コード例 #1
0
 public function beginSecondaryAuthentication($user, array $reqs)
 {
     if (!$this->blockDisablesLogin) {
         return AuthenticationResponse::newAbstain();
     } elseif ($user->isBlocked()) {
         return AuthenticationResponse::newFail(new \Message('login-userblocked', [$user->getName()]));
     } else {
         return AuthenticationResponse::newPass();
     }
 }
 public function beginSecondaryAccountCreation($user, $creator, array $reqs)
 {
     if ($this->sendConfirmationEmail && $user->getEmail() && !$this->manager->getAuthenticationSessionData('no-email')) {
         // TODO show 'confirmemail_oncreate'/'confirmemail_sendfailed' message
         wfGetDB(DB_MASTER)->onTransactionIdle(function () use($user) {
             $user = $user->getInstanceForUpdate();
             $status = $user->sendConfirmationMail();
             $user->saveSettings();
             if (!$status->isGood()) {
                 $this->logger->warning('Could not send confirmation email: ' . $status->getWikiText(false, false, 'en'));
             }
         }, __METHOD__);
     }
     return AuthenticationResponse::newPass();
 }
 /**
  * Continue the link attempt
  * @param User $user
  * @param string $key Session key to look in
  * @param AuthenticationRequest[] $reqs
  * @return AuthenticationResponse
  */
 protected function continueLinkAttempt($user, $key, array $reqs)
 {
     $req = ButtonAuthenticationRequest::getRequestByName($reqs, 'linkOk');
     if ($req) {
         return AuthenticationResponse::newPass();
     }
     $req = AuthenticationRequest::getRequestByClass($reqs, ConfirmLinkAuthenticationRequest::class);
     if (!$req) {
         // WTF? Retry.
         return $this->beginLinkAttempt($user, $key);
     }
     $session = $this->manager->getRequest()->getSession();
     $state = $session->getSecret($key);
     if (!is_array($state)) {
         return AuthenticationResponse::newAbstain();
     }
     $maybeLink = [];
     foreach ($state['maybeLink'] as $linkReq) {
         $maybeLink[$linkReq->getUniqueId()] = $linkReq;
     }
     if (!$maybeLink) {
         return AuthenticationResponse::newAbstain();
     }
     $state['maybeLink'] = [];
     $session->setSecret($key, $state);
     $statuses = [];
     $anyFailed = false;
     foreach ($req->confirmedLinkIDs as $id) {
         if (isset($maybeLink[$id])) {
             $req = $maybeLink[$id];
             $req->username = $user->getName();
             if (!$req->action) {
                 // Make sure the action is set, but don't override it if
                 // the provider filled it in.
                 $req->action = AuthManager::ACTION_CHANGE;
             }
             $status = $this->manager->allowsAuthenticationDataChange($req);
             $statuses[] = [$req, $status];
             if ($status->isGood()) {
                 $this->manager->changeAuthenticationData($req);
             } else {
                 $anyFailed = true;
             }
         }
     }
     if (!$anyFailed) {
         return AuthenticationResponse::newPass();
     }
     $combinedStatus = \Status::newGood();
     foreach ($statuses as $data) {
         list($req, $status) = $data;
         $descriptionInfo = $req->describeCredentials();
         $description = wfMessage('authprovider-confirmlink-option', $descriptionInfo['provider']->text(), $descriptionInfo['account']->text())->text();
         if ($status->isGood()) {
             $combinedStatus->error(wfMessage('authprovider-confirmlink-success-line', $description));
         } else {
             $combinedStatus->error(wfMessage('authprovider-confirmlink-failure-line', $description, $status->getMessage()->text()));
         }
     }
     return AuthenticationResponse::newUI([new ButtonAuthenticationRequest('linkOk', wfMessage('ok'), wfMessage('authprovider-confirmlink-ok-help'))], $combinedStatus->getMessage('authprovider-confirmlink-failed'));
