Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/PluggableAuth/includes
diff options
context:
space:
mode:
Diffstat (limited to 'PluggableAuth/includes')
-rw-r--r--PluggableAuth/includes/PluggableAuth.alias.php3
-rw-r--r--PluggableAuth/includes/PluggableAuth.php7
-rw-r--r--PluggableAuth/includes/PluggableAuthBeginAuthenticationRequest.php7
-rw-r--r--PluggableAuth/includes/PluggableAuthContinueAuthenticationRequest.php14
-rw-r--r--PluggableAuth/includes/PluggableAuthHooks.php51
-rw-r--r--PluggableAuth/includes/PluggableAuthLogin.php23
-rw-r--r--PluggableAuth/includes/PluggableAuthPrimaryAuthenticationProvider.php20
7 files changed, 87 insertions, 38 deletions
diff --git a/PluggableAuth/includes/PluggableAuth.alias.php b/PluggableAuth/includes/PluggableAuth.alias.php
index df3accfa..4ba2e3b3 100644
--- a/PluggableAuth/includes/PluggableAuth.alias.php
+++ b/PluggableAuth/includes/PluggableAuth.alias.php
@@ -6,11 +6,10 @@
* @file
* @ingroup Extensions
*/
-// @codingStandardsIgnoreFile
$specialPageAliases = [];
/** English (English) */
$specialPageAliases['en'] = [
- 'PluggableAuthLogin' => ['PluggableAuthLogin'],
+ 'PluggableAuthLogin' => [ 'PluggableAuthLogin' ],
];
diff --git a/PluggableAuth/includes/PluggableAuth.php b/PluggableAuth/includes/PluggableAuth.php
index 8ecf4e40..afde9d17 100644
--- a/PluggableAuth/includes/PluggableAuth.php
+++ b/PluggableAuth/includes/PluggableAuth.php
@@ -37,8 +37,11 @@ abstract class PluggableAuth {
*/
public static function singleton() {
wfDebugLog( 'PluggableAuth', 'Getting PluggableAuth singleton' );
- wfDebugLog( 'PluggableAuth', 'Class name: ' . $GLOBALS['wgPluggableAuth_Class'] );
- if ( !is_null( self::$instance ) ) {
+ wfDebugLog(
+ 'PluggableAuth',
+ 'Class name: ' . ( $GLOBALS['wgPluggableAuth_Class'] ?? 'unset' )
+ );
+ if ( self::$instance !== null ) {
wfDebugLog( 'PluggableAuth', 'Singleton already exists' );
return self::$instance;
} elseif ( isset( $GLOBALS['wgPluggableAuth_Class'] ) &&
diff --git a/PluggableAuth/includes/PluggableAuthBeginAuthenticationRequest.php b/PluggableAuth/includes/PluggableAuthBeginAuthenticationRequest.php
index 04831fb8..caf7a9d6 100644
--- a/PluggableAuth/includes/PluggableAuthBeginAuthenticationRequest.php
+++ b/PluggableAuth/includes/PluggableAuthBeginAuthenticationRequest.php
@@ -1,10 +1,9 @@
<?php
-use \MediaWiki\Auth\ButtonAuthenticationRequest;
-use \MediaWiki\Auth\AuthManager;
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Auth\ButtonAuthenticationRequest;
-class PluggableAuthBeginAuthenticationRequest extends
- ButtonAuthenticationRequest {
+class PluggableAuthBeginAuthenticationRequest extends ButtonAuthenticationRequest {
public function __construct() {
if ( isset( $GLOBALS['wgPluggableAuth_ButtonLabelMessage'] ) ) {
diff --git a/PluggableAuth/includes/PluggableAuthContinueAuthenticationRequest.php b/PluggableAuth/includes/PluggableAuthContinueAuthenticationRequest.php
index a08bba6e..659129cf 100644
--- a/PluggableAuth/includes/PluggableAuthContinueAuthenticationRequest.php
+++ b/PluggableAuth/includes/PluggableAuthContinueAuthenticationRequest.php
@@ -1,7 +1,8 @@
<?php
-use \MediaWiki\Auth\AuthenticationRequest;
-use \MediaWiki\Auth\AuthManager;
+use MediaWiki\Auth\AuthenticationRequest;
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\MediaWikiServices;
class PluggableAuthContinueAuthenticationRequest extends AuthenticationRequest {
@@ -19,10 +20,15 @@ class PluggableAuthContinueAuthenticationRequest extends AuthenticationRequest {
* @return bool success
*/
public function loadFromSubmission( array $data ) {
- $authManager = AuthManager::singleton();
+ if ( method_exists( MediaWikiServices::class, 'getAuthManager' ) ) {
+ // MediaWiki 1.35+
+ $authManager = MediaWikiServices::getInstance()->getAuthManager();
+ } else {
+ $authManager = AuthManager::singleton();
