|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* Copyright © 2016 Brad Jorsch <[email protected]> |
|
4
|
|
|
* |
|
5
|
|
|
* This program is free software; you can redistribute it and/or modify |
|
6
|
|
|
* it under the terms of the GNU General Public License as published by |
|
7
|
|
|
* the Free Software Foundation; either version 2 of the License, or |
|
8
|
|
|
* (at your option) any later version. |
|
9
|
|
|
* |
|
10
|
|
|
* This program is distributed in the hope that it will be useful, |
|
11
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
12
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
13
|
|
|
* GNU General Public License for more details. |
|
14
|
|
|
* |
|
15
|
|
|
* You should have received a copy of the GNU General Public License along |
|
16
|
|
|
* with this program; if not, write to the Free Software Foundation, Inc., |
|
17
|
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
|
18
|
|
|
* http://www.gnu.org/copyleft/gpl.html |
|
19
|
|
|
* |
|
20
|
|
|
* @file |
|
21
|
|
|
*/ |
|
22
|
|
|
|
|
23
|
|
|
use MediaWiki\Auth\AuthManager; |
|
24
|
|
|
|
|
25
|
|
|
/** |
|
26
|
|
|
* Change authentication data with AuthManager |
|
27
|
|
|
* |
|
28
|
|
|
* @ingroup API |
|
29
|
|
|
*/ |
|
30
|
|
|
class ApiChangeAuthenticationData extends ApiBase { |
|
31
|
|
|
|
|
32
|
|
|
public function __construct( ApiMain $main, $action ) { |
|
33
|
|
|
parent::__construct( $main, $action, 'changeauth' ); |
|
34
|
|
|
} |
|
35
|
|
|
|
|
36
|
|
|
public function execute() { |
|
37
|
|
|
if ( !$this->getUser()->isLoggedIn() ) { |
|
38
|
|
|
$this->dieUsage( 'Must be logged in to change authentication data', 'notloggedin' ); |
|
39
|
|
|
} |
|
40
|
|
|
|
|
41
|
|
|
$helper = new ApiAuthManagerHelper( $this ); |
|
42
|
|
|
$manager = AuthManager::singleton(); |
|
43
|
|
|
|
|
44
|
|
|
// Check security-sensitive operation status |
|
45
|
|
|
$helper->securitySensitiveOperation( 'ChangeCredentials' ); |
|
46
|
|
|
|
|
47
|
|
|
// Fetch the request |
|
48
|
|
|
$reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests( |
|
49
|
|
|
$helper->loadAuthenticationRequests( AuthManager::ACTION_CHANGE ), |
|
50
|
|
|
$this->getConfig()->get( 'ChangeCredentialsBlacklist' ) |
|
51
|
|
|
); |
|
52
|
|
|
if ( count( $reqs ) !== 1 ) { |
|
53
|
|
|
$this->dieUsage( 'Failed to create change request', 'badrequest' ); |
|
54
|
|
|
} |
|
55
|
|
|
$req = reset( $reqs ); |
|
56
|
|
|
|
|
57
|
|
|
// Make the change |
|
58
|
|
|
$status = $manager->allowsAuthenticationDataChange( $req, true ); |
|
|
|
|
|
|
59
|
|
|
Hooks::run( 'ChangeAuthenticationDataAudit', [ $req, $status ] ); |
|
60
|
|
|
if ( !$status->isGood() ) { |
|
61
|
|
|
$this->dieStatus( $status ); |
|
62
|
|
|
} |
|
63
|
|
|
$manager->changeAuthenticationData( $req ); |
|
|
|
|
|
|
64
|
|
|
|
|
65
|
|
|
$this->getResult()->addValue( null, 'changeauthenticationdata', [ 'status' => 'success' ] ); |
|
66
|
|
|
} |
|
67
|
|
|
|
|
68
|
|
|
public function isWriteMode() { |
|
69
|
|
|
return true; |
|
70
|
|
|
} |
|
71
|
|
|
|
|
72
|
|
|
public function needsToken() { |
|
73
|
|
|
return 'csrf'; |
|
74
|
|
|
} |
|
75
|
|
|
|
|
76
|
|
|
public function getAllowedParams() { |
|
77
|
|
|
return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_CHANGE, |
|
78
|
|
|
'request' |
|
79
|
|
|
); |
|
80
|
|
|
} |
|
81
|
|
|
|
|
82
|
|
|
public function dynamicParameterDocumentation() { |
|
83
|
|
|
return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_CHANGE ]; |
|
84
|
|
|
} |
|
85
|
|
|
|
|
86
|
|
|
protected function getExamplesMessages() { |
|
87
|
|
|
return [ |
|
88
|
|
|
'action=changeauthenticationdata' . |
|
89
|
|
|
'&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest' . |
|
90
|
|
|
'&password=ExamplePassword&retype=ExamplePassword&changeauthtoken=123ABC' |
|
91
|
|
|
=> 'apihelp-changeauthenticationdata-example-password', |
|
92
|
|
|
]; |
|
93
|
|
|
} |
|
94
|
|
|
|
|
95
|
|
|
public function getHelpUrls() { |
|
96
|
|
|
return 'https://www.mediawiki.org/wiki/API:Manage_authentication_data'; |
|
97
|
|
|
} |
|
98
|
|
|
} |
|
99
|
|
|
|
wikimedia /
mediawiki
Loading history...
This check looks for type mismatches where the missing type is
false. This is usually indicative of an error condtion.Consider the follow example
This function either returns a new
DateTimeobject or false, if there was an error. This is a typical pattern in PHP programming to show that an error has occurred without raising an exception. The calling code should check for this returnedfalsebefore passing on the value to another function or method that may not be able to handle afalse.