 }
コード例 #4
0
 /**
  * @param string $action One of the AuthManager::ACTION_* constants
  * @param AuthenticationRequest[] $requests
  * @return AuthenticationResponse
  * @throws LogicException if $action is invalid
  */
 protected function performAuthenticationStep($action, array $requests)
 {
     if (!in_array($action, static::$allowedActions, true)) {
         throw new InvalidArgumentException('invalid action: ' . $action);
     }
     $authManager = AuthManager::singleton();
     $returnToUrl = $this->getPageTitle('return')->getFullURL($this->getPreservedParams(true), false, PROTO_HTTPS);
     switch ($action) {
         case AuthManager::ACTION_LOGIN:
             return $authManager->beginAuthentication($requests, $returnToUrl);
         case AuthManager::ACTION_LOGIN_CONTINUE:
             return $authManager->continueAuthentication($requests);
         case AuthManager::ACTION_CREATE:
             return $authManager->beginAccountCreation($this->getUser(), $requests, $returnToUrl);
         case AuthManager::ACTION_CREATE_CONTINUE:
             return $authManager->continueAccountCreation($requests);
         case AuthManager::ACTION_LINK:
             return $authManager->beginAccountLink($this->getUser(), $requests, $returnToUrl);
         case AuthManager::ACTION_LINK_CONTINUE:
             return $authManager->continueAccountLink($requests);
         case AuthManager::ACTION_CHANGE:
         case AuthManager::ACTION_REMOVE:
         case AuthManager::ACTION_UNLINK:
             if (count($requests) > 1) {
                 throw new InvalidArgumentException('only one auth request can be changed at a time');
             } elseif (!$requests) {
                 throw new InvalidArgumentException('no auth request');
             }
             $req = reset($requests);
             $status = $authManager->allowsAuthenticationDataChange($req);
             Hooks::run('ChangeAuthenticationDataAudit', [$req, $status]);
             if (!$status->isOK()) {
                 return AuthenticationResponse::newFail($status->getMessage());
             }
             $authManager->changeAuthenticationData($req);
             return AuthenticationResponse::newPass();
         default:
             // should never reach here but makes static code analyzers happy
             throw new InvalidArgumentException('invalid action: ' . $action);
     }
 }
コード例 #5
0
 public function provideAccountLink()
 {
     $req = $this->getMockForAbstractClass(AuthenticationRequest::class);
     $good = StatusValue::newGood();
     return ['Pre-link test fail in pre' => [StatusValue::newFatal('fail-from-pre'), [], [AuthenticationResponse::newFail($this->message('fail-from-pre'))]], 'Failure in primary' => [$good, $tmp = [AuthenticationResponse::newFail($this->message('fail-from-primary'))], $tmp], 'All primary abstain' => [$good, [AuthenticationResponse::newAbstain()], [AuthenticationResponse::newFail($this->message('authmanager-link-no-primary'))]], 'Primary UI, then redirect, then fail' => [$good, $tmp = [AuthenticationResponse::newUI([$req], $this->message('...')), AuthenticationResponse::newRedirect([$req], '/foo.html', ['foo' => 'bar']), AuthenticationResponse::newFail($this->message('fail-in-primary-continue'))], $tmp], 'Primary redirect, then abstain' => [$good, [$tmp = AuthenticationResponse::newRedirect([$req], '/foo.html', ['foo' => 'bar']), AuthenticationResponse::newAbstain()], [$tmp, new \DomainException('MockPrimaryAuthenticationProvider::continuePrimaryAccountLink() returned ABSTAIN')]], 'Primary UI, then pass' => [$good, [$tmp1 = AuthenticationResponse::newUI([$req], $this->message('...')), AuthenticationResponse::newPass()], [$tmp1, AuthenticationResponse::newPass('')]], 'Primary pass' => [$good, [AuthenticationResponse::newPass('')], [AuthenticationResponse::newPass('')]]];
