Remove SpecialOATHLogin.php as more AuthManager related cleanup

Change-Id: I9d7fd0a2da0e3e54bb5031d7e70769a2a27703c8
This commit is contained in:
Reedy 2016-11-12 02:48:49 +00:00
parent aa2ae17106
commit 0f5772e7bd
5 changed files with 8 additions and 164 deletions

View file

@ -5,6 +5,9 @@
"url": "https://www.mediawiki.org/wiki/Extension:OATHAuth",
"descriptionmsg": "oathauth-desc",
"type": "other",
"requires": {
"MediaWiki": ">= 1.27.0"
},
"license-name": "GPL-2.0+",
"AutoloadClasses": {
"ApiOATHValidate": "api/ApiOATHValidate.php",
@ -20,7 +23,6 @@
"SpecialOATH": "special/SpecialOATH.php",
"SpecialOATHEnable": "special/SpecialOATHEnable.php",
"SpecialOATHDisable": "special/SpecialOATHDisable.php",
"SpecialOATHLogin": "special/SpecialOATHLogin.php",
"ProxySpecialPage": "special/ProxySpecialPage.php",
"TOTPAuthenticationRequest": "auth/TOTPAuthenticationRequest.php",
"TOTPSecondaryAuthenticationProvider": "auth/TOTPSecondaryAuthenticationProvider.php"

View file

@ -22,7 +22,6 @@
"oathauth-currenttoken": "Current token",
"oathauth-newtoken": "New token",
"oathauth-disable": "Disable two-factor authentication",
"oathauth-login": "Login with two-factor authentication",
"oathauth-displayoathinfo": "two-factor authentication options",
"oathauth-validatedoath": "Validated two-factor credentials. Two-factor authentication will now be enforced.",
"oathauth-backtopreferences": "Back to preferences.",
@ -37,7 +36,6 @@
"oathauth-mustbeloggedin": "You must be logged in to perform this action.",
"oathauth-prefs-label": "Two-factor authentication:",
"oathauth-abortlogin": "The two-factor authentication token provided was invalid.",
"oathauth-abortlogin-throttled": "Too many verification attempts! Please try again later.",
"oathauth-step1": "Step 1: Download a two-factor authentication program",
"oathauth-step1-test": "Download a program for two-factor authentication. That can be a mobile application (such as Google Authenticator) or a desktop application",
"oathauth-step2": "Step 2: Scan the QR code",

View file

@ -29,7 +29,6 @@
"oathauth-currenttoken": "HTMLForm label, found on Special:OATH, when verifying OATH.",
"oathauth-newtoken": "HTMLForm label, found on Special:OATH, when verifying OATH.",
"oathauth-disable": "Page title on Special:OATH while disabling OATH.\n\nSee [https://en.wikipedia.org/wiki/Two_factor_authentication two factor authentication]",
"oathauth-login": "Page title on Special:OATH while loggin in with OATH.",
"oathauth-displayoathinfo": "Page title on Special:OATH when no parameters are passed.\n\nSee [https://en.wikipedia.org/wiki/Multi-factor_authentication Two-factor authentication]",
"oathauth-validatedoath": "Plain text found on Special:OATH after a token has been validated.\n\nSee [https://en.wikipedia.org/wiki/Two_factor_authentication two factor authentication]",
"oathauth-backtopreferences": "Used as link text. Link found on Special:OATH after any action has completed.",
@ -44,7 +43,6 @@
"oathauth-mustbeloggedin": "Plain text seen on Special:OATH when a user is not logged in.",
"oathauth-prefs-label": "Plain text label seen on Special:Preferences\n\nSee [https://en.wikipedia.org/wiki/Two_factor_authentication two factor authentication]\n{{Identical|Two factor authentication}}",
"oathauth-abortlogin": "Error message shown on login and password change pages when authentication is aborted.\n\nSee [https://en.wikipedia.org/wiki/Two_factor_authentication two factor authentication]",
"oathauth-abortlogin-throttled": "Error message shown on login and password change pages when authentication is aborted due to rate limit violations.\n\nSee [https://en.wikipedia.org/wiki/Two_factor_authentication two factor authentication]",
"oathauth-step1": "Label for step 1 on Special:OATH form",
"oathauth-step1-test": "Text for step 1 on Special:OATH for. Check the name of \"Google Authenticator\" in your language in the Play Market—it's quite likely that it's translated.",
"oathauth-step2": "Label for step 2, the QR code, on Special:OATH",