+ }
$error = $authManager->getAuthenticationSessionData(
PluggableAuthLogin::ERROR_SESSION_KEY );
- if ( is_null( $error ) ) {
+ if ( $error === null ) {
$this->username = $authManager->getAuthenticationSessionData(
PluggableAuthLogin::USERNAME_SESSION_KEY );
$authManager->removeAuthenticationSessionData(
diff --git a/PluggableAuth/includes/PluggableAuthHooks.php b/PluggableAuth/includes/PluggableAuthHooks.php
index ee1e9777..3eee770a 100644
--- a/PluggableAuth/includes/PluggableAuthHooks.php
+++ b/PluggableAuth/includes/PluggableAuthHooks.php
@@ -120,9 +120,21 @@ class PluggableAuthHooks {
if ( !$out->getUser()->isAnon() ) {
return;
}
- if ( !User::isEveryoneAllowed( 'read' ) && $title->userCan( 'read' ) ) {
- return;
+
+ if ( class_exists( 'MediaWiki\Permissions\PermissionManager' ) ) {
+ // MW 1.33+
+ $pm = \MediaWiki\MediaWikiServices::getInstance()->getPermissionManager();
+ if ( !$pm->isEveryoneAllowed( 'read' ) &&
+ $pm->userCan( 'read', $user, $title )
+ ) {
+ return;
+ }
+ } else {
+ if ( !User::isEveryoneAllowed( 'read' ) && $title->userCan( 'read' ) ) {
+ return;
+ }
}
+
$loginSpecialPages = ExtensionRegistry::getInstance()->getAttribute(
'PluggableAuthLoginSpecialPages'
);
@@ -133,11 +145,17 @@ class PluggableAuthHooks {
}
$oldTitle = $title;
- $title = Title::newFromText( "UserLogin", NS_SPECIAL );
- $out->redirect( $title->getFullURL( [
- 'returnto' => urlencode( $oldTitle ),
+ $title = SpecialPage::getTitleFor( 'Userlogin' );
+ $url = $title->getFullURL( [
+ 'returnto' => $oldTitle,
'returntoquery' => $request->getRawQueryString()
- ] ) );
+ ] );
+ if ( $url ) {
+ header( 'Location: ' . $url );
+ } else {
+ throw new MWException( "Could not determine URL for Special:Userlogin" );
+ }
+ exit;
}
/**
@@ -148,8 +166,8 @@ class PluggableAuthHooks {
* @since 1.0
*
* @param array &$personal_urls urls sto modify
- * @param Title $title current title
- * @param SkinTemplate $skin template for vars
+ * @param Title|null $title current title
+ * @param SkinTemplate|null $skin template for vars
*/
public static function modifyLoginURLs(
array &$personal_urls, Title $title = null, SkinTemplate $skin = null
@@ -158,4 +176,21 @@ class PluggableAuthHooks {
unset( $personal_urls['logout'] );
}
}
+
+ /**
+ * Implements LocalUserCreated hook.
+ * See https://www.mediawiki.org/wiki/Manual:Hooks/LocalUserCreated
+ * Populate groups after the local user is created
+ * Called immediately after a local user has been created and saved to the database.
+ *
+ * @since 5.5
+ *
+ * @param User $user current user
+ * @param bool $autocreated whether the user was autocreated
+ */
+ public static function onLocalUserCreated( User $user, $autocreated ) {
+ if ( $autocreated ) {
+ Hooks::run( 'PluggableAuthPopulateGroups', [ $user ] );
+ }
+ }
}
diff --git a/PluggableAuth/includes/PluggableAuthLogin.php b/PluggableAuth/includes/PluggableAuthLogin.php
index c27e6a6b..21ec13c8 100644
--- a/PluggableAuth/includes/PluggableAuthLogin.php
+++ b/PluggableAuth/includes/PluggableAuthLogin.php
@@ -1,6 +1,7 @@
<?php
-use \MediaWiki\Auth\AuthManager;
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\MediaWikiServices;
class PluggableAuthLogin extends UnlistedSpecialPage {
@@ -22,14 +23,19 @@ class PluggableAuthLogin extends UnlistedSpecialPage {
*/
public function execute( $param ) {
wfDebugLog( 'PluggableAuth', 'In execute()' );
- $authManager = AuthManager::singleton();
+ if ( method_exists( MediaWikiServices::class, 'getAuthManager' ) ) {
+ // MediaWiki 1.35+
+ $authManager = MediaWikiServices::getInstance()->getAuthManager();
+ } else {
+ $authManager = AuthManager::singleton();
+ }
$user = $this->getUser();
$pluggableauth = PluggableAuth::singleton();
$error = null;
if ( $pluggableauth ) {
if ( $pluggableauth->authenticate( $id, $username, $realname, $email,
- $error ) ) {
