namespace MediaWiki\Auth;
-use LoginForm;
-use StatusValue;
-use User;
-
/**
* A pre-authentication provider to call some legacy hooks.
* @ingroup Auth
* @deprecated since 1.27
*/
class LegacyHookPreAuthenticationProvider extends AbstractPreAuthenticationProvider {
-
- public function testForAuthentication( array $reqs ) {
- $req = AuthenticationRequest::getRequestByClass( $reqs, PasswordAuthenticationRequest::class );
- if ( $req ) {
- $user = User::newFromName( $req->username );
- $password = $req->password;
- } else {
- $user = null;
- foreach ( $reqs as $req ) {
- if ( $req->username !== null ) {
- $user = User::newFromName( $req->username );
- break;
- }
- }
- if ( !$user ) {
- $this->logger->debug( __METHOD__ . ': No username in $reqs, skipping hooks' );
- return StatusValue::newGood();
- }
-
- // Something random for the 'AbortLogin' hook.
- $password = wfRandomString( 32 );
- }
-
- $msg = null;
- if ( !\Hooks::run( 'LoginUserMigrated', [ $user, &$msg ] ) ) {
- return $this->makeFailResponse(
- $user, LoginForm::USER_MIGRATED, $msg, 'LoginUserMigrated'
- );
- }
-
- $abort = LoginForm::ABORTED;
- $msg = null;
- if ( !\Hooks::run( 'AbortLogin', [ $user, $password, &$abort, &$msg ] ) ) {
- return $this->makeFailResponse( $user, $abort, $msg, 'AbortLogin' );
- }
-
- return StatusValue::newGood();
- }
-
- public function testForAccountCreation( $user, $creator, array $reqs ) {
- $abortError = '';
- $abortStatus = null;
- if ( !\Hooks::run( 'AbortNewAccount', [ $user, &$abortError, &$abortStatus ] ) ) {
- // Hook point to add extra creation throttles and blocks
- $this->logger->debug( __METHOD__ . ': a hook blocked creation' );
- if ( $abortStatus === null ) {
- // Report back the old string as a raw message status.
- // This will report the error back as 'createaccount-hook-aborted'
- // with the given string as the message.
- // To return a different error code, return a StatusValue object.
- $msg = wfMessage( 'createaccount-hook-aborted' )->rawParams( $abortError );
- return StatusValue::newFatal( $msg );
- } else {
- // For MediaWiki 1.23+ and updated hooks, return the Status object
- // returned from the hook.
- $ret = StatusValue::newGood();
- $ret->merge( $abortStatus );
- return $ret;
- }
- }
-
- return StatusValue::newGood();
- }
-
- public function testUserForCreation( $user, $autocreate, array $options = [] ) {
- if ( $autocreate !== false ) {
- $abortError = '';
- if ( !\Hooks::run( 'AbortAutoAccount', [ $user, &$abortError ] ) ) {
- // Hook point to add extra creation throttles and blocks
- $this->logger->debug( __METHOD__ . ": a hook blocked auto-creation: $abortError\n" );
- return $this->makeFailResponse(
- $user, LoginForm::ABORTED, $abortError, 'AbortAutoAccount'
- );
- }
- }
-
- return StatusValue::newGood();
- }
-
- /**
- * Construct an appropriate failure response
- * @param User $user
- * @param int $constant One of the LoginForm::… constants
- * @param string|null $msg Optional message key, will be derived from $constant otherwise
- * @param string $hook Name of the hook for error logging and exception messages
- * @return StatusValue
- */
- private function makeFailResponse( User $user, $constant, $msg, $hook ) {
- switch ( $constant ) {
- case LoginForm::SUCCESS:
- // WTF?
- $this->logger->debug( "$hook is SUCCESS?!" );
- return StatusValue::newGood();
-
- case LoginForm::NEED_TOKEN:
- return StatusValue::newFatal( $msg ?: 'nocookiesforlogin' );
-
- case LoginForm::WRONG_TOKEN:
- return StatusValue::newFatal( $msg ?: 'sessionfailure' );
-
- case LoginForm::NO_NAME:
- case LoginForm::ILLEGAL:
- return StatusValue::newFatal( $msg ?: 'noname' );
-
- case LoginForm::WRONG_PLUGIN_PASS:
- case LoginForm::WRONG_PASS:
- return StatusValue::newFatal( $msg ?: 'wrongpassword' );
-
- case LoginForm::NOT_EXISTS:
- return StatusValue::newFatal( $msg ?: 'nosuchusershort', wfEscapeWikiText( $user->getName() ) );
-
- case LoginForm::EMPTY_PASS:
- return StatusValue::newFatal( $msg ?: 'wrongpasswordempty' );
-
- case LoginForm::RESET_PASS:
- return StatusValue::newFatal( $msg ?: 'resetpass_announce' );
-
- case LoginForm::THROTTLED:
- $throttle = $this->config->get( 'PasswordAttemptThrottle' );
- return StatusValue::newFatal(
- $msg ?: 'login-throttled',
- \Message::durationParam( $throttle['seconds'] )
- );
-
- case LoginForm::USER_BLOCKED:
- return StatusValue::newFatal(
- $msg ?: 'login-userblocked', wfEscapeWikiText( $user->getName() )
- );
-
- case LoginForm::ABORTED:
- return StatusValue::newFatal(
- $msg ?: 'login-abort-generic', wfEscapeWikiText( $user->getName() )
- );
-
- case LoginForm::USER_MIGRATED:
- $error = $msg ?: 'login-migrated-generic';
- return StatusValue::newFatal( ...(array)$error );
-
- // @codeCoverageIgnoreStart
- case LoginForm::CREATE_BLOCKED: // Can never happen
- default:
- throw new \DomainException( __METHOD__ . ": Unhandled case value from $hook" );
- }
- // @codeCoverageIgnoreEnd
+ public function __construct() {
+ wfDeprecated( self::class, '1.27' );
}
}