the account creation process results in a session timeout (possibly after a successful user creation, while a secondary provider is waiting for a response).
- Parameters
-
User $user User that was attempted to be created. This may become a "UserIdentity" in the future. User $creator User doing the creation. This may become a "UserIdentity" in the future. AuthenticationResponse $response Authentication response that will be returned (PASS or FAIL)
Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider.
◆ postAccountLink()
| MediaWiki\Auth\PreAuthenticationProvider::postAccountLink | ( | $user, | |
| AuthenticationResponse | $response ) |
Post-link callback.
This will be called at the end of an account linking attempt.
- Parameters
-
User $user User that was attempted to be linked. This may become a "UserIdentity" in the future. AuthenticationResponse $response Authentication response that will be returned (PASS or FAIL)
Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider.
◆ postAuthentication()
| MediaWiki\Auth\PreAuthenticationProvider::postAuthentication | ( | $user, | |
| AuthenticationResponse | $response ) |
Post-login callback.
This will be called at the end of a login attempt. It will not be called for unfinished login attempts that fail by the session timing out.
- Note
- Under certain circumstances, this can be called even when testForAuthentication was not; see AuthenticationRequest::$loginRequest.
- Parameters
-
User | null $user User that was attempted to be logged in, if known. This may become a "UserIdentity" in the future. AuthenticationResponse $response Authentication response that will be returned (PASS or FAIL)
Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider, and MediaWiki\Auth\ThrottlePreAuthenticationProvider.
◆ testForAccountCreation()
| MediaWiki\Auth\PreAuthenticationProvider::testForAccountCreation | ( | $user, | |
| $creator, | |||
| array | $reqs ) |
Determine whether an account creation may begin.
Called from AuthManager::beginAccountCreation()
- Note
- No need to test if the account exists, AuthManager checks that
- Parameters
-
User $user User being created (not added to the database yet). This may become a "UserIdentity" in the future. User $creator User doing the creation. This may become a "UserIdentity" in the future. AuthenticationRequest[] $reqs
- Returns
- StatusValue
Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider, and MediaWiki\Auth\ThrottlePreAuthenticationProvider.
◆ testForAccountLink()
| MediaWiki\Auth\PreAuthenticationProvider::testForAccountLink | ( | $user | ) |
Determine whether an account may linked to another authentication method.
- Parameters
-
User $user User being linked. This may become a "UserIdentity" in the future.
- Returns
- StatusValue
Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider.
◆ testForAuthentication()
| MediaWiki\Auth\PreAuthenticationProvider::testForAuthentication | ( | array | $reqs | ) |
Determine whether an authentication may begin.
Called from AuthManager::beginAuthentication()
- Parameters
-
AuthenticationRequest[] $reqs
- Returns
- StatusValue
Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider, and MediaWiki\Auth\ThrottlePreAuthenticationProvider.
◆ testUserForCreation()
| MediaWiki\Auth\PreAuthenticationProvider::testUserForCreation | ( | $user, | |
| $autocreate, | |||
| array | $options = [] ) |
Determine whether an account may be created.
- Parameters
-
User $user User being created (not added to the database yet). This may become a "UserIdentity" in the future. bool | string $autocreate False if this is not an auto-creation, or the source of the auto-creation passed to AuthManager::autoCreateUser(). array $options - flags: (int) Bitfield of IDBAccessObject::READ_* constants, default IDBAccessObject::READ_NORMAL
- creating: (bool) If false (or missing), this call is only testing if a user could be created. If set, this (non-autocreation) is for actually creating an account and will be followed by a call to testForAccountCreation(). In this case, the provider might return StatusValue::newGood() here and let the later call to testForAccountCreation() do a more thorough test.
- canAlwaysAutocreate: (bool) If true the session provider is exempt from autocreate user permissions checks.
- performer: (Authority) The performer of the action, used for user rights checking.
- Returns
- StatusValue
Implemented in MediaWiki\Auth\AbstractPreAuthenticationProvider.
The documentation for this interface was generated from the following file:
- includes/Auth/PreAuthenticationProvider.php
