PHP ApiAuthManagerHelper::securitySensitiveOperation Examples

Programming Language: PHP

Method/Function: securitySensitiveOperation

Examples at hotexamples.com: 2

PHP ApiAuthManagerHelper::securitySensitiveOperation - 2 examples found. These are the top rated real world PHP examples of ApiAuthManagerHelper::securitySensitiveOperation extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

getStandardParams(5)

loadAuthenticationRequests(4)

blacklistAuthenticationRequests(3)

formatAuthenticationResponse(3)

getPreservedRequest(3)

logAuthenticationResult(2)

securitySensitiveOperation(2)

formatRequests(1)

newForModule(1)

Example #1

Show file

File: ApiLinkAccount.php Project: paladox/mediawiki

 public function execute()
 {
     if (!$this->getUser()->isLoggedIn()) {
         $this->dieUsage('Must be logged in to link accounts', 'notloggedin');
     }
     $params = $this->extractRequestParams();
     $this->requireAtLeastOneParameter($params, 'continue', 'returnurl');
     if ($params['returnurl'] !== null) {
         $bits = wfParseUrl($params['returnurl']);
         if (!$bits || $bits['scheme'] === '') {
             $encParamName = $this->encodeParamName('returnurl');
             $this->dieUsage("Invalid value '{$params['returnurl']}' for url parameter {$encParamName}", "badurl_{$encParamName}");
         }
     }
     $helper = new ApiAuthManagerHelper($this);
     $manager = AuthManager::singleton();
     // Check security-sensitive operation status
     $helper->securitySensitiveOperation('LinkAccounts');
     // Make sure it's possible to link accounts
     if (!$manager->canLinkAccounts()) {
         $this->getResult()->addValue(null, 'linkaccount', $helper->formatAuthenticationResponse(AuthenticationResponse::newFail($this->msg('userlogin-cannot-' . AuthManager::ACTION_LINK))));
         return;
     }
     // Perform the link step
     if ($params['continue']) {
         $reqs = $helper->loadAuthenticationRequests(AuthManager::ACTION_LINK_CONTINUE);
         $res = $manager->continueAccountLink($reqs);
     } else {
         $reqs = $helper->loadAuthenticationRequests(AuthManager::ACTION_LINK);
         $res = $manager->beginAccountLink($this->getUser(), $reqs, $params['returnurl']);
     }
     $this->getResult()->addValue(null, 'linkaccount', $helper->formatAuthenticationResponse($res));
 }

Example #2

Show file

File: ApiChangeAuthenticationData.php Project: claudinec/galan-wiki

 public function execute()
 {
     if (!$this->getUser()->isLoggedIn()) {
         $this->dieUsage('Must be logged in to change authentication data', 'notloggedin');
     }
     $helper = new ApiAuthManagerHelper($this);
     $manager = AuthManager::singleton();
     // Check security-sensitive operation status
     $helper->securitySensitiveOperation('ChangeCredentials');
     // Fetch the request
     $reqs = ApiAuthManagerHelper::blacklistAuthenticationRequests($helper->loadAuthenticationRequests(AuthManager::ACTION_CHANGE), $this->getConfig()->get('ChangeCredentialsBlacklist'));
     if (count($reqs) !== 1) {
         $this->dieUsage('Failed to create change request', 'badrequest');
     }
     $req = reset($reqs);
     // Make the change
     $status = $manager->allowsAuthenticationDataChange($req, true);
     if (!$status->isGood()) {
         $this->dieStatus($status);
     }
     $manager->changeAuthenticationData($req);
     $this->getResult()->addValue(null, 'changeauthenticationdata', ['status' => 'success']);
 }