 }
 public function beginPrimaryAccountCreation($user, $creator, array $reqs)
 {
     /** @var TemporaryPasswordAuthenticationRequest $req */
     $req = AuthenticationRequest::getRequestByClass($reqs, TemporaryPasswordAuthenticationRequest::class);
     if ($req) {
         if ($req->username !== null && $req->password !== null) {
             // Nothing we can do yet, because the user isn't in the DB yet
             if ($req->username !== $user->getName()) {
                 $req = clone $req;
                 $req->username = $user->getName();
             }
             if ($req->mailpassword) {
                 // prevent EmailNotificationSecondaryAuthenticationProvider from sending another mail
                 $this->manager->setAuthenticationSessionData('no-email', true);
             }
             $ret = AuthenticationResponse::newPass($req->username);
             $ret->createRequest = $req;
             return $ret;
         }
     }
     return AuthenticationResponse::newAbstain();
 }
コード例 #7
0
 public function beginPrimaryAccountCreation($user, $creator, array $reqs)
 {
     if ($this->accountCreationType() === self::TYPE_NONE) {
         throw new \BadMethodCallException('Shouldn\'t call this when accountCreationType() is NONE');
     }
     $req = AuthenticationRequest::getRequestByClass($reqs, PasswordAuthenticationRequest::class);
     if ($req) {
         if ($req->username !== null && $req->password !== null) {
             // Nothing we can do besides claim it, because the user isn't in
             // the DB yet
             if ($req->username !== $user->getName()) {
                 $req = clone $req;
                 $req->username = $user->getName();
             }
             $ret = AuthenticationResponse::newPass($req->username);
             $ret->createRequest = $req;
             return $ret;
         }
     }
     return AuthenticationResponse::newAbstain();
 }
コード例 #8
0
ファイル: AuthManager.php プロジェクト: claudinec/galan-wiki
 /**
  * Continue an account creation flow
  * @param AuthenticationRequest[] $reqs
  * @return AuthenticationResponse
  */
 public function continueAccountCreation(array $reqs)
 {
     $session = $this->request->getSession();
     try {
         if (!$this->canCreateAccounts()) {
             // Caller should have called canCreateAccounts()
             $session->remove('AuthManager::accountCreationState');
             throw new \LogicException('Account creation is not possible');
         }
         $state = $session->getSecret('AuthManager::accountCreationState');
         if (!is_array($state)) {
             return AuthenticationResponse::newFail(wfMessage('authmanager-create-not-in-progress'));
         }
         $state['continueRequests'] = [];
         // Step 0: Prepare and validate the input
         $user = User::newFromName($state['username'], 'creatable');
         if (!is_object($user)) {
             $session->remove('AuthManager::accountCreationState');
             $this->logger->debug(__METHOD__ . ': Invalid username', ['user' => $state['username']]);
             return AuthenticationResponse::newFail(wfMessage('noname'));
         }
         if ($state['creatorid']) {
             $creator = User::newFromId($state['creatorid']);
         } else {
             $creator = new User();
             $creator->setName($state['creatorname']);
         }
         // Avoid account creation races on double submissions
         $cache = \ObjectCache::getLocalClusterInstance();
         $lock = $cache->getScopedLock($cache->makeGlobalKey('account', md5($user->getName())));
         if (!$lock) {
             // Don't clear AuthManager::accountCreationState for this code
             // path because the process that won the race owns it.
