API: Remove deprecated response values from action=login

[lhc/web/wiklou.git] / includes / api / ApiClientLogin.php

diff --git a/includes/api/ApiClientLogin.php b/includes/api/ApiClientLogin.php
index 711234a..8e5a3c7 100644 (file)
--- a/includes/api/ApiClientLogin.php
+++ b/includes/api/ApiClientLogin.php
@@ -21,8 +21,8 @@
  */
 
 use MediaWiki\Auth\AuthManager;
-use MediaWiki\Auth\AuthenticationRequest;
 use MediaWiki\Auth\AuthenticationResponse;
+use MediaWiki\Auth\CreateFromLoginAuthenticationRequest;
 
 /**
  * Log in to the wiki with AuthManager
@@ -90,6 +90,13 @@ class ApiClientLogin extends ApiBase {
                        $res = $manager->beginAuthentication( $reqs, $params['returnurl'] );
                }
 
+               // Remove CreateFromLoginAuthenticationRequest from $res->neededRequests.
+               // It's there so a RESTART treated as UI will work right, but showing
+               // it to the API client is just confusing.
+               $res->neededRequests = ApiAuthManagerHelper::blacklistAuthenticationRequests(
+                       $res->neededRequests, [ CreateFromLoginAuthenticationRequest::class ]
+               );
+
                $this->getResult()->addValue( null, 'clientlogin',
                        $helper->formatAuthenticationResponse( $res ) );
        }