From 50b6fb32fb5b63c09acb57452f115062c6639209 Mon Sep 17 00:00:00 2001 From: Brad Jorsch Date: Thu, 2 Jun 2016 15:26:14 -0400 Subject: [PATCH] AuthManager::setDefaultUserOptions and LoginForm::initUser shouldn't invalidate CA tokens We only want to set the local user_token when we create the local account. We don't want to invalidate all existing CentralAuth sessions for the user just because they happened to visit a new wiki and get an account auto-created. This might also fix T136853. It looks like what's going on there is that two jobs are both in this code path calling CentralAuth::resetAuthToken() at the same time, leading to a race and one fails the CAS check. Bug: T136834 Change-Id: I61b8253584a11a5b02f7ccb9efa0679cd2a822c6 --- includes/auth/AuthManager.php | 2 +- includes/specials/pre-authmanager/SpecialUserlogin.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/includes/auth/AuthManager.php b/includes/auth/AuthManager.php index 9618761aa5..402ea968e8 100644 --- a/includes/auth/AuthManager.php +++ b/includes/auth/AuthManager.php @@ -2333,7 +2333,7 @@ class AuthManager implements LoggerAwareInterface { private function setDefaultUserOptions( User $user, $useContextLang ) { global $wgContLang; - \MediaWiki\Session\SessionManager::singleton()->invalidateSessionsForUser( $user ); + $user->setToken(); $lang = $useContextLang ? \RequestContext::getMain()->getLanguage() : $wgContLang; $user->setOption( 'language', $lang->getPreferredVariant() ); diff --git a/includes/specials/pre-authmanager/SpecialUserlogin.php b/includes/specials/pre-authmanager/SpecialUserlogin.php index 8935a490bb..951cb525d9 100644 --- a/includes/specials/pre-authmanager/SpecialUserlogin.php +++ b/includes/specials/pre-authmanager/SpecialUserlogin.php @@ -699,7 +699,7 @@ class LoginFormPreAuthManager extends SpecialPage { $u->setEmail( $this->mEmail ); $u->setRealName( $this->mRealName ); - SessionManager::singleton()->invalidateSessionsForUser( $u ); + $u->setToken(); Hooks::run( 'LocalUserCreated', [ $u, $autocreate ] ); $oldUser = $u; -- 2.20.1