From 5e6d9d22502f0b7f9c500f54367e3dbdc43d225c Mon Sep 17 00:00:00 2001
From: Brad Jorsch <bjorsch@wikimedia.org>
Date: Thu, 9 Jun 2016 11:06:38 -0400
Subject: [PATCH] AuthManager: Fix ConfirmLink validation

I726d79de added validation of the incoming requests to
ConfirmLinkSecondaryAuthenticationProvider, but forgot to fill in the
username and action fields before doing so meaning the confirmation
would probably fail.

Change-Id: I75cb65c24538a1e60e3b47a3b9ecfbd3a79ce8bf
---
 .../auth/ConfirmLinkSecondaryAuthenticationProvider.php    | 6 +++++-
 .../ConfirmLinkSecondaryAuthenticationProviderTest.php     | 7 ++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/includes/auth/ConfirmLinkSecondaryAuthenticationProvider.php b/includes/auth/ConfirmLinkSecondaryAuthenticationProvider.php
index 57f1e6bd51..32c8fd55de 100644
--- a/includes/auth/ConfirmLinkSecondaryAuthenticationProvider.php
+++ b/includes/auth/ConfirmLinkSecondaryAuthenticationProvider.php
@@ -51,7 +51,11 @@ class ConfirmLinkSecondaryAuthenticationProvider extends AbstractSecondaryAuthen
 			return AuthenticationResponse::newAbstain();
 		}
 
-		$maybeLink = array_filter( $state['maybeLink'], function ( $req ) {
+		$maybeLink = array_filter( $state['maybeLink'], function ( $req ) use ( $user ) {
+			if ( !$req->action ) {
+				$req->action = AuthManager::ACTION_CHANGE;
+			}
+			$req->username = $user->getName();
 			return $this->manager->allowsAuthenticationDataChange( $req )->isGood();
 		} );
 		if ( !$maybeLink ) {
diff --git a/tests/phpunit/includes/auth/ConfirmLinkSecondaryAuthenticationProviderTest.php b/tests/phpunit/includes/auth/ConfirmLinkSecondaryAuthenticationProviderTest.php
index d254e81277..580ef6cd42 100644
--- a/tests/phpunit/includes/auth/ConfirmLinkSecondaryAuthenticationProviderTest.php
+++ b/tests/phpunit/includes/auth/ConfirmLinkSecondaryAuthenticationProviderTest.php
@@ -175,7 +175,12 @@ class ConfirmLinkSecondaryAuthenticationProviderTest extends \MediaWikiTestCase
 		$this->assertCount( 1, $res->neededRequests );
 		$req = $res->neededRequests[0];
 		$this->assertInstanceOf( ConfirmLinkAuthenticationRequest::class, $req );
-		$this->assertEquals( $reqs, \TestingAccessWrapper::newFromObject( $req )->linkRequests );
+		$expectReqs = $this->getLinkRequests();
+		foreach ( $expectReqs as $r ) {
+			$r->action = AuthManager::ACTION_CHANGE;
+			$r->username = $user->getName();
+		}
+		$this->assertEquals( $expectReqs, \TestingAccessWrapper::newFromObject( $req )->linkRequests );
 	}
 
 	public function testContinueLinkAttempt() {
-- 
2.20.1