Parent5446 has uploaded a new change for review. https://gerrit.wikimedia.org/r/132775
Change subject: Code-base cleanup ...................................................................... Code-base cleanup * Removed use of deprecated core features * Made code style fixes * Made pass phpcs-strict * Fixed special page aliases Change-Id: Iae2a0a7d6f0fb2ea5080795a06ae257af96dfaf6 --- M OATHAuth.alias.php M OATHAuth.i18n.php M OATHAuth.php M OATHUser.php M lib/base32.php M lib/hotp.php M special/SpecialOATH.php 7 files changed, 412 insertions(+), 262 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/OATHAuth refs/changes/75/132775/1 diff --git a/OATHAuth.alias.php b/OATHAuth.alias.php index 7945eb7..3069bb2 100644 --- a/OATHAuth.alias.php +++ b/OATHAuth.alias.php @@ -11,8 +11,7 @@ /** English (English) */ $specialPageAliases['en'] = array( - 'OATHAuth' => array( 'OATHAuth' ), - 'OATHAuthDisplay' => array( 'Display Token OATH Information' ), + 'OATH' => array( 'OATH', 'OATHAuth' ), ); /** Arabic (العربية) */ diff --git a/OATHAuth.i18n.php b/OATHAuth.i18n.php index d7579e6..a78d608 100644 --- a/OATHAuth.i18n.php +++ b/OATHAuth.i18n.php @@ -12,6 +12,7 @@ */ $messages = array(); if ( !function_exists( 'wfJsonI18nShim886e5f0000466d60' ) ) { + /** @noinspection PhpMissingDocCommentInspection */ function wfJsonI18nShim886e5f0000466d60( $cache, $code, &$cachedData ) { $codeSequence = array_merge( array( $code ), $cachedData['fallbackSequence'] ); foreach ( $codeSequence as $csCode ) { diff --git a/OATHAuth.php b/OATHAuth.php index 5e7d7f4..e7e1c1b 100644 --- a/OATHAuth.php +++ b/OATHAuth.php @@ -13,7 +13,7 @@ */ if ( !defined( 'MEDIAWIKI' ) ) { - echo( "This file is an extension to the MediaWiki software and cannot be used standalone.\n" ); + echo "This file is an extension to the MediaWiki software and cannot be used standalone.\n"; die( 1 ); } diff --git a/OATHUser.php b/OATHUser.php index dc8f665..a172eba 100644 --- a/OATHUser.php +++ b/OATHUser.php @@ -8,8 +8,29 @@ */ class OATHUser { + /** @var int User ID */ + private $id; - private $id, $secret, $secretReset, $scratchTokens, $scratchTokensReset, $account, $isEnabled, $isValidated; + /** @var string Two factor binary secret */ + private $secret; + + /** @var string New two factor secret when resetting */ + private $secretReset; + + /** @var string[] List of scratch tokens */ + private $scratchTokens; + + /** @var string[] New scratch tokens when resetting */ + private $scratchTokensReset; + + /** @var string Name for the two-factor account */ + private $account; + + /** @var bool Whether two-factor is enabled */ + private $isEnabled; + + /** @var bool Whether two-factor is validated */ + private $isValidated; /** * Constructor. Can't be called directly. Call one of the static NewFrom* methods @@ -20,8 +41,11 @@ * @param $scratchTokens * @param $scratchTokensReset * @param bool $isValidated bool + * @todo Get rid of telescoping constructor anti-pattern */ - public function __construct( $id, $account, $secret = null, $secretReset = null, $scratchTokens = null, $scratchTokensReset = null, $isValidated = false ) { + public function __construct( $id, $account, $secret = null, $secretReset = null, + $scratchTokens = null, $scratchTokensReset = null, $isValidated = false + ) { $this->id = $id; $this->account = $account; $this->isEnabled = true; @@ -120,7 +144,7 @@ * @return Boolean */ public function verifyToken( $token, $reset = false ) { - if ( $reset ) { + if ( $reset ) { $secret = $this->secretReset; } else { $secret = $this->secret; @@ -134,7 +158,8 @@ } } # See if the user is using a scratch token - for ( $i = 0; $i < count( $this->scratchTokens ); $i++ ) { + $length = count( $this->scratchTokens ); + for ( $i = 0; $i < $length; $i++ ) { if ( $token === $this->scratchTokens[$i] ) { # If there is a scratch token, remove it from the scratch token list unset( $this->scratchTokens[$i] ); @@ -219,8 +244,10 @@ $dbw = wfGetDB( DB_MASTER ); return $dbw->update( 'oathauth_users', - array( 'secret_reset' => $this->secretReset, - 'scratch_tokens_reset' => base64_encode( serialize( $this->scratchTokensReset ) ) ), + array( + 'secret_reset' => $this->secretReset, + 'scratch_tokens_reset' => base64_encode( serialize( $this->scratchTokensReset ) ) + ), array( 'id' => $this->id ), __METHOD__ ); @@ -233,7 +260,8 @@ $dbw = wfGetDB( DB_MASTER ); return $dbw->update( 'oathauth_users', - array( 'secret' => $this->secretReset, + array( + 'secret' => $this->secretReset, 'secret_reset' => null, 'scratch_tokens' => base64_encode( serialize( $this->scratchTokensReset ) ), 'scratch_tokens_reset' => null, @@ -287,7 +315,7 @@ */ static function ModifyUITemplate( &$template ) { $input = '<div><label for="wpOATHToken">' - . wfMsgHtml( 'oathauth-token' ) + . wfMessage( 'oathauth-token' )->escaped() . '</label>' . Html::input( 'wpOATHToken', null, 'text', array( 'class' => 'loginText', 'id' => 'wpOATHToken', 'tabindex' => '3', 'size' => '20' @@ -360,9 +388,16 @@ return $result; } + /** + * Determine if two-factor authentication is enabled for $wgUser + * + * @param bool &$isEnabled Will be set to true if enabled, false otherwise + * + * @return bool False if enabled, true otherwise + */ static function TwoFactorIsEnabled( &$isEnabled ) { global $wgUser; - + $user = OATHUser::newFromUser( $wgUser ); if ( $user && $user->isEnabled() && $user->isValidated() ) { $isEnabled = true; @@ -377,6 +412,14 @@ } } + /** + * Add the necessary user preferences for OATHAuth + * + * @param User $user + * @param array $preferences + * + * @return bool + */ public static function manageOATH( User $user, array &$preferences ) { $oathUser = OATHUser::newFromUser( $user ); @@ -385,25 +428,50 @@ $preferences['oath-disable'] = array( 'type' => 'info', 'raw' => 'true', - 'default' => Linker::link( $title, wfMsgHtml( 'oathauth-disable' ), array(), array( 'action' => 'disable', 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() ) ), + 'default' => Linker::link( + $title, + wfMessage( 'oathauth-disable' )->escaped(), + array(), + array( + 'action' => 'disable', + 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() + ) + ), 'label-message' => 'oathauth-prefs-label', 'section' => 'personal/info', ); $preferences['oath-reset'] = array( 'type' => 'info', 'raw' => 'true', - 'default' => Linker::link( $title, wfMsgHtml( 'oathauth-reset' ), array(), array( 'action' => 'reset', 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() ) ), + 'default' => Linker::link( + $title, + wfMessage( 'oathauth-reset' )->escaped(), + array(), + array( + 'action' => 'reset', + 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() + ) + ), 'section' => 'personal/info', ); } else { $preferences['oath-enable'] = array( 'type' => 'info', 'raw' => 'true', - 'default' => Linker::link( $title, wfMsgHtml( 'oathauth-enable' ), array(), array( 'action' => 'enable', 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() ) ), + 'default' => Linker::link( + $title, + wfMessage( 'oathauth-enable' )->escaped(), + array(), + array( + 'action' => 'enable', + 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() + ) + ), 'label-message' => 'oathauth-prefs-label', 'section' => 'personal/info', ); } + return true; } diff --git a/lib/base32.php b/lib/base32.php index 5523156..d1c01de 100644 --- a/lib/base32.php +++ b/lib/base32.php @@ -23,80 +23,81 @@ class Base32 { - private static $lut = array( - "A" => 0, "B" => 1, - "C" => 2, "D" => 3, - "E" => 4, "F" => 5, - "G" => 6, "H" => 7, - "I" => 8, "J" => 9, - "K" => 10, "L" => 11, - "M" => 12, "N" => 13, - "O" => 14, "P" => 15, - "Q" => 16, "R" => 17, - "S" => 18, "T" => 19, - "U" => 20, "V" => 21, - "W" => 22, "X" => 23, - "Y" => 24, "Z" => 25, - "2" => 26, "3" => 27, - "4" => 28, "5" => 29, - "6" => 30, "7" => 31 - ); + private static $lut = array( + "A" => 0, "B" => 1, + "C" => 2, "D" => 3, + "E" => 4, "F" => 5, + "G" => 6, "H" => 7, + "I" => 8, "J" => 9, + "K" => 10, "L" => 11, + "M" => 12, "N" => 13, + "O" => 14, "P" => 15, + "Q" => 16, "R" => 17, + "S" => 18, "T" => 19, + "U" => 20, "V" => 21, + "W" => 22, "X" => 23, + "Y" => 24, "Z" => 25, + "2" => 26, "3" => 27, + "4" => 28, "5" => 29, + "6" => 30, "7" => 31 + ); - /** - * Decodes a base32 string into a binary string according to RFC 4648. - **/ - public static function decode($b32) { + /** + * Decodes a base32 string into a binary string according to RFC 4648. + **/ + public static function decode($b32) { - $b32 = strtoupper($b32); + $b32 = strtoupper($b32); - if (!preg_match('/^[ABCDEFGHIJKLMNOPQRSTUVWXYZ234567]+$/', $b32, $match)) - throw new Exception('Invalid characters in the base32 string.'); + if (!preg_match('/^[ABCDEFGHIJKLMNOPQRSTUVWXYZ234567]+$/', $b32, $match)) + throw new Exception('Invalid characters in the base32 string.'); - $l = strlen($b32); - $n = 0; - $j = 0; - $binary = ""; + $l = strlen($b32); + $n = 0; + $j = 0; + $binary = ""; - for ($i = 0; $i < $l; $i++) { + for ($i = 0; $i < $l; $i++) { - $n = $n << 5; // Move buffer left by 5 to make room - $n = $n + self::$lut[$b32[$i]]; // Add value into buffer - $j = $j + 5; // Keep track of number of bits in buffer + $n = $n << 5; // Move buffer left by 5 to make room + $n = $n + self::$lut[$b32[$i]]; // Add value into buffer + $j = $j + 5; // Keep track of number of bits in buffer - if ($j >= 8) { - $j = $j - 8; - $binary .= chr(($n & (0xFF << $j)) >> $j); - } - } + if ($j >= 8) { + $j = $j - 8; + $binary .= chr(($n & (0xFF << $j)) >> $j); + } + } - return $binary; - } + return $binary; + } - /** - * Encodes a binary string into a base32 string according to RFC 4648 (no padding). - **/ - public static function encode($string) { + /** + * Encodes a binary string into a base32 string according to RFC 4648 (no padding). + **/ + public static function encode($string) { - if (empty($string)) - throw new Exception('Empty string.'); + if (empty($string)) + throw new Exception('Empty string.'); - $b32 = ""; - $binary = ""; + $b32 = ""; + $binary = ""; - $bytes = str_split($string); - for ($i = 0; $i < count($bytes); $i++) { - $bits = base_convert(ord($bytes[$i]), 10, 2); - $binary .= str_pad($bits, 8, '0', STR_PAD_LEFT); - } + $bytes = str_split($string); + $length = count( $bytes ); + for ($i = 0; $i < $length; $i++) { + $bits = base_convert(ord($bytes[$i]), 10, 2); + $binary .= str_pad($bits, 8, '0', STR_PAD_LEFT); + } - $map = array_keys(self::$lut); - $fivebits = str_split($binary, 5); - for ($i = 0; $i < count($fivebits); $i++) { - $dec = base_convert(str_pad($fivebits[$i], 5, '0'), 2, 10); - $b32 .= $map[$dec]; - } + $map = array_keys(self::$lut); + $fivebits = str_split($binary, 5); + $length = count( $fivebits ); + for ($i = 0; $i < $length; $i++) { + $dec = base_convert(str_pad($fivebits[$i], 5, '0'), 2, 10); + $b32 .= $map[$dec]; + } - return $b32; - } + return $b32; + } } -?