Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit67ae104

Browse files
authored
Cleanup and remove broken change credentials (#35)
1 parent4dfbb9d commit67ae104

File tree

8 files changed

+54
-22
lines changed

8 files changed

+54
-22
lines changed

‎.editorconfig‎

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
[*.php]
2+
indent_style =tab
3+
indent_size =4

‎README.md‎

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,11 +4,14 @@ Create accounts or login using OAuth
44

55
##Setup
66

7-
1. install nodejs, npm, and PHP composer
8-
3.`npm install`
7+
1. install PHP composer
98
4.`composer install`
109

11-
Once set up, running`npm test` and`composer test` will run automated code checks.
10+
Once set up, running`composer test` will run automated code checks.
11+
12+
##Development
13+
14+
Add the extension do your development mediawiki instance and then open the top level mediawiki folder in Visual Studio Code. Then you should get more or less proper intellisense.
1215

1316
##Documentation
1417

‎i18n/en.json‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,6 @@
1717
"authmanageroauth-error":"Error: $1",
1818
"authmanageroauth-account-already-exists":"Account already exists.",
1919
"authmanageroauth-choose-username":"Choose a username",
20-
"authmanageroauth-linked-accounts":"Linked accounts",
20+
"authmanageroauth-linked-accounts":"Linked accounts and unlink",
2121
"authmanageroauth-link-accounts":"Link accounts"
2222
}

‎i18n/qqq.json‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,6 @@
1717
"authmanageroauth-error":"A generic OAuth error with $1 for the message.",
1818
"authmanageroauth-account-already-exists":"Account already exists.",
1919
"authmanageroauth-choose-username":"Choose a username",
20-
"authmanageroauth-linked-accounts":"Linked accounts",
20+
"authmanageroauth-linked-accounts":"Linked accounts and unlink",
2121
"authmanageroauth-link-accounts":"Link accounts"
2222
}

‎src/AuthManagerOAuthPrimaryAuthenticationProvider.php‎

Lines changed: 37 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -20,10 +20,12 @@
2020
namespaceMediaWiki\Extension\AuthManagerOAuth;
2121

2222
useLeague\OAuth2\Client\Provider\GenericProvider;
23+
useLogicException;
2324
useMediaWiki\Auth\AuthenticationRequest;
2425
useMediaWiki\Auth\AuthenticationResponse;
2526
useMediaWiki\MediaWikiServices;
2627

28+
// https://doc.wikimedia.org/mediawiki-core/master/php/classMediaWiki_1_1Auth_1_1AbstractPrimaryAuthenticationProvider.html
2729
class AuthManagerOAuthPrimaryAuthenticationProviderextends \MediaWiki\Auth\AbstractPrimaryAuthenticationProvider {
2830

2931
privateconstAUTHENTICATION_SESSION_DATA_STATE ='authmanageroauth:state';
@@ -44,8 +46,9 @@ public function getAuthenticationRequests( $action, array $options ) {
4446
}
4547
return$reqs;
4648
}
47-
if ($options['username'] !==null && ($action === \MediaWiki\Auth\AuthManager::ACTION_REMOVE ||
48-
$action === \MediaWiki\Auth\AuthManager::ACTION_CHANGE ) ) {
49+
if ($options['username'] !==null
50+
&& ($action === \MediaWiki\Auth\AuthManager::ACTION_REMOVE
51+
||$action === \MediaWiki\Auth\AuthManager::ACTION_UNLINK ) ) {
4952
$user = \User::newFromName($options['username'] );
5053
$lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
5154
$dbr =$lb->getConnectionRef(DB_REPLICA );
@@ -68,7 +71,7 @@ public function getAuthenticationRequests( $action, array $options ) {
6871
* All our users need to also be created locally so always return false here.
6972
* @inheritDoc
7073
*/
71-
publicfunctiontestUserExists($username,$flags = User::READ_NORMAL ) {
74+
publicfunctiontestUserExists($username,$flags =\User::READ_NORMAL ) {
7275
returnfalse;
7376
}
7477

