3 use MediaWiki\Auth\AuthenticationRequest
;
4 use MediaWiki\Auth\AuthenticationResponse
;
5 use MediaWiki\Auth\AuthManager
;
6 use MediaWiki\Session\SessionManager
;
9 * Special change to change credentials (such as the password).
11 * Also does most of the work for SpecialRemoveCredentials.
13 class SpecialChangeCredentials
extends AuthManagerSpecialPage
{
14 protected static $allowedActions = [ AuthManager
::ACTION_CHANGE
];
16 protected static $messagePrefix = 'changecredentials';
18 /** Change action needs user data; remove action does not */
19 protected static $loadUserData = true;
21 public function __construct( $name = 'ChangeCredentials' ) {
22 parent
::__construct( $name, 'editmyprivateinfo' );
25 protected function getGroupName() {
29 public function isListed() {
30 $this->loadAuth( '' );
31 return (bool)$this->authRequests
;
34 public function doesWrites() {
38 protected function getDefaultAction( $subPage ) {
39 return AuthManager
::ACTION_CHANGE
;
42 protected function getPreservedParams( $withToken = false ) {
43 $request = $this->getRequest();
44 $params = parent
::getPreservedParams( $withToken );
46 'returnto' => $request->getVal( 'returnto' ),
47 'returntoquery' => $request->getVal( 'returntoquery' ),
52 public function onAuthChangeFormFields(
53 array $requests, array $fieldInfo, array &$formDescriptor, $action
55 // This method is never called for remove actions.
58 Hooks
::run( 'ChangePasswordForm', [ &$extraFields ], '1.27' );
59 foreach ( $extraFields as $extra ) {
60 list( $name, $label, $type, $default ) = $extra;
61 $formDescriptor[$name] = [
64 'label-message' => $label,
65 'default' => $default,
70 return parent
::onAuthChangeFormFields( $requests, $fieldInfo, $formDescriptor, $action );
73 public function execute( $subPage ) {
75 $this->outputHeader();
77 $this->loadAuth( $subPage );
80 $this->showSubpageList();
84 if ( $this->getRequest()->getCheck( 'wpCancel' ) ) {
85 $returnUrl = $this->getReturnUrl() ?
: Title
::newMainPage()->getFullURL();
86 $this->getOutput()->redirect( $returnUrl );
90 if ( !$this->authRequests
) {
91 // messages used: changecredentials-invalidsubpage, removecredentials-invalidsubpage
92 $this->showSubpageList( $this->msg( static::$messagePrefix . '-invalidsubpage', $subPage ) );
96 $status = $this->trySubmit();
98 if ( $status === false ||
!$status->isOK() ) {
99 $this->displayForm( $status );
103 $response = $status->getValue();
105 switch ( $response->status
) {
106 case AuthenticationResponse
::PASS
:
109 case AuthenticationResponse
::FAIL
:
110 $this->displayForm( Status
::newFatal( $response->message
) );
113 throw new LogicException( 'invalid AuthenticationResponse' );
117 protected function loadAuth( $subPage, $authAction = null, $reset = false ) {
118 parent
::loadAuth( $subPage, $authAction );
120 $this->authRequests
= array_filter( $this->authRequests
, function ( $req ) use ( $subPage ) {
121 return $req->getUniqueId() === $subPage;
123 if ( count( $this->authRequests
) > 1 ) {
124 throw new LogicException( 'Multiple AuthenticationRequest objects with same ID!' );
129 protected function getAuthFormDescriptor( $requests, $action ) {
130 if ( !static::$loadUserData ) {
133 return parent
::getAuthFormDescriptor( $requests, $action );
137 protected function getAuthForm( array $requests, $action ) {
138 $form = parent
::getAuthForm( $requests, $action );
139 $req = reset( $requests );
140 $info = $req->describeCredentials();
143 Html
::openElement( 'dl' )
144 . Html
::element( 'dt', [], wfMessage( 'credentialsform-provider' ) )
145 . Html
::element( 'dd', [], $info['provider'] )
146 . Html
::element( 'dt', [], wfMessage( 'credentialsform-account' ) )
147 . Html
::element( 'dd', [], $info['account'] )
148 . Html
::closeElement( 'dl' )
151 // messages used: changecredentials-submit removecredentials-submit
152 // changecredentials-submit-cancel removecredentials-submit-cancel
153 $form->setSubmitTextMsg( static::$messagePrefix . '-submit' );
155 'name' => 'wpCancel',
156 'value' => $this->msg( static::$messagePrefix . '-submit-cancel' )->text()
162 protected function needsSubmitButton( $formDescriptor ) {
163 // Change/remove forms show are built from a single AuthenticationRequest and do not allow
164 // for redirect flow; they always need a submit button.
168 public function handleFormSubmit( $data ) {
169 // remove requests do not accept user input
170 $requests = $this->authRequests
;
171 if ( static::$loadUserData ) {
172 $requests = AuthenticationRequest
::loadRequestsFromSubmission( $this->authRequests
, $data );
175 $response = $this->performAuthenticationStep( $this->authAction
, $requests );
177 // we can't handle FAIL or similar as failure here since it might require changing the form
178 return Status
::newGood( $response );
182 * @param Message|null $error
184 protected function showSubpageList( $error = null ) {
185 $out = $this->getOutput();
188 $out->addHTML( $error->parse() );
191 $groupedRequests = [];
192 foreach ( $this->authRequests
as $req ) {
193 $info = $req->describeCredentials();
194 $groupedRequests[(string)$info['provider']][] = $req;
197 $out->addHTML( Html
::openElement( 'dl' ) );
198 foreach ( $groupedRequests as $group => $members ) {
199 $out->addHTML( Html
::element( 'dt', [], $group ) );
200 foreach ( $members as $req ) {
201 /** @var AuthenticationRequest $req */
202 $info = $req->describeCredentials();
203 $out->addHTML( Html
::rawElement( 'dd', [],
204 Linker
::link( $this->getPageTitle( $req->getUniqueId() ),
205 htmlspecialchars( $info['account'], ENT_QUOTES
) )
209 $out->addHTML( Html
::closeElement( 'dl' ) );
212 protected function success() {
213 $session = $this->getRequest()->getSession();
214 $user = $this->getUser();
215 $out = $this->getOutput();
216 $returnUrl = $this->getReturnUrl();
218 // change user token and update the session
219 SessionManager
::singleton()->invalidateSessionsForUser( $user );
220 $session->setUser( $user );
224 $out->redirect( $returnUrl );
226 // messages used: changecredentials-success removecredentials-success
227 $out->wrapWikiMsg( "<div class=\"successbox\">\n$1\n</div>", static::$messagePrefix
229 $out->returnToMain();
234 * @return string|null
236 protected function getReturnUrl() {
237 $request = $this->getRequest();
238 $returnTo = $request->getText( 'returnto' );
239 $returnToQuery = $request->getText( 'returntoquery', '' );
245 $title = Title
::newFromText( $returnTo );
246 return $title->getFullURL( $returnToQuery );
249 protected function getRequestBlacklist() {
250 return $this->getConfig()->get( 'ChangeCredentialsBlacklist' );