Merge "OATHUserRepository: add method to create and persist a key"

This commit is contained in:
jenkins-bot 2023-12-22 18:09:20 +00:00 committed by Gerrit Code Review
commit 0d35e253bf
3 changed files with 59 additions and 4 deletions

View file

@ -191,9 +191,12 @@ class TOTPEnableForm extends OATHAuthOOUIHTMLForm {
}
$this->getRequest()->setSessionData( 'oathauth_totp_key', null );
$this->oathUser->setKeys( [ $key ] );
$this->oathUser->setModule( $this->module );
$this->oathRepo->persist( $this->oathUser, $this->getRequest()->getIP() );
$this->oathRepo->createKey(
$this->oathUser,
$this->module,
$key->jsonSerialize(),
$this->getRequest()->getIP()
);
return true;
}

View file

@ -9,7 +9,7 @@ use Message;
interface IModule {
/**
* Name of the module
* Name of the module, as declared in the OATHAuth.Modules extension.json attribute.
*
* @return string
*/

View file

@ -21,6 +21,7 @@ namespace MediaWiki\Extension\OATHAuth;
use BagOStuff;
use ConfigException;
use FormatJson;
use InvalidArgumentException;
use MediaWiki\Extension\OATHAuth\Notifications\Manager;
use MediaWiki\User\CentralId\CentralIdLookupFactory;
use MWException;
@ -176,6 +177,57 @@ class OATHUserRepository implements LoggerAwareInterface {
}
}
/**
* Persists the given OAuth key in the database.
*
* @param OATHUser $user
* @param IModule $module
* @param array $keyData
* @param string $clientInfo
* @return IAuthKey
*/
public function createKey( OATHUser $user, IModule $module, array $keyData, string $clientInfo ): IAuthKey {
if ( $user->getModule() && $user->getModule()->getName() !== $module->getName() ) {
throw new InvalidArgumentException(
"User already has a key from a different module enabled ({$user->getModule()->getName()})"
);
}
$userId = $this->centralIdLookupFactory->getLookup()->centralIdFromLocalUser( $user->getUser() );
$moduleId = $this->moduleRegistry->getModuleId( $module->getName() );
$dbw = $this->dbProvider->getPrimaryDatabase( 'virtual-oathauth' );
$dbw->newInsertQueryBuilder()
->insertInto( 'oathauth_devices' )
->row( [
'oad_user' => $userId,
'oad_type' => $moduleId,
'oad_data' => FormatJson::encode( $keyData ),
] )
->caller( __METHOD__ )
->execute();
$id = $dbw->insertId();
$hasExistingKey = $user->isTwoFactorAuthEnabled();
$key = $module->newKey( $keyData );
$user->addKey( $key );
$this->logger->info( 'OATHAuth {oathtype} key {key} added for {user} from {clientip}', [
'key' => $id,
'user' => $user->getUser()->getName(),
'clientip' => $clientInfo,
'oathtype' => $module->getName(),
] );
if ( !$hasExistingKey ) {
$user->setModule( $module );
Manager::notifyEnabled( $user );
}
return $key;
}
/**
* @param OATHUser $user
* @param string $clientInfo