@@ -77,9 +80,9 @@ public function testUserExists( $username, $flags = User::READ_NORMAL ) {
7780
*/
7881
publicfunctionproviderAllowsAuthenticationDataChange(AuthenticationRequest$req,$checkData =true ) {
7982
wfDebugLog('AuthManagerOAuth providerAllowsAuthenticationDataChange',var_export($req,true ) );
80-
if (get_class($req) ===UnlinkOAuthAccountRequest::class
83+
if ($reqinstanceofUnlinkOAuthAccountRequest
8184
&& ($req->action === \MediaWiki\Auth\AuthManager::ACTION_REMOVE
82-
||$req->action === \MediaWiki\Auth\AuthManager::ACTION_CHANGE ) ) {
85+
||$req->action === \MediaWiki\Auth\AuthManager::ACTION_UNLINK ) ) {
8386
return \StatusValue::newGood();
8487
}
8588
return \StatusValue::newGood('ignored' );
@@ -90,9 +93,9 @@ public function providerAllowsAuthenticationDataChange( AuthenticationRequest $r
9093
*/
9194
publicfunctionproviderChangeAuthenticationData(AuthenticationRequest$req ) {
9295
wfDebugLog('AuthManagerOAuth providerChangeAuthenticationData',var_export($req,true ) );
93-
if (get_class($req) ===UnlinkOAuthAccountRequest::class
96+
if ($reqinstanceofUnlinkOAuthAccountRequest
9497
&& ($req->action === \MediaWiki\Auth\AuthManager::ACTION_REMOVE
95-
||$req->action === \MediaWiki\Auth\AuthManager::ACTION_CHANGE ) ) {
98+
||$req->action === \MediaWiki\Auth\AuthManager::ACTION_UNLINK ) ) {
9699
$user = \User::newFromName($req->username );
97100
$lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
98101
$dbr =$lb->getConnectionRef(DB_PRIMARY );
@@ -105,6 +108,8 @@ public function providerChangeAuthenticationData( AuthenticationRequest $req ) {
105108
],
106109
__METHOD__,
107110
);
111+
}else {
112+
thrownewLogicException("Unexpected unhandled request" );
108113
}
109114
}
110115

@@ -124,7 +129,7 @@ public function accountCreationType() {
124129
privatefunctionbeginPrimary(array$reqs ) {
125130
wfDebugLog('AuthManagerOAuth beginPrimary*',var_export($reqs,true ) );
126131
$req = AuthenticationRequest::getRequestByClass($reqs, ChooseOAuthProviderRequest::class );
127-
if ($req !==null ) {
132+
if ($req !==null&&$reqinstanceof ChooseOAuthProviderRequest) {
128133
$config = MediaWikiServices::getInstance()->getConfigFactory()->makeConfig('authmanageroauth' );
129134
$provider =newGenericProvider($config->get('AuthManagerOAuthConfig' )[$req->amoa_provider] );
130135
$authorizationUrl =$provider->getAuthorizationUrl( [
@@ -174,7 +179,7 @@ public function beginPrimaryAccountLink( $user, array $reqs ) {
174179
* Convert the response of an OAuth redirect to the identity it represents for further use.
175180
* This asks the OAuth provider to verify the the login and gets the remote username and id.
176181
* @param OAuthProviderAuthenticationRequest $req
177-
* @returnOAuthIdentityRequest
182+
* @returnAuthenticationResponse
178183
*/
179184
privatefunctionconvertOAuthProviderAuthenticationRequestToOAuthIdentityRequest($req ) {
180185
$config = MediaWikiServices::getInstance()->getConfigFactory()->makeConfig('authmanageroauth' );
@@ -231,22 +236,24 @@ public function continuePrimaryAuthentication( array $reqs ) {
231236
wfDebugLog('AuthManagerOAuth continuePrimaryAuthentication',var_export($reqs,true ) );
232237

233238
$identity_req = AuthenticationRequest::getRequestByClass($reqs, OAuthIdentityRequest::class );
234-
if ($identity_req !==null ) {
239+
if ($identity_req !==null&&$identity_reqinstanceof OAuthIdentityRequest) {
235240
// Already authenticated with OAuth provider
236241

237242
$choose_local_account_req = AuthenticationRequest::getRequestByClass(
238243
$reqs,
239244
ChooseLocalAccountRequest::class
240245
);
241-
if ($choose_local_account_req !==null ) {
246+
if ($choose_local_account_req !==null
247+
&&$choose_local_account_reqinstanceof ChooseLocalAccountRequest ) {
242248
return AuthenticationResponse::newPass($choose_local_account_req->username );
243249
}
244250

245251
$choose_local_username_req = AuthenticationRequest::getRequestByClass(
246252
$reqs,
247253
LocalUsernameInputRequest::class
248254
);
249-
if ($choose_local_username_req !==null ) {
255+
if ($choose_local_username_req !==null
256+
&&$choose_local_username_reqinstanceof LocalUsernameInputRequest ) {
250257
$user = \User::newFromName($choose_local_username_req->local_username );
251258
// TODO FIXME query on primary race condition https://phabricator.wikimedia.org/T138678#3911381
252259
if ( !$user->isRegistered() ) {
@@ -258,11 +265,16 @@ public function continuePrimaryAuthentication( array $reqs ) {
258265
}
259266

