From 36cade5fe861a5ba61c314b9412b4e6e7dac38cd Mon Sep 17 00:00:00 2001 From: Chad Horohoe Date: Wed, 20 Mar 2013 15:48:28 -0400 Subject: [PATCH] Remove ExternalUser authentication code This was an experimental authentication system intoduced a couple of years ago with a pretty narrow use-case. It's been pretty much ignored since introduction, and makes login more complicated than it needs to be. I didn't drop the external_user table on the off-chance someone out there actually has data in it, but they should use AuthPlugin for their external authentication needs. Change-Id: I794338dbb75961ee033d41fa44bb7aa22e54f447 --- RELEASE-NOTES-1.22 | 4 + includes/AutoLoader.php | 6 - includes/DefaultSettings.php | 57 ---- includes/ExternalUser.php | 309 ------------------ includes/User.php | 23 -- includes/db/Database.php | 1 - includes/extauth/Hardcoded.php | 84 ----- includes/extauth/MediaWiki.php | 168 ---------- includes/extauth/vB.php | 146 --------- includes/installer/MysqlUpdater.php | 11 - includes/installer/PostgresUpdater.php | 1 - includes/installer/SqliteUpdater.php | 1 - includes/specials/SpecialUserlogin.php | 67 +--- maintenance/archives/patch-eu_local_id.sql | 3 - maintenance/archives/patch-external_user.sql | 9 - maintenance/mssql/tables.sql | 11 - maintenance/oracle/tables.sql | 7 - .../postgres/archives/patch-external_user.sql | 6 - maintenance/postgres/tables.sql | 7 - maintenance/tables.sql | 15 - tests/phpunit/data/db/sqlite/tables-1.16.sql | 5 - tests/phpunit/data/db/sqlite/tables-1.17.sql | 5 - tests/phpunit/data/db/sqlite/tables-1.18.sql | 5 - 23 files changed, 15 insertions(+), 936 deletions(-) delete mode 100644 includes/ExternalUser.php delete mode 100644 includes/extauth/Hardcoded.php delete mode 100644 includes/extauth/MediaWiki.php delete mode 100644 includes/extauth/vB.php delete mode 100644 maintenance/archives/patch-eu_local_id.sql delete mode 100644 maintenance/archives/patch-external_user.sql delete mode 100644 maintenance/postgres/archives/patch-external_user.sql diff --git a/RELEASE-NOTES-1.22 b/RELEASE-NOTES-1.22 index 257bd6f413..1d480238f0 100644 --- a/RELEASE-NOTES-1.22 +++ b/RELEASE-NOTES-1.22 @@ -31,6 +31,10 @@ changes to languages because of Bugzilla reports. Nostalgia was moved to an extension. * Event namespace used by jquery.makeCollapsible has been changed from 'mw-collapse' to 'mw-collapsible' for consistency with the module name. +* BREAKING CHANGE: The "ExternalAuth" authentication subsystem was removed, along + with its associated globals of $wgExternalAuthType, $wgExternalAuthConf, + $wgAutocreatePolicy and $wgAllowPrefChange. Affected users are encouraged to + use AuthPlugin for external authentication/authorization needs. == Compatibility == diff --git a/includes/AutoLoader.php b/includes/AutoLoader.php index a10ca8c3a9..33a244bee9 100644 --- a/includes/AutoLoader.php +++ b/includes/AutoLoader.php @@ -96,7 +96,6 @@ $wgAutoloadLocalClasses = array( 'ExternalStoreHttp' => 'includes/externalstore/ExternalStoreHttp.php', 'ExternalStoreMedium' => 'includes/externalstore/ExternalStoreMedium.php', 'ExternalStoreMwstore' => 'includes/externalstore/ExternalStoreMwstore.php', - 'ExternalUser' => 'includes/ExternalUser.php', 'FakeTitle' => 'includes/FakeTitle.php', 'Fallback' => 'includes/Fallback.php', 'FatalError' => 'includes/Exception.php', @@ -543,11 +542,6 @@ $wgAutoloadLocalClasses = array( 'WikiDiff3' => 'includes/diff/WikiDiff3.php', 'WordLevelDiff' => 'includes/diff/DairikiDiff.php', - # includes/extauth - 'ExternalUser_Hardcoded' => 'includes/extauth/Hardcoded.php', - 'ExternalUser_MediaWiki' => 'includes/extauth/MediaWiki.php', - 'ExternalUser_vB' => 'includes/extauth/vB.php', - # includes/filebackend 'FileBackendGroup' => 'includes/filebackend/FileBackendGroup.php', 'FileBackend' => 'includes/filebackend/FileBackend.php', diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 8a5a222de6..5f7eb65fbc 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -3724,63 +3724,6 @@ $wgInvalidUsernameCharacters = '@'; */ $wgUserrightsInterwikiDelimiter = '@'; -/** - * Use some particular type of external authentication. The specific - * authentication module you use will normally require some extra settings to - * be specified. - * - * null indicates no external authentication is to be used. Otherwise, - * $wgExternalAuthType must be the name of a non-abstract class that extends - * ExternalUser. - * - * Core authentication modules can be found in includes/extauth/. - */ -$wgExternalAuthType = null; - -/** - * Configuration for the external authentication. This may include arbitrary - * keys that depend on the authentication mechanism. For instance, - * authentication against another web app might require that the database login - * info be provided. Check the file where your auth mechanism is defined for - * info on what to put here. - */ -$wgExternalAuthConf = array(); - -/** - * When should we automatically create local accounts when external accounts - * already exist, if using ExternalAuth? Can have three values: 'never', - * 'login', 'view'. 