/** Indicates that the request is required by a primary authentication
* provider. Since the user can choose which primary to authenticate with,
- * the request might or might not end up being actually required. */
+ * the request might or might not end up being actually required.
+ */
const PRIMARY_REQUIRED = 2;
/** @var string|null The AuthManager::ACTION_* constant this request was
public $action = null;
/** @var int For login, continue, and link actions, one of self::OPTIONAL,
- * self::REQUIRED, or self::PRIMARY_REQUIRED */
+ * self::REQUIRED, or self::PRIMARY_REQUIRED
+ */
public $required = self::REQUIRED;
/** @var string|null Return-to URL, in case of redirect */
public $returnToUrl = null;
/** @var string|null Username. See AuthenticationProvider::getAuthenticationRequests()
- * for details of what this means and how it behaves. */
+ * for details of what this means and how it behaves.
+ */
public $username = null;
/**
* - optional: (bool) If set and truthy, the field may be left empty
* - sensitive: (bool) If set and truthy, the field is considered sensitive. Code using the
* request should avoid exposing the value of the field.
+ * - skippable: (bool) If set and truthy, the client is free to hide this
+ * field from the user to streamline the workflow. If all fields are
+ * skippable (except possibly a single button), no user interaction is
+ * required at all.
*
* All AuthenticationRequests are populated from the same data, so most of the time you'll
* want to prefix fields names with something unique to the extension/provider (although
* @return AuthenticationRequest
*/
public static function __set_state( $data ) {
+ // @phan-suppress-next-line PhanTypeInstantiateAbstract
$ret = new static();
foreach ( $data as $k => $v ) {
$ret->$k = $v;