BlueSpice MediaWiki master
 All Classes Namespaces Files Functions Variables Groups Pages
AuthManagerSpecialPage Class Reference
Inheritance diagram for AuthManagerSpecialPage:
Collaboration diagram for AuthManagerSpecialPage:

Public Member Functions

 onAuthChangeFormFields (array $requests, array $fieldInfo, array &$formDescriptor, $action)
 
 getRequest ()
 
 handleFormSubmit ($data)
 
- Public Member Functions inherited from SpecialPage
 __construct ($name= '', $restriction= '', $listed=true, $function=false, $file= '', $includable=false)
 
 getName ()
 
 getRestriction ()
 
 isListed ()
 
 setListed ($listed)
 
 listed ($x=null)
 
 isIncludable ()
 
 maxIncludeCacheTime ()
 
 including ($x=null)
 
 getLocalName ()
 
 isExpensive ()
 
 isCached ()
 
 isRestricted ()
 
 userCanExecute (User $user)
 
 displayRestrictionError ()
 
 checkPermissions ()
 
 checkReadOnly ()
 
 requireLogin ($reasonMsg= 'exception-nologin-text', $titleMsg= 'exception-nologin')
 
 prefixSearchSubpages ($search, $limit, $offset)
 
 setHeaders ()
 
 run ($subPage)
 
 execute ($subPage)
 
 outputHeader ($summaryMessageKey= '')
 
 getDescription ()
 
 getTitle ($subpage=false)
 
 getPageTitle ($subpage=false)
 
 setContext ($context)
 
 getContext ()
 
 getRequest ()
 
 getOutput ()
 
 getUser ()
 
 getSkin ()
 
 getLanguage ()
 
 getConfig ()
 
 getFullTitle ()
 
 msg ($key)
 
 addHelpLink ($to, $overrideBaseUrl=false)
 
 getFinalGroupName ()
 
 doesWrites ()
 
 getLinkRenderer ()
 
 setLinkRenderer (LinkRenderer $linkRenderer)
 

Protected Member Functions

 getLoginSecurityLevel ()
 
 setRequest (array $data, $wasPosted=null)
 
 beforeExecute ($subPage)
 
 handleReturnBeforeExecute ($subPage)
 
 handleReauthBeforeExecute ($subPage)
 
 getDefaultAction ($subPage)
 
 messageKey ($defaultKey)
 
 getRequestBlacklist ()
 
 loadAuth ($subPage, $authAction=null, $reset=false)
 
 isContinued ()
 
 getContinueAction ($action)
 
 isActionAllowed ($action)
 
 performAuthenticationStep ($action, array $requests)
 
 trySubmit ()
 
 getPreservedParams ($withToken=false)
 
 getAuthFormDescriptor ($requests, $action)
 
 getAuthForm (array $requests, $action)
 
 displayForm ($status)
 
 needsSubmitButton (array $requests)
 
 hasOwnSubmitButton (AuthenticationRequest $req)
 
 addTabIndex (&$formDescriptor)
 
 getToken ()
 
 getTokenName ()
 
 fieldInfoToFormDescriptor (array $requests, array $fieldInfo, $action)
 
- Protected Member Functions inherited from SpecialPage
 getCacheTTL ()
 
 getLoginSecurityLevel ()
 
 checkLoginSecurityLevel ($level=null)
 
 getSubpagesForPrefixSearch ()
 
 prefixSearchString ($search, $limit, $offset)
 
 beforeExecute ($subPage)
 
 afterExecute ($subPage)
 
 getRobotPolicy ()
 
 addFeedLinks ($params)
 
 getGroupName ()
 
 useTransactionalTimeLimit ()
 

Static Protected Member Functions

static sortFormDescriptorFields (array &$formDescriptor)
 
static getField (array $array, $fieldName, $default=null)
 
static mapFieldInfoTypeToFormDescriptorType ($type)
 
- Static Protected Member Functions inherited from SpecialPage
static prefixSearchArray ($search, $limit, array $subpages, $offset)
 

Protected Attributes

 $authAction
 
 $authRequests
 
 $subPage
 
 $isReturn
 
 $savedRequest
 
- Protected Attributes inherited from SpecialPage
 $mName
 
 $mRestriction
 
 $mIncluding
 
 $mIncludable
 
 $mContext
 

Static Protected Attributes

static $allowedActions
 
static $messages = []
 

Additional Inherited Members

- Static Public Member Functions inherited from SpecialPage
static getTitleFor ($name, $subpage=false, $fragment= '')
 
static getTitleValueFor ($name, $subpage=false, $fragment= '')
 
static getSafeTitleFor ($name, $subpage=false)
 

Detailed Description

A special page subclass for authentication-related special pages. It generates a form from a set of AuthenticationRequest objects, submits the result to AuthManager and partially handles the response.