View file

@ -8,41 +8,18 @@ class SpecialOATH extends ProxySpecialPage {
* If the user already has OATH enabled, show them a page to disable
* If the user has OATH disabled, show them a page to enable
*
* @return SpecialOATHDisable|SpecialOATHEnable|SpecialOATHLogin|SpecialPage
* @return SpecialOATHDisable|SpecialOATHEnable
*/
protected function getTargetPage() {
$repo = OATHAuthHooks::getOATHUserRepository();
/** @var array $sessionUser */
$loginInfo = $this->getRequest()->getSessionData( 'oath_login' );
$user = $repo->findByUser( $this->getUser() );
/** @var SpecialOATHDisable|SpecialOATHEnable|SpecialOATHLogin|SpecialPage $page */
$page = null;
if ( $this->getUser()->isAnon() && $loginInfo !== null ) {
// User is anonymous, so they are logging in
$loginInfo = OATHAuthUtils::decryptSessionData(
$loginInfo,
$this->getRequest()->getSessionData( 'oath_uid' )
);
$page = new SpecialOATHLogin(
$repo->findByUser( User::newFromName( $loginInfo['wpName'] ) ),
new DerivativeRequest(
$this->getRequest(),
$loginInfo,
$this->getRequest()->wasPosted()
)
);
if ( $user->getKey() === null ) {
return new SpecialOATHEnable( $repo, $user );
} else {
$user = $repo->findByUser( $this->getUser() );
if ( $user->getKey() === null ) {
$page = new SpecialOATHEnable( $repo, $user );
} else {
$page = new SpecialOATHDisable( $repo, $user );
}
return new SpecialOATHDisable( $repo, $user );
}
return $page;
}
protected function getGroupName() {

View file

@ -1,131 +0,0 @@
<?php
/**
* Special page to log users into two factor authentication
*/
class SpecialOATHLogin extends FormSpecialPage {
/** @var OATHUser|null */
private $OATHUser;
/** @var LoginForm */
private $loginForm;
/**
* @var string|null The token submitted by the user
*/
private $token = null;
/**
* Initialize the OATH user based on the current local User object in the context
*
* @param OATHUser $oathuser
* @param WebRequest $oldRequest
*/
public function __construct( OATHUser $oathuser, WebRequest $oldRequest ) {
Hooks::register( 'AbortLogin', $this );
parent::__construct( 'OATH', '', false );
$this->OATHUser = $oathuser;
$this->loginForm = new LoginForm( $oldRequest );
$this->loginForm->setContext( $this->getContext() );
}
/**
* Set the page title and add JavaScript RL modules
*
* @param HTMLForm $form
*/
public function alterForm( HTMLForm $form ) {
$form->setMessagePrefix( 'oathauth' );
$form->setWrapperLegend( false );
$form->getOutput()->setPageTitle( $this->msg( 'oathauth-login' ) );
}
/**
* @return string
*/
public function getDisplayFormat() {
return 'vform';
}
/**
* @return bool
*/
public function requiresUnblock() {
return false;
}
/**
* @return array[]
*/
protected function getFormFields() {
return [
'token' => [
'type' => 'text',
'default' => '',
'label-message' => 'oathauth-entertoken',
'name' => 'token',
'required' => true,
'autofocus' => true,
],
'returnto' => [
'type' => 'hidden',
'default' => $this->getRequest()->getVal( 'returnto' ),
'name' => 'returnto',
],
'returntoquery' => [
'type' => 'hidden',
'default' => $this->getRequest()->getVal( 'returntoquery' ),
'name' => 'returntoquery',
]
];
}
/**
* Stub function: the only purpose of this form is to add more data into
* the login form
*
* @param array $formData
*
* @return true
*/
public function onSubmit( array $formData ) {
$this->getRequest()->setSessionData( 'oath_login', null );
$this->getRequest()->setSessionData( 'oath_uid', null );
$this->token = $formData['token'];
return true;
}
public function onSuccess() {
$this->loginForm->execute( $this->par );
}
/**
* @param User $user
* @param $password
* @param $abort
* @param $errorMsg
*
* @return bool
*/
public function onAbortLogin( User $user, $password, &$abort, &$errorMsg ) {
// Don't increase pingLimiter, just check for limit exceeded.
if ( $this->OATHUser->getUser()->pingLimiter( 'badoath', 0 ) ) {
$abort = LoginForm::THROTTLED;
$errorMsg = 'oathauth-abortlogin-throttled';
return false;
}
$result = $this->OATHUser->getKey()
->verifyToken( $this->getRequest()->getVal( 'token' ), $this->OATHUser );
if ( $result ) {
return true;
} else {
$abort = LoginForm::WRONG_PASS;
return false;
}
}
}