mediawiki-extensions-Confir.../includes/auth/CaptchaPreAuthenticationProvider.php
Gergő Tisza 842dd1ae1f Rename 'authmanager' log channel to 'authevents'
Change-Id: I86f54474714fee19e18dabe7c523ebe1901e51a5
2016-08-10 01:39:29 +00:00

160 lines
5.7 KiB
PHP

<?php
use MediaWiki\Auth\AbstractPreAuthenticationProvider;
use MediaWiki\Auth\AuthenticationRequest;
use MediaWiki\Auth\AuthenticationResponse;
use MediaWiki\Auth\AuthManager;
use MediaWiki\Logger\LoggerFactory;
class CaptchaPreAuthenticationProvider extends AbstractPreAuthenticationProvider {
public function getAuthenticationRequests( $action, array $options ) {
$captcha = ConfirmEditHooks::getInstance();
$user = User::newFromName( $options['username'] );
$needed = false;
switch ( $action ) {
case AuthManager::ACTION_CREATE:
$needed = $captcha->needCreateAccountCaptcha( $user ?: new User() );
if ( $needed ) {
$captcha->setAction( 'accountcreate' );
LoggerFactory::getInstance( 'authevents' )
->info( 'Captcha shown on account creation', [
'event' => 'captcha.display',
'type' => 'accountcreation',
] );
}
break;
case AuthManager::ACTION_LOGIN:
// Captcha is shown on login when there were too many failed attempts from the
// current IP or user. The latter is a bit awkward because we don't know the
// username yet. The username from the last successful login is stored in a cookie,
// but we still must make sure to not lock out other usernames so we use a session
// flag. This will result in confusing error messages if the browser cannot persist
// the session, but then login would be impossible anyway so no big deal.
// If the username ends to be one that does not trigger the captcha, that will
// result in weird behavior (if the user leaves the captcha field open, they get
// a required field error, if they fill it with an invalid answer, it will pass)
// - again, not a huge deal.
$session = $this->manager->getRequest()->getSession();
$sessionFlag = $session->get( 'ConfirmEdit:loginCaptchaPerUserTriggered' );
$suggestedUsername = $session->suggestLoginUsername();
if (
$captcha->isBadLoginTriggered()
|| $sessionFlag
|| $suggestedUsername && $captcha->isBadLoginPerUserTriggered( $suggestedUsername )
) {
$needed = true;
$captcha->setAction( 'badlogin' );
LoggerFactory::getInstance( 'authevents' )
->info( 'Captcha shown on account creation', [
'event' => 'captcha.display',
'type' => 'accountcreation',
] );
break;
}
break;
}
if ( $needed ) {
return [ $captcha->createAuthenticationRequest() ];
} else {
return [];
}
}
public function testForAuthentication( array $reqs ) {
$captcha = ConfirmEditHooks::getInstance();
$username = AuthenticationRequest::getUsernameFromRequests( $reqs );
$success = true;
$isBadLoginPerUserTriggered = $username ?
$captcha->isBadLoginPerUserTriggered( $username ) : false;
if ( $captcha->isBadLoginTriggered() || $isBadLoginPerUserTriggered ) {
$captcha->setAction( 'badlogin' );
$captcha->setTrigger( "post-badlogin login '$username'" );
$success = $this->verifyCaptcha( $captcha, $reqs, new User() );
LoggerFactory::getInstance( 'authevents' )->info( 'Captcha submitted on login', [
'event' => 'captcha.submit',
'type' => 'login',
'successful' => $success,
] );
}
if ( $isBadLoginPerUserTriggered || $isBadLoginPerUserTriggered === null ) {
$session = $this->manager->getRequest()->getSession();
$session->set( 'ConfirmEdit:loginCaptchaPerUserTriggered', true );
}
// Make brute force attacks harder by not telling whether the password or the
// captcha failed.
return $success ? Status::newGood() : $this->makeError( 'wrongpassword', $captcha );
}
public function testForAccountCreation( $user, $creator, array $reqs ) {
$captcha = ConfirmEditHooks::getInstance();
if ( $captcha->needCreateAccountCaptcha( $creator ) ) {
$username = $user->getName();
$captcha->setAction( 'accountcreate' );
$captcha->setTrigger( "new account '$username'" );
$success = $this->verifyCaptcha( $captcha, $reqs, $user );
LoggerFactory::getInstance( 'authevents' )->info( 'Captcha submitted on account creation', [
'event' => 'captcha.submit',
'type' => 'accountcreation',
'successful' => $success,
] );
if ( !$success ) {
return $this->makeError( 'captcha-createaccount-fail', $captcha );
}
}
return Status::newGood();
}
public function postAuthentication( $user, AuthenticationResponse $response ) {
$captcha = ConfirmEditHooks::getInstance();
switch ( $response->status ) {
case AuthenticationResponse::PASS:
case AuthenticationResponse::RESTART:
$session = $this->manager->getRequest()->getSession();
$session->remove( 'ConfirmEdit:loginCaptchaPerUserTriggered' );
$captcha->resetBadLoginCounter( $user ? $user->getName() : null );
break;
case AuthenticationResponse::FAIL:
$captcha->increaseBadLoginCounter( $user ? $user->getName() : null );
break;
}
}
/**
* Verify submitted captcha.
* Assumes that the user has to pass the capctha (permission checks are caller's responsibility).
* @param SimpleCaptcha $captcha
* @param AuthenticationRequest[] $reqs
* @param User $user
* @return bool
*/
protected function verifyCaptcha( SimpleCaptcha $captcha, array $reqs, User $user ) {
/** @var CaptchaAuthenticationRequest $req */
$req = AuthenticationRequest::getRequestByClass( $reqs,
CaptchaAuthenticationRequest::class, true );
if ( !$req ) {
return false;
}
return $captcha->passCaptchaLimited( $req->captchaId, $req->captchaWord, $user );
}
/**
* @param string $message Message key
* @param SimpleCaptcha $captcha
* @return Status
*/
protected function makeError( $message, SimpleCaptcha $captcha ) {
$error = $captcha->getError();
if ( $error ) {
return Status::newFatal( wfMessage( 'captcha-error', $error ) );
}
return Status::newFatal( $message );
}
}