return;
}
+ if ( $this->canBypassForm( $button_name ) ) {
+ $this->setRequest( [], true );
+ $this->getRequest()->setVal( $this->getTokenName(), $this->getToken() );
+ if ( $button_name ) {
+ $this->getRequest()->setVal( $button_name, true );
+ }
+ }
+
$status = $this->trySubmit();
if ( !$status || !$status->isGood() ) {
$this->authAction = $this->isSignup() ? AuthManager::ACTION_CREATE_CONTINUE
: AuthManager::ACTION_LOGIN_CONTINUE;
$this->authRequests = $response->neededRequests;
- $this->mainLoginForm( $response->neededRequests, $response->message, 'warning' );
+ $this->mainLoginForm( $response->neededRequests, $response->message, $response->messageType );
break;
default:
throw new LogicException( 'invalid AuthenticationResponse' );
}
}
+ /**
+ * Determine if the login form can be bypassed. This will be the case when no more than one
+ * button is present and no other user input fields that are not marked as 'skippable' are
+ * present. If the login form were not bypassed, the user would be presented with a
+ * superfluous page on which they must press the single button to proceed with login.
+ * Not only does this cause an additional mouse click and page load, it confuses users,
+ * especially since there are a help link and forgotten password link that are
+ * provided on the login page that do not apply to this situation.
+ *
+ * @param string|null &$button_name if the form has a single button, returns
+ * the name of the button; otherwise, returns null
+ * @return bool
+ */
+ private function canBypassForm( &$button_name ) {
+ $button_name = null;
+ if ( $this->isContinued() ) {
+ return false;
+ }
+ $fields = AuthenticationRequest::mergeFieldInfo( $this->authRequests );
+ foreach ( $fields as $fieldname => $field ) {
+ if ( !isset( $field['type'] ) ) {
+ return false;
+ }
+ if ( !empty( $field['skippable'] ) ) {
+ continue;
+ }
+ if ( $field['type'] === 'button' ) {
+ if ( $button_name !== null ) {
+ $button_name = null;
+ return false;
+ } else {
+ $button_name = $fieldname;
+ }
+ } elseif ( $field['type'] !== 'null' ) {
+ return false;
+ }
+ }
+ return true;
+ }
+
/**
* Show the success page.
*
$form = $this->getAuthForm( $requests, $this->authAction, $msg, $msgtype );
$form->prepareForm();
- $formHtml = $form->getHTML( $msg ? Status::newFatal( $msg ) : false );
+
+ $submitStatus = Status::newGood();
+ if ( $msg && $msgtype === 'warning' ) {
+ $submitStatus->warning( $msg );
+ } elseif ( $msg && $msgtype === 'error' ) {
+ $submitStatus->fatal( $msg );
+ }
+
+ // warning header for non-standard workflows (e.g. security reauthentication)
+ if ( !$this->isSignup() && $this->getUser()->isLoggedIn() ) {
+ $reauthMessage = $this->securityLevel ? 'userlogin-reauth' : 'userlogin-loggedin';
+ $submitStatus->warning( $reauthMessage, $this->getUser()->getName() );
+ }
+
+ $formHtml = $form->getHTML( $submitStatus );
$out->addHTML( $this->getPageHtml( $formHtml ) );
}
$form->setId( 'userlogin2' );
}
- // warning header for non-standard workflows (e.g. security reauthentication)
- if ( !$this->isSignup() && $this->getUser()->isLoggedIn() ) {
- $reauthMessage = $this->securityLevel ? 'userlogin-reauth' : 'userlogin-loggedin';
- $form->addHeaderText( Html::rawElement( 'div', [ 'class' => 'warningbox' ],
- $this->msg( $reauthMessage )->params( $this->getUser()->getName() )->parse() ) );
- }
-
$form->suppressDefaultSubmit();
$this->authForm = $form;