             $this->logger->debug(__METHOD__ . ': Could not acquire account creation lock', ['user' => $user->getName(), 'creator' => $creator->getName()]);
             return AuthenticationResponse::newFail(wfMessage('usernameinprogress'));
         }
         // Permissions check
         $status = $this->checkAccountCreatePermissions($creator);
         if (!$status->isGood()) {
             $this->logger->debug(__METHOD__ . ': {creator} cannot create users: {reason}', ['user' => $user->getName(), 'creator' => $creator->getName(), 'reason' => $status->getWikiText(null, null, 'en')]);
             $ret = AuthenticationResponse::newFail($status->getMessage());
             $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $ret]);
             $session->remove('AuthManager::accountCreationState');
             return $ret;
         }
         // Load from master for existence check
         $user->load(User::READ_LOCKING);
         if ($state['userid'] === 0) {
             if ($user->getId() != 0) {
                 $this->logger->debug(__METHOD__ . ': User exists locally', ['user' => $user->getName(), 'creator' => $creator->getName()]);
                 $ret = AuthenticationResponse::newFail(wfMessage('userexists'));
                 $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $ret]);
                 $session->remove('AuthManager::accountCreationState');
                 return $ret;
             }
         } else {
             if ($user->getId() == 0) {
                 $this->logger->debug(__METHOD__ . ': User does not exist locally when it should', ['user' => $user->getName(), 'creator' => $creator->getName(), 'expected_id' => $state['userid']]);
                 throw new \UnexpectedValueException("User \"{$state['username']}\" should exist now, but doesn't!");
             }
             if ($user->getId() != $state['userid']) {
                 $this->logger->debug(__METHOD__ . ': User ID/name mismatch', ['user' => $user->getName(), 'creator' => $creator->getName(), 'expected_id' => $state['userid'], 'actual_id' => $user->getId()]);
                 throw new \UnexpectedValueException("User \"{$state['username']}\" exists, but " . "ID {$user->getId()} != {$state['userid']}!");
             }
         }
         foreach ($state['reqs'] as $req) {
             if ($req instanceof UserDataAuthenticationRequest) {
                 $status = $req->populateUser($user);
                 if (!$status->isGood()) {
                     // This should never happen...
                     $status = Status::wrap($status);
                     $this->logger->debug(__METHOD__ . ': UserData is invalid: {reason}', ['user' => $user->getName(), 'creator' => $creator->getName(), 'reason' => $status->getWikiText(null, null, 'en')]);
                     $ret = AuthenticationResponse::newFail($status->getMessage());
                     $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $ret]);
                     $session->remove('AuthManager::accountCreationState');
                     return $ret;
                 }
             }
         }
         foreach ($reqs as $req) {
             $req->returnToUrl = $state['returnToUrl'];
             $req->username = $state['username'];
         }
         // If we're coming in from a create-from-login UI response, we need
         // to extract the createRequest (if any).
         $req = AuthenticationRequest::getRequestByClass($reqs, CreateFromLoginAuthenticationRequest::class);
         if ($req && $req->createRequest) {
             $reqs[] = $req->createRequest;
         }
         // Run pre-creation tests, if we haven't already
         if (!$state['ranPreTests']) {
             $providers = $this->getPreAuthenticationProviders() + $this->getPrimaryAuthenticationProviders() + $this->getSecondaryAuthenticationProviders();
             foreach ($providers as $id => $provider) {
                 $status = $provider->testForAccountCreation($user, $creator, $reqs);
                 if (!$status->isGood()) {
                     $this->logger->debug(__METHOD__ . ": Fail in pre-authentication by {$id}", ['user' => $user->getName(), 'creator' => $creator->getName()]);
                     $ret = AuthenticationResponse::newFail(Status::wrap($status)->getMessage());
                     $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $ret]);
                     $session->remove('AuthManager::accountCreationState');
                     return $ret;
                 }
             }
             $state['ranPreTests'] = true;
         }
         // Step 1: Choose a primary authentication provider and call it until it succeeds.
