From: Brad Jorsch <bjorsch@wikimedia.org>
Date: Thu, 9 Jun 2016 15:06:38 +0000 (-0400)
Subject: AuthManager: Fix ConfirmLink validation
X-Git-Tag: 1.31.0-rc.0~6666^2
X-Git-Url: http://git.cyclocoop.org/%24image?a=commitdiff_plain;h=5e6d9d22502f0b7f9c500f54367e3dbdc43d225c;p=lhc%2Fweb%2Fwiklou.git

AuthManager: Fix ConfirmLink validation

I726d79de added validation of the incoming requests to
ConfirmLinkSecondaryAuthenticationProvider, but forgot to fill in the
username and action fields before doing so meaning the confirmation
would probably fail.

Change-Id: I75cb65c24538a1e60e3b47a3b9ecfbd3a79ce8bf
---

diff --git a/includes/auth/ConfirmLinkSecondaryAuthenticationProvider.php b/includes/auth/ConfirmLinkSecondaryAuthenticationProvider.php
index 57f1e6bd51..32c8fd55de 100644
--- a/includes/auth/ConfirmLinkSecondaryAuthenticationProvider.php
+++ b/includes/auth/ConfirmLinkSecondaryAuthenticationProvider.php
@@ -51,7 +51,11 @@ class ConfirmLinkSecondaryAuthenticationProvider extends AbstractSecondaryAuthen
 			return AuthenticationResponse::newAbstain();
 		}
 
-		$maybeLink = array_filter( $state['maybeLink'], function ( $req ) {
+		$maybeLink = array_filter( $state['maybeLink'], function ( $req ) use ( $user ) {
+			if ( !$req->action ) {
+				$req->action = AuthManager::ACTION_CHANGE;
+			}
+			$req->username = $user->getName();
 			return $this->manager->allowsAuthenticationDataChange( $req )->isGood();
 		} );
 		if ( !$maybeLink ) {
diff --git a/tests/phpunit/includes/auth/ConfirmLinkSecondaryAuthenticationProviderTest.php b/tests/phpunit/includes/auth/ConfirmLinkSecondaryAuthenticationProviderTest.php
index d254e81277..580ef6cd42 100644
--- a/tests/phpunit/includes/auth/ConfirmLinkSecondaryAuthenticationProviderTest.php
+++ b/tests/phpunit/includes/auth/ConfirmLinkSecondaryAuthenticationProviderTest.php
@@ -175,7 +175,12 @@ class ConfirmLinkSecondaryAuthenticationProviderTest extends \MediaWikiTestCase
 		$this->assertCount( 1, $res->neededRequests );
 		$req = $res->neededRequests[0];
 		$this->assertInstanceOf( ConfirmLinkAuthenticationRequest::class, $req );
-		$this->assertEquals( $reqs, \TestingAccessWrapper::newFromObject( $req )->linkRequests );
+		$expectReqs = $this->getLinkRequests();
+		foreach ( $expectReqs as $r ) {
+			$r->action = AuthManager::ACTION_CHANGE;
+			$r->username = $user->getName();
+		}
+		$this->assertEquals( $expectReqs, \TestingAccessWrapper::newFromObject( $req )->linkRequests );
 	}
 
 	public function testContinueLinkAttempt() {