Member Function Documentation

AuthManagerSpecialPage::addTabIndex ( $formDescriptor)
protected

Adds a sequential tabindex starting from 1 to all form elements. This way the user can use the tab key to traverse the form without having to step through all links and such.

Parameters
array&$formDescriptor
AuthManagerSpecialPage::displayForm (   $status)
protected

Display the form.

Parameters
false | Status | StatusValue$statusA form submit status, as in HTMLForm::trySubmit()
AuthManagerSpecialPage::fieldInfoToFormDescriptor ( array  $requests,
array  $fieldInfo,
  $action 
)
protected

Turns a field info array into a form descriptor. Behavior can be modified by the AuthChangeFormFields hook.

Parameters
AuthenticationRequest[]$requests
array$fieldInfoField information, in the format used by AuthenticationRequest::getFieldInfo()
string$actionOne of the AuthManager::ACTION_* constants
Returns
array A form descriptor that can be passed to HTMLForm
AuthManagerSpecialPage::getAuthForm ( array  $requests,
  $action 
)
protected
Parameters
AuthenticationRequest[]$requests
string$actionAuthManager action name (one of the AuthManager::ACTION_* constants)
Returns
HTMLForm
AuthManagerSpecialPage::getAuthFormDescriptor (   $requests,
  $action 
)
protected

Generates a HTMLForm descriptor array from a set of authentication requests.

Parameters
AuthenticationRequest[]$requests
string$actionAuthManager action name (one of the AuthManager::ACTION_* constants)
Returns
array
AuthManagerSpecialPage::getContinueAction (   $action)
protected

Gets the _CONTINUE version of an action.

Parameters
string$actionAn AuthManager::ACTION_* constant.
Returns
string An AuthManager::ACTION_*_CONTINUE constant.
AuthManagerSpecialPage::getDefaultAction (   $subPage)
abstractprotected

Get the default action for this special page, if none is given via URL/POST data. Subclasses should override this (or override loadAuth() so this is never called).

Parameters
string$subPageSubpage of the special page.
Returns
string an AuthManager::ACTION_* constant.
static AuthManagerSpecialPage::getField ( array  $array,
  $fieldName,
  $default = null 
)
staticprotected

Get an array value, or a default if it does not exist.

Parameters
array$array
string$fieldName
mixed$default
Returns
mixed
AuthManagerSpecialPage::getPreservedParams (   $withToken = false)
protected

Returns URL query parameters which can be used to reload the page (or leave and return) while preserving all information that is necessary for authentication to continue. These parameters will be preserved in the action URL of the form and in the return URL for redirect flow.

Parameters
bool$withTokenInclude CSRF token
Returns
array
AuthManagerSpecialPage::getRequestBlacklist ( )
protected

Allows blacklisting certain request types.

Returns
array A list of AuthenticationRequest subclass names
AuthManagerSpecialPage::getToken ( )
protected

Returns the CSRF token.

Returns
Token
AuthManagerSpecialPage::getTokenName ( )
protected

Returns the name of the CSRF token (under which it should be found in the POST or GET data).

Returns
string
AuthManagerSpecialPage::handleFormSubmit (   $data)

Submit handler callback for HTMLForm

Parameters
array$dataSubmitted data
Returns
Status
AuthManagerSpecialPage::handleReauthBeforeExecute (   $subPage)
protected

Handle redirection when the user needs to (re)authenticate.

Send the user to the login form if needed; in case the request was a POST, stash in the session and simulate it once the user gets back.

Parameters
string$subPage
Returns
bool False if execution should be stopped.
Exceptions
ErrorPageErrorWhen the user is not allowed to use this page.
AuthManagerSpecialPage::handleReturnBeforeExecute (   $subPage)
protected

Handle redirection from the /return subpage.

This is used in the redirect flow where we need to be able to process data that was sent via a GET request. We set the /return subpage as the reentry point so we know we need to treat GET as POST, but we don't want to handle all future GETs as POSTs so we need to normalize the URL. (Also we don't want to show any received parameters around in the URL; they are ugly and might be sensitive.)

Thus when on the /return subpage, we stash the request data in the session, redirect, then use the session to detect that we have been redirected, recover the data and replace the real WebRequest with a fake one that contains the saved data.