         if ($state['primary'] === null) {
             // We haven't picked a PrimaryAuthenticationProvider yet
             foreach ($this->getPrimaryAuthenticationProviders() as $id => $provider) {
                 if ($provider->accountCreationType() === PrimaryAuthenticationProvider::TYPE_NONE) {
                     continue;
                 }
                 $res = $provider->beginPrimaryAccountCreation($user, $creator, $reqs);
                 switch ($res->status) {
                     case AuthenticationResponse::PASS:
                         $this->logger->debug(__METHOD__ . ": Primary creation passed by {$id}", ['user' => $user->getName(), 'creator' => $creator->getName()]);
                         $state['primary'] = $id;
                         $state['primaryResponse'] = $res;
                         break 2;
                     case AuthenticationResponse::FAIL:
                         $this->logger->debug(__METHOD__ . ": Primary creation failed by {$id}", ['user' => $user->getName(), 'creator' => $creator->getName()]);
                         $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $res]);
                         $session->remove('AuthManager::accountCreationState');
                         return $res;
                     case AuthenticationResponse::ABSTAIN:
                         // Continue loop
                         break;
                     case AuthenticationResponse::REDIRECT:
                     case AuthenticationResponse::UI:
                         $this->logger->debug(__METHOD__ . ": Primary creation {$res->status} by {$id}", ['user' => $user->getName(), 'creator' => $creator->getName()]);
                         $state['primary'] = $id;
                         $state['continueRequests'] = $res->neededRequests;
                         $session->setSecret('AuthManager::accountCreationState', $state);
                         return $res;
                         // @codeCoverageIgnoreStart
                     // @codeCoverageIgnoreStart
                     default:
                         throw new \DomainException(get_class($provider) . "::beginPrimaryAccountCreation() returned {$res->status}");
                         // @codeCoverageIgnoreEnd
                 }
             }
             if ($state['primary'] === null) {
                 $this->logger->debug(__METHOD__ . ': Primary creation failed because no provider accepted', ['user' => $user->getName(), 'creator' => $creator->getName()]);
                 $ret = AuthenticationResponse::newFail(wfMessage('authmanager-create-no-primary'));
                 $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $ret]);
                 $session->remove('AuthManager::accountCreationState');
                 return $ret;
             }
         } elseif ($state['primaryResponse'] === null) {
             $provider = $this->getAuthenticationProvider($state['primary']);
             if (!$provider instanceof PrimaryAuthenticationProvider) {
                 // Configuration changed? Force them to start over.
                 // @codeCoverageIgnoreStart
                 $ret = AuthenticationResponse::newFail(wfMessage('authmanager-create-not-in-progress'));
                 $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $ret]);
                 $session->remove('AuthManager::accountCreationState');
                 return $ret;
                 // @codeCoverageIgnoreEnd
             }
             $id = $provider->getUniqueId();
             $res = $provider->continuePrimaryAccountCreation($user, $creator, $reqs);
             switch ($res->status) {
                 case AuthenticationResponse::PASS:
                     $this->logger->debug(__METHOD__ . ": Primary creation passed by {$id}", ['user' => $user->getName(), 'creator' => $creator->getName()]);
                     $state['primaryResponse'] = $res;
                     break;
                 case AuthenticationResponse::FAIL:
                     $this->logger->debug(__METHOD__ . ": Primary creation failed by {$id}", ['user' => $user->getName(), 'creator' => $creator->getName()]);
                     $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $res]);
                     $session->remove('AuthManager::accountCreationState');
                     return $res;
                 case AuthenticationResponse::REDIRECT:
                 case AuthenticationResponse::UI:
                     $this->logger->debug(__METHOD__ . ": Primary creation {$res->status} by {$id}", ['user' => $user->getName(), 'creator' => $creator->getName()]);
                     $state['continueRequests'] = $res->neededRequests;
                     $session->setSecret('AuthManager::accountCreationState', $state);
                     return $res;
                 default:
                     throw new \DomainException(get_class($provider) . "::continuePrimaryAccountCreation() returned {$res->status}");
             }
         }
         // Step 2: Primary authentication succeeded, create the User object
         // and add the user locally.