'view' requires the external database to support cookies, - * and implies 'login'. - * - * TODO: Implement 'view' (currently behaves like 'login'). - */ -$wgAutocreatePolicy = 'login'; - -/** - * Policies for how each preference is allowed to be changed, in the presence - * of external authentication. The keys are preference keys, e.g., 'password' - * or 'emailaddress' (see Preferences.php et al.). The value can be one of the - * following: - * - * - local: Allow changes to this pref through the wiki interface but only - * apply them locally (default). - * - semiglobal: Allow changes through the wiki interface and try to apply them - * to the foreign database, but continue on anyway if that fails. - * - global: Allow changes through the wiki interface, but only let them go - * through if they successfully update the foreign database. - * - message: Allow no local changes for linked accounts; replace the change - * form with a message provided by the auth plugin, telling the user how to - * change the setting externally (maybe providing a link, etc.). If the auth - * plugin provides no message for this preference, hide it entirely. - * - * Accounts that are not linked to an external account are never affected by - * this setting. You may want to look at $wgHiddenPrefs instead. - * $wgHiddenPrefs supersedes this option. - * - * TODO: Implement message, global. - */ -$wgAllowPrefChange = array(); - /** * This is to let user authenticate using https when they come from http. * Based on an idea by George Herbert on wikitech-l: diff --git a/includes/ExternalUser.php b/includes/ExternalUser.php deleted file mode 100644 index 580b98966a..0000000000 --- a/includes/ExternalUser.php +++ /dev/null @@ -1,309 +0,0 @@ -initFromName( $name ) ) { - return false; - } - return $obj; - } - - /** - * @param $id string - * @return mixed ExternalUser, or false on failure - */ - public static function newFromId( $id ) { - global $wgExternalAuthType; - if ( is_null( $wgExternalAuthType ) ) { - return false; - } - $obj = new $wgExternalAuthType; - if ( !$obj->initFromId( $id ) ) { - return false; - } - return $obj; - } - - /** - * @return mixed ExternalUser, or false on failure - */ - public static function newFromCookie() { - global $wgExternalAuthType; - if ( is_null( $wgExternalAuthType ) ) { - return false; - } - $obj = new $wgExternalAuthType; - if ( !$obj->initFromCookie() ) { - return false; - } - return $obj; - } - - /** - * Creates the object corresponding to the given User object, assuming the - * user exists on the wiki and is linked to an external account. If either - * of these is false, this will return false. - * - * This is a wrapper around newFromId(). - * - * @param $user User - * @return ExternalUser|bool False on failure - */ - public static function newFromUser( $user ) { - global $wgExternalAuthType; - if ( is_null( $wgExternalAuthType ) ) { - # Short-circuit to avoid database query in common case so no one - # kills me - return false; - } - - $dbr = wfGetDB( DB_SLAVE ); - $id = $dbr->selectField( 'external_user', 'eu_external_id', - array( 'eu_local_id' => $user->getId() ), __METHOD__ ); - if ( $id === false ) { - return false; - } - return self::newFromId( $id ); - } - - /** - * Given a name, which is a string exactly as input by the user in the - * login form but with whitespace stripped, initialize this object to be - * the corresponding ExternalUser. Return true if successful, otherwise - * false. - * - * @param $name string - * @return bool Success? - */ - abstract protected function initFromName( $name ); - - /** - * Given an id, which was at some previous point in history returned by - * getId(), initialize this object to be the corresponding ExternalUser. - * Return true if successful, false otherwise. - * - * @param $id string - * @return bool Success? - */ - abstract protected function initFromId( $id ); - - /** - * Try to magically initialize the user from cookies or similar information - * so he or she can be logged in on just viewing the wiki. If this is - * impossible to do, just return false. - * - * TODO: Actually use this. - * - * @return bool Success? - */ - protected function initFromCookie() { - return false; - } - - /** - * This must return some identifier that stably, uniquely identifies the - * user. In a typical web application, this could be an integer - * representing