// passed to AuthManager. Normally we would display the form with an error message,
// but for the data we received via the redirect flow that would not be helpful at all.
// Let's just submit the data to AuthManager directly instead.
- LoggerFactory::getInstance( 'authmanager' )
+ LoggerFactory::getInstance( 'authentication' )
->warning( 'Validation error on return', [ 'data' => $form->mFieldData,
'status' => $status->getWikiText() ] );
$status = $this->handleFormSubmit( $form->mFieldData );
$form->setAction( $this->getFullTitle()->getFullURL( $this->getPreservedParams() ) );
$form->addHiddenField( $this->getTokenName(), $this->getToken()->toString() );
$form->addHiddenField( 'authAction', $this->authAction );
- $form->suppressDefaultSubmit( !$this->needsSubmitButton( $formDescriptor ) );
+ $form->suppressDefaultSubmit( !$this->needsSubmitButton( $requests ) );
return $form;
}
}
/**
- * Returns true if the form has fields which take values. If all available providers use the
- * redirect flow, the form might contain nothing but submit buttons, in which case we should
- * not add an extra submit button which does nothing.
+ * Returns true if the form built from the given AuthenticationRequests needs a submit button.
+ * Providers using redirect flow (e.g. Google login) need their own submit buttons; if using
+ * one of those custom buttons is the only way to proceed, there is no point in displaying the
+ * default button which won't do anything useful.
*
- * @param array $formDescriptor A HTMLForm descriptor
+ * @param AuthenticationRequest[] $requests An array of AuthenticationRequests from which the
+ * form will be built
* @return bool
*/
- protected function needsSubmitButton( $formDescriptor ) {
- return (bool)array_filter( $formDescriptor, function ( $item ) {
- $class = false;
- if ( array_key_exists( 'class', $item ) ) {
- $class = $item['class'];
- } elseif ( array_key_exists( 'type', $item ) ) {
- $class = HTMLForm::$typeMappings[$item['type']];
+ protected function needsSubmitButton( array $requests ) {
+ $customSubmitButtonPresent = false;
+
+ // Secondary and preauth providers always need their data; they will not care what button
+ // is used, so they can be ignored. So can OPTIONAL buttons createdby primary providers;
+ // that's the point in being optional. Se we need to check whether all primary providers
+ // have their own buttons and whether there is at least one button present.
+ foreach ( $requests as $req ) {
+ if ( $req->required === AuthenticationRequest::PRIMARY_REQUIRED ) {
+ if ( $this->hasOwnSubmitButton( $req ) ) {
+ $customSubmitButtonPresent = true;
+ } else {
+ return true;
+ }
}
- return !is_a( $class, \HTMLInfoField::class, true ) &&
- !is_a( $class, \HTMLSubmitField::class, true );
- } );
+ }
+ return !$customSubmitButtonPresent;
+ }
+
+ /**
+ * Checks whether the given AuthenticationRequest has its own submit button.
+ * @param AuthenticationRequest $req
+ * @return bool
+ */
+ protected function hasOwnSubmitButton( AuthenticationRequest $req ) {
+ foreach ( $req->getFieldInfo() as $field => $info ) {
+ if ( $info['type'] === 'button' ) {
+ return true;
+ }
+ }
+ return false;
}
/**