- if ( is_null( $id ) ) {
+ $error ) ) {
+ if ( $id === null ) {
$user->loadDefaults( $username );
$user->mName = $username;
$user->mRealName = $realname;
@@ -41,6 +47,7 @@ class PluggableAuthLogin extends UnlistedSpecialPage {
$user->mId = $id;
$user->loadFromId();
wfDebugLog( 'PluggableAuth', 'Authenticated existing user: ' . $user->mName );
+ Hooks::run( 'PluggableAuthPopulateGroups', [ $user ] );
}
$authorized = true;
Hooks::run( 'PluggableAuthUserAuthorization', [ $user, &$authorized ] );
@@ -58,7 +65,7 @@ class PluggableAuthLogin extends UnlistedSpecialPage {
}
} else {
wfDebugLog( 'PluggableAuth', 'Authentication failure.' );
- if ( is_null( $error ) ) {
+ if ( $error === null ) {
$error = wfMessage( 'pluggableauth-authentication-failure' )->text();
} else {
if ( !is_string( $error ) ) {
@@ -68,14 +75,16 @@ class PluggableAuthLogin extends UnlistedSpecialPage {
}
}
}
- if ( !is_null( $error ) ) {
+ if ( $error !== null ) {
$authManager->setAuthenticationSessionData( self::ERROR_SESSION_KEY,
$error );
}
$returnToUrl = $authManager->getAuthenticationSessionData(
self::RETURNTOURL_SESSION_KEY );
- if ( is_null( $returnToUrl ) || count( $returnToUrl ) === 0 ) {
+ if ( $returnToUrl === null || strlen( $returnToUrl ) === 0 ) {
wfDebugLog( 'PluggableAuth', 'ERROR: return to URL is null or empty' );
+ $this->getOutput()->wrapWikiMsg( "<div class='error'>\n$1\n</div>",
+ 'pluggableauth-fatal-error' );
} else {
$this->getOutput()->redirect( $returnToUrl );
}
diff --git a/PluggableAuth/includes/PluggableAuthPrimaryAuthenticationProvider.php b/PluggableAuth/includes/PluggableAuthPrimaryAuthenticationProvider.php
index 2fda5db0..4fcccd79 100644
--- a/PluggableAuth/includes/PluggableAuthPrimaryAuthenticationProvider.php
+++ b/PluggableAuth/includes/PluggableAuthPrimaryAuthenticationProvider.php
@@ -1,13 +1,12 @@
<?php
-use \MediaWiki\Auth\AuthenticationRequest;
-use \MediaWiki\Auth\ButtonAuthenticationRequest;
-use \MediaWiki\Auth\AbstractPrimaryAuthenticationProvider;
-use \MediaWiki\Auth\AuthManager;
-use \MediaWiki\Auth\AuthenticationResponse;
+use MediaWiki\Auth\AbstractPrimaryAuthenticationProvider;
+use MediaWiki\Auth\AuthenticationRequest;
+use MediaWiki\Auth\AuthenticationResponse;
+use MediaWiki\Auth\AuthManager;
+use MediaWiki\Auth\ButtonAuthenticationRequest;
-class PluggableAuthPrimaryAuthenticationProvider extends
- AbstractPrimaryAuthenticationProvider {
+class PluggableAuthPrimaryAuthenticationProvider extends AbstractPrimaryAuthenticationProvider {
/**
* Start an authentication flow
@@ -21,11 +20,11 @@ class PluggableAuthPrimaryAuthenticationProvider extends
}
$extraLoginFields = [];
foreach ( $GLOBALS['wgPluggableAuth_ExtraLoginFields'] as $key => $value ) {
- if ( isset( $request, $key ) ) {
+ if ( isset( $request->$key ) ) {
$extraLoginFields[$key] = $request->$key;
}
}
- $url = Title::newFromText( 'Special:PluggableAuthLogin' )->getFullURL();
+ $url = SpecialPage::getTitleFor( 'PluggableAuthLogin' )->getFullURL();
$this->manager->setAuthenticationSessionData(
PluggableAuthLogin::RETURNTOURL_SESSION_KEY, $request->returnToUrl );
$this->manager->setAuthenticationSessionData(
@@ -65,7 +64,7 @@ class PluggableAuthPrimaryAuthenticationProvider extends
}
$error = $this->manager->getAuthenticationSessionData(
PluggableAuthLogin::ERROR_SESSION_KEY );
- if ( !is_null( $error ) ) {
+ if ( $error !== null ) {
$this->manager->removeAuthenticationSessionData(
PluggableAuthLogin::ERROR_SESSION_KEY );
return AuthenticationResponse::newFail( new RawMessage( $error ) );
@@ -74,7 +73,6 @@ class PluggableAuthPrimaryAuthenticationProvider extends
$user = User::newFromName( $username );
if ( $user && $user->getId() !== 0 ) {
$this->updateUserRealnameAndEmail( $user );
- Hooks::run( 'PluggableAuthPopulateGroups', [ $user ] );
}
return AuthenticationResponse::newPass( $username );
}