includes/specials/SpecialLinkAccounts.php

   1 <?php
   2
   3 namespace MediaWiki\Specials;
   4
   5 use ErrorPageError;
   6 use LogicException;
   7 use MediaWiki\Auth\AuthenticationRequest;
   8 use MediaWiki\Auth\AuthenticationResponse;
   9 use MediaWiki\Auth\AuthManager;
  10 use MediaWiki\HTMLForm\HTMLForm;
  11 use MediaWiki\MainConfigNames;
  12 use MediaWiki\SpecialPage\AuthManagerSpecialPage;
  13 use StatusValue;
  14
  15 /**
  16  * Link/unlink external accounts to the current user.
  17  *
  18  * To interact with this page, account providers need to register themselves with AuthManager.
  19  *
  20  * @ingroup SpecialPage
  21  * @ingroup Auth
  22  */
  23 class SpecialLinkAccounts extends AuthManagerSpecialPage {
  24         /** @inheritDoc */
  25         protected static $allowedActions = [
  26                 AuthManager::ACTION_LINK, AuthManager::ACTION_LINK_CONTINUE,
  27         ];
  28
  29         /**
  30          * @param AuthManager $authManager
  31          */
  32         public function __construct( AuthManager $authManager ) {
  33                 parent::__construct( 'LinkAccounts' );
  34                 $this->setAuthManager( $authManager );
  35         }
  36
  37         protected function getGroupName() {
  38                 return 'login';
  39         }
  40
  41         public function isListed() {
  42                 return $this->getAuthManager()->canLinkAccounts();
  43         }
  44
  45         protected function getRequestBlacklist() {
  46                 return $this->getConfig()->get( MainConfigNames::ChangeCredentialsBlacklist );
  47         }
  48
  49         /**
  50          * @param null|string $subPage
  51          * @throws ErrorPageError
  52          */
  53         public function execute( $subPage ) {
  54                 $this->setHeaders();
  55                 $this->loadAuth( $subPage );
  56
  57                 if ( !$this->isActionAllowed( $this->authAction ) ) {
  58                         if ( $this->authAction === AuthManager::ACTION_LINK ) {
  59                                 // looks like no linking provider is installed or willing to take this user
  60                                 $titleMessage = $this->msg( 'cannotlink-no-provider-title' );
  61                                 $errorMessage = $this->msg( 'cannotlink-no-provider' );
  62                                 throw new ErrorPageError( $titleMessage, $errorMessage );
  63                         } else {
  64                                 // user probably back-button-navigated into an auth session that no longer exists
  65                                 // FIXME would be nice to show a message
  66                                 $this->getOutput()->redirect( $this->getPageTitle()->getFullURL( '', false,
  67                                         PROTO_HTTPS ) );
  68                                 return;
  69                         }
  70                 }
  71
  72                 $this->outputHeader();
  73
  74                 $status = $this->trySubmit();
  75
  76                 if ( $status === false || !$status->isOK() ) {
  77                         $this->displayForm( $status );
  78                         return;
  79                 }
  80
  81                 $response = $status->getValue();
  82
  83                 switch ( $response->status ) {
  84                         case AuthenticationResponse::PASS:
  85                                 $this->success();
  86                                 break;
  87                         case AuthenticationResponse::FAIL:
  88                                 $this->loadAuth( '', AuthManager::ACTION_LINK, true );
  89                                 $this->displayForm( StatusValue::newFatal( $response->message ) );
  90                                 break;
  91                         case AuthenticationResponse::REDIRECT:
  92                                 $this->getOutput()->redirect( $response->redirectTarget );
  93                                 break;
  94                         case AuthenticationResponse::UI:
  95                                 $this->authAction = AuthManager::ACTION_LINK_CONTINUE;
  96                                 $this->authRequests = $response->neededRequests;
  97                                 $this->displayForm( StatusValue::newFatal( $response->message ) );
  98                                 break;
  99                         default:
 100                                 throw new LogicException( 'invalid AuthenticationResponse' );
 101                 }
 102         }
 103
 104         protected function getDefaultAction( $subPage ) {
 105                 return AuthManager::ACTION_LINK;
 106         }
 107
 108         /**
 109          * @param AuthenticationRequest[] $requests
 110          * @param string $action AuthManager action name, should be ACTION_LINK or ACTION_LINK_CONTINUE
 111          * @return HTMLForm
 112          */
 113         protected function getAuthForm( array $requests, $action ) {
 114                 $form = parent::getAuthForm( $requests, $action );
 115                 $form->setSubmitTextMsg( 'linkaccounts-submit' );
 116                 return $form;
 117         }
 118
 119         /**
 120          * Show a success message.
 121          */
 122         protected function success() {
 123                 $this->loadAuth( '', AuthManager::ACTION_LINK, true );
 124                 $this->displayForm( StatusValue::newFatal( $this->msg( 'linkaccounts-success-text' ) ) );
 125         }
 126 }
 127
 128 /** @deprecated class alias since 1.41 */
 129 class_alias( SpecialLinkAccounts::class, 'SpecialLinkAccounts' );