> diff --git a/lib/hotp.php b/lib/hotp.php index 1801c0e..f5983a5 100644 --- a/lib/hotp.php +++ b/lib/hotp.php @@ -9,88 +9,95 @@ * @version 1.0 */ class HOTP { - /** - * Generate a HOTP key based on a counter value (event based HOTP) - * @param string $key the key to use for hashing - * @param int $counter the number of attempts represented in this hashing - * @return HOTPResult a HOTP Result which can be truncated or output - */ - public static function generateByCounter($key, $counter) { - // the counter value can be more than one byte long, - // so we need to pack it down properly. - $cur_counter = array(0, 0, 0, 0, 0, 0, 0, 0); - for($i = 7; $i >= 0; $i--) { - $cur_counter[$i] = pack ('C*', $counter); - $counter = $counter >> 8; - } - - $bin_counter = implode($cur_counter); - - // Pad to 8 chars - if (strlen($bin_counter) < 8) { - $bin_counter = str_repeat (chr(0), 8 - strlen ($bin_counter)) . $bin_counter; - } + /** + * Generate a HOTP key based on a counter value (event based HOTP) + * @param string $key the key to use for hashing + * @param int $counter the number of attempts represented in this hashing + * @return HOTPResult a HOTP Result which can be truncated or output + */ + public static function generateByCounter( $key, $counter ) { + // the counter value can be more than one byte long, + // so we need to pack it down properly. + $cur_counter = array( 0, 0, 0, 0, 0, 0, 0, 0 ); + for ( $i = 7; $i >= 0; $i-- ) { + $cur_counter[$i] = pack( 'C*', $counter ); + $counter = $counter >> 8; + } - // HMAC - $hash = hash_hmac('sha1', $bin_counter, $key); - - return new HOTPResult($hash); - } - - /** - * Generate a HOTP key based on a timestamp and window size - * @param string $key the key to use for hashing - * @param int $window the size of the window a key is valid for in seconds - * @param int $timestamp a timestamp to calculate for, defaults to time() - * @return HOTPResult a HOTP Result which can be truncated or output - */ - public static function generateByTime($key, $window, $timestamp = false) { - if (!$timestamp && $timestamp !== 0) { - $timestamp = HOTP::getTime(); - } - - $counter = intval($timestamp / $window); - - return HOTP::generateByCounter($key, $counter); - } - - /** - * Generate a HOTP key collection based on a timestamp and window size - * all keys that could exist between a start and end time will be included - * in the returned array - * @param string $key the key to use for hashing - * @param int $window the size of the window a key is valid for in seconds - * @param int $min the minimum window to accept before $timestamp - * @param int $max the maximum window to accept after $timestamp - * @param int $timestamp a timestamp to calculate for, defaults to time() - * @return array of HOTPResult - */ - public static function generateByTimeWindow($key, $window, $min = -1, $max = 1, $timestamp = false) { - if (!$timestamp && $timestamp !== 0) { - $timestamp = HOTP::getTime(); - } - - $counter = intval($timestamp / $window); - $window = range($min, $max); - - $out = array(); - for ($i = 0; $i < count($window); $i++) { - $shift_counter = $window[$i]; - $out[$shift_counter] = HOTP::generateByCounter($key, $counter + $shift_counter); - } - - return $out; - } - - /** - * Gets the current time - * Ensures we are operating in UTC for the entire framework - * Restores the timezone on exit. - * @return int the current time - */ - public static function getTime() { - return time(); // PHP's time is always UTC - } + $bin_counter = implode( $cur_counter ); + + // Pad to 8 chars + if ( strlen( $bin_counter ) < 8) { + $bin_counter = str_repeat( "\0", 8 - strlen( $bin_counter ) ) . $bin_counter; + } + + // HMAC + $hash = hash_hmac( 'sha1', $bin_counter, $key ); + + return new HOTPResult( $hash ); + } + + /** + * Generate a HOTP key based on a timestamp and window size + * + * @param string $key the key to use for hashing + * @param int $window the size of the window a key is valid for in seconds + * @param int|bool $timestamp a timestamp to calculate for, defaults to time() + * + * @return HOTPResult a HOTP Result which can be truncated or output + */ + public static function generateByTime( $key, $window, $timestamp = false ) { + if ( !