diff --git a/includes/api/ApiAMCreateAccount.php b/includes/api/ApiAMCreateAccount.php index 162bc02c696..bcf52b05c4b 100644 --- a/includes/api/ApiAMCreateAccount.php +++ b/includes/api/ApiAMCreateAccount.php @@ -22,6 +22,7 @@ use MediaWiki\Auth\AuthenticationResponse; use MediaWiki\Auth\AuthManager; +use MediaWiki\MediaWikiServices; /** * Create an account with AuthManager @@ -63,8 +64,8 @@ class ApiAMCreateAccount extends ApiBase { } } - $helper = new ApiAuthManagerHelper( $this ); - $manager = AuthManager::singleton(); + $manager = MediaWikiServices::getInstance()->getAuthManager(); + $helper = new ApiAuthManagerHelper( $this, $manager ); // Make sure it's possible to create accounts if ( !$manager->canCreateAccounts() ) { diff --git a/includes/api/ApiAuthManagerHelper.php b/includes/api/ApiAuthManagerHelper.php index dad9805fb48..14137863442 100644 --- a/includes/api/ApiAuthManagerHelper.php +++ b/includes/api/ApiAuthManagerHelper.php @@ -26,6 +26,7 @@ use MediaWiki\Auth\AuthenticationResponse; use MediaWiki\Auth\AuthManager; use MediaWiki\Auth\CreateFromLoginAuthenticationRequest; use MediaWiki\Logger\LoggerFactory; +use MediaWiki\MediaWikiServices; /** * Helper class for AuthManager-using API modules. Intended for use via @@ -41,23 +42,29 @@ class ApiAuthManagerHelper { /** @var string Message output format */ private $messageFormat; + /** @var AuthManager */ + private $authManager; + /** * @param ApiBase $module API module, for context and parameters + * @param AuthManager|null $authManager */ - public function __construct( ApiBase $module ) { + public function __construct( ApiBase $module, AuthManager $authManager = null ) { $this->module = $module; $params = $module->extractRequestParams(); $this->messageFormat = $params['messageformat'] ?? 'wikitext'; + $this->authManager = $authManager ?: MediaWikiServices::getInstance()->getAuthManager(); } /** * Static version of the constructor, for chaining * @param ApiBase $module API module, for context and parameters + * @param AuthManager|null $authManager * @return ApiAuthManagerHelper */ - public static function newForModule( ApiBase $module ) { - return new self( $module ); + public static function newForModule( ApiBase $module, AuthManager $authManager = null ) { + return new self( $module, $authManager ); } /** @@ -97,7 +104,7 @@ class ApiAuthManagerHelper { * @throws ApiUsageException */ public function securitySensitiveOperation( $operation ) { - $status = AuthManager::singleton()->securitySensitiveOperationStatus( $operation ); + $status = $this->authManager->securitySensitiveOperationStatus( $operation ); switch ( $status ) { case AuthManager::SEC_OK: return; @@ -137,8 +144,7 @@ class ApiAuthManagerHelper { public function loadAuthenticationRequests( $action ) { $params = $this->module->extractRequestParams(); - $manager = AuthManager::singleton(); - $reqs = $manager->getAuthenticationRequests( $action, $this->module->getUser() ); + $reqs = $this->authManager->getAuthenticationRequests( $action, $this->module->getUser() ); // Filter requests, if requested to do so $wantedRequests = null; diff --git a/includes/api/ApiChangeAuthenticationData.php b/includes/api/ApiChangeAuthenticationData.php index aa64444fd8d..f8bacce2abb 100644 --- a/includes/api/ApiChangeAuthenticationData.php +++ b/includes/api/ApiChangeAuthenticationData.php @@ -21,6 +21,7 @@ */ use MediaWiki\Auth\AuthManager; +use MediaWiki\MediaWikiServices; /** * Change authentication data with AuthManager @@ -38,8 +39,8 @@ class ApiChangeAuthenticationData extends ApiBase { $this->dieWithError( 'apierror-mustbeloggedin-changeauthenticationdata', 'notloggedin' ); } - $helper = new ApiAuthManagerHelper( $this ); - $manager = AuthManager::singleton(); + $manager = MediaWikiServices::getInstance()->getAuthManager(); + $helper = new ApiAuthManagerHelper( $this, $manager ); // Check security-sensitive operation status $helper->securitySensitiveOperation( 'ChangeCredentials' ); diff --git a/includes/api/ApiClientLogin.php b/includes/api/ApiClientLogin.php index 44f5a85947c..2047d8f5dd1 100644 --- a/includes/api/ApiClientLogin.php +++ b/includes/api/ApiClientLogin.php @@ -23,6 +23,7 @@ use MediaWiki\Auth\AuthenticationResponse; use MediaWiki\Auth\AuthManager; use MediaWiki\Auth\CreateFromLoginAuthenticationRequest; +use MediaWiki\MediaWikiServices; /** * Log in to the wiki with AuthManager @@ -64,8 +65,8 @@ class ApiClientLogin extends ApiBase { } } - $helper = new ApiAuthManagerHelper( $this ); - $manager = AuthManager::singleton(); + $manager = MediaWikiServices::getInstance()->getAuthManager(); + $helper = new ApiAuthManagerHelper( $this, $manager ); // Make sure it's possible to log in if ( !