Parent5446 has uploaded a new change for review. https://gerrit.wikimedia.org/r/134789
Change subject: Refactored special pages into HTMLForm and proxy ...................................................................... Refactored special pages into HTMLForm and proxy Made new class ProxySpecialPage, which acts as a proxy object to another SpecialPage object that is determined based on context information other than the title. Then Special:OATH has been split into two separate special page classes (both FormSpecialPages using HTMLForm) that are routed to by a ProxySpecialPage object. In addition, the form for enabling two-factor auth has been refactored into vform style, with some better instructions on how to enable two-factor authentication. Change-Id: Ib9117cbc9d7f044de9607db81a157e1b472b5ec0 --- A special/ProxySpecialPage.php M special/SpecialOATH.php A special/SpecialOATHDisable.php A special/SpecialOATHEnable.php 4 files changed, 417 insertions(+), 237 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/OATHAuth refs/changes/89/134789/1 diff --git a/special/ProxySpecialPage.php b/special/ProxySpecialPage.php new file mode 100644 index 0000000..ec62807 --- /dev/null +++ b/special/ProxySpecialPage.php @@ -0,0 +1,11 @@ +<?php +/** + * Created by PhpStorm. + * User: parent5446 + * Date: 5/21/14 + * Time: 16:44 + */ + +class ProxySpecialPage { + +} \ No newline at end of file diff --git a/special/SpecialOATH.php b/special/SpecialOATH.php index b9465be..4e79246 100644 --- a/special/SpecialOATH.php +++ b/special/SpecialOATH.php @@ -1,242 +1,11 @@ <?php - /** - * Special page to display key information to the user - * - * @file - * @ingroup Extensions + * Created by PhpStorm. + * User: parent5446 + * Date: 5/21/14 + * Time: 21:07 */ -class SpecialOATH extends UnlistedSpecialPage { - /** @var OATHUser|null */ - private $OATHUser; +class SpecialOATH { - /** - * Initialize the OATH user based on the current local User object in the context - */ - public function __construct() { - parent::__construct( 'OATH' ); - - $this->OATHUser = OATHUser::newFromUser( $this->getUser() ); - } - - /** - * Perform the correct form based on the action - * - * @param null|string $par Sub-page - */ - public function execute( $par ) { - if ( !$this->getUser()->isLoggedIn() ) { - $this->setHeaders(); - $this->getOutput()->setPagetitle( $this->msg( 'oathauth-notloggedin' ) ); - $this->getOutput()->addWikiMsg( 'oathauth-mustbeloggedin' ); - return; - } - - $action = $this->getRequest()->getVal( 'action' ); - if ( $action == "enable" ) { - $this->enable(); - } elseif ( $action == "disable" ) { - $this->disable(); - } - } - - /** - * @return bool - */ - private function enable() { - $this->setHeaders(); - $this->getOutput()->setPagetitle( $this->msg( 'oathauth-enable' ) ); - $returnto = $this->getRequest()->getVal( 'returnto' ); - - if ( $this->OATHUser->getKey() ) { - $this->getOutput()->addWikiMsg( 'oathauth-alreadyenabled' ); - - return true; - } - - if ( null === $this->getRequest()->getSessionData( 'oathauth_key' ) ) { - $this->getRequest()->setSessionData( 'oathauth_key', OATHAuthKey::newFromRandom() ); - } - - $info['token'] = array( - 'type' => 'text', - 'default' => '', - 'label-message' => 'oathauth-token', - 'name' => 'token', - ); - $info['mode'] = array( - 'type' => 'hidden', - 'default' => 'enable', - 'name' => 'mode', - ); - $info['returnto'] = array( - 'type' => 'hidden', - 'default' => $returnto, - 'name' => 'returnto', - ); - $info['action'] = array( - 'type' => 'hidden', - 'default' => 'enable', - 'name' => 'action', - ); - $form = new HTMLForm( - $info, - $this->getContext(), - 'oathauth-verify' - ); - $form->setSubmitID( 'oathauth-validate-submit' ); - $form->setSubmitCallback( array( $this, 'tryValidateSubmit' ) ); - if ( !$form->show() ) { - $this->displaySecret(); - } - - return true; - } - - private function displaySecret() { - $this->getOutput()->addModules( 'ext.oathauth' ); - - /** @var OATHAuthKey $key */ - $key = $this->getRequest()->getSessionData( 'oathauth_key' ); - $secret = $key->getSecret(); - - $out = '<strong>' . $this->msg( 'oathauth-account' )->escaped() . '</strong> ' - . $this->OATHUser->getAccount() . '<br/>' - . '<strong>' . $this->msg( 'oathauth-secret' )->escaped() . '</strong> ' - . $secret . '<br/>' - . '<br/>' - . '<div id="qrcode"></div>'; - - $this->getOutput()->addInlineScript( - 'jQuery("#qrcode").qrcode("otpauth://totp/' - . $this->OATHUser->getAccount() - . '?secret=' . $secret . '")' - ); - - $this->getOutput()->addHTML( $out ); - $this->getOutput()->addWikiMsg( 'openstackmanager-scratchtokens' ); - $this->getOutput()->addHTML( - $this->createResourceList( $key->getScratchTokens() ) ); - } - - /** - * @return bool - */ - private function disable() { - $this->setHeaders(); - $this->getOutput()->setPagetitle( $this->msg( 'oathauth-disable' ) ); - $returnto = $this->getRequest()->getVal( 'returnto' ); - - $info['token'] = array( - 'type' => 'text', - 'label-message' => 'oathauth-token', - 'name' => 'token', - ); - $info['returnto'] = array( - 'type' => 'hidden', - 'default' => $returnto, - 'name' => 'returnto', - ); - $info['action'] = array( - 'type' => 'hidden', - 'default' => 'disable', - 'name' => 'action', - ); - $form = new HTMLForm( - $info, - $this->getContext(), - 'oathauth-disable' - ); - $form->setSubmitID( 'oauth-form-disablesubmit' ); - $form->setSubmitCallback( array( $this, 'tryDisableSubmit' ) ); - $form->show(); - return true; - } - - /** - * @param $resources array - * @return string - */ - private function createResourceList( $resources ) { - $resourceList = ''; - foreach ( $resources as $resource ) { - $resourceList .= Html::rawElement( 'li', array(), $resource ); - } - return Html::rawElement( 'ul', array(), $resourceList ); - } - - /** - * @param $formData array - * @return bool - */ - public function tryValidateSubmit( $formData ) { - /** @var OATHAuthKey $key */ - $key = $this->getRequest()->getSessionData( 'oathauth_key' ); - - $verify = $key->verifyToken( $formData['token'] ); - $out = ''; - if ( $verify ) { - $this->OATHUser->setKey( $key ); - $this->OATHUser->save(); - $this->getRequest()->setSessionData( 'oathauth_key', null ); - - $this->getOutput()->addWikiMsg( 'oathauth-validatedoath' ); - if ( $formData['returnto'] ) { - $out = '<br />'; - $title = Title::newFromText( $formData['returnto'] ); - $out .= Linker::link( $title, $this->msg( 'oathauth-backtopreferences' )->escaped() ); - } - } else { - $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); - $out = '<br />'; - - $out .= Linker::link( - $this->getPageTitle(), - $this->msg( 'oathauth-reattemptenable' )->escaped(), - array(), - array( - 'action' => 'enable', - 'returnto' => $formData['returnto'] - ) - ); - } - - $this->getOutput()->addHTML( $out ); - - return true; - } - - /** - * @param $formData array - * @return