$timestamp && $timestamp !== 0 ) { + $timestamp = HOTP::getTime(); + } + + $counter = (int)( $timestamp / $window ); + + return HOTP::generateByCounter( $key, $counter ); + } + + /** + * Generate a HOTP key collection based on a timestamp and window size + * all keys that could exist between a start and end time will be included + * in the returned array + * + * @param string $key the key to use for hashing + * @param int $window the size of the window a key is valid for in seconds + * @param int $min the minimum window to accept before $timestamp + * @param int $max the maximum window to accept after $timestamp + * @param int|bool $timestamp a timestamp to calculate for, defaults to time() + * + * @return HOTPResult[] + */ + public static function generateByTimeWindow( $key, $window, $min = -1, + $max = 1, $timestamp = false + ) { + if ( !$timestamp && $timestamp !== 0 ) { + $timestamp = HOTP::getTime(); + } + + $counter = (int)( $timestamp / $window ); + $window = range( $min, $max ); + + $out = array(); + $length = count( $window ); + for ( $i = 0; $i < $length; $i++ ) { + $shift_counter = $window[$i]; + $out[$shift_counter] = HOTP::generateByCounter($key, $counter + $shift_counter); + } + + return $out; + } + + /** + * Gets the current time + * Ensures we are operating in UTC for the entire framework + * Restores the timezone on exit. + * @return int the current time + */ + public static function getTime() { + return time(); // PHP's time is always UTC + } } /** @@ -99,73 +106,73 @@ * @author Jakob Heuser (firstname)@felocity.com */ class HOTPResult { - protected $hash; - protected $binary; - protected $decimal; - - /** - * Build an HOTP Result - * @param string $value the value to construct with - */ - public function __construct($value) { - // store raw - $this->hash = $value; - - // store calculate decimal - $hmac_result = array(); - - // Convert to decimal - foreach(str_split($this->hash,2) as $hex) - { - $hmac_result[] = hexdec($hex); - } - - $offset = $hmac_result[19] & 0xf; - - $this->decimal = ( - (($hmac_result[$offset+0] & 0x7f) << 24 ) | - (($hmac_result[$offset+1] & 0xff) << 16 ) | - (($hmac_result[$offset+2] & 0xff) << 8 ) | - ($hmac_result[$offset+3] & 0xff) - ); - - // calculate hex - $this->hex = dechex($this->decimal); - } - - /** - * Returns the string version of the HOTP - * @return string - */ - public function toString() { - return $this->hash; - } - - /** - * Returns the hex version of the HOTP - * @return string - */ - public function toHex() { - return $this->hex; - } - - /** - * Returns the decimal version of the HOTP - * @return int - */ - public function toDec() { - return $this->decimal; - } - - /** - * Returns the truncated decimal form of the HOTP - * @param int $length the length of the HOTP to return - * @return string - */ - public function toHOTP($length) { - $str = str_pad($this->toDec(), $length, "0", STR_PAD_LEFT); - $str = substr($str, (-1 * $length)); - return $str; - } + protected $hash; + protected $binary; + protected $decimal; + + /** + * Build an HOTP Result + * @param string $value the value to construct with + */ + public function __construct( $value ) { + // store raw + $this->hash = $value; + + // store