260267
$req = AuthenticationRequest::getRequestByClass($reqs, OAuthProviderAuthenticationRequest::class );
261-
if ($req !==null ) {
268+
if ($req !==null&&$reqinstanceof OAuthProviderAuthenticationRequest) {
262269
$resp =$this->convertOAuthProviderAuthenticationRequestToOAuthIdentityRequest($req );
263270
if ($resp->status !== AuthenticationResponse::PASS ) {
264271
return$resp;
265272
}
273+
if ( !($resp->linkRequestinstanceof OAuthIdentityRequest ) ) {
274+
thrownewLogicException(
275+
"Unexpected createRequest type{${get_class($req)}}. This should never happen."
276+
);
277+
}
266278

267279
$lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
268280
$dbr =$lb->getConnectionRef(DB_REPLICA );
@@ -301,11 +313,16 @@ public function continuePrimaryAuthentication( array $reqs ) {
301313
publicfunctioncontinuePrimaryAccountLink($user,array$reqs ) {
302314
wfDebugLog('AuthManagerOAuth continuePrimaryAccountLink',var_export($reqs,true ) );
303315
$req = AuthenticationRequest::getRequestByClass($reqs, OAuthProviderAuthenticationRequest::class );
304-
if ($req !==null ) {
316+
if ($req !==null&&$reqinstanceof OAuthProviderAuthenticationRequest) {
305317
$resp =$this->convertOAuthProviderAuthenticationRequestToOAuthIdentityRequest($req );
306318
if ($resp->status !== AuthenticationResponse::PASS ) {
307319
return$resp;
308320
}
321+
if ( !($resp->linkRequestinstanceof OAuthIdentityRequest ) ) {
322+
thrownewLogicException(
323+
"Unexpected createRequest type{${get_class($req)}}. This should never happen."
324+
);
325+
}
309326

310327
$lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
311328
$dbr =$lb->getConnectionRef(DB_PRIMARY );
@@ -354,6 +371,9 @@ public function autoCreatedAccount( $user, $source ) {
354371
publicfunctionfinishAccountCreation($user,$creator,AuthenticationResponse$response ) {
355372
wfDebugLog('AuthManagerOAuth finishAccountCreation',var_export($response,true ) );
356373
$req =$response->createRequest;
374+
if ( !($reqinstanceof OAuthIdentityRequest ) ) {
375+
thrownewLogicException("Unexpected createRequest type{${get_class($req)}}. This should never happen." );
376+
}
357377
$lb = MediaWikiServices::getInstance()->getDBLoadBalancer();
358378
$dbr =$lb->getConnectionRef(DB_PRIMARY );
359379
$result =$dbr->insert(
@@ -366,4 +386,7 @@ public function finishAccountCreation( $user, $creator, AuthenticationResponse $
366386
__METHOD__,
367387
);
368388
}
389+
390+
// TODO providerNormalizeUsername()
391+
// TODO providerRevokeAccessForUser
369392
}

‎src/Hooks.php‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,7 @@ public static function onGetPreferences( \User $user, array &$preferences ) {
6262
'type' =>'info',
6363
'raw' =>true,
6464
'default' => (string)(new \OOUI\ButtonWidget( [
65-
'href' => \SpecialPage::getTitleFor('ChangeCredentials' )->getLinkURL(),
65+
'href' => \SpecialPage::getTitleFor('UnlinkAccounts' )->getLinkURL(),
6666
'label' =>wfMessage('authmanageroauth-linked-accounts' )->plain()
6767
] ) )
6868
];

‎src/OAuthProviderAuthenticationRequest.php‎

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,9 @@
2323

2424
class OAuthProviderAuthenticationRequestextends AuthenticationRequest {
2525

26+
/** @var string The OAuth provider name */
27+
public$accessToken;
28+
2629
/** @var string The OAuth state */
2730
public$state;
2831

‎src/UnlinkOAuthAccountRequest.php‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,8 +46,8 @@ public function __construct( $amoa_provider, $amoa_remote_user ) {
4646

4747
publicfunctiondescribeCredentials() {
4848
return [
49-
"provider" =>new \RawMessage('$1 OAuth', [$this->amoa_provider ] ),
50-
"account" =>new \RawMessage('$1', [$this->amoa_remote_user ] )
49+
"provider" =>new \MediaWiki\Language\RawMessage('$1 OAuth', [$this->amoa_provider ] ),
50+
"account" =>new \MediaWiki\Language\RawMessage('$1', [$this->amoa_remote_user ] )
5151
];
5252
}
5353
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp