AuthManager: Break AuthPlugin::addUser more explicitly

AuthPlugin::addUser() is intended to only touch the external database
without creating a local user, which isn't possible under AuthManager
without reproducing too much of AuthManager's account creation methods
(and risking breaking things in even more obscure ways) to be
worthwhile.

As it is, either this will fail because the caller already called
User::addToDatabase() or the caller's subsequent User::addToDatabase()
call will fail because we're creating the local user.

So instead, let's just throw an exception unconditionally instead of
pretending it could work.

Bug: T137843
Change-Id: I8a439ea190c752a7fc49de5617e2c64c314c38f0

diff --git a/includes/auth/AuthManagerAuthPlugin.php b/includes/auth/AuthManagerAuthPlugin.php
index 8d85b44..8845858 100644 (file)
--- a/includes/auth/AuthManagerAuthPlugin.php
+++ b/includes/auth/AuthManagerAuthPlugin.php
@@ -161,35 +161,13 @@ class AuthManagerAuthPlugin extends \AuthPlugin {
        }
 
        public function addUser( $user, $password, $email = '', $realname = '' ) {
-               global $wgUser;
-
-               $data = [
-                       'username' => $user->getName(),
-                       'password' => $password,
-                       'retype' => $password,
-                       'email' => $email,
-                       'realname' => $realname,
-               ];
-               if ( $this->domain !== null && $this->domain !== '' ) {
-                       $data['domain'] = $this->domain;
-               }
-               $reqs = AuthManager::singleton()->getAuthenticationRequests( AuthManager::ACTION_CREATE );
-               $reqs = AuthenticationRequest::loadRequestsFromSubmission( $reqs, $data );
-
-               $res = AuthManager::singleton()->beginAccountCreation( $wgUser, $reqs, 'null:' );
-               switch ( $res->status ) {
-                       case AuthenticationResponse::PASS:
-                               return true;
-                       case AuthenticationResponse::FAIL:
-                               // Hope it's not a PreAuthenticationProvider that failed...
-                               $msg = $res->message instanceof \Message ? $res->message : new \Message( $res->message );
-                               $this->logger->info( __METHOD__ . ': Authentication failed: ' . $msg->plain() );
-                               return false;
-                       default:
-                               throw new \BadMethodCallException(
-                                       'AuthManager does not support such simplified account creation'
-                               );
-               }
+               throw new \BadMethodCallException(
+                       'Creation of users via AuthPlugin is not supported with '
+                       . 'AuthManager. Generally, user creation should be left to either '
+                       . 'Special:CreateAccount, auto-creation when triggered by a '
+                       . 'SessionProvider or PrimaryAuthenticationProvider, or '
+                       . 'User::newSystemUser().'
+               );
        }
 
        public function strict() {