         if ($state['userid'] === 0) {
             $this->logger->info('Creating user {user} during account creation', ['user' => $user->getName(), 'creator' => $creator->getName()]);
             $status = $user->addToDatabase();
             if (!$status->isOk()) {
                 // @codeCoverageIgnoreStart
                 $ret = AuthenticationResponse::newFail($status->getMessage());
                 $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $ret]);
                 $session->remove('AuthManager::accountCreationState');
                 return $ret;
                 // @codeCoverageIgnoreEnd
             }
             $this->setDefaultUserOptions($user, $creator->isAnon());
             \Hooks::run('LocalUserCreated', [$user, false]);
             $user->saveSettings();
             $state['userid'] = $user->getId();
             // Update user count
             \DeferredUpdates::addUpdate(new \SiteStatsUpdate(0, 0, 0, 0, 1));
             // Watch user's userpage and talk page
             $user->addWatch($user->getUserPage(), User::IGNORE_USER_RIGHTS);
             // Inform the provider
             $logSubtype = $provider->finishAccountCreation($user, $creator, $state['primaryResponse']);
             // Log the creation
             if ($this->config->get('NewUserLog')) {
                 $isAnon = $creator->isAnon();
                 $logEntry = new \ManualLogEntry('newusers', $logSubtype ?: ($isAnon ? 'create' : 'create2'));
                 $logEntry->setPerformer($isAnon ? $user : $creator);
                 $logEntry->setTarget($user->getUserPage());
                 $req = AuthenticationRequest::getRequestByClass($state['reqs'], CreationReasonAuthenticationRequest::class);
                 $logEntry->setComment($req ? $req->reason : '');
                 $logEntry->setParameters(['4::userid' => $user->getId()]);
                 $logid = $logEntry->insert();
                 $logEntry->publish($logid);
             }
         }
         // Step 3: Iterate over all the secondary authentication providers.
         $beginReqs = $state['reqs'];
         foreach ($this->getSecondaryAuthenticationProviders() as $id => $provider) {
             if (!isset($state['secondary'][$id])) {
                 // This provider isn't started yet, so we pass it the set
                 // of reqs from beginAuthentication instead of whatever
                 // might have been used by a previous provider in line.
                 $func = 'beginSecondaryAccountCreation';
                 $res = $provider->beginSecondaryAccountCreation($user, $creator, $beginReqs);
             } elseif (!$state['secondary'][$id]) {
                 $func = 'continueSecondaryAccountCreation';
                 $res = $provider->continueSecondaryAccountCreation($user, $creator, $reqs);
             } else {
                 continue;
             }
             switch ($res->status) {
                 case AuthenticationResponse::PASS:
                     $this->logger->debug(__METHOD__ . ": Secondary creation passed by {$id}", ['user' => $user->getName(), 'creator' => $creator->getName()]);
                     // fall through
                 // fall through
                 case AuthenticationResponse::ABSTAIN:
                     $state['secondary'][$id] = true;
                     break;
                 case AuthenticationResponse::REDIRECT:
                 case AuthenticationResponse::UI:
                     $this->logger->debug(__METHOD__ . ": Secondary creation {$res->status} by {$id}", ['user' => $user->getName(), 'creator' => $creator->getName()]);
                     $state['secondary'][$id] = false;
                     $state['continueRequests'] = $res->neededRequests;
                     $session->setSecret('AuthManager::accountCreationState', $state);
                     return $res;
                 case AuthenticationResponse::FAIL:
                     throw new \DomainException(get_class($provider) . "::{$func}() returned {$res->status}." . ' Secondary providers are not allowed to fail account creation, that' . ' should have been done via testForAccountCreation().');
                     // @codeCoverageIgnoreStart
                 // @codeCoverageIgnoreStart
