includes/AuthPlugin.php

   1 <?php
   2 /**
   3  * @package MediaWiki
   4  */
   5 # Copyright (C) 2004 Brion Vibber <brion@pobox.com>
   6 # http://www.mediawiki.org/
   7 #
   8 # This program is free software; you can redistribute it and/or modify
   9 # it under the terms of the GNU General Public License as published by
  10 # the Free Software Foundation; either version 2 of the License, or
  11 # (at your option) any later version.
  12 #
  13 # This program is distributed in the hope that it will be useful,
  14 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16 # GNU General Public License for more details.
  17 #
  18 # You should have received a copy of the GNU General Public License along
  19 # with this program; if not, write to the Free Software Foundation, Inc.,
  20 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  21 # http://www.gnu.org/copyleft/gpl.html
  22
  23 /**
  24  * Authentication plugin interface. Instantiate a subclass of AuthPlugin
  25  * and set $wgAuth to it to authenticate against some external tool.
  26  *
  27  * The default behavior is not to do anything, and use the local user
  28  * database for all authentication. A subclass can require that all
  29  * accounts authenticate externally, or use it only as a fallback; also
  30  * you can transparently create internal wiki accounts the first time
  31  * someone logs in who can be authenticated externally.
  32  *
  33  * This interface is new, and might change a bit before 1.4.0 final is
  34  * done...
  35  *
  36  * @package MediaWiki
  37  */
  38 class AuthPlugin {
  39         /**
  40          * Check whether there exists a user account with the given name.
  41          * The name will be normalized to MediaWiki's requirements, so
  42          * you might need to munge it (for instance, for lowercase initial
  43          * letters).
  44          *
  45          * @param $username String: username.
  46          * @return bool
  47          * @public
  48          */
  49         function userExists( $username ) {
  50                 # Override this!
  51                 return false;
  52         }
  53
  54         /**
  55          * Check if a username+password pair is a valid login.
  56          * The name will be normalized to MediaWiki's requirements, so
  57          * you might need to munge it (for instance, for lowercase initial
  58          * letters).
  59          *
  60          * @param $username String: username.
  61          * @param $password String: user password.
  62          * @return bool
  63          * @public
  64          */
  65         function authenticate( $username, $password ) {
  66                 # Override this!
  67                 return false;
  68         }
  69
  70         /**
  71          * Modify options in the login template.
  72          *
  73          * @param $template UserLoginTemplate object.
  74          * @public
  75          */
  76         function modifyUITemplate( &$template ) {
  77                 # Override this!
  78                 $template->set( 'usedomain', false );
  79         }
  80
  81         /**
  82          * Set the domain this plugin is supposed to use when authenticating.
  83          *
  84          * @param $domain String: authentication domain.
  85          * @public
  86          */
  87         function setDomain( $domain ) {
  88                 $this->domain = $domain;
  89         }
  90
  91         /**
  92          * Check to see if the specific domain is a valid domain.
  93          *
  94          * @param $domain String: authentication domain.
  95          * @return bool
  96          * @public
  97          */
  98         function validDomain( $domain ) {
  99                 # Override this!
 100                 return true;
 101         }
 102
 103         /**
 104          * When a user logs in, optionally fill in preferences and such.
 105          * For instance, you might pull the email address or real name from the
 106          * external user database.
 107          *
 108          * The User object is passed by reference so it can be modified; don't
 109          * forget the & on your function declaration.
 110          *
 111          * @param User $user
 112          * @public
 113          */
 114         function updateUser( &$user ) {
 115                 # Override this and do something
 116                 return true;
 117         }
 118
 119
 120         /**
 121          * Return true if the wiki should create a new local account automatically
 122          * when asked to login a user who doesn't exist locally but does in the
 123          * external auth database.
 124          *
 125          * If you don't automatically create accounts, you must still create
 126          * accounts in some way. It's not possible to authenticate without
 127          * a local account.
 128          *
 129          * This is just a question, and shouldn't perform any actions.
 130          *
 131          * @return bool
 132          * @public
 133          */
 134         function autoCreate() {
 135                 return false;
 136         }
 137
 138         /**
 139          * Can users change their passwords?
 140          *
 141          * @return bool
 142          */
 143         function allowPasswordChange() {
 144                 return true;
 145         }
 146
 147         /**
 148          * Set the given password in the authentication database.
 149          * Return true if successful.
 150          *
 151          * @param $password String: password.
 152          * @return bool
 153          * @public
 154          */
 155         function setPassword( $password ) {
 156                 return true;
 157         }
 158
 159         /**
 160          * Update user information in the external authentication database.
 161          * Return true if successful.
 162          *
 163          * @param $user User object.
 164          * @return bool
 165          * @public
 166          */
 167         function updateExternalDB( $user ) {
 168                 return true;
 169         }
 170
 171         /**
 172          * Check to see if external accounts can be created.
 173          * Return true if external accounts can be created.
 174          * @return bool
 175          * @public
 176          */
 177         function canCreateAccounts() {
 178                 return false;
 179         }
 180
 181         /**
 182          * Add a user to the external authentication database.
 183          * Return true if successful.
 184          *
 185          * @param User $user
 186          * @param string $password
 187          * @return bool
 188          * @public
 189          */
 190         function addUser( $user, $password ) {
 191                 return true;
 192         }
 193
 194
 195         /**
 196          * Return true to prevent logins that don't authenticate here from being
 197          * checked against the local database's password fields.
 198          *
 199          * This is just a question, and shouldn't perform any actions.
 200          *
 201          * @return bool
 202          * @public
 203          */
 204         function strict() {
 205                 return false;
 206         }
 207
 208         /**
 209          * When creating a user account, optionally fill in preferences and such.
 210          * For instance, you might pull the email address or real name from the
 211          * external user database.
 212          *
 213          * The User object is passed by reference so it can be modified; don't
 214          * forget the & on your function declaration.
 215          *
 216          * @param $user User object.
 217          * @public
 218          */
 219         function initUser( &$user ) {
 220                 # Override this to do something.
 221         }
 222
 223         /**
 224          * If you want to munge the case of an account name before the final
 225          * check, now is your chance.
 226          */
 227         function getCanonicalName( $username ) {
 228                 return $username;
 229         }
 230 }
 231
 232 ?>