Parameters
string$subPage
Returns
bool False if execution should be stopped.
AuthManagerSpecialPage::hasOwnSubmitButton ( AuthenticationRequest  $req)
protected

Checks whether the given AuthenticationRequest has its own submit button.

Parameters
AuthenticationRequest$req
Returns
bool
AuthManagerSpecialPage::isActionAllowed (   $action)
protected

Checks whether AuthManager is ready to perform the action. ACTION_CHANGE needs special verification (AuthManager::allowsAuthenticationData*) which is the caller's responsibility.

Parameters
string$actionOne of the AuthManager::ACTION_* constants in static::$allowedActions
Returns
bool
Exceptions
LogicExceptionif $action is invalid
AuthManagerSpecialPage::isContinued ( )
protected

Returns true if this is not the first step of the authentication.

Returns
bool
AuthManagerSpecialPage::loadAuth (   $subPage,
  $authAction = null,
  $reset = false 
)
protected

Load or initialize $authAction, $authRequests and $subPage. Subclasses should call this from execute() or otherwise ensure the variables are initialized.

Parameters
string$subPageSubpage of the special page.
string$authActionOverride auth action specified in request (this is useful when the form needs to be changed from <action> to <action>_CONTINUE after a successful authentication step)
bool$resetRegenerate the requests even if a cached version is available
static AuthManagerSpecialPage::mapFieldInfoTypeToFormDescriptorType (   $type)
staticprotected

Maps AuthenticationRequest::getFieldInfo() types to HTMLForm types

Parameters
string$type
Returns
string
Exceptions
\LogicException
AuthManagerSpecialPage::messageKey (   $defaultKey)
protected

Return custom message key. Allows subclasses to customize messages.

Parameters
string$defaultKey
Returns
string
AuthManagerSpecialPage::needsSubmitButton ( array  $requests)
protected

Returns true if the form built from the given AuthenticationRequests needs a submit button. Providers using redirect flow (e.g. Google login) need their own submit buttons; if using one of those custom buttons is the only way to proceed, there is no point in displaying the default button which won't do anything useful.

Parameters
AuthenticationRequest[]$requests An array of AuthenticationRequests from which the form will be built
Returns
bool
AuthManagerSpecialPage::onAuthChangeFormFields ( array  $requests,
array  $fieldInfo,
array &  $formDescriptor,
  $action 
)

Change the form descriptor that determines how a field will look in the authentication form. Called from fieldInfoToFormDescriptor().

Parameters
AuthenticationRequest[]$requests
array$fieldInfoField information array (union of all AuthenticationRequest::getFieldInfo() responses).
array&$formDescriptorHTMLForm descriptor. The special key 'weight' can be set to change the order of the fields.
string$actionAuthentication type (one of the AuthManager::ACTION_* constants)
Returns
bool
AuthManagerSpecialPage::performAuthenticationStep (   $action,
array  $requests 
)
protected
Parameters
string$actionOne of the AuthManager::ACTION_* constants
AuthenticationRequest[]$requests
Returns
AuthenticationResponse
Exceptions
LogicExceptionif $action is invalid
AuthManagerSpecialPage::setRequest ( array  $data,
  $wasPosted = null 
)
protected

Override the POST data, GET data from the real request is preserved.

Used to preserve POST data over a HTTP redirect.

Parameters
array$data
bool$wasPosted
static AuthManagerSpecialPage::sortFormDescriptorFields ( array &  $formDescriptor)
staticprotected

Sort the fields of a form descriptor by their 'weight' property. (Fields with higher weight are shown closer to the bottom; weight defaults to 0. Negative weight is allowed.) Keep order if weights are equal.

Parameters
array&$formDescriptor
Returns
array
AuthManagerSpecialPage::trySubmit ( )
protected

Attempts to do an authentication step with the submitted data. Subclasses should probably call this from execute().

Returns
false|Status
  • false if there was no submit at all
  • a good Status wrapping an AuthenticationResponse if the form submit was successful. This does not necessarily mean that the authentication itself was successful; see the response for that.
  • a bad Status for form errors.

Member Data Documentation

AuthManagerSpecialPage::$allowedActions
staticprotected
Initial value:
= [
AuthManager::ACTION_LOGIN, AuthManager::ACTION_LOGIN_CONTINUE,
AuthManager::ACTION_CREATE, AuthManager::ACTION_CREATE_CONTINUE,
AuthManager::ACTION_LINK, AuthManager::ACTION_LINK_CONTINUE,
AuthManager::ACTION_CHANGE, AuthManager::ACTION_REMOVE, AuthManager::ACTION_UNLINK,
]

The documentation for this class was generated from the following file: