OATHRepository = new OATHUserRepository( wfGetLB() ); $this->OATHUser = $this->OATHRepository->findByUser( $this->getUser() ); } /** * Perform the correct form based on the action * * @param null|string $par Sub-page */ public function execute( $par ) { if ( !$this->getUser()->isLoggedIn() ) { $this->setHeaders(); $this->getOutput()->setPagetitle( $this->msg( 'oathauth-notloggedin' ) ); $this->getOutput()->addWikiMsg( 'oathauth-mustbeloggedin' ); return; } $action = $this->getRequest()->getVal( 'action' ); if ( $action == "enable" ) { $this->enable(); } elseif ( $action == "disable" ) { $this->disable(); } } /** * @return bool */ private function enable() { $this->setHeaders(); $this->getOutput()->setPagetitle( $this->msg( 'oathauth-enable' ) ); $returnto = $this->getRequest()->getVal( 'returnto' ); if ( $this->OATHUser->getKey() ) { $this->getOutput()->addWikiMsg( 'oathauth-alreadyenabled' ); return true; } if ( null === $this->getRequest()->getSessionData( 'oathauth_key' ) ) { $this->getRequest()->setSessionData( 'oathauth_key', OATHAuthKey::newFromRandom() ); } $info['token'] = array( 'type' => 'text', 'default' => '', 'label-message' => 'oathauth-token', 'name' => 'token', ); $info['mode'] = array( 'type' => 'hidden', 'default' => 'enable', 'name' => 'mode', ); $info['returnto'] = array( 'type' => 'hidden', 'default' => $returnto, 'name' => 'returnto', ); $info['action'] = array( 'type' => 'hidden', 'default' => 'enable', 'name' => 'action', ); $form = new HTMLForm( $info, $this->getContext(), 'oathauth-verify' ); $form->setSubmitID( 'oathauth-validate-submit' ); $form->setSubmitCallback( array( $this, 'tryValidateSubmit' ) ); if ( !$form->show() ) { $this->displaySecret(); } return true; } private function displaySecret() { $this->getOutput()->addModules( 'ext.oathauth' ); /** @var OATHAuthKey $key */ $key = $this->getRequest()->getSessionData( 'oathauth_key' ); $secret = $key->getSecret(); $out = '' . $this->msg( 'oathauth-account' )->escaped() . ' ' . $this->OATHUser->getAccount() . '
' . '' . $this->msg( 'oathauth-secret' )->escaped() . ' ' . $secret . '
' . '
' . '
'; $this->getOutput()->addHTML( ResourceLoader::makeInlineScript( Xml::encodeJsCall( 'mw.loader.using', array( array( 'ext.oathauth' ), new XmlJsCode( 'function () {' . '$("#qrcode").qrcode("otpauth://totp/' . $this->OATHUser->getAccount() . '?secret=' . $secret. '");' . '}' ) ) ) ) ); $this->getOutput()->addHTML( $out ); $this->getOutput()->addWikiMsg( 'openstackmanager-scratchtokens' ); $this->getOutput()->addHTML( $this->createResourceList( $key->getScratchTokens() ) ); } /** * @return bool */ private function disable() { $this->setHeaders(); $this->getOutput()->setPagetitle( $this->msg( 'oathauth-disable' ) ); $returnto = $this->getRequest()->getVal( 'returnto' ); $info['token'] = array( 'type' => 'text', 'label-message' => 'oathauth-token', 'name' => 'token', ); $info['returnto'] = array( 'type' => 'hidden', 'default' => $returnto, 'name' => 'returnto', ); $info['action'] = array( 'type' => 'hidden', 'default' => 'disable', 'name' => 'action', ); $form = new HTMLForm( $info, $this->getContext(), 'oathauth-disable' ); $form->setSubmitID( 'oauth-form-disablesubmit' ); $form->setSubmitCallback( array( $this, 'tryDisableSubmit' ) ); $form->show(); return true; } /** * @param $resources array * @return string */ private function createResourceList( $resources ) { $resourceList = ''; foreach ( $resources as $resource ) { $resourceList .= Html::rawElement( 'li', array(), $resource ); } return Html::rawElement( 'ul', array(), $resourceList ); } /** * @param $formData array * @return bool */ public function tryValidateSubmit( $formData ) { /** @var OATHAuthKey $key */ $key = $this->getRequest()->getSessionData( 'oathauth_key' ); $verify = $key->verifyToken( $formData['token'], $this->OATHUser ); $out = ''; if ( $verify ) { $this->OATHUser->setKey( $key ); $this->OATHRepository->persist( $this->OATHUser ); $this->getRequest()->setSessionData( 'oathauth_key', null ); $this->getOutput()->addWikiMsg( 'oathauth-validatedoath' ); if ( $formData['returnto'] ) { $out = '
'; $title = Title::newFromText( $formData['returnto'] ); $out .= Linker::link( $title, $this->msg( 'oathauth-backtopreferences' )->escaped() ); } } else { $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); $out = '
'; $out .= Linker::link( $this->getPageTitle(), $this->msg( 'oathauth-reattemptenable' )->escaped(), array(), array( 'action' => 'enable', 'returnto' => $formData['returnto'] ) ); } $this->getOutput()->addHTML( $out ); return true; } /** * @param $formData array * @return bool */ public function tryDisableSubmit( $formData ) { $verify = $this->OATHUser->getKey()->verifyToken( $formData['token'], $this->OATHUser ); if ( !$verify ) { $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); $out = '
'; $out .= Linker::link( $this->getPageTitle(), $this->msg( 'oathauth-reattemptdisable' )->escaped(), array(), array( 'action' => 'disable' ) ); $this->getOutput()->addHTML( $out ); return true; } $this->OATHRepository->remove( $this->OATHUser ); $this->getOutput()->addWikiMsg( 'oathauth-disabledoath' ); if ( $formData['returnto'] ) { $out = '
'; $title = Title::newFromText( $formData['returnto'] ); $out .= Linker::link( $title, $this->msg( 'oathauth-backtopreferences' )->escaped() ); $this->getOutput()->addHTML( $out ); } return true; } protected function getGroupName() { return 'oath'; } }