calculate decimal + $hmac_result = array(); + + // Convert to decimal + foreach ( str_split( $this->hash, 2 ) as $hex ) { + $hmac_result[] = hexdec($hex); + } + + $offset = $hmac_result[19] & 0xf; + + $this->decimal = ( + ( ( $hmac_result[$offset+0] & 0x7f ) << 24 ) | + ( ( $hmac_result[$offset+1] & 0xff ) << 16 ) | + ( ( $hmac_result[$offset+2] & 0xff ) << 8 ) | + ( $hmac_result[$offset+3] & 0xff ) + ); + + // calculate hex + $this->hex = dechex( $this->decimal ); + } + + /** + * Returns the string version of the HOTP + * @return string + */ + public function toString() { + return $this->hash; + } + + /** + * Returns the hex version of the HOTP + * @return string + */ + public function toHex() { + return $this->hex; + } + + /** + * Returns the decimal version of the HOTP + * @return int + */ + public function toDec() { + return $this->decimal; + } + + /** + * Returns the truncated decimal form of the HOTP + * @param int $length the length of the HOTP to return + * @return string + */ + public function toHOTP( $length ) { + $str = str_pad( $this->toDec(), $length, "0", STR_PAD_LEFT ); + $str = substr( $str, ( -1 * $length ) ); + + return $str; + } } diff --git a/special/SpecialOATH.php b/special/SpecialOATH.php index c7fcd09..9484e06 100644 --- a/special/SpecialOATH.php +++ b/special/SpecialOATH.php @@ -9,18 +9,27 @@ class SpecialOATH extends UnlistedSpecialPage { - var $OATHUser; + /** @var OATHUser|null */ + private $OATHUser; - function __construct() { + /** + * Initialize the OATH user based on the current local User object in the context + */ + public function __construct() { parent::__construct( 'OATH' ); $this->OATHUser = OATHUser::newFromUser( $this->getUser() ); } - function execute( $par ) { + /** + * Perform the correct form based on the action + * + * @param null|string $par Sub-page + */ + public function execute( $par ) { if ( !$this->getUser()->isLoggedIn() ) { $this->setHeaders(); - $this->getOutput()->setPagetitle( wfMsg( 'oathauth-notloggedin' ) ); + $this->getOutput()->setPagetitle( $this->msg( 'oathauth-notloggedin' ) ); $this->getOutput()->addWikiMsg( 'oathauth-mustbeloggedin' ); return; } @@ -39,9 +48,9 @@ /** * @return bool */ - function enable() { + private function enable() { $this->setHeaders(); - $this->getOutput()->setPagetitle( wfMsg( 'oathauth-enable' ) ); + $this->getOutput()->setPagetitle( $this->msg( 'oathauth-enable' ) ); $returnto = $this->getRequest()->getVal( 'returnto' ); if ( !$this->OATHUser->isEnabled() ) { @@ -92,34 +101,43 @@ /** * @param $reset bool */ - function displaySecret( $reset = false ) { + private function displaySecret( $reset = false ) { $this->getOutput()->addModules( 'ext.oathauth' ); if ( $reset ) { $secret = $this->OATHUser->getSecretReset(); } else { $secret = $this->OATHUser->getSecret(); } - $out = '<strong>' . wfMsgHtml( 'oathauth-account' ) . '</strong> ' . $this->OATHUser->getAccount() . '<br/>'; - $out .= '<strong>' . wfMsgHtml( 'oathauth-secret' ) . '</strong> ' . $secret . '<br/>'; - $out .= '<br/>'; - $out .= '<div id="qrcode"></div>'; - $this->getOutput()->addInlineScript( 'jQuery("#qrcode").qrcode("otpauth://totp/' . $this->OATHUser->getAccount() . '?secret=' . $secret . '")' ); + $out = '<strong>' . $this->msg( 'oathauth-account' )->escaped() . '</strong> ' + . $this->OATHUser->getAccount() . '<br/>' + . '<strong>' . $this->msg( 'oathauth-secret' )->escaped() . '</strong> ' + . $secret . '<br/>' + . '<br/>' + . '<div id="qrcode"></div>'; + + $this->getOutput()->addInlineScript( + 'jQuery("#qrcode").qrcode("otpauth://totp/' + . $this->OATHUser->getAccount() + . '?secret=' . $secret . '")' + ); $this->getOutput()->addHTML( $out ); $this->getOutput()->addWikiMsg( 'openstackmanager-scratchtokens' ); if ( $reset ) { - $this->getOutput()->addHTML( $this->createResourceList( $this->OATHUser->getScratchTokensReset() ) ); + $this->getOutput()->addHTML( + $this->createResourceList( $this->OATHUser->getScratchTokensReset() ) ); } else { - $this->getOutput()->addHTML( $this->createResourceList( $this->OATHUser->getScratchTokens() ) ); + $this->getOutput()->addHTML( + $this->createResourceList( $this->OATHUser->getScratchTokens() ) ); } } /** * @return bool */ - function validate() { + private function validate() { $this->setHeaders(); - $this->getOutput()->setPagetitle( wfMsg( 'oathauth-enable' ) ); + $this->getOutput()->setPagetitle( $this->msg( 'oathauth-enable' ) ); $mode = $this->getRequest()->getVal( 'mode' ); $returnto = $this->getRequest()->getVal( 'returnto' ); @@ -159,9 +177,9 @@ /** * @return bool */ - function reset() { + private function reset() { $this->setHeaders(); - $this->getOutput()->setPagetitle( wfMsg( 'oathauth-reset' ) ); + $this->getOutput()->setPagetitle( $this->msg( 'oathauth-reset' ) ); $returnto = $this->getRequest()->getVal( 'returnto' ); $info['token'] = array( @@ -193,9 +211,9 @@ /** * @return bool */ - function disable() { + private function disable() { $this->setHeaders(); - $this->getOutput()->setPagetitle( wfMsg( 'oathauth-disable' ) ); + $this->getOutput()->setPagetitle( $this->msg( 'oathauth-disable' ) ); $returnto = $this->getRequest()->getVal( 'returnto' ); $info['token'] = array( @@ -228,7 +246,7 @@ * @param $resources array * @return string */ - function createResourceList( $resources ) { + private function createResourceList( $resources ) { $resourceList = ''; foreach ( $resources as $resource ) { $resourceList .= Html::rawElement( 'li', array(), $resource ); @@ -238,16 +256,16 @@ /** * @param $formData array - * @param $entryPoint string * @return bool */ - function tryValidateSubmit( $formData, $entryPoint = 'internal' ) { + public function tryValidateSubmit( $formData ) { $mode = $formData['mode']; if ( $mode == "reset" ) { $reset = true; } else { $reset = false; } + $verify = $this->OATHUser->verifyToken( $formData['token'], $reset ); if ( $verify ) { if ( $reset ) { @@ -258,38 +276,63 @@ } else { $result = false; } + + $out = ''; if ( $result ) { $this->getOutput()->addWikiMsg( 'oathauth-validatedoath' ); if ( $formData['returnto'] ) { $out = '<br />'; $title = Title::newFromText( $formData['returnto'] ); - $out = Linker::link( $title, wfMsgHtml( 'oathauth-backtopreferences' ) ); + $out .= Linker::link( $title, $this->msg( 'oathauth-backtopreferences' )->escaped() ); } } else { $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); $out = '<br />'; if ( $reset ) { - $out .= Linker::link( $this->getTitle(), wfMsgHtml( 'oathauth-reattemptreset' ), array(), array( 'action' => 'enable', 'mode' => 'reset', 'returnto' => $formData['returnto'] ) ); + $out .= Linker::link( + $this->getPageTitle(), + $this->msg( 'oathauth-reattemptreset' )->escaped(), + array(), + array( + 'action' => 'enable', + 'mode' => 'reset', + 'returnto' => $formData['returnto'] + ) + ); } else { - $out .= Linker::link( $this->getTitle(), wfMsgHtml( 'oathauth-reattemptenable' ), array(), array( 'action' => 'enable', 'returnto' => $formData['returnto'] ) ); + $out .= Linker::link( + $this->getPageTitle(), + $this->msg( 'oathauth-reattemptenable' )->escaped(), + array(), + array( + 'action' => 'enable', + 'returnto' => $formData['returnto'] + ) + ); } } + $this->getOutput()->addHTML( $out ); + return true; } /** * @param $formData array - * @param $entryPoint string * @return bool */ - function tryDisableSubmit( $formData, $entryPoint = 'internal' ) { + public function tryDisableSubmit( $formData ) { $verify = $this->OATHUser->verifyToken( $formData['token'] ); if ( !