Improve docs for Title::getInternalURL/getCanonicalURL
[lhc/web/wiklou.git] / includes / auth / AuthManagerAuthPlugin.php
1 <?php
2 /**
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
7 *
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
17 *
18 * @file
19 */
20
21 namespace MediaWiki\Auth;
22
23 use Psr\Log\LoggerInterface;
24 use User;
25
26 /**
27 * Backwards-compatibility wrapper for AuthManager via $wgAuth
28 * @since 1.27
29 * @deprecated since 1.27
30 */
31 class AuthManagerAuthPlugin extends \AuthPlugin {
32 /** @var string|null */
33 protected $domain = null;
34
35 /** @var LoggerInterface */
36 protected $logger = null;
37
38 public function __construct() {
39 $this->logger = \MediaWiki\Logger\LoggerFactory::getInstance( 'authentication' );
40 }
41
42 public function userExists( $name ) {
43 return AuthManager::singleton()->userExists( $name );
44 }
45
46 public function authenticate( $username, $password ) {
47 $data = [
48 'username' => $username,
49 'password' => $password,
50 ];
51 if ( $this->domain !== null && $this->domain !== '' ) {
52 $data['domain'] = $this->domain;
53 }
54 $reqs = AuthManager::singleton()->getAuthenticationRequests( AuthManager::ACTION_LOGIN );
55 $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );
56
57 $res = AuthManager::singleton()->beginAuthentication( $reqs, 'null:' );
58 switch ( $res->status ) {
59 case AuthenticationResponse::PASS:
60 return true;
61 case AuthenticationResponse::FAIL:
62 // Hope it's not a PreAuthenticationProvider that failed...
63 $msg = $res->message instanceof \Message ? $res->message : new \Message( $res->message );
64 $this->logger->info( __METHOD__ . ': Authentication failed: ' . $msg->plain() );
65 return false;
66 default:
67 throw new \BadMethodCallException(
68 'AuthManager does not support such simplified authentication'
69 );
70 }
71 }
72
73 public function modifyUITemplate( &$template, &$type ) {
74 // AuthManager does not support direct UI screwing-around-with
75 }
76
77 public function setDomain( $domain ) {
78 $this->domain = $domain;
79 }
80
81 public function getDomain() {
82 return $this->domain ?? 'invaliddomain';
83 }
84
85 public function validDomain( $domain ) {
86 $domainList = $this->domainList();
87 return $domainList ? in_array( $domain, $domainList, true ) : $domain === '';
88 }
89
90 public function updateUser( &$user ) {
91 \Hooks::run( 'UserLoggedIn', [ $user ] );
92 return true;
93 }
94
95 public function autoCreate() {
96 return true;
97 }
98
99 public function allowPropChange( $prop = '' ) {
100 return AuthManager::singleton()->allowsPropertyChange( $prop );
101 }
102
103 public function allowPasswordChange() {
104 $reqs = AuthManager::singleton()->getAuthenticationRequests( AuthManager::ACTION_CHANGE );
105 foreach ( $reqs as $req ) {
106 if ( $req instanceof PasswordAuthenticationRequest ) {
107 return true;
108 }
109 }
110
111 return false;
112 }
113
114 public function allowSetLocalPassword() {
115 // There should be a PrimaryAuthenticationProvider that does this, if necessary
116 return false;
117 }
118
119 public function setPassword( $user, $password ) {
120 $data = [
121 'username' => $user->getName(),
122 'password' => $password,
123 ];
124 if ( $this->domain !== null && $this->domain !== '' ) {
125 $data['domain'] = $this->domain;
126 }
127 $reqs = AuthManager::singleton()->getAuthenticationRequests( AuthManager::ACTION_CHANGE );
128 $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );
129 foreach ( $reqs as $req ) {
130 $status = AuthManager::singleton()->allowsAuthenticationDataChange( $req );
131 if ( !$status->isGood() ) {
132 $this->logger->info( __METHOD__ . ': Password change rejected: {reason}', [
133 'username' => $data['username'],
134 'reason' => $status->getWikiText( null, null, 'en' ),
135 ] );
136 return false;
137 }
138 }
139 foreach ( $reqs as $req ) {
140 AuthManager::singleton()->changeAuthenticationData( $req );
141 }
142 return true;
143 }
144
145 public function updateExternalDB( $user ) {
146 // This fires the necessary hook
147 $user->saveSettings();
148 return true;
149 }
150
151 public function updateExternalDBGroups( $user, $addgroups, $delgroups = [] ) {
152 throw new \BadMethodCallException(
153 'Update of user groups via AuthPlugin is not supported with AuthManager.'
154 );
155 }
156
157 public function canCreateAccounts() {
158 return AuthManager::singleton()->canCreateAccounts();
159 }
160
161 public function addUser( $user, $password, $email = '', $realname = '' ) {
162 throw new \BadMethodCallException(
163 'Creation of users via AuthPlugin is not supported with '
164 . 'AuthManager. Generally, user creation should be left to either '
165 . 'Special:CreateAccount, auto-creation when triggered by a '
166 . 'SessionProvider or PrimaryAuthenticationProvider, or '
167 . 'User::newSystemUser().'
168 );
169 }
170
171 public function strict() {
172 // There should be a PrimaryAuthenticationProvider that does this, if necessary
173 return true;
174 }
175
176 public function strictUserAuth( $username ) {
177 // There should be a PrimaryAuthenticationProvider that does this, if necessary
178 return true;
179 }
180
181 public function initUser( &$user, $autocreate = false ) {
182 \Hooks::run( 'LocalUserCreated', [ $user, $autocreate ] );
183 }
184
185 public function getCanonicalName( $username ) {
186 // AuthManager doesn't support restrictions beyond MediaWiki's
187 return $username;
188 }
189
190 public function getUserInstance( User &$user ) {
191 return new AuthManagerAuthPluginUser( $user );
192 }
193
194 public function domainList() {
195 return [];
196 }
197 }