the "user id". In other cases, it might be a string. In - * any event, the return value should be a string between 1 and 255 - * characters in length; must uniquely identify the user in the foreign - * database; and, if at all possible, should be permanent. - * - * This will only ever be used to reconstruct this ExternalUser object via - * newFromId(). The resulting object in that case should correspond to the - * same user, even if details have changed in the interim (e.g., renames or - * preference changes). - * - * @return string - */ - abstract public function getId(); - - /** - * This must return the name that the user would normally use for login to - * the external database. It is subject to no particular restrictions - * beyond rudimentary sanity, and in particular may be invalid as a - * MediaWiki username. It's used to auto-generate an account name that - * *is* valid for MediaWiki, either with or without user input, but - * basically is only a hint. - * - * @return string - */ - abstract public function getName(); - - /** - * Is the given password valid for the external user? The password is - * provided in plaintext. - * - * @param $password string - * @return bool - */ - abstract public function authenticate( $password ); - - /** - * Retrieve the value corresponding to the given preference key. The most - * important values are: - * - * - emailaddress - * - language - * - * The value must meet MediaWiki's requirements for values of this type, - * and will be checked for validity before use. If the preference makes no - * sense for the backend, or it makes sense but is unset for this user, or - * is unrecognized, return null. - * - * $pref will never equal 'password', since passwords are usually hashed - * and cannot be directly retrieved. authenticate() is used for this - * instead. - * - * TODO: Currently this is only called for 'emailaddress'; generalize! Add - * some config option to decide which values are grabbed on user - * initialization. - * - * @param $pref string - * @return mixed - */ - public function getPref( $pref ) { - return null; - } - - /** - * Return an array of identifiers for all the foreign groups that this user - * has. The identifiers are opaque objects that only need to be - * specifiable by the administrator in LocalSettings.php when configuring - * $wgAutopromote. They may be, for instance, strings or integers. - * - * TODO: Support this in $wgAutopromote. - * - * @return array - */ - public function getGroups() { - return array(); - } - - /** - * Given a preference key (e.g., 'emailaddress'), provide an HTML message - * telling the user how to change it in the external database. The - * administrator has specified that this preference cannot be changed on - * the wiki, and may only be changed in the foreign database. If no - * message is available, such as for an unrecognized preference, return - * false. - * - * TODO: Use this somewhere. - * - * @param $pref string - * @return mixed String or false - */ - public static function getPrefMessage( $pref ) { - return false; - } - - /** - * Set the given preference key to the given value. Two important - * preference keys that you might want to implement are 'password' and - * 'emailaddress'. If the set fails, such as because the preference is - * unrecognized or because the external database can't be changed right - * now, return false. If it succeeds, return true. - * - * If applicable, you should make sure to validate the new value against - * any constraints the external database may have, since MediaWiki may have - * more limited constraints (e.g., on password strength). - * - * TODO: Untested. - * - * @param $key string - * @param $value string - * @return bool Success? - */ - public static function setPref( $key, $value ) { - return false; - } - - /** - * Create a link for future reference between this object and the provided - * user_id. If the user was already linked, the old link will be - * overwritten. - * - * This is part of the core code and is not overridable by specific - * plugins. It's in this class only for convenience. - * - * @param int $id user_id - */ - final public function linkToLocal( $id ) { - $dbw = wfGetDB( DB_MASTER ); - $dbw->replace( 'external_user', - array( 'eu_local_id', 'eu_external_id' ), - array( 'eu_local_id' => $id, - 'eu_external_id' => $this->getId() ), - __METHOD__ ); - } - - /** - * Check whether this external user id is already linked with - * a local user. - * @return Mixed User if the account is linked, Null otherwise. - */ - final public function getLocalUser() { - $dbr = wfGetDB( DB_SLAVE ); - $row = $dbr->selectRow( - 'external_user', - '*', - array( 'eu_external_id' => $this->getId() ) - ); - return $row - ? User::newFromId( $row->eu_local_id ) - : null; - } - -} diff --git a/includes/User.php b/includes/User.php index 9427a9eeac..0ac79d6442 100644 --- a/includes/User.php +++ b/includes/User.php @@ -921,22 +921,12 @@ class User { * @return Bool True if the user is logged in, false otherwise. */ private function loadFromSession() { - global $wgExternalAuthType, $wgAutocreatePolicy; - $result = null; wfRunHooks( 'UserLoadFromSession', array( $this, &$result ) ); if ( $result !