$verify ) { $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); $out = '<br />'; - $out .= Linker::link( $this->getTitle(), wfMsgHtml( 'oathauth-reattemptdisable' ), array(), array( 'action' => 'disable' ) ); + $out .= Linker::link( + $this->getPageTitle(), + $this->msg( 'oathauth-reattemptdisable' )->escaped(), + array(), + array( 'action' => 'disable' ) + ); $this->getOutput()->addHTML( $out ); return true; } @@ -300,14 +343,21 @@ if ( $formData['returnto'] ) { $out = '<br />'; $title = Title::newFromText( $formData['returnto'] ); - $out .= Linker::link( $title, wfMsgHtml( 'oathauth-backtopreferences' ) ); + $out .= Linker::link( $title, $this->msg( 'oathauth-backtopreferences' )->escaped() ); $this->getOutput()->addHTML( $out ); } } else { $this->getOutput()->addWikiMsg( 'oathauth-failedtodisableoauth' ); $out = '<br />'; - $out .= Linker::link( $this->getTitle(), wfMsgHtml( 'oathauth-reattemptdisable' ), array( 'action' => 'disable', 'returnto' => $formData['returnto'] ) ); + $out .= Linker::link( + $this->getPageTitle(), + $this->msg( 'oathauth-reattemptdisable' )->escaped(), + array( + 'action' => 'disable', + 'returnto' => $formData['returnto'], + ) + ); $this->getOutput()->addHTML( $out ); } return true; @@ -315,16 +365,25 @@ /** * @param $formData array - * @param $entryPoint string * @return bool */ - function tryResetSubmit( $formData, $entryPoint = 'internal' ) { + public function tryResetSubmit( $formData ) { $verify = $this->OATHUser->verifyToken( $formData['token'] ); if ( !$verify ) { $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); $out = '<br />'; - $out .= Linker::link( $this->getTitle(), wfMsgHtml( 'oathauth-reattemptreset' ), array(), array( 'action' => 'reset', 'returnto' => $formData['returnto'] ) ); + $out .= Linker::link( + $this->getPageTitle(), + $this->msg( 'oathauth-reattemptreset' )->escaped(), + array(), + array( + 'action' => 'reset', + 'returnto' => $formData['returnto'] + ) + ); + $this->getOutput()->addHTML( $out ); + return true; } @@ -351,7 +410,13 @@ 'name' => 'action', ); $myContext = new DerivativeContext( $this->getContext() ); - $myRequest = new DerivativeRequest( $this->getRequest(), array( 'action' => 'validate', 'mode' => 'reset', 'token' => '', 'returnto' => $formData['returnto'] ), false ); + $myRequest = new DerivativeRequest( $this->getRequest(), + array( + 'action' => 'validate', + 'mode' => 'reset', + 'token' => '', + 'returnto' => $formData['returnto'] + ), false ); $myContext->setRequest( $myRequest ); $form = new HTMLForm( $info, $myContext ); $form->setSubmitID( 'oathauth-validate-submit' ); @@ -364,9 +429,18 @@ } else { $this->getOutput()->addWikiMsg( 'oathauth-failedtoresetoath' ); $out = '<br />'; - $out .= Linker::link( $this->getTitle(), wfMsgHtml( 'oathauth-reattemptreset' ), array(), array( 'action' => 'reset', 'returnto' => $formData['returnto'] ) ); + $out .= Linker::link( + $this->getPageTitle(), + $this->msg( 'oathauth-reattemptreset' )->escaped(), + array(), + array( + 'action' => 'reset', + 'returnto' => $formData['returnto'] + ) + ); $this->getOutput()->addHTML( $out ); } + return true; } -- To view, visit https://gerrit.wikimedia.org/r/132775 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Iae2a0a7d6f0fb2ea5080795a06ae257af96dfaf6 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/OATHAuth Gerrit-Branch: master Gerrit-Owner: Parent5446 <tylerro...@gmail.com> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits