includes/auth/Hook/AuthManagerLoginAuthenticateAuditHook.php

   1 <?php
   2
   3 namespace MediaWiki\Auth\Hook;
   4
   5 use MediaWiki\Auth\AuthenticationResponse;
   6 use MediaWiki\User\User;
   7
   8 /**
   9  * This is a hook handler interface, see docs/Hooks.md.
  10  * Use the hook name "AuthManagerLoginAuthenticateAudit" to register handlers implementing this interface.
  11  *
  12  * @stable to implement
  13  * @ingroup Hooks
  14  */
  15 interface AuthManagerLoginAuthenticateAuditHook {
  16         /**
  17          * This hook is called when a login attempt either succeeds or fails
  18          * for a reason other than misconfiguration or session loss. No return data is
  19          * accepted; this hook is for auditing only.
  20          *
  21          * @since 1.35
  22          *
  23          * @param AuthenticationResponse $response Response in either a PASS or FAIL state
  24          * @param User|null $user User being authenticated against, or null if authentication
  25          *   failed before getting that far
  26          * @param string|null $username A guess at the username being authenticated, or null if we can't
  27          *   even determine that. When $user is not null, it can be in the form of
  28          *   <username>@<more info> (e.g. for bot passwords).
  29          * @param string[] $extraData Array (string => string) with extra information, intended to be
  30          *   added to log contexts. Fields it might include:
  31          *   - appId: application ID, only if the login was with a bot password
  32          *   - performer: the user performing the login authentication request
  33          * @return bool|void True or no return value to continue or false to abort
  34          */
  35         public function onAuthManagerLoginAuthenticateAudit( $response, $user,
  36                 $username, $extraData
  37         );
  38 }