== null ) { return $result; } - if ( $wgExternalAuthType && $wgAutocreatePolicy == 'view' ) { - $extUser = ExternalUser::newFromCookie(); - if ( $extUser ) { - # TODO: Automatically create the user here (or probably a bit - # lower down, in fact) - } - } - $request = $this->getRequest(); $cookieId = $request->getCookie( 'UserID' ); @@ -4409,8 +4399,6 @@ class User { * @todo document */ protected function saveOptions() { - global $wgAllowPrefChange; - $this->loadOptions(); // Not using getOptions(), to keep hidden preferences in database @@ -4422,7 +4410,6 @@ class User { return; } - $extuser = ExternalUser::newFromUser( $this ); $userId = $this->getId(); $insert_rows = array(); foreach( $saveOptions as $key => $value ) { @@ -4437,16 +4424,6 @@ class User { 'up_value' => $value, ); } - if ( $extuser && isset( $wgAllowPrefChange[$key] ) ) { - switch ( $wgAllowPrefChange[$key] ) { - case 'local': - case 'message': - break; - case 'semiglobal': - case 'global': - $extuser->setPref( $key, $value ); - } - } } $dbw = wfGetDB( DB_MASTER ); diff --git a/includes/db/Database.php b/includes/db/Database.php index d0b877fddc..7392f964cd 100644 --- a/includes/db/Database.php +++ b/includes/db/Database.php @@ -714,7 +714,6 @@ abstract class DatabaseBase implements DatabaseType { * an extension, et cetera). Do not use this to connect to the MediaWiki * database. Example uses in core: * @see LoadBalancer::reallyOpenConnection() - * @see ExternalUser_MediaWiki::initFromCond() * @see ForeignDBRepo::getMasterDB() * @see WebInstaller_DBConnect::execute() * diff --git a/includes/extauth/Hardcoded.php b/includes/extauth/Hardcoded.php deleted file mode 100644 index dfb4674299..0000000000 --- a/includes/extauth/Hardcoded.php +++ /dev/null @@ -1,84 +0,0 @@ - array( - * 'password' => 'literal string', - * 'emailaddress' => 'bob@example.com', - * ), - * ); - * - * Multiple names may be provided. The keys of the inner arrays can be either - * 'password', or the name of any preference. - * - * @ingroup ExternalUser - */ -class ExternalUser_Hardcoded extends ExternalUser { - private $mName; - - protected function initFromName( $name ) { - global $wgExternalAuthConf; - - if ( isset( $wgExternalAuthConf[$name] ) ) { - $this->mName = $name; - return true; - } - return false; - } - - protected function initFromId( $id ) { - return $this->initFromName( $id ); - } - - public function getId() { - return $this->mName; - } - - public function getName() { - return $this->mName; - } - - public function authenticate( $password ) { - global $wgExternalAuthConf; - - return isset( $wgExternalAuthConf[$this->mName]['password'] ) - && $wgExternalAuthConf[$this->mName]['password'] == $password; - } - - public function getPref( $pref ) { - global $wgExternalAuthConf; - - if ( isset( $wgExternalAuthConf[$this->mName][$pref] ) ) { - return $wgExternalAuthConf[$this->mName][$pref]; - } - return null; - } - - # TODO: Implement setPref() via regex on LocalSettings. (Just kidding.) -} diff --git a/includes/extauth/MediaWiki.php b/includes/extauth/MediaWiki.php deleted file mode 100644 index c7f6a20417..0000000000 --- a/includes/extauth/MediaWiki.php +++ /dev/null @@ -1,168 +0,0 @@ - 'mysql', - * 'DBserver' => 'localhost', - * 'DBname' => 'wikidb', - * 'DBuser' => 'quasit', - * 'DBpassword' => 'a5Cr:yf9u-6[{`g', - * 'DBprefix' => '', - * ); - * - * All fields must be present. These mean the same things as $wgDBtype, - * $wgDBserver, etc. This implementation is quite crude; it could easily - * support multiple database servers, for instance, and memcached, and it - * probably has bugs. Kind of hard to reuse code when things might rely on who - * knows what configuration globals. - * - * If either wiki uses the UserComparePasswords hook, password authentication - * might fail unexpectedly unless they both do the exact same validation. - * There may be other corner cases like this where this will fail, but it - * should be unlikely. - * - * @ingroup ExternalUser - */ -class ExternalUser_MediaWiki extends ExternalUser { - private $mRow; - - /** - * @var DatabaseBase - */ - private $mDb; - - /** - * @param $name string - * @return bool - */ - protected function initFromName( $name ) { - # We might not need the 