search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Localisation updates from https://translatewiki.net.
[mediawiki.git] / includes / api / ApiClientLogin.php
blobc4f7fe03be4219e2be928c8bcae5ad73ae957fa8
1 <?php
2 /**
3 * Copyright © 2016 Wikimedia Foundation and contributors
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 namespace MediaWiki\Api;
24
25 use MediaWiki\Auth\AuthenticationResponse;
26 use MediaWiki\Auth\AuthManager;
27 use MediaWiki\Auth\CreateFromLoginAuthenticationRequest;
28 use MediaWiki\Utils\UrlUtils;
29
30 /**
31 * Log in to the wiki with AuthManager
32 *
33 * @ingroup API
34 */
35 class ApiClientLogin extends ApiBase {
36
37 private AuthManager $authManager;
38 private UrlUtils $urlUtils;
39
40 public function __construct(
41 ApiMain $main,
42 string $action,
43 AuthManager $authManager,
44 UrlUtils $urlUtils
45 ) {
46 parent::__construct( $main, $action, 'login' );
47 $this->authManager = $authManager;
48 $this->urlUtils = $urlUtils;
49 }
50
51 public function getFinalDescription() {
52 // A bit of a hack to append 'api-help-authmanager-general-usage'
53 $msgs = parent::getFinalDescription();
54 $msgs[] = $this->msg( 'api-help-authmanager-general-usage',
55 $this->getModulePrefix(),
56 $this->getModuleName(),
57 $this->getModulePath(),
58 AuthManager::ACTION_LOGIN,
59 $this->needsToken(),
60 );
61 return $msgs;
62 }
63
64 public function execute() {
65 $params = $this->extractRequestParams();
66 $performer = $this->getUser();
67
68 $this->requireAtLeastOneParameter( $params, 'continue', 'returnurl' );
69
70 if ( $params['returnurl'] !== null ) {
71 $bits = $this->urlUtils->parse( $params['returnurl'] );
72 if ( !$bits || $bits['scheme'] === '' ) {
73 $encParamName = $this->encodeParamName( 'returnurl' );
74 $this->dieWithError(
75 [ 'apierror-badurl', $encParamName, wfEscapeWikiText( $params['returnurl'] ) ],
76 "badurl_{$encParamName}"
77 );
78 }
79 }
80
81 $helper = new ApiAuthManagerHelper( $this, $this->authManager );
82
83 // Make sure it's possible to log in
84 if ( !$this->authManager->canAuthenticateNow() ) {
85 $res = AuthenticationResponse::newFail( $this->msg( 'userlogin-cannot-' . AuthManager::ACTION_LOGIN ) );
86 $this->getResult()->addValue( null, 'clientlogin',
87 $helper->formatAuthenticationResponse( $res ) );
88 $helper->logAuthenticationResult( 'login', $performer, $res );
89 return;
90 }
91
92 // Perform the login step
93 if ( $params['continue'] ) {
94 $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LOGIN_CONTINUE );
95 $res = $this->authManager->continueAuthentication( $reqs );
96 } else {
97 $reqs = $helper->loadAuthenticationRequests( AuthManager::ACTION_LOGIN );
98 if ( $params['preservestate'] ) {
99 $req = $helper->getPreservedRequest();
100 if ( $req ) {
101 $reqs[] = $req;
102 }
103 }
104 $res = $this->authManager->beginAuthentication( $reqs, $params['returnurl'] );
105 }
106
107 // Remove CreateFromLoginAuthenticationRequest from $res->neededRequests.
108 // It's there so a RESTART treated as UI will work right, but showing
109 // it to the API client is just confusing.
110 $res->neededRequests = ApiAuthManagerHelper::blacklistAuthenticationRequests(
111 $res->neededRequests, [ CreateFromLoginAuthenticationRequest::class ]
112 );
113
114 $this->getResult()->addValue( null, 'clientlogin',
115 $helper->formatAuthenticationResponse( $res ) );
116 $helper->logAuthenticationResult( 'login', $performer, $res );
117 }
118
119 public function isReadMode() {
120 return false;
121 }
122
123 public function isWriteMode() {
124 // (T283394) Logging in triggers some database writes, so should be marked appropriately.
125 return true;
126 }
127
128 public function needsToken() {
129 return 'login';
130 }
131
132 public function getAllowedParams() {
133 return ApiAuthManagerHelper::getStandardParams( AuthManager::ACTION_LOGIN,
134 'requests', 'messageformat', 'mergerequestfields', 'preservestate', 'returnurl', 'continue'
135 );
136 }
137
138 public function dynamicParameterDocumentation() {
139 return [ 'api-help-authmanagerhelper-additional-params', AuthManager::ACTION_LOGIN ];
140 }
141
142 protected function getExamplesMessages() {
143 return [
144 'action=clientlogin&username=Example&password=ExamplePassword&'
145 . 'loginreturnurl=http://example.org/&logintoken=123ABC'
146 => 'apihelp-clientlogin-example-login',
147 'action=clientlogin&logincontinue=1&OATHToken=987654&logintoken=123ABC'
148 => 'apihelp-clientlogin-example-login2',
149 ];
150 }
151
152 public function getHelpUrls() {
153 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Login';
154 }
155 }
156
157 /** @deprecated class alias since 1.43 */
158 class_alias( ApiClientLogin::class, 'ApiClientLogin' );
MediaWiki Core