includes/api/ApiQueryAuthManagerInfo.php

   1 <?php
   2 /**
   3  * Copyright © 2016 Wikimedia Foundation and contributors
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  * @since 1.27
  22  */
  23
  24 use MediaWiki\Auth\AuthManager;
  25
  26 /**
  27  * A query action to return meta information about AuthManager state.
  28  *
  29  * @ingroup API
  30  */
  31 class ApiQueryAuthManagerInfo extends ApiQueryBase {
  32
  33         public function __construct( ApiQuery $query, $moduleName ) {
  34                 parent::__construct( $query, $moduleName, 'ami' );
  35         }
  36
  37         public function execute() {
  38                 $params = $this->extractRequestParams();
  39                 $helper = new ApiAuthManagerHelper( $this );
  40
  41                 $manager = AuthManager::singleton();
  42                 $ret = [
  43                         'canauthenticatenow' => $manager->canAuthenticateNow(),
  44                         'cancreateaccounts' => $manager->canCreateAccounts(),
  45                         'canlinkaccounts' => $manager->canLinkAccounts(),
  46                 ];
  47
  48                 if ( $params['securitysensitiveoperation'] !== null ) {
  49                         $ret['securitysensitiveoperationstatus'] = $manager->securitySensitiveOperationStatus(
  50                                 $params['securitysensitiveoperation']
  51                         );
  52                 }
  53
  54                 if ( $params['requestsfor'] ) {
  55                         $action = $params['requestsfor'];
  56
  57                         $preservedReq = $helper->getPreservedRequest();
  58                         if ( $preservedReq ) {
  59                                 $ret += [
  60                                         'haspreservedstate' => $preservedReq->hasStateForAction( $action ),
  61                                         'hasprimarypreservedstate' => $preservedReq->hasPrimaryStateForAction( $action ),
  62                                         'preservedusername' => (string)$preservedReq->username,
  63                                 ];
  64                         } else {
  65                                 $ret += [
  66                                         'haspreservedstate' => false,
  67                                         'hasprimarypreservedstate' => false,
  68                                         'preservedusername' => '',
  69                                 ];
  70                         }
  71
  72                         $reqs = $manager->getAuthenticationRequests( $action, $this->getUser() );
  73
  74                         // Filter out blacklisted requests, depending on the action
  75                         switch ( $action ) {
  76                                 case AuthManager::ACTION_CHANGE:
  77                                         $reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests(
  78                                                 $reqs, $this->getConfig()->get( 'ChangeCredentialsBlacklist' )
  79                                         );
  80                                         break;
  81                                 case AuthManager::ACTION_REMOVE:
  82                                         $reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests(
  83                                                 $reqs, $this->getConfig()->get( 'RemoveCredentialsBlacklist' )
  84                                         );
  85                                         break;
  86                         }
  87
  88                         $ret += $helper->formatRequests( $reqs );
  89                 }
  90
  91                 $this->getResult()->addValue( [ 'query' ], $this->getModuleName(), $ret );
  92         }
  93
  94         public function isReadMode() {
  95                 return false;
  96         }
  97
  98         public function getAllowedParams() {
  99                 return [
 100                         'securitysensitiveoperation' => null,
 101                         'requestsfor' => [
 102                                 ApiBase::PARAM_TYPE => [
 103                                         AuthManager::ACTION_LOGIN,
 104                                         AuthManager::ACTION_LOGIN_CONTINUE,
 105                                         AuthManager::ACTION_CREATE,
 106                                         AuthManager::ACTION_CREATE_CONTINUE,
 107                                         AuthManager::ACTION_LINK,
 108                                         AuthManager::ACTION_LINK_CONTINUE,
 109                                         AuthManager::ACTION_CHANGE,
 110                                         AuthManager::ACTION_REMOVE,
 111                                         AuthManager::ACTION_UNLINK,
 112                                 ],
 113                         ],
 114                 ] + ApiAuthManagerHelper::getStandardParams( '', 'mergerequestfields', 'messageformat' );
 115         }
 116
 117         protected function getExamplesMessages() {
 118                 return [
 119                         'action=query&meta=authmanagerinfo&amirequestsfor=' . urlencode( AuthManager::ACTION_LOGIN )
 120                                 => 'apihelp-query+authmanagerinfo-example-login',
 121                         'action=query&meta=authmanagerinfo&amirequestsfor=' . urlencode( AuthManager::ACTION_LOGIN ) .
 122                                 '&amimergerequestfields=1'
 123                                 => 'apihelp-query+authmanagerinfo-example-login-merged',
 124                         'action=query&meta=authmanagerinfo&amisecuritysensitiveoperation=foo'
 125                                 => 'apihelp-query+authmanagerinfo-example-securitysensitiveoperation',
 126                 ];
 127         }
 128
 129         public function getHelpUrls() {
 130                 return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Authmanagerinfo';
 131         }
 132 }