dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add rate limiter to Special:ConfirmEmail
[lhc/web/wiklou.git] / includes / specials / SpecialLinkAccounts.php
1 <?php
2
3 use MediaWiki\Auth\AuthenticationRequest;
4 use MediaWiki\Auth\AuthenticationResponse;
5 use MediaWiki\Auth\AuthManager;
6
7 /**
8 * Links/unlinks external accounts to the current user.
9 *
10 * To interact with this page, account providers need to register themselves with AuthManager.
11 */
12 class SpecialLinkAccounts extends AuthManagerSpecialPage {
13 protected static $allowedActions = [
14 AuthManager::ACTION_LINK, AuthManager::ACTION_LINK_CONTINUE,
15 ];
16
17 public function __construct() {
18 parent::__construct( 'LinkAccounts' );
19 }
20
21 protected function getGroupName() {
22 return 'users';
23 }
24
25 public function isListed() {
26 return AuthManager::singleton()->canLinkAccounts();
27 }
28
29 protected function getRequestBlacklist() {
30 return $this->getConfig()->get( 'ChangeCredentialsBlacklist' );
31 }
32
33 /**
34 * @param null|string $subPage
35 * @throws ErrorPageError
36 * @throws LogicException
37 */
38 public function execute( $subPage ) {
39 $this->setHeaders();
40 $this->loadAuth( $subPage );
41
42 if ( !$this->isActionAllowed( $this->authAction ) ) {
43 if ( $this->authAction === AuthManager::ACTION_LINK ) {
44 // looks like no linking provider is installed or willing to take this user
45 $titleMessage = $this->msg( 'cannotlink-no-provider-title' );
46 $errorMessage = $this->msg( 'cannotlink-no-provider' );
47 throw new ErrorPageError( $titleMessage, $errorMessage );
48 } else {
49 // user probably back-button-navigated into an auth session that no longer exists
50 // FIXME would be nice to show a message
51 $this->getOutput()->redirect( $this->getPageTitle()->getFullURL( '', false,
52 PROTO_HTTPS ) );
53 return;
54 }
55 }
56
57 $this->outputHeader();
58
59 $status = $this->trySubmit();
60
61 if ( $status === false || !$status->isOK() ) {
62 $this->displayForm( $status );
63 return;
64 }
65
66 $response = $status->getValue();
67
68 switch ( $response->status ) {
69 case AuthenticationResponse::PASS:
70 $this->success();
71 break;
72 case AuthenticationResponse::FAIL:
73 $this->loadAuth( '', AuthManager::ACTION_LINK, true );
74 $this->displayForm( StatusValue::newFatal( $response->message ) );
75 break;
76 case AuthenticationResponse::REDIRECT:
77 $this->getOutput()->redirect( $response->redirectTarget );
78 break;
79 case AuthenticationResponse::UI:
80 $this->authAction = AuthManager::ACTION_LINK_CONTINUE;
81 $this->authRequests = $response->neededRequests;
82 $this->displayForm( StatusValue::newFatal( $response->message ) );
83 break;
84 default:
85 throw new LogicException( 'invalid AuthenticationResponse' );
86 }
87 }
88
89 protected function getDefaultAction( $subPage ) {
90 return AuthManager::ACTION_LINK;
91 }
92
93 /**
94 * @param AuthenticationRequest[] $requests
95 * @param string $action AuthManager action name, should be ACTION_LINK or ACTION_LINK_CONTINUE
96 * @return HTMLForm
97 */
98 protected function getAuthForm( array $requests, $action ) {
99 $form = parent::getAuthForm( $requests, $action );
100 $form->setSubmitTextMsg( 'linkaccounts-submit' );
101 return $form;
102 }
103
104 /**
105 * Show a success message.
106 */
107 protected function success() {
108 $this->loadAuth( '', AuthManager::ACTION_LINK, true );
109 $this->displayForm( StatusValue::newFatal( $this->msg( 'linkaccounts-success-text' ) ) );
110 }
111 }
Wiklou, le Wiki du Wiklou