Password change request should be optional on soft reset

Non-optional fields are required by HTMLForm now so the skip button
would not work properly.

Change-Id: Iad937767f0f7cf6dce43f7882720d1ed730ee28d

diff --git a/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php b/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php
index f87a762..dd97830 100644 (file)
--- a/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php
+++ b/includes/auth/ResetPasswordSecondaryAuthenticationProvider.php
@@ -99,6 +99,8 @@ class ResetPasswordSecondaryAuthenticationProvider extends AbstractSecondaryAuth
                if ( !$needReq->action ) {
                        $needReq->action = AuthManager::ACTION_CHANGE;
                }
+               $needReq->required = $data->hard ? AuthenticationRequest::REQUIRED
+                       : AuthenticationRequest::OPTIONAL;
                $needReqs = [ $needReq ];
                if ( !$data->hard ) {
                        $needReqs[] = new ButtonAuthenticationRequest(

diff --git a/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php b/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php
index 59edede..79c138b 100644 (file)
--- a/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php
+++ b/tests/phpunit/includes/auth/ResetPasswordSecondaryAuthenticationProviderTest.php
@@ -216,7 +216,9 @@ class ResetPasswordSecondaryAuthenticationProviderTest extends \MediaWikiTestCas
                $this->assertSame( AuthenticationResponse::UI, $res->status );
                $this->assertEquals( $msg, $res->message );
                $this->assertCount( 2, $res->neededRequests );
-               $this->assertEquals( $passReq, $res->neededRequests[0] );
+               $expectedPassReq = clone $passReq;
+               $expectedPassReq->required = AuthenticationRequest::OPTIONAL;
+               $this->assertEquals( $expectedPassReq, $res->neededRequests[0] );
                $this->assertEquals( $skipReq, $res->neededRequests[1] );
                $this->assertNotNull( $manager->getAuthenticationSessionData( 'reset-pass' ) );
                $this->assertFalse( $passReq->done );
@@ -304,7 +306,9 @@ class ResetPasswordSecondaryAuthenticationProviderTest extends \MediaWikiTestCas
                $this->assertSame( AuthenticationResponse::UI, $res->status );
                $this->assertEquals( $msg, $res->message );
                $this->assertCount( 2, $res->neededRequests );
-               $this->assertEquals( $passReq2, $res->neededRequests[0] );
+               $expectedPassReq = clone $passReq2;
+               $expectedPassReq->required = AuthenticationRequest::OPTIONAL;
+               $this->assertEquals( $expectedPassReq, $res->neededRequests[0] );
                $this->assertEquals( $skipReq, $res->neededRequests[1] );
                $this->assertNotNull( $manager->getAuthenticationSessionData( 'reset-pass' ) );
                $this->assertFalse( $passReq->done );