                 default:
                     throw new \DomainException(get_class($provider) . "::{$func}() returned {$res->status}");
                     // @codeCoverageIgnoreEnd
             }
         }
         $id = $user->getId();
         $name = $user->getName();
         $req = new CreatedAccountAuthenticationRequest($id, $name);
         $ret = AuthenticationResponse::newPass($name);
         $ret->loginRequest = $req;
         $this->createdAccountAuthenticationRequests[] = $req;
         $this->logger->info(__METHOD__ . ': Account creation succeeded for {user}', ['user' => $user->getName(), 'creator' => $creator->getName()]);
         $this->callMethodOnProviders(7, 'postAccountCreation', [$user, $creator, $ret]);
         $session->remove('AuthManager::accountCreationState');
         $this->removeAuthenticationSessionData(null);
         return $ret;
     } catch (\Exception $ex) {
         $session->remove('AuthManager::accountCreationState');
         throw $ex;
     }
 }
 public function testAccountCreationEmail()
 {
     $creator = \User::newFromName('Foo');
     $user = self::getMutableTestUser()->getUser();
     $user->setEmail(null);
     $req = TemporaryPasswordAuthenticationRequest::newRandom();
     $req->username = $user->getName();
     $req->mailpassword = true;
     $provider = $this->getProvider(['emailEnabled' => false]);
     $status = $provider->testForAccountCreation($user, $creator, [$req]);
     $this->assertEquals(\StatusValue::newFatal('emaildisabled'), $status);
     $req->hasBackchannel = true;
     $status = $provider->testForAccountCreation($user, $creator, [$req]);
     $this->assertFalse($status->hasMessage('emaildisabled'));
     $req->hasBackchannel = false;
     $provider = $this->getProvider(['emailEnabled' => true]);
     $status = $provider->testForAccountCreation($user, $creator, [$req]);
     $this->assertEquals(\StatusValue::newFatal('noemailcreate'), $status);
     $req->hasBackchannel = true;
     $status = $provider->testForAccountCreation($user, $creator, [$req]);
     $this->assertFalse($status->hasMessage('noemailcreate'));
     $req->hasBackchannel = false;
     $user->setEmail('*****@*****.**');
     $status = $provider->testForAccountCreation($user, $creator, [$req]);
     $this->assertEquals(\StatusValue::newGood(), $status);
     $mailed = false;
     $resetMailer = $this->hookMailer(function ($headers, $to, $from, $subject, $body) use(&$mailed, $req) {
         $mailed = true;
         $this->assertSame('*****@*****.**', $to[0]->address);
         $this->assertContains($req->password, $body);
         return false;
     });
     $expect = AuthenticationResponse::newPass($user->getName());
     $expect->createRequest = clone $req;
     $expect->createRequest->username = $user->getName();
     $res = $provider->beginPrimaryAccountCreation($user, $creator, [$req]);
     $this->assertEquals($expect, $res);
     $this->assertTrue($this->manager->getAuthenticationSessionData('no-email'));
     $this->assertFalse($mailed);
     $this->assertSame('byemail', $provider->finishAccountCreation($user, $creator, $res));
     $this->assertTrue($mailed);
     ScopedCallback::consume($resetMailer);
     $this->assertTrue($mailed);
 }
コード例 #10
0
 public function beginPrimaryAccountCreation($user, $creator, array $reqs)
 {
     if ($this->accountCreationType() === self::TYPE_NONE) {
         throw new \BadMethodCallException('Shouldn\'t call this when accountCreationType() is NONE');
     }
     $req = AuthenticationRequest::getRequestByClass($reqs, $this->requestType);
     if (!$req || $req->username === null || $req->password === null || $this->hasDomain && $req->domain === null) {
         return AuthenticationResponse::newAbstain();
     }
     $username = User::getCanonicalName($req->username, 'usable');
     if ($username === false) {
         return AuthenticationResponse::newAbstain();
     }
     $this->setDomain($req);
     if ($this->auth->addUser($user, $req->password, $user->getEmail(), $user->getRealName())) {
         return AuthenticationResponse::newPass();
     } else {
         return AuthenticationResponse::newFail(new \Message('authmanager-authplugin-create-fail'));
     }
 }