$manager->canAuthenticateNow() ) { diff --git a/includes/api/ApiLinkAccount.php b/includes/api/ApiLinkAccount.php index 3bd203a90ed..f6fe36bd6d8 100644 --- a/includes/api/ApiLinkAccount.php +++ b/includes/api/ApiLinkAccount.php @@ -22,6 +22,7 @@ use MediaWiki\Auth\AuthenticationResponse; use MediaWiki\Auth\AuthManager; +use MediaWiki\MediaWikiServices; /** * Link an account with AuthManager @@ -67,8 +68,8 @@ class ApiLinkAccount extends ApiBase { } } - $helper = new ApiAuthManagerHelper( $this ); - $manager = AuthManager::singleton(); + $manager = MediaWikiServices::getInstance()->getAuthManager(); + $helper = new ApiAuthManagerHelper( $this, $manager ); // Check security-sensitive operation status $helper->securitySensitiveOperation( 'LinkAccounts' ); diff --git a/includes/api/ApiLogin.php b/includes/api/ApiLogin.php index 1666be9e8e2..ee5b366b009 100644 --- a/includes/api/ApiLogin.php +++ b/includes/api/ApiLogin.php @@ -25,6 +25,7 @@ use MediaWiki\Auth\AuthenticationRequest; use MediaWiki\Auth\AuthenticationResponse; use MediaWiki\Auth\AuthManager; use MediaWiki\Logger\LoggerFactory; +use MediaWiki\MediaWikiServices; /** * Unit to authenticate log-in attempts to the current wiki. @@ -148,7 +149,7 @@ class ApiLogin extends ApiBase { if ( $authRes === false ) { // Simplified AuthManager login, for backwards compatibility - $manager = AuthManager::singleton(); + $manager = MediaWikiServices::getInstance()->getAuthManager(); $reqs = AuthenticationRequest::loadRequestsFromSubmission( $manager->getAuthenticationRequests( AuthManager::ACTION_LOGIN, $this->getUser() ), [ @@ -158,7 +159,7 @@ class ApiLogin extends ApiBase { 'rememberMe' => true, ] ); - $res = AuthManager::singleton()->beginAuthentication( $reqs, 'null:' ); + $res = $manager->beginAuthentication( $reqs, 'null:' ); switch ( $res->status ) { case AuthenticationResponse::PASS: if ( $this->getConfig()->get( 'EnableBotPasswords' ) ) { diff --git a/includes/api/ApiQueryAuthManagerInfo.php b/includes/api/ApiQueryAuthManagerInfo.php index d23d8988f3f..29467ef863d 100644 --- a/includes/api/ApiQueryAuthManagerInfo.php +++ b/includes/api/ApiQueryAuthManagerInfo.php @@ -22,6 +22,7 @@ */ use MediaWiki\Auth\AuthManager; +use MediaWiki\MediaWikiServices; /** * A query action to return meta information about AuthManager state. @@ -36,9 +37,8 @@ class ApiQueryAuthManagerInfo extends ApiQueryBase { public function execute() { $params = $this->extractRequestParams(); - $helper = new ApiAuthManagerHelper( $this ); - - $manager = AuthManager::singleton(); + $manager = MediaWikiServices::getInstance()->getAuthManager(); + $helper = new ApiAuthManagerHelper( $this, $manager ); $ret = [ 'canauthenticatenow' => $manager->canAuthenticateNow(), 'cancreateaccounts' => $manager->canCreateAccounts(), diff --git a/includes/api/ApiQueryUsers.php b/includes/api/ApiQueryUsers.php index 2907da5c688..1766bff81fb 100644 --- a/includes/api/ApiQueryUsers.php +++ b/includes/api/ApiQueryUsers.php @@ -21,6 +21,7 @@ */ use MediaWiki\Block\DatabaseBlock; +use MediaWiki\MediaWikiServices; /** * Query module to get information about a list of users @@ -297,7 +298,8 @@ class ApiQueryUsers extends ApiQueryBase { } else { $data[$u]['missing'] = true; if ( isset( $this->prop['cancreate'] ) ) { - $status = MediaWiki\Auth\AuthManager::singleton()->canCreateAccount( $u ); + $status = MediaWikiServices::getInstance()->getAuthManager() + ->canCreateAccount( $u ); $data[$u]['cancreate'] = $status->isGood(); if ( !$status->isGood() ) { $data[$u]['cancreateerror'] = $this->getErrorFormatter()->arrayFromStatus( $status ); diff --git a/includes/api/ApiRemoveAuthenticationData.php b/includes/api/ApiRemoveAuthenticationData.php index eeed94d6509..3354bbaa27f 100644 --- a/includes/api/ApiRemoveAuthenticationData.php +++ b/includes/api/ApiRemoveAuthenticationData.php @@ -22,6 +22,7 @@ use MediaWiki\Auth\AuthenticationRequest; use MediaWiki\Auth\AuthManager; +use MediaWiki\MediaWikiServices; /** * Remove authentication data from AuthManager @@ -50,10 +51,11 @@ class ApiRemoveAuthenticationData extends ApiBase { } $params = $this->extractRequestParams(); - $manager = AuthManager::singleton(); + $manager = MediaWikiServices::getInstance()->getAuthManager(); // Check security-sensitive operation status - ApiAuthManagerHelper::newForModule( $this )->securitySensitiveOperation( $this->operation ); + ApiAuthManagerHelper::newForModule( $this, $manager ) + ->securitySensitiveOperation( $this->operation ); // Fetch the request. No need to load from the request, so don't use // ApiAuthManagerHelper's method. diff --git a/includes/api/ApiValidatePassword.php b/includes/api/ApiValidatePassword.php index d43846a6f6b..ec54504e532 100644 --- a/includes/api/ApiValidatePassword.php +++ b/includes/api/ApiValidatePassword.php @@ -1,6 +1,6 @@ isAnon() || AuthManager::singleton()->userExists( $user->getName() ) ) { + if ( !$user->isAnon() || + MediaWikiServices::getInstance()->getAuthManager()->userExists( $user->getName() ) + ) { $this->dieWithError( 'userexists' ); }