1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
<?php
use \MediaWiki\Auth\AuthManager;
class PluggableAuthLogin extends UnlistedSpecialPage {
const RETURNTOURL_SESSION_KEY = 'PluggableAuthLoginReturnToUrl';
const RETURNTOPAGE_SESSION_KEY = 'PluggableAuthLoginReturnToPage';
const RETURNTOQUERY_SESSION_KEY = 'PluggableAuthLoginReturnToQuery';
const EXTRALOGINFIELDS_SESSION_KEY = 'PluggableAuthLoginExtraLoginFields';
const USERNAME_SESSION_KEY = 'PluggableAuthLoginUsername';
const REALNAME_SESSION_KEY = 'PluggableAuthLoginRealname';
const EMAIL_SESSION_KEY = 'PluggableAuthLoginEmail';
const ERROR_SESSION_KEY = 'PluggableAuthLoginError';
public function __construct() {
parent::__construct( 'PluggableAuthLogin' );
}
/**
* @param string|null $param parameters (ignored)
*/
public function execute( $param ) {
wfDebugLog( 'PluggableAuth', 'In execute()' );
$authManager = AuthManager::singleton();
$user = $this->getUser();
$pluggableauth = PluggableAuth::singleton();
$error = null;
if ( $pluggableauth ) {
if ( $pluggableauth->authenticate( $id, $username, $realname, $email,
$error ) ) {
if ( is_null( $id ) ) {
$user->loadDefaults( $username );
$user->mName = $username;
$user->mRealName = $realname;
$user->mEmail = $email;
$user->mEmailAuthenticated = wfTimestamp();
$user->mTouched = wfTimestamp();
wfDebugLog( 'PluggableAuth', 'Authenticated new user: ' . $username );
} else {
$user->mId = $id;
$user->loadFromId();
wfDebugLog( 'PluggableAuth', 'Authenticated existing user: ' . $user->mName );
}
$authorized = true;
Hooks::run( 'PluggableAuthUserAuthorization', [ $user, &$authorized ] );
if ( $authorized ) {
$authManager->setAuthenticationSessionData(
self::USERNAME_SESSION_KEY, $username );
$authManager->setAuthenticationSessionData(
self::REALNAME_SESSION_KEY, $realname );
$authManager->setAuthenticationSessionData(
self::EMAIL_SESSION_KEY, $email );
wfDebugLog( 'PluggableAuth', 'User is authorized.' );
} else {
wfDebugLog( 'PluggableAuth', 'Authorization failure.' );
$error = wfMessage( 'pluggableauth-not-authorized', $username )->text();
}
} else {
wfDebugLog( 'PluggableAuth', 'Authentication failure.' );
if ( is_null( $error ) ) {
$error = wfMessage( 'pluggableauth-authentication-failure' )->text();
} else {
if ( !is_string( $error ) ) {
$error = strval( $error );
}
wfDebugLog( 'PluggableAuth', 'ERROR: ' . $error );
}
}
}
if ( !is_null( $error ) ) {
$authManager->setAuthenticationSessionData( self::ERROR_SESSION_KEY,
$error );
}
$returnToUrl = $authManager->getAuthenticationSessionData(
self::RETURNTOURL_SESSION_KEY );
if ( is_null( $returnToUrl ) || count( $returnToUrl ) === 0 ) {
wfDebugLog( 'PluggableAuth', 'ERROR: return to URL is null or empty' );
} else {
$this->getOutput()->redirect( $returnToUrl );
}
}
}
|
GitWeb