dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Merge "Fix trailing whitespace (and mixed spaces) in XSD files"
[lhc/web/wiklou.git] / includes / AuthPlugin.php
1 <?php
2 /**
3 * Authentication plugin interface
4 *
5 * Copyright © 2004 Brion Vibber <brion@pobox.com>
6 * http://www.mediawiki.org/
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License along
19 * with this program; if not, write to the Free Software Foundation, Inc.,
20 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
21 * http://www.gnu.org/copyleft/gpl.html
22 *
23 * @file
24 */
25
26 /**
27 * Authentication plugin interface. Instantiate a subclass of AuthPlugin
28 * and set $wgAuth to it to authenticate against some external tool.
29 *
30 * The default behavior is not to do anything, and use the local user
31 * database for all authentication. A subclass can require that all
32 * accounts authenticate externally, or use it only as a fallback; also
33 * you can transparently create internal wiki accounts the first time
34 * someone logs in who can be authenticated externally.
35 */
36 class AuthPlugin {
37 /**
38 * Check whether there exists a user account with the given name.
39 * The name will be normalized to MediaWiki's requirements, so
40 * you might need to munge it (for instance, for lowercase initial
41 * letters).
42 *
43 * @param $username String: username.
44 * @return bool
45 */
46 public function userExists( $username ) {
47 # Override this!
48 return false;
49 }
50
51 /**
52 * Check if a username+password pair is a valid login.
53 * The name will be normalized to MediaWiki's requirements, so
54 * you might need to munge it (for instance, for lowercase initial
55 * letters).
56 *
57 * @param $username String: username.
58 * @param $password String: user password.
59 * @return bool
60 */
61 public function authenticate( $username, $password ) {
62 # Override this!
63 return false;
64 }
65
66 /**
67 * Modify options in the login template.
68 *
69 * @param $template UserLoginTemplate object.
70 * @param $type String 'signup' or 'login'. Added in 1.16.
71 */
72 public function modifyUITemplate( &$template, &$type ) {
73 # Override this!
74 $template->set( 'usedomain', false );
75 }
76
77 /**
78 * Set the domain this plugin is supposed to use when authenticating.
79 *
80 * @param $domain String: authentication domain.
81 */
82 public function setDomain( $domain ) {
83 $this->domain = $domain;
84 }
85
86 /**
87 * Check to see if the specific domain is a valid domain.
88 *
89 * @param $domain String: authentication domain.
90 * @return bool
91 */
92 public function validDomain( $domain ) {
93 # Override this!
94 return true;
95 }
96
97 /**
98 * When a user logs in, optionally fill in preferences and such.
99 * For instance, you might pull the email address or real name from the
100 * external user database.
101 *
102 * The User object is passed by reference so it can be modified; don't
103 * forget the & on your function declaration.
104 *
105 * @param $user User object
106 * @return bool
107 */
108 public function updateUser( &$user ) {
109 # Override this and do something
110 return true;
111 }
112
113 /**
114 * Return true if the wiki should create a new local account automatically
115 * when asked to login a user who doesn't exist locally but does in the
116 * external auth database.
117 *
118 * If you don't automatically create accounts, you must still create
119 * accounts in some way. It's not possible to authenticate without
120 * a local account.
121 *
122 * This is just a question, and shouldn't perform any actions.
123 *
124 * @return Boolean
125 */
126 public function autoCreate() {
127 return false;
128 }
129
130 /**
131 * Allow a property change? Properties are the same as preferences
132 * and use the same keys. 'Realname' 'Emailaddress' and 'Nickname'
133 * all reference this.
134 *
135 * @param $prop string
136 *
137 * @return Boolean
138 */
139 public function allowPropChange( $prop = '' ) {
140 if ( $prop == 'realname' && is_callable( array( $this, 'allowRealNameChange' ) ) ) {
141 return $this->allowRealNameChange();
142 } elseif ( $prop == 'emailaddress' && is_callable( array( $this, 'allowEmailChange' ) ) ) {
143 return $this->allowEmailChange();
144 } elseif ( $prop == 'nickname' && is_callable( array( $this, 'allowNickChange' ) ) ) {
145 return $this->allowNickChange();
146 } else {
147 return true;
148 }
149 }
150
151 /**
152 * Can users change their passwords?
153 *
154 * @return bool
155 */
156 public function allowPasswordChange() {
157 return true;
158 }
159
160 /**
161 * Set the given password in the authentication database.
162 * As a special case, the password may be set to null to request
163 * locking the password to an unusable value, with the expectation
164 * that it will be set later through a mail reset or other method.
165 *
166 * Return true if successful.
167 *
168 * @param $user User object.
169 * @param $password String: password.
170 * @return bool
171 */
172 public function setPassword( $user, $password ) {
173 return true;
174 }
175
176 /**
177 * Update user information in the external authentication database.
178 * Return true if successful.
179 *
180 * @param $user User object.
181 * @return Boolean
182 */
183 public function updateExternalDB( $user ) {
184 return true;
185 }
186
187 /**
188 * Check to see if external accounts can be created.
189 * Return true if external accounts can be created.
190 * @return Boolean
191 */
192 public function canCreateAccounts() {
193 return false;
194 }
195
196 /**
197 * Add a user to the external authentication database.
198 * Return true if successful.
199 *
200 * @param $user User: only the name should be assumed valid at this point
201 * @param $password String
202 * @param $email String
203 * @param $realname String
204 * @return Boolean
205 */
206 public function addUser( $user, $password, $email = '', $realname = '' ) {
207 return true;
208 }
209
210 /**
211 * Return true to prevent logins that don't authenticate here from being
212 * checked against the local database's password fields.
213 *
214 * This is just a question, and shouldn't perform any actions.
215 *
216 * @return Boolean
217 */
218 public function strict() {
219 return false;
220 }
221
222 /**
223 * Check if a user should authenticate locally if the global authentication fails.
224 * If either this or strict() returns true, local authentication is not used.
225 *
226 * @param $username String: username.
227 * @return Boolean
228 */
229 public function strictUserAuth( $username ) {
230 return false;
231 }
232
233 /**
234 * When creating a user account, optionally fill in preferences and such.
235 * For instance, you might pull the email address or real name from the
236 * external user database.
237 *
238 * The User object is passed by reference so it can be modified; don't
239 * forget the & on your function declaration.
240 *
241 * @param $user User object.
242 * @param $autocreate Boolean: True if user is being autocreated on login
243 */
244 public function initUser( &$user, $autocreate = false ) {
245 # Override this to do something.
246 }
247
248 /**
249 * If you want to munge the case of an account name before the final
250 * check, now is your chance.
251 * @param $username string
252 * @return string
253 */
254 public function getCanonicalName( $username ) {
255 return $username;
256 }
257
258 /**
259 * Get an instance of a User object
260 *
261 * @param $user User
262 *
263 * @return AuthPluginUser
264 */
265 public function getUserInstance( User &$user ) {
266 return new AuthPluginUser( $user );
267 }
268
269 /**
270 * Get a list of domains (in HTMLForm options format) used.
271 *
272 * @return array
273 */
274 public function domainList() {
275 return array();
276 }
277 }
278
279 class AuthPluginUser {
280 function __construct( $user ) {
281 # Override this!
282 }
283
284 public function getId() {
285 # Override this!
286 return -1;
287 }
288
289 public function isLocked() {
290 # Override this!
291 return false;
292 }
293
294 public function isHidden() {
295 # Override this!
296 return false;
297 }
298
299 public function resetAuthToken() {
300 # Override this!
301 return true;
302 }
303 }
Wiklou, le Wiki du Wiklou