OATHUser = OATHUser::newFromUser( $this->getUser() ); } /** * Perform the correct form based on the action * * @param null|string $par Sub-page */ public function execute( $par ) { if ( !$this->getUser()->isLoggedIn() ) { $this->setHeaders(); $this->getOutput()->setPagetitle( $this->msg( 'oathauth-notloggedin' ) ); $this->getOutput()->addWikiMsg( 'oathauth-mustbeloggedin' ); return; } $action = $this->getRequest()->getVal( 'action' ); if ( $action == "enable" ) { $this->enable(); } elseif ( $action == "validate" ) { $this->validate(); } elseif ( $action == "reset" ) { $this->reset(); } elseif ( $action == "disable" ) { $this->disable(); } } /** * @return bool */ private function enable() { $this->setHeaders(); $this->getOutput()->setPagetitle( $this->msg( 'oathauth-enable' ) ); $returnto = $this->getRequest()->getVal( 'returnto' ); if ( !$this->OATHUser->isEnabled() ) { $result = $this->OATHUser->enable(); if ( !$result ) { $this->getOutput()->addWikiMsg( 'oathauth-failedtoenableoauth' ); return true; } } elseif ( $this->OATHUser->isEnabled() && $this->OATHUser->isValidated() ) { $this->getOutput()->addWikiMsg( 'oathauth-alreadyenabled' ); return true; } $info['token'] = array( 'type' => 'text', 'default' => '', 'label-message' => 'oathauth-token', 'name' => 'token', ); $info['mode'] = array( 'type' => 'hidden', 'default' => 'enable', 'name' => 'mode', ); $info['returnto'] = array( 'type' => 'hidden', 'default' => $returnto, 'name' => 'returnto', ); $info['action'] = array( 'type' => 'hidden', 'default' => 'validate', 'name' => 'action', ); $form = new HTMLForm( $info, $this->getContext(), 'oathauth-verify' ); $form->setSubmitID( 'oathauth-validate-submit' ); $form->setSubmitCallback( array( $this, 'tryValidateSubmit' ) ); $form->show(); $this->displaySecret(); return true; } /** * @param $reset bool */ private function displaySecret( $reset = false ) { $this->getOutput()->addModules( 'ext.oathauth' ); if ( $reset ) { $secret = $this->OATHUser->getSecretReset(); } else { $secret = $this->OATHUser->getSecret(); } $out = '' . $this->msg( 'oathauth-account' )->escaped() . ' ' . $this->OATHUser->getAccount() . '
' . '' . $this->msg( 'oathauth-secret' )->escaped() . ' ' . $secret . '
' . '
' . '
'; $this->getOutput()->addInlineScript( 'jQuery("#qrcode").qrcode("otpauth://totp/' . $this->OATHUser->getAccount() . '?secret=' . $secret . '")' ); $this->getOutput()->addHTML( $out ); $this->getOutput()->addWikiMsg( 'openstackmanager-scratchtokens' ); if ( $reset ) { $this->getOutput()->addHTML( $this->createResourceList( $this->OATHUser->getScratchTokensReset() ) ); } else { $this->getOutput()->addHTML( $this->createResourceList( $this->OATHUser->getScratchTokens() ) ); } } /** * @return bool */ private function validate() { $this->setHeaders(); $this->getOutput()->setPagetitle( $this->msg( 'oathauth-enable' ) ); $mode = $this->getRequest()->getVal( 'mode' ); $returnto = $this->getRequest()->getVal( 'returnto' ); $info['token'] = array( 'type' => 'text', 'default' => '', 'label-message' => 'oathauth-token', 'name' => 'token', ); $info['mode'] = array( 'type' => 'hidden', 'default' => $mode, 'name' => 'mode', ); $info['returnto'] = array( 'type' => 'hidden', 'default' => $returnto, 'name' => 'returnto', ); $info['action'] = array( 'type' => 'hidden', 'default' => 'validate', 'name' => 'action', ); $form = new HTMLForm( $info, $this->getContext(), 'oathauth-verify' ); $form->setSubmitID( 'oathauth-validate-submit' ); $form->setSubmitCallback( array( $this, 'tryValidateSubmit' ) ); $form->show(); return true; } /** * @return bool */ private function reset() { $this->setHeaders(); $this->getOutput()->setPagetitle( $this->msg( 'oathauth-reset' ) ); $returnto = $this->getRequest()->getVal( 'returnto' ); $info['token'] = array( 'type' => 'text', 'label-message' => 'oathauth-currenttoken', 'name' => 'token', ); $info['returnto'] = array( 'type' => 'hidden', 'default' => $returnto, 'name' => 'returnto', ); $info['action'] = array( 'type' => 'hidden', 'default' => 'reset', 'name' => 'action', ); $form = new HTMLForm( $info, $this->getContext(), 'oathauth-reset' ); $form->setSubmitID( 'oauth-form-disablesubmit' ); $form->setSubmitCallback( array( $this, 'tryResetSubmit' ) ); $form->show(); return true; } /** * @return bool */ private function disable() { $this->setHeaders(); $this->getOutput()->setPagetitle( $this->msg( 'oathauth-disable' ) ); $returnto = $this->getRequest()->getVal( 'returnto' ); $info['token'] = array( 'type' => 'text', 'label-message' => 'oathauth-token', 'name' => 'token', ); $info['returnto'] = array( 'type' => 'hidden', 'default' => $returnto, 'name' => 'returnto', ); $info['action'] = array( 'type' => 'hidden', 'default' => 'disable', 'name' => 'action', ); $form = new HTMLForm( $info, $this->getContext(), 'oathauth-disable' ); $form->setSubmitID( 'oauth-form-disablesubmit' ); $form->setSubmitCallback( array( $this, 'tryDisableSubmit' ) ); $form->show(); return true; } /** * @param $resources array * @return string */ private function createResourceList( $resources ) { $resourceList = ''; foreach ( $resources as $resource ) { $resourceList .