* Code that is related to some SessionProvider or PrimaryAuthenticationProvider can
* create a (non-reserved) user by calling AuthManager::autoCreateUser(); it is then the provider's
* responsibility to ensure that the user can authenticate somehow (see especially
- * PrimaryAuthenticationProvider::autoCreatedAccount()).
+ * PrimaryAuthenticationProvider::autoCreatedAccount()). The same functionality can also be used
+ * from Maintenance scripts such as createAndPromote.php.
* If you are writing code that is not associated with such a provider and needs to create accounts
* programmatically for real users, you should rethink your architecture. There is no good way to
* do that as such code has no knowledge of what authentication methods are enabled on the wiki and
/** Auto-creation is due to SessionManager */
const AUTOCREATE_SOURCE_SESSION = \MediaWiki\Session\SessionManager::class;
+ /** Auto-creation is due to a Maintenance script */
+ const AUTOCREATE_SOURCE_MAINT = '::Maintenance::';
+
/** @var AuthManager|null */
private static $instance = null;
$this->setSessionDataForUser( $user );
$this->callMethodOnProviders( 7, 'postAuthentication', [ $user, $ret ] );
$session->remove( 'AuthManager::authnState' );
- \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $ret, $user, $user->getName() ] );
+ \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $ret, $user, $user->getName(), [] ] );
return $ret;
}
$this->callMethodOnProviders( 7, 'postAuthentication',
[ User::newFromName( $guessUserName ) ?: null, $ret ]
);
- \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $ret, null, $guessUserName ] );
+ \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $ret, null, $guessUserName, [] ] );
return $ret;
}
}
[ User::newFromName( $guessUserName ) ?: null, $res ]
);
$session->remove( 'AuthManager::authnState' );
- \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $res, null, $guessUserName ] );
+ \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $res, null, $guessUserName, [] ] );
return $res;
case AuthenticationResponse::ABSTAIN;
// Continue loop
[ User::newFromName( $guessUserName ) ?: null, $res ]
);
$session->remove( 'AuthManager::authnState' );
- \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $res, null, $guessUserName ] );
+ \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $res, null, $guessUserName, [] ] );
return $res;
case AuthenticationResponse::REDIRECT;
case AuthenticationResponse::UI;
);
$this->callMethodOnProviders( 7, 'postAuthentication', [ $user, $ret ] );
$session->remove( 'AuthManager::authnState' );
- \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $ret, $user, $user->getName() ] );
+ \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $ret, $user, $user->getName(), [] ] );
return $ret;
}
}
$this->logger->debug( "Login failed in secondary authentication by $id" );
$this->callMethodOnProviders( 7, 'postAuthentication', [ $user, $res ] );
$session->remove( 'AuthManager::authnState' );
- \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $res, $user, $user->getName() ] );
+ \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $res, $user, $user->getName(), [] ] );
return $res;
case AuthenticationResponse::REDIRECT;
case AuthenticationResponse::UI;
$this->callMethodOnProviders( 7, 'postAuthentication', [ $user, $ret ] );
$session->remove( 'AuthManager::authnState' );
$this->removeAuthenticationSessionData( null );
- \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $ret, $user, $user->getName() ] );
+ \Hooks::run( 'AuthManagerLoginAuthenticateAudit', [ $ret, $user, $user->getName(), [] ] );
return $ret;
} catch ( \Exception $ex ) {
$session->remove( 'AuthManager::authnState' );
$user->load( User::READ_LOCKING );
if ( $state['userid'] === 0 ) {
- if ( $user->getId() != 0 ) {
+ if ( $user->getId() !== 0 ) {
$this->logger->debug( __METHOD__ . ': User exists locally', [
'user' => $user->getName(),
'creator' => $creator->getName(),
"User \"{$state['username']}\" should exist now, but doesn't!"
);
}
- if ( $user->getId() != $state['userid'] ) {
+ if ( $user->getId() !== $state['userid'] ) {
$this->logger->debug( __METHOD__ . ': User ID/name mismatch', [
'user' => $user->getName(),
'creator' => $creator->getName(),
] );
throw new \UnexpectedValueException(
"User \"{$state['username']}\" exists, but " .
- "ID {$user->getId()} != {$state['userid']}!"
+ "ID {$user->getId()} !== {$state['userid']}!"
);
}
}
* explicitly (e.g. from a maintenance script) is also fine.
*
* @param User $user User to auto-create
- * @param string $source What caused the auto-creation? This must be the ID
- * of a PrimaryAuthenticationProvider or the constant self::AUTOCREATE_SOURCE_SESSION.
+ * @param string $source What caused the auto-creation? This must be one of:
+ * - the ID of a PrimaryAuthenticationProvider,
+ * - the constant self::AUTOCREATE_SOURCE_SESSION, or
+ * - the constant AUTOCREATE_SOURCE_MAINT.
* @param bool $login Whether to also log the user in
* @return Status Good if user was created, Ok if user already existed, otherwise Fatal
*/
public function autoCreateUser( User $user, $source, $login = true ) {
if ( $source !== self::AUTOCREATE_SOURCE_SESSION &&
+ $source !== self::AUTOCREATE_SOURCE_MAINT &&
!$this->getAuthenticationProvider( $source ) instanceof PrimaryAuthenticationProvider
) {
throw new \InvalidArgumentException( "Unknown auto-creation source: $source" );
// @codeCoverageIgnoreStart
if (
!$localId &&
- MediaWikiServices::getInstance()->getDBLoadBalancer()->getReaderIndex() != 0
+ MediaWikiServices::getInstance()->getDBLoadBalancer()->getReaderIndex() !== 0
) {
$localId = User::idFromName( $username, User::READ_LATEST );
$flags = User::READ_LATEST;
$session->remove( 'AuthManager::accountLinkState' );
return AuthenticationResponse::newFail( wfMessage( 'noname' ) );
}
- if ( $user->getId() != $state['userid'] ) {
+ if ( $user->getId() !== $state['userid'] ) {
throw new \UnexpectedValueException(
"User \"{$state['username']}\" is valid, but " .
- "ID {$user->getId()} != {$state['userid']}!"
+ "ID {$user->getId()} !== {$state['userid']}!"
);
}