Home Explore Help
Sign In
NeoZones
/
pennyspages
mirror of https://github.com/NeoZones/pennyspages
Watch 2
Star 0
Fork 0
Files Issues 0 Wiki
Branch: main
Branches Tags
pennyspages
/
includes
/
specials
/
SpecialUnlinkAccounts.php

SpecialUnlinkAccounts.php 2.8 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495 
  1. <?php
    2. 

  2. 

  3. use MediaWiki\Auth\AuthenticationResponse;
    4. 

  4. use MediaWiki\Auth\AuthManager;
    5. 

  5. use MediaWiki\Session\SessionManager;
    6. 

  6. 

  7. class SpecialUnlinkAccounts extends AuthManagerSpecialPage {
    8. 

  8. 	protected static $allowedActions = [ AuthManager::ACTION_UNLINK ];
    9. 

  9. 

  10. 	public function __construct() {
    11. 

  11. 		parent::__construct( 'UnlinkAccounts' );
    12. 

  12. 	}
    13. 

  13. 

  14. 	protected function getLoginSecurityLevel() {
    15. 

  15. 		return 'UnlinkAccount';
    16. 

  16. 	}
    17. 

  17. 

  18. 	protected function getDefaultAction( $subPage ) {
    19. 

  19. 		return AuthManager::ACTION_UNLINK;
    20. 

  20. 	}
    21. 

  21. 

  22. 	/**
    23. 

  23. 	 * Under which header this special page is listed in Special:SpecialPages.
    24. 

  24. 	 * @return string
    25. 

  25. 	 */
    26. 

  26. 	protected function getGroupName() {
    27. 

  27. 		return 'users';
    28. 

  28. 	}
    29. 

  29. 

  30. 	public function isListed() {
    31. 

  31. 		return AuthManager::singleton()->canLinkAccounts();
    32. 

  32. 	}
    33. 

  33. 

  34. 	protected function getRequestBlacklist() {
    35. 

  35. 		return $this->getConfig()->get( 'RemoveCredentialsBlacklist' );
    36. 

  36. 	}
    37. 

  37. 

  38. 	public function execute( $subPage ) {
    39. 

  39. 		$this->setHeaders();
    40. 

  40. 		$this->loadAuth( $subPage );
    41. 

  41. 

  42. 		if ( !$this->isActionAllowed( $this->authAction ) ) {
    43. 

  43. 			if ( $this->authAction === AuthManager::ACTION_UNLINK ) {
    44. 

  44. 				// Looks like there are no linked accounts to unlink
    45. 

  45. 				$titleMessage = $this->msg( 'cannotunlink-no-provider-title' );
    46. 

  46. 				$errorMessage = $this->msg( 'cannotunlink-no-provider' );
    47. 

  47. 				throw new ErrorPageError( $titleMessage, $errorMessage );
    48. 

  48. 			} else {
    49. 

  49. 				// user probably back-button-navigated into an auth session that no longer exists
    50. 

  50. 				// FIXME would be nice to show a message
    51. 

  51. 				$this->getOutput()->redirect( $this->getPageTitle()->getFullURL( '', false, PROTO_HTTPS ) );
    52. 

  52. 				return;
    53. 

  53. 			}
    54. 

  54. 		}
    55. 

  55. 

  56. 		$this->outputHeader();
    57. 

  57. 

  58. 		$status = $this->trySubmit();
    59. 

  59. 

  60. 		if ( $status === false || !$status->isOK() ) {
    61. 

  61. 			$this->displayForm( $status );
    62. 

  62. 			return;
    63. 

  63. 		}
    64. 

  64. 

  65. 		/** @var AuthenticationResponse $response */
    66. 

  66. 		$response = $status->getValue();
    67. 

  67. 

  68. 		if ( $response->status === AuthenticationResponse::FAIL ) {
    69. 

  69. 			$this->displayForm( StatusValue::newFatal( $response->message ) );
    70. 

  70. 			return;
    71. 

  71. 		}
    72. 

  72. 

  73. 		$status = StatusValue::newGood();
    74. 

  74. 		$status->warning( $this->msg( 'unlinkaccounts-success' ) );
    75. 

  75. 		$this->loadAuth( $subPage, null, true ); // update requests so the unlinked one doesn't show up
    76. 

  76. 

  77. 		// Reset sessions - if the user unlinked an account because it was compromised,
    78. 

  78. 		// log attackers out from sessions obtained via that account.
    79. 

  79. 		$session = $this->getRequest()->getSession();
    80. 

  80. 		$user = $this->getUser();
    81. 

  81. 		SessionManager::singleton()->invalidateSessionsForUser( $user );
    82. 

  82. 		$session->setUser( $user );
    83. 

  83. 		$session->resetId();
    84. 

  84. 

  85. 		$this->displayForm( $status );
    86. 

  86. 	}
    87. 

  87. 

  88. 	public function handleFormSubmit( $data ) {
    89. 

  89. 		// unlink requests do not accept user input so repeat parent code but skip call to
    90. 

  90. 		// AuthenticationRequest::loadRequestsFromSubmission
    91. 

  91. 		$response = $this->performAuthenticationStep( $this->authAction, $this->authRequests );
    92. 

  92. 		return Status::newGood( $response );
    93. 

  93. 	}
    94. 

  94. }
    95. 

  95.