While prepping the code base for using etsy/phan i found a few problems.
A couple are real problems, while others are just places etsy couldn't
figure out the types.
* AuthPlugin referenced UserLoginTemplate which doesn't exist. Tracing
back usages this accepts classes that extend from BaseTemplate.
* DatabaseSqlite had an invalid @var annotation.
* LoadBalancer had some missing or under-defined annotations. Make them
more specific where possible.
* SqlBagOStuff didn't have the appropriate use statement for
WaitConditionLoop and probably doesn't work. Also updated annotations
that point to non-existent DatabaseBase to use IDatabase.
Change-Id: Iff2270b418ad2f8f97cfdb6df646c435d3283536
This implements the AuthManager class and its needed interfaces and
subclasses, and integrates them into the backend portion of MediaWiki.
Integration with frontend portions of MediaWiki (e.g. ApiLogin,
Special:Login) is left for a followup.
Bug: T91699
Bug: T71589
Bug: T111299
Co-Authored-By: Gergő Tisza <gtisza@wikimedia.org>
Change-Id: If89d24838e326fe25fe867d02181eebcfbb0e196
Most of the time calling User::setToken() is enough, but CentralAuth
needs to be able to call CentralAuthUser::resetAuthToken() on command.
Change-Id: Iad2ae914a81481f040e047b550f3fd3437277626
* LocalUserCreated: Replaces AuthPlugin::initUser()
* UserGroupsChanged: Replaces AuthPlugin::updateExternalDBGroups()
** The similar UserRights hook is deprecated, mainly to get rid of the
passing of $user by reference.
* UserIsHidden: Replaces AuthPluginUser::isHidden()
* UserIsLocked: Replaces AuthPluginUser::isLocked()
* UserLoggedIn: Replaces AuthPlugin::updateUser()
Also, AuthPlugin::updateExternalDB() is deprecated in favor of the
existing UserSaveSettings hook.
Also, 'ResetSessionID' has been removed. Nothing uses it, I don't know
why I even added it in the first place.
Also, replacing the User object passed to AuthPlugin::initUser() and
AuthPlugin::updateUser() will now raise a warning.
Change-Id: If7474cfb26a29b11c2e78147069419ca3b1cba95
Swapped some "$var type" to "type $var" or added missing types
before the $var. Changed some other types to match the more common
spelling. Makes beginning of some text in captial.
Also added some missing @param.
Change-Id: I7f605aa9e117b5fd80d9b1440864fe526d2b14a5
This enables plugins to add/remove groups in an external authentication
service when a group is added via the MediaWiki interface without relying
on the related Hooks. Relying on the Hook would mean that a plugin cannot
use User::addGroup or User::delGroup to add/remove groups comming FROM
the authentication service, as these functions would call the hook and
then redundantly add these groups to the auth-service again.
Change-Id: Ia04d5bb30831a89dfc66128e3c335bbe07f724b6
Doxygen expects parameter types to come before the
parameter name in @param tags. Used a quick regex
to switch everything around where possible. This
only fixes cases where a primitve variable (or a
primitive followed by other types) is the variable
type. Other cases will need to be fixed manually.
Change-Id: Ic59fd20856eb0489d70f3469a56ebce0efb3db13
Allow AuthPlugin to determine if user passwords should be stored
locally.
* Released as part of 1.20wmf10, 1.19.2, 1.18.5
Change-Id: Ie41bed7ecf5390f8815128c227bae371880a6058
[21-Jun-2012 20:35:17] PHP Notice: Undefined property: AuthPlugin::$domain in /www/w/includes/AuthPlugin.php on line 92
Change-Id: I0c470b41881e0fd12d9615f7ac258feeff1a52e4
Adding a function to AuthPlugin for getting the user's domain. This allows the extension to determine how the user's domain is get and set, rather than core.
Change-Id: Ib2414bd55dfde67f7caf6439680fa88d9266e991
* Login doesn't attach to session properly, so can't stay logged in!
* Password field shown in plaintext!
If it just DOESN'T WORK please keep it on a work branch, don't put it in trunk!
Reverted:
r56682
r56683
r56684
r56686
r56688
r56696
r56699
r56702
r56703
r56704
r56782
r56896
r55990 "* Totally refactor includes/specials/SpecialUserlogin.php:"
r55991 "Followup to r55990 - Remove debugging hack :("
r55994 "Followup to r55990 - rename method to avoid PHP Strict warnings"
r55997 "Follow-up to r55990, per comments:"
Continued reports of breakage with the new version...
Non-vital changes of this magnitude should probably be worked up on a branch to ensure everything's consistent before pushing them to trunk.
** Split backend stuff out into includes/Login.php
** Split account creation and login stuff up, into includes/specials/CreateAccount.php and includes/specials/Userlogin.php.
* Reimplement the special pages as subclasses of SpecialPage
* Use HTMLForm to generate the input forms
** Deprecate and delete includes/templates/Userlogin.php, which is horrible and old :D
This changes the syntax of the UserLoginForm and UserCreateForm hooks, and AuthPlugin::modifyUITemplate; they now receive the SpecialPage subclass rather than the template to work with. Update everything I could find in SVN to accommodate this.
* Update some URLs (pages moved from meta to mw.org)
* Update and fix some comments
* Fix indentation and whitespace in phase3/includes/filerepo/ICRepo.php
of the strict() authentication behavior.
Fixes the hole where old local passwords could still be used to log into the global account after merging.
Based on patch by Rotem Liss from http://he.wikipedia.org/wiki/%D7%9E%D7%A9%D7%AA%D7%9E%D7%A9:Rotemliss/CentralAuth#2
Changed function name from authenticateLocally() to strictUserAuth() and reversed return value to mesh a little better with strict()
optional fields, which may be considered useful at registration time.
This fixes the problem where the e-mail address given for a new account
got replaced with null. Woops!
field should be cleared to an unusable state. Login will only be possible
after the password is reset, for instance by e-mail.
* (bug 6394) Invalidate the password set for "by e-mail" account creations
to avoid accidental empty password creations.