= Html::rawElement( 'li', array(), $resource ); } return Html::rawElement( 'ul', array(), $resourceList ); } /** * @param $formData array * @return bool */ public function tryValidateSubmit( $formData ) { $mode = $formData['mode']; if ( $mode == "reset" ) { $reset = true; } else { $reset = false; } $verify = $this->OATHUser->verifyToken( $formData['token'], $reset ); if ( $verify ) { if ( $reset ) { $result = $this->OATHUser->reset(); } else { $result = $this->OATHUser->validate(); } } else { $result = false; } $out = ''; if ( $result ) { $this->getOutput()->addWikiMsg( 'oathauth-validatedoath' ); if ( $formData['returnto'] ) { $out = '
'; $title = Title::newFromText( $formData['returnto'] ); $out .= Linker::link( $title, $this->msg( 'oathauth-backtopreferences' )->escaped() ); } } else { $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); $out = '
'; if ( $reset ) { $out .= Linker::link( $this->getPageTitle(), $this->msg( 'oathauth-reattemptreset' )->escaped(), array(), array( 'action' => 'enable', 'mode' => 'reset', 'returnto' => $formData['returnto'] ) ); } else { $out .= Linker::link( $this->getPageTitle(), $this->msg( 'oathauth-reattemptenable' )->escaped(), array(), array( 'action' => 'enable', 'returnto' => $formData['returnto'] ) ); } } $this->getOutput()->addHTML( $out ); return true; } /** * @param $formData array * @return bool */ public function tryDisableSubmit( $formData ) { $verify = $this->OATHUser->verifyToken( $formData['token'] ); if ( !$verify ) { $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); $out = '
'; $out .= Linker::link( $this->getPageTitle(), $this->msg( 'oathauth-reattemptdisable' )->escaped(), array(), array( 'action' => 'disable' ) ); $this->getOutput()->addHTML( $out ); return true; } $result = $this->OATHUser->disable(); if ( $result ) { $this->getOutput()->addWikiMsg( 'oathauth-disabledoath' ); if ( $formData['returnto'] ) { $out = '
'; $title = Title::newFromText( $formData['returnto'] ); $out .= Linker::link( $title, $this->msg( 'oathauth-backtopreferences' )->escaped() ); $this->getOutput()->addHTML( $out ); } } else { $this->getOutput()->addWikiMsg( 'oathauth-failedtodisableoauth' ); $out = '
'; $out .= Linker::link( $this->getPageTitle(), $this->msg( 'oathauth-reattemptdisable' )->escaped(), array( 'action' => 'disable', 'returnto' => $formData['returnto'], ) ); $this->getOutput()->addHTML( $out ); } return true; } /** * @param $formData array * @return bool */ public function tryResetSubmit( $formData ) { $verify = $this->OATHUser->verifyToken( $formData['token'] ); if ( !$verify ) { $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); $out = '
'; $out .= Linker::link( $this->getPageTitle(), $this->msg( 'oathauth-reattemptreset' )->escaped(), array(), array( 'action' => 'reset', 'returnto' => $formData['returnto'] ) ); $this->getOutput()->addHTML( $out ); return true; } $this->getOutput()->addWikiMsg( 'oathauth-donotdeleteoldsecret' ); $info['token'] = array( 'type' => 'text', 'default' => '', 'label-message' => 'oathauth-newtoken', 'name' => 'token', ); $info['mode'] = array( 'type' => 'hidden', 'default' => 'reset', 'name' => 'mode', ); $info['returnto'] = array( 'type' => 'hidden', 'default' => $formData['returnto'], 'name' => 'returnto', ); $info['action'] = array( 'type' => 'hidden', 'default' => 'validate', 'name' => 'action', ); $myContext = new DerivativeContext( $this->getContext() ); $myRequest = new DerivativeRequest( $this->getRequest(), array( 'action' => 'validate', 'mode' => 'reset', 'token' => '', 'returnto' => $formData['returnto'] ), false ); $myContext->setRequest( $myRequest ); $form = new HTMLForm( $info, $myContext ); $form->setSubmitID( 'oathauth-validate-submit' ); $form->setSubmitCallback( array( $this, 'tryValidateSubmit' ) ); $form->show(); $result = $this->OATHUser->setReset(); if ( $result ) { $this->displaySecret( true ); } else { $this->getOutput()->addWikiMsg( 'oathauth-failedtoresetoath' ); $out = '
'; $out .= Linker::link( $this->getPageTitle(), $this->msg( 'oathauth-reattemptreset' )->escaped(), array(), array( 'action' => 'reset', 'returnto' => $formData['returnto'] ) ); $this->getOutput()->addHTML( $out ); } return true; } protected function getGroupName() { return 'oath'; } }