includes/auth/PreAuthenticationProvider.php

   1 <?php
   2 /**
   3  * Pre-authentication provider interface
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  * @ingroup Auth
  22  */
  23
  24 namespace MediaWiki\Auth;
  25
  26 use StatusValue;
  27 use User;
  28
  29 /**
  30  * A pre-authentication provider is a check that must pass for authentication
  31  * to proceed.
  32  *
  33  * A PreAuthenticationProvider is used to supply arbitrary checks to be
  34  * performed before the PrimaryAuthenticationProviders are consulted during the
  35  * login process. Possible uses include checking that a per-IP throttle has not
  36  * been reached or that a captcha has been solved.
  37  *
  38  * @ingroup Auth
  39  * @since 1.27
  40  */
  41 interface PreAuthenticationProvider extends AuthenticationProvider {
  42
  43         /**
  44          * Determine whether an authentication may begin
  45          *
  46          * Called from AuthManager::beginAuthentication()
  47          *
  48          * @param AuthenticationRequest[] $reqs
  49          * @return StatusValue
  50          */
  51         public function testForAuthentication( array $reqs );
  52
  53         /**
  54          * Post-login callback
  55          * @param User|null $user User that was attempted to be logged in, if known.
  56          *   This may become a "UserValue" in the future, or User may be refactored
  57          *   into such.
  58          * @param AuthenticationResponse $response Authentication response that will be returned
  59          */
  60         public function postAuthentication( $user, AuthenticationResponse $response );
  61
  62         /**
  63          * Determine whether an account creation may begin
  64          *
  65          * Called from AuthManager::beginAccountCreation()
  66          *
  67          * @note No need to test if the account exists, AuthManager checks that
  68          * @param User $user User being created (not added to the database yet).
  69          *   This may become a "UserValue" in the future, or User may be refactored
  70          *   into such.
  71          * @param User $creator User doing the creation. This may become a
  72          *   "UserValue" in the future, or User may be refactored into such.
  73          * @param AuthenticationRequest[] $reqs
  74          * @return StatusValue
  75          */
  76         public function testForAccountCreation( $user, $creator, array $reqs );
  77
  78         /**
  79          * Determine whether an account may be created
  80          *
  81          * @param User $user User being created (not added to the database yet).
  82          *   This may become a "UserValue" in the future, or User may be refactored
  83          *   into such.
  84          * @param bool|string $autocreate False if this is not an auto-creation, or
  85          *  the source of the auto-creation passed to AuthManager::autoCreateUser().
  86          * @param array $options
  87          *  - flags: (int) Bitfield of User:READ_* constants, default User::READ_NORMAL
  88          *  - creating: (bool) If false (or missing), this call is only testing if
  89          *    a user could be created. If set, this (non-autocreation) is for
  90          *    actually creating an account and will be followed by a call to
  91          *    testForAccountCreation(). In this case, the provider might return
  92          *    StatusValue::newGood() here and let the later call to
  93          *    testForAccountCreation() do a more thorough test.
  94          * @return StatusValue
  95          */
  96         public function testUserForCreation( $user, $autocreate, array $options = [] );
  97
  98         /**
  99          * Post-creation callback
 100          * @param User $user User that was attempted to be created.
 101          *   This may become a "UserValue" in the future, or User may be refactored
 102          *   into such.
 103          * @param User $creator User doing the creation. This may become a
 104          *   "UserValue" in the future, or User may be refactored into such.
 105          * @param AuthenticationResponse $response Authentication response that will be returned
 106          */
 107         public function postAccountCreation( $user, $creator, AuthenticationResponse $response );
 108
 109         /**
 110          * Determine whether an account may linked to another authentication method
 111          *
 112          * @param User $user User being linked.
 113          *   This may become a "UserValue" in the future, or User may be refactored
 114          *   into such.
 115          * @return StatusValue
 116          */
 117         public function testForAccountLink( $user );
 118
 119         /**
 120          * Post-link callback
 121          * @param User $user User that was attempted to be linked.
 122          *   This may become a "UserValue" in the future, or User may be refactored
 123          *   into such.
 124          * @param AuthenticationResponse $response Authentication response that will be returned
 125          */
 126         public function postAccountLink( $user, AuthenticationResponse $response );
 127
 128 }