Localisation updates from https://translatewiki.net.
[mediawiki.git] / includes / auth / ResetPasswordSecondaryAuthenticationProvider.php
blob45ac3aa0b5a95320c01133cc3c035a234db64f7b
1 <?php
2 /**
3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
18 * @file
19 * @ingroup Auth
22 namespace MediaWiki\Auth;
24 /**
25 * Reset the local password, if signalled via $this->manager->setAuthenticationSessionData()
27 * The authentication data key is 'reset-pass'; the data is an object with the
28 * following properties:
29 * - msg: Message object to display to the user
30 * - hard: Boolean, if true the reset cannot be skipped.
31 * - req: Optional PasswordAuthenticationRequest to use to actually reset the
32 * password. Won't be displayed to the user.
34 * @ingroup Auth
35 * @since 1.27
37 class ResetPasswordSecondaryAuthenticationProvider extends AbstractSecondaryAuthenticationProvider {
39 public function getAuthenticationRequests( $action, array $options ) {
40 return [];
43 public function beginSecondaryAuthentication( $user, array $reqs ) {
44 return $this->tryReset( $user, $reqs );
47 public function continueSecondaryAuthentication( $user, array $reqs ) {
48 return $this->tryReset( $user, $reqs );
51 public function beginSecondaryAccountCreation( $user, $creator, array $reqs ) {
52 return $this->tryReset( $user, $reqs );
55 public function continueSecondaryAccountCreation( $user, $creator, array $reqs ) {
56 return $this->tryReset( $user, $reqs );
59 /**
60 * Try to reset the password
61 * @param \User $user
62 * @param AuthenticationRequest[] $reqs
63 * @return AuthenticationResponse
65 protected function tryReset( \User $user, array $reqs ) {
66 $data = $this->manager->getAuthenticationSessionData( 'reset-pass' );
67 if ( !$data ) {
68 return AuthenticationResponse::newAbstain();
71 if ( is_array( $data ) ) {
72 $data = (object)$data;
74 if ( !is_object( $data ) ) {
75 throw new \UnexpectedValueException( 'reset-pass is not valid' );
78 if ( !isset( $data->msg ) ) {
79 throw new \UnexpectedValueException( 'reset-pass msg is missing' );
80 } elseif ( !$data->msg instanceof \Message ) {
81 throw new \UnexpectedValueException( 'reset-pass msg is not valid' );
82 } elseif ( !isset( $data->hard ) ) {
83 throw new \UnexpectedValueException( 'reset-pass hard is missing' );
84 } elseif ( isset( $data->req ) && (
85 !$data->req instanceof PasswordAuthenticationRequest ||
86 !array_key_exists( 'retype', $data->req->getFieldInfo() )
87 ) ) {
88 throw new \UnexpectedValueException( 'reset-pass req is not valid' );
91 if ( !$data->hard ) {
92 $req = ButtonAuthenticationRequest::getRequestByName( $reqs, 'skipReset' );
93 if ( $req ) {
94 $this->manager->removeAuthenticationSessionData( 'reset-pass' );
95 return AuthenticationResponse::newPass();
99 $needReq = isset( $data->req ) ? $data->req : new PasswordAuthenticationRequest();
100 if ( !$needReq->action ) {
101 $needReq->action = AuthManager::ACTION_CHANGE;
103 $needReq->required = $data->hard ? AuthenticationRequest::REQUIRED
104 : AuthenticationRequest::OPTIONAL;
105 $needReqs = [ $needReq ];
106 if ( !$data->hard ) {
107 $needReqs[] = new ButtonAuthenticationRequest(
108 'skipReset',
109 wfMessage( 'authprovider-resetpass-skip-label' ),
110 wfMessage( 'authprovider-resetpass-skip-help' )
114 $req = AuthenticationRequest::getRequestByClass( $reqs, get_class( $needReq ) );
115 if ( !$req || !array_key_exists( 'retype', $req->getFieldInfo() ) ) {
116 return AuthenticationResponse::newUI( $needReqs, $data->msg, 'warning' );
119 if ( $req->password !== $req->retype ) {
120 return AuthenticationResponse::newUI( $needReqs, new \Message( 'badretype' ), 'error' );
123 $req->username = $user->getName();
124 $status = $this->manager->allowsAuthenticationDataChange( $req );
125 if ( !$status->isGood() ) {
126 return AuthenticationResponse::newUI( $needReqs, $status->getMessage(), 'error' );
128 $this->manager->changeAuthenticationData( $req );
130 $this->manager->removeAuthenticationSessionData( 'reset-pass' );
131 return AuthenticationResponse::newPass();