'usable' bit, but let's be safe. Theoretically - # this might return wrong results for old versions, but it's probably - # good enough. - $name = User::getCanonicalName( $name, 'usable' ); - - if ( !is_string( $name ) ) { - return false; - } - - return $this->initFromCond( array( 'user_name' => $name ) ); - } - - /** - * @param $id int - * @return bool - */ - protected function initFromId( $id ) { - return $this->initFromCond( array( 'user_id' => $id ) ); - } - - /** - * @param $cond array - * @return bool - */ - private function initFromCond( $cond ) { - global $wgExternalAuthConf; - - $this->mDb = DatabaseBase::factory( $wgExternalAuthConf['DBtype'], - array( - 'host' => $wgExternalAuthConf['DBserver'], - 'user' => $wgExternalAuthConf['DBuser'], - 'password' => $wgExternalAuthConf['DBpassword'], - 'dbname' => $wgExternalAuthConf['DBname'], - 'tablePrefix' => $wgExternalAuthConf['DBprefix'], - ) - ); - - $row = $this->mDb->selectRow( - 'user', - array( - 'user_name', 'user_id', 'user_password', 'user_email', - 'user_email_authenticated' - ), - $cond, - __METHOD__ - ); - if ( !$row ) { - return false; - } - $this->mRow = $row; - - return true; - } - - # TODO: Implement initFromCookie(). - - public function getId() { - return $this->mRow->user_id; - } - - /** - * @return string - */ - public function getName() { - return $this->mRow->user_name; - } - - public function authenticate( $password ) { - # This might be wrong if anyone actually uses the UserComparePasswords hook - # (on either end), so don't use this if you those are incompatible. - return User::comparePasswords( $this->mRow->user_password, $password, - $this->mRow->user_id ); - } - - public function getPref( $pref ) { - # @todo FIXME: Return other prefs too. Lots of global-riddled code that does - # this normally. - if ( $pref === 'emailaddress' - && $this->row->user_email_authenticated !== null ) { - return $this->mRow->user_email; - } - return null; - } - - /** - * @return array - */ - public function getGroups() { - # @todo FIXME: Untested. - $groups = array(); - $res = $this->mDb->select( - 'user_groups', - 'ug_group', - array( 'ug_user' => $this->mRow->user_id ), - __METHOD__ - ); - foreach ( $res as $row ) { - $groups[] = $row->ug_group; - } - return $groups; - } - - # TODO: Implement setPref(). -} diff --git a/includes/extauth/vB.php b/includes/extauth/vB.php deleted file mode 100644 index 0565a2e3a5..0000000000 --- a/includes/extauth/vB.php +++ /dev/null @@ -1,146 +0,0 @@ -, versions 3.5 and up. It calls no functions or - * code, only reads from the database. Example lines to put in - * LocalSettings.php: - * - * $wgExternalAuthType = 'ExternalUser_vB'; - * $wgExternalAuthConf = array( - * 'server' => 'localhost', - * 'username' => 'forum', - * 'password' => 'udE,jSqDJ<""p=fI.K9', - * 'dbname' => 'forum', - * 'tablePrefix' => '', - * 'cookieprefix' => 'bb' - * ); - * - * @ingroup ExternalUser - */ -class ExternalUser_vB extends ExternalUser { - private $mRow; - - protected function initFromName( $name ) { - return $this->initFromCond( array( 'username' => $name ) ); - } - - protected function initFromId( $id ) { - return $this->initFromCond( array( 'userid' => $id ) ); - } - - protected function initFromCookie() { - # Try using the session table. It will only have a row if the user has - # an active session, so it might not always work, but it's a lot easier - # than trying to convince PHP to give us vB's $_SESSION. - global $wgExternalAuthConf, $wgRequest; - if ( !isset( $wgExternalAuthConf['cookieprefix'] ) ) { - $prefix = 'bb'; - } else { - $prefix = $wgExternalAuthConf['cookieprefix']; - } - if ( $wgRequest->getCookie( 'sessionhash', $prefix ) === null ) { - return false; - } - - $db = $this->getDb(); - - $row = $db->selectRow( - array( 'session', 'user' ), - $this->getFields(), - array( - 'session.userid = user.userid', - 'sessionhash' => $wgRequest->getCookie( 'sessionhash', $prefix ), - ), - __METHOD__ - ); - if ( !$row ) { - return false; - } - $this->mRow = $row; - - return true; - } - - private function initFromCond( $cond ) { - $db = $this->getDb(); - - $row = $db->selectRow( - 'user', - $this->getFields(), - $cond, - __METHOD__ - ); - if ( !$row ) { - return false; - } - $this->mRow = $row; - - return true; - } - - private function getDb() { - global $wgExternalAuthConf; - return DatabaseBase::factory( 'mysql', - array( - 'host' => $wgExternalAuthConf['server'], - 'user' => $wgExternalAuthConf['username'], - 'password' => $wgExternalAuthConf['password'], - 'dbname' => $wgExternalAuthConf['dbname'], - 'tablePrefix' => $wgExternalAuthConf['tablePrefix'], - ) - ); - } - - private function getFields() { - return array( 'user.userid', 'username', 'password', 'salt', 'email', - 'usergroupid', 'membergroupids' ); - } - - public function getId() { return $this->mRow->userid; } - public function getName() { return $this->mRow->username; } - - public function authenticate( $password ) { - # vBulletin seemingly strips whitespace from passwords - $password = trim( $password ); - return $this->mRow->password == md5( md5( $password ) - . $this->mRow->salt ); - } - - public function getPref( $pref ) { - if ( $pref == 'emailaddress' && $this->mRow->email ) { - # TODO: only return if validated? - return $this->mRow->email; - } - return null; - } - - public function getGroups() { - $groups = array( $this->mRow->usergroupid ); - $groups = array_merge( $groups, explode( ',', $this->mRow->membergroupids ) ); - $groups = array_unique( $groups ); - return $groups; - } -} diff --git a/includes/installer/MysqlUpdater.php b/includes/installer/MysqlUpdater.php index 6b74653a6e..df1f610846 100644 --- a/includes/installer/MysqlUpdater.php +++ b/includes/installer/MysqlUpdater.php @@ -165,12 +165,10 @@ class MysqlUpdater extends DatabaseUpdater { array( 'doLogUsertextPopulation' ), # listed separately from the previous update because 1.16 was released without this update array( 'doLogSearchPopulation' ), array( 'addTable', 'l10n_cache', 'patch-l10n_cache.sql' ), - array( 'addTable', 'external_user', 'patch-external_user.sql' ), array( 'addIndex', 'log_search', 'ls_field_val', 'patch-log_search-rename-index.sql' ), array( 'addIndex', 'change_tag', 'change_tag_rc_tag', 'patch-change_tag-indexes.sql' ), array( 'addField', 'redirect', 'rd_interwiki', 'patch-rd_interwiki.sql' ), array( 'doUpdateTranscacheField' ), - array( 'renameEuWikiId' ), array( 'doUpdateMimeMinorField' ), // 1.17 @@ -850,15 +848,6 @@ class MysqlUpdater extends DatabaseUpdater { return $this->applyPatch( 'patch-pl-tl-il-unique.sql', false, "Making pl_namespace, tl_namespace and il_to indices UNIQUE" ); } - protected function renameEuWikiId() { - if ( $this->db->fieldExists( 'external_user', 'eu_local_id', __METHOD__ ) ) { - $this->output( "...eu_wiki_id already renamed to eu_local_id.\n" ); - return; - } - - $this->applyPatch( 'patch-eu_local_id.sql', false, "Renaming eu_wiki_id -> eu_local_id" ); - } - protected function doUpdateMimeMinorField() { if ( $this->updateRowExists( 'mime_minor_length' ) ) { $this->output( "...*_mime_minor fields are already long enough.\n" ); diff --git a/includes/installer/PostgresUpdater.php b/includes/installer/PostgresUpdater.php index 0a319eeab5..08797b2b64 100644 --- a/includes/installer/PostgresUpdater.php +++ b/includes/installer/PostgresUpdater.php @@ -89,7 +89,6 @@ class PostgresUpdater extends DatabaseUpdater { array( 'addTable', 'module_deps', 'patch-module_deps.sql' ), array( 'addTable', 'uploadstash', 'patch-uploadstash.sql' ), array( 'addTable', 'user_former_groups','patch-user_former_groups.sql' ), - array( 'addTable', 'external_user', 'patch-external_user.sql' ), array( 'addTable', 'sites', 'patch-sites.sql' ), # Needed before new field diff --git a/includes/installer/SqliteUpdater.php b/includes/installer/SqliteUpdater.php index 54e115bd9f..28d8d66b1b 100644 --- a/includes/installer/SqliteUpdater.php +++ b/includes/installer/SqliteUpdater.php @@ -49,7 +49,6 @@ class SqliteUpdater extends DatabaseUpdater { array( 'doLogUsertextPopulation' ), # listed separately from the previous update because 1.16 was released without this update array( 'doLogSearchPopulation' ), array( 'addTable', 'l10n_cache', 'patch-l10n_cache.sql' ), - array( 'addTable', 'external_user', 'patch-external_user.sql' ), array( 'addIndex', 'log_search', 'ls_field_val', 'patch-log_search-rename-index.sql' ), array( 'addIndex', 'change_tag', 'change_tag_rc_tag', 'patch-change_tag-indexes.sql' ), array( 'addField', 'redirect', 'rd_interwiki', 'patch-rd_interwiki.sql' ), diff --git a/includes/specials/SpecialUserlogin.php b/includes/specials/SpecialUserlogin.php index eef6691429..17c8ec9122 100644 --- a/includes/specials/SpecialUserlogin.php +++ b/includes/specials/SpecialUserlogin.php @@ -51,11 +51,6 @@ class LoginForm extends SpecialPage { var $mAbortLoginErrorMsg = 'login-abort-generic'; private $mLoaded = false; - /** - * @var ExternalUser - */ - private $mExtUser = null; - /** * @ var WebRequest */ @@ -480,14 +475,6 @@ class LoginForm extends SpecialPage { $wgAuth->initUser( $u, $autocreate ); - if ( $this->mExtUser ) { - $this->mExtUser->linkToLocal( $u->getId() ); - $email = $this->mExtUser->getPref( 'emailaddress' ); - if ( $email && !$this->mEmail ) { - $u->setEmail( $email ); - } - } - $u->setOption( 'rememberpassword', $this->mRemember ? 1 : 0 ); $u->saveSettings(); @@ -550,10 +537,6 @@ class LoginForm extends SpecialPage { return self::SUCCESS; } - $this->mExtUser = ExternalUser::newFromName( $this->mUsername ); - - # TODO: Allow some magic here for invalid external names, e.g., let the - # user choose a different wiki name. $u = User::newFromName( $this->mUsername ); if( !( $u instanceof User ) || !User::isUsableName( $u->getName() ) ) { return self::ILLEGAL; @@ -568,16 +551,6 @@ class LoginForm extends SpecialPage { $isAutoCreated = true; } } else { - global $wgExternalAuthType, $wgAutocreatePolicy; - if ( $wgExternalAuthType && $wgAutocreatePolicy != 'never' - && is_object( $this->mExtUser ) - && $this->mExtUser->authenticate( $this->mPassword ) - ) { - # The external user and local user have the same name and - # password, so we assume they're the same. - $this->mExtUser->linkToLocal( $u->getID() ); - } - $u->load(); } @@ -696,40 +669,22 @@ class LoginForm extends SpecialPage { * @return integer Status code */ function attemptAutoCreate( $user ) { - global $wgAuth, $wgAutocreatePolicy; + global $wgAuth; if ( $this->getUser()->isBlockedFromCreateAccount() ) { wfDebug( __METHOD__ . ": user is blocked from account creation\n" ); return self::CREATE_BLOCKED; } - - /** - * If the external authentication plugin allows it, automatically cre- - * ate a new account for users that are externally defined but have not - * yet logged in. - */ - if ( $this->mExtUser ) { - # mExtUser is neither null nor false, so use the new ExternalAuth - # system. - if ( $wgAutocreatePolicy == 'never' ) { - return self::NOT_EXISTS; - } - if ( !$this->mExtUser->authenticate( $this->mPassword ) ) { - return self::WRONG_PLUGIN_PASS; - } - } else { - # Old AuthPlugin. - if ( !$wgAuth->autoCreate() ) { - return self::NOT_EXISTS; - } - if ( !$wgAuth->userExists( $user->getName() ) ) { - wfDebug( __METHOD__ . ": user does not exist\n" ); - return self::NOT_EXISTS; - } - if ( !$wgAuth->authenticate( $user->getName(), $this->mPassword ) ) { - wfDebug( __METHOD__ . ": \$wgAuth->authenticate() returned false, aborting\n" ); - return self::WRONG_PLUGIN_PASS; - } + if ( !$wgAuth->autoCreate() ) { + return self::NOT_EXISTS; + } + if ( !$wgAuth->userExists( $user->getName() ) ) { + wfDebug( __METHOD__ . ": user does not exist\n" ); + return self::NOT_EXISTS; + } + if ( !$wgAuth->authenticate( $user->getName(), $this->mPassword ) ) { + wfDebug( __METHOD__ . ": \$wgAuth->authenticate() returned false, aborting\n" ); + return self::WRONG_PLUGIN_PASS; } $abortError = ''; diff --git a/maintenance/archives/patch-eu_local_id.sql b/maintenance/archives/patch-eu_local_id.sql deleted file mode 100644 index bb59d06734..0000000000 --- a/maintenance/archives/patch-eu_local_id.sql +++ /dev/null @@ -1,3 +0,0 @@ -ALTER TABLE /*_*/external_user -CHANGE COLUMN eu_wiki_id -eu_local_id int unsigned NOT NULL; diff --git a/maintenance/archives/patch-external_user.sql b/maintenance/archives/patch-external_user.sql deleted file mode 100644 index 176b46d4ad..0000000000 --- a/maintenance/archives/patch-external_user.sql +++ /dev/null @@ -1,9 +0,0 @@ -CREATE TABLE /*_*/external_user ( - -- Foreign key to user_id - eu_local_id int unsigned NOT NULL PRIMARY KEY, - - -- Some opaque identifier provided by the external database - eu_external_id varchar(255) binary NOT NULL -) /*$wgDBTableOptions*/; - -CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id); diff --git a/maintenance/mssql/tables.sql b/maintenance/mssql/tables.sql index ad996175e7..b76f57c601 100644 --- a/maintenance/mssql/tables.sql +++ b/maintenance/mssql/tables.sql @@ -305,17 +305,6 @@ CREATE TABLE /*$wgDBprefix*/externallinks ( -- Maximum key length ON SQL Server is 900 bytes CREATE INDEX /*$wgDBprefix*/externallinks_index ON /*$wgDBprefix*/externallinks(el_index); --- --- Track external user accounts, if ExternalAuth is used --- -CREATE TABLE /*$wgDBprefix*/external_user ( - -- Foreign key to user_id - eu_local_id INT NOT NULL PRIMARY KEY, - -- opaque identifier provided by the external database - eu_external_id NVARCHAR(255) NOT NULL, -); -CREATE UNIQUE INDEX /*$wgDBprefix*/eu_external_idx ON /*$wgDBprefix*/external_user(eu_external_id); - -- -- Track INTerlanguage links -- diff --git a/maintenance/oracle/tables.sql b/maintenance/oracle/tables.sql index b5b3b07e60..c5bf56921f 100644 --- a/maintenance/oracle/tables.sql +++ b/maintenance/oracle/tables.sql @@ -218,13 +218,6 @@ CREATE INDEX &mw_prefix.externallinks_i01 ON &mw_prefix.externallinks (el_from, CREATE INDEX &mw_prefix.externallinks_i02 ON &mw_prefix.externallinks (el_to, el_from); CREATE INDEX &mw_prefix.externallinks_i03 ON &mw_prefix.externallinks (el_index); -CREATE TABLE &mw_prefix.external_user ( - eu_local_id NUMBER NOT NULL, - eu_external_id varchar2(255) NOT NULL -); -ALTER TABLE &mw_prefix.external_user ADD CONSTRAINT &mw_prefix.external_user_pk PRIMARY KEY (eu_local_id); -CREATE UNIQUE INDEX &mw_prefix.external_user_u01 ON &mw_prefix.external_user (eu_external_id); - CREATE TABLE &mw_prefix.langlinks ( ll_from NUMBER NOT NULL, ll_lang VARCHAR2(20), diff --git a/maintenance/postgres/archives/patch-external_user.sql b/maintenance/postgres/archives/patch-external_user.sql deleted file mode 100644 index 6058a70617..0000000000 --- a/maintenance/postgres/archives/patch-external_user.sql +++ /dev/null @@ -1,6 +0,0 @@ -CREATE TABLE external_user ( - eu_local_id INTEGER NOT NULL PRIMARY KEY, - eu_external_id TEXT -); - -CREATE UNIQUE INDEX eu_external_id ON external_user (eu_external_id); diff --git a/maintenance/postgres/tables.sql b/maintenance/postgres/tables.sql index 5ce1a172d3..30a8e1b600 100644 --- a/maintenance/postgres/tables.sql +++ b/maintenance/postgres/tables.sql @@ -232,13 +232,6 @@ CREATE TABLE externallinks ( CREATE INDEX externallinks_from_to ON externallinks (el_from,el_to); CREATE INDEX externallinks_index ON externallinks (el_index); -CREATE TABLE external_user ( - eu_local_id INTEGER NOT NULL PRIMARY KEY, - eu_external_id TEXT -); - -CREATE UNIQUE INDEX eu_external_id ON external_user (eu_external_id); - CREATE TABLE langlinks ( ll_from INTEGER NOT NULL REFERENCES page (page_id) ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, ll_lang TEXT, diff --git a/maintenance/tables.sql b/maintenance/tables.sql index fb145d0829..19c740b50e 100644 --- a/maintenance/tables.sql +++ b/maintenance/tables.sql @@ -626,21 +626,6 @@ CREATE INDEX /*i*/el_from ON /*_*/externallinks (el_from, el_to(40)); CREATE INDEX /*i*/el_to ON /*_*/externallinks (el_to(60), el_from); CREATE INDEX /*i*/el_index ON /*_*/externallinks (el_index(60)); - --- --- Track external user accounts, if ExternalAuth is used --- -CREATE TABLE /*_*/external_user ( - -- Foreign key to user_id - eu_local_id int unsigned NOT NULL PRIMARY KEY, - - -- Some opaque identifier provided by the external database - eu_external_id varchar(255) binary NOT NULL -) /*$wgDBTableOptions*/; - -CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id); - - -- -- Track interlanguage links -- diff --git a/tests/phpunit/data/db/sqlite/tables-1.16.sql b/tests/phpunit/data/db/sqlite/tables-1.16.sql index 6e56add238..7e8f30ec17 100644 --- a/tests/phpunit/data/db/sqlite/tables-1.16.sql +++ b/tests/phpunit/data/db/sqlite/tables-1.16.sql @@ -146,11 +146,6 @@ CREATE TABLE /*_*/externallinks ( CREATE INDEX /*i*/el_from ON /*_*/externallinks (el_from, el_to(40)); CREATE INDEX /*i*/el_to ON /*_*/externallinks (el_to(60), el_from); CREATE INDEX /*i*/el_index ON /*_*/externallinks (el_index(60)); -CREATE TABLE /*_*/external_user ( - eu_local_id int unsigned NOT NULL PRIMARY KEY, - eu_external_id varchar(255) binary NOT NULL -) /*$wgDBTableOptions*/; -CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id); CREATE TABLE /*_*/langlinks ( ll_from int unsigned NOT NULL default 0, ll_lang varbinary(20) NOT NULL default '', diff --git a/tests/phpunit/data/db/sqlite/tables-1.17.sql b/tests/phpunit/data/db/sqlite/tables-1.17.sql index 69ae376498..e02e3e1475 100644 --- a/tests/phpunit/data/db/sqlite/tables-1.17.sql +++ b/tests/phpunit/data/db/sqlite/tables-1.17.sql @@ -151,11 +151,6 @@ CREATE TABLE /*_*/externallinks ( CREATE INDEX /*i*/el_from ON /*_*/externallinks (el_from, el_to(40)); CREATE INDEX /*i*/el_to ON /*_*/externallinks (el_to(60), el_from); CREATE INDEX /*i*/el_index ON /*_*/externallinks (el_index(60)); -CREATE TABLE /*_*/external_user ( - eu_local_id int unsigned NOT NULL PRIMARY KEY, - eu_external_id varchar(255) binary NOT NULL -) /*$wgDBTableOptions*/; -CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id); CREATE TABLE /*_*/langlinks ( ll_from int unsigned NOT NULL default 0, ll_lang varbinary(20) NOT NULL default '', diff --git a/tests/phpunit/data/db/sqlite/tables-1.18.sql b/tests/phpunit/data/db/sqlite/tables-1.18.sql index b106d2b7ef..8bfc28e28e 100644 --- a/tests/phpunit/data/db/sqlite/tables-1.18.sql +++ b/tests/phpunit/data/db/sqlite/tables-1.18.sql @@ -157,11 +157,6 @@ CREATE TABLE /*_*/externallinks ( CREATE INDEX /*i*/el_from ON /*_*/externallinks (el_from, el_to(40)); CREATE INDEX /*i*/el_to ON /*_*/externallinks (el_to(60), el_from); CREATE INDEX /*i*/el_index ON /*_*/externallinks (el_index(60)); -CREATE TABLE /*_*/external_user ( - eu_local_id int unsigned NOT NULL PRIMARY KEY, - eu_external_id varchar(255) binary NOT NULL -) /*$wgDBTableOptions*/; -CREATE UNIQUE INDEX /*i*/eu_external_id ON /*_*/external_user (eu_external_id); CREATE TABLE /*_*/langlinks ( ll_from int unsigned NOT NULL default 0, ll_lang varbinary(20) NOT NULL default '', -- 2.20.1