die( 1 );
}
+mb_internal_encoding( 'UTF-8' );
+
// Set various default paths sensibly...
$ps_default = Profiler::instance()->scopedProfileIn( $fname . '-defaults' );
$wgDebugLogFile = '';
}
+// Disable AuthManager API modules if $wgDisableAuthManager
+if ( $wgDisableAuthManager ) {
+ $wgAPIModules += [
+ 'clientlogin' => 'ApiDisabled',
+ 'createaccount' => 'ApiCreateAccount', // Use the non-AuthManager version
+ 'linkaccount' => 'ApiDisabled',
+ 'unlinkaccount' => 'ApiDisabled',
+ 'changeauthenticationdata' => 'ApiDisabled',
+ 'removeauthenticationdata' => 'ApiDisabled',
+ 'resetpassword' => 'ApiDisabled',
+ ];
+ $wgAPIMetaModules += [
+ 'authmanagerinfo' => 'ApiQueryDisabled',
+ ];
+}
+
// Backwards compatibility with old password limits
if ( $wgMinimalPasswordLength !== false ) {
$wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = $wgMinimalPasswordLength;
// Reset the global service locator, so any services that have already been created will be
// re-created while taking into account any custom settings and extensions.
-MediaWikiServices::resetGlobalInstance( new GlobalVarConfig() );
+MediaWikiServices::resetGlobalInstance( new GlobalVarConfig(), 'quick' );
// Define a constant that indicates that the bootstrapping of the service locator
// is complete.
$wgRequest->interpolateTitle();
if ( !is_object( $wgAuth ) ) {
- $wgAuth = new AuthPlugin;
+ $wgAuth = $wgDisableAuthManager ? new AuthPlugin : new MediaWiki\Auth\AuthManagerAuthPlugin;
Hooks::run( 'AuthPluginSetup', [ &$wgAuth ] );
}
+if ( !$wgDisableAuthManager &&
+ $wgAuth && !$wgAuth instanceof MediaWiki\Auth\AuthManagerAuthPlugin
+) {
+ MediaWiki\Auth\AuthManager::singleton()->forcePrimaryAuthenticationProviders( [
+ new MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider( [
+ 'authoritative' => false,
+ ] ),
+ new MediaWiki\Auth\AuthPluginPrimaryAuthenticationProvider( $wgAuth ),
+ new MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider( [
+ 'authoritative' => true,
+ ] ),
+ ], '$wgAuth is ' . get_class( $wgAuth ) );
+}
// Set up the session
$ps_session = Profiler::instance()->scopedProfileIn( $fname . '-session' );
$sessionUser = MediaWiki\Session\SessionManager::getGlobalSession()->getUser();
if ( $sessionUser->getId() === 0 && User::isValidUserName( $sessionUser->getName() ) ) {
$ps_autocreate = Profiler::instance()->scopedProfileIn( $fname . '-autocreate' );
- MediaWiki\Session\SessionManager::autoCreateUser( $sessionUser );
+ if ( $wgDisableAuthManager ) {
+ $res = MediaWiki\Session\SessionManager::autoCreateUser( $sessionUser );
+ } else {
+ $res = MediaWiki\Auth\AuthManager::singleton()->autoCreateUser(
+ $sessionUser,
+ MediaWiki\Auth\AuthManager::AUTOCREATE_SOURCE_SESSION,
+ true
+ );
+ }
Profiler::instance()->scopedProfileOut( $ps_autocreate );
+ \MediaWiki\Logger\LoggerFactory::getInstance( 'authmanager' )->info( 'Autocreation attempt', [
+ 'event' => 'autocreate',
+ 'status' => $res,
+ ] );
+ unset( $res );
}
unset( $sessionUser );
}