includes/AuthPlugin.php

   1 <?php
   2 /**
   3  * @package MediaWiki
   4  */
   5 # Copyright (C) 2004 Brion Vibber <brion@pobox.com>
   6 # http://www.mediawiki.org/
   7 #
   8 # This program is free software; you can redistribute it and/or modify
   9 # it under the terms of the GNU General Public License as published by
  10 # the Free Software Foundation; either version 2 of the License, or
  11 # (at your option) any later version.
  12 #
  13 # This program is distributed in the hope that it will be useful,
  14 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16 # GNU General Public License for more details.
  17 #
  18 # You should have received a copy of the GNU General Public License along
  19 # with this program; if not, write to the Free Software Foundation, Inc.,
  20 # 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  21 # http://www.gnu.org/copyleft/gpl.html
  22
  23 /**
  24  * Authentication plugin interface. Instantiate a subclass of AuthPlugin
  25  * and set $wgAuth to it to authenticate against some external tool.
  26  *
  27  * The default behavior is not to do anything, and use the local user
  28  * database for all authentication. A subclass can require that all
  29  * accounts authenticate externally, or use it only as a fallback; also
  30  * you can transparently create internal wiki accounts the first time
  31  * someone logs in who can be authenticated externally.
  32  *
  33  * This interface is new, and might change a bit before 1.4.0 final is
  34  * done...
  35  *
  36  * @package MediaWiki
  37  */
  38 class AuthPlugin {
  39         /**
  40          * Check whether there exists a user account with the given name.
  41          * The name will be normalized to MediaWiki's requirements, so
  42          * you might need to munge it (for instance, for lowercase initial
  43          * letters).
  44          *
  45          * @param string $username
  46          * @return bool
  47          * @access public
  48          */
  49         function userExists( $username ) {
  50                 # Override this!
  51                 return false;
  52         }
  53
  54         /**
  55          * Check if a username+password pair is a valid login.
  56          * The name will be normalized to MediaWiki's requirements, so
  57          * you might need to munge it (for instance, for lowercase initial
  58          * letters).
  59          *
  60          * @param string $username
  61          * @param string $password
  62          * @return bool
  63          * @access public
  64          */
  65         function authenticate( $username, $password ) {
  66                 # Override this!
  67                 return false;
  68         }
  69
  70         /**
  71          * Modify options in the login template.
  72          *
  73          * @param UserLoginTemplate $template
  74          * @access public
  75          */
  76         function modifyUITemplate( &$template ) {
  77                 # Override this!
  78                 $template->set( 'usedomain', false );
  79         }
  80
  81         /**
  82          * Set the domain this plugin is supposed to use when authenticating.
  83          *
  84          * @param string $domain
  85          * @access public
  86          */
  87         function setDomain( $domain ) {
  88                 $this->domain = $domain;
  89         }
  90
  91         /**
  92          * Check to see if the specific domain is a valid domain.
  93          *
  94          * @param string $domain
  95          * @return bool
  96          * @access public
  97          */
  98         function validDomain( $domain ) {
  99                 # Override this!
 100                 return true;
 101         }
 102
 103         /**
 104          * When a user logs in, optionally fill in preferences and such.
 105          * For instance, you might pull the email address or real name from the
 106          * external user database.
 107          *
 108          * The User object is passed by reference so it can be modified; don't
 109          * forget the & on your function declaration.
 110          *
 111          * @param User $user
 112          * @access public
 113          */
 114         function updateUser( &$user ) {
 115                 # Override this and do something
 116                 return true;
 117         }
 118
 119
 120         /**
 121          * Return true if the wiki should create a new local account automatically
 122          * when asked to login a user who doesn't exist locally but does in the
 123          * external auth database.
 124          *
 125          * If you don't automatically create accounts, you must still create
 126          * accounts in some way. It's not possible to authenticate without
 127          * a local account.
 128          *
 129          * This is just a question, and shouldn't perform any actions.
 130          *
 131          * @return bool
 132          * @access public
 133          */
 134         function autoCreate() {
 135                 return false;
 136         }
 137
 138         /**
 139          * Set the given password in the authentication database.
 140          * Return true if successful.
 141          *
 142          * @param string $password
 143          * @return bool
 144          * @access public
 145          */
 146         function setPassword( $password ) {
 147                 return true;
 148         }
 149
 150         /**
 151          * Update user information in the external authentication database.
 152          * Return true if successful.
 153          *
 154          * @param User $user
 155          * @return bool
 156          * @access public
 157          */
 158         function updateExternalDB( $user ) {
 159                 return true;
 160         }
 161
 162         /**
 163          * Check to see if external accounts can be created.
 164          * Return true if external accounts can be created.
 165          * @return bool
 166          * @access public
 167          */
 168         function canCreateAccounts() {
 169                 return false;
 170         }
 171
 172         /**
 173          * Add a user to the external authentication database.
 174          * Return true if successful.
 175          *
 176          * @param User $user
 177          * @param string $password
 178          * @return bool
 179          * @access public
 180          */
 181         function addUser( $user, $password ) {
 182                 return true;
 183         }
 184
 185
 186         /**
 187          * Return true to prevent logins that don't authenticate here from being
 188          * checked against the local database's password fields.
 189          *
 190          * This is just a question, and shouldn't perform any actions.
 191          *
 192          * @return bool
 193          * @access public
 194          */
 195         function strict() {
 196                 return false;
 197         }
 198
 199         /**
 200          * When creating a user account, optionally fill in preferences and such.
 201          * For instance, you might pull the email address or real name from the
 202          * external user database.
 203          *
 204          * The User object is passed by reference so it can be modified; don't
 205          * forget the & on your function declaration.
 206          *
 207          * @param User $user
 208          * @access public
 209          */
 210         function initUser( &$user ) {
 211                 # Override this to do something.
 212         }
 213
 214         /**
 215          * If you want to munge the case of an account name before the final
 216          * check, now is your chance.
 217          */
 218         function getCanonicalName( $username ) {
 219                 return $username;
 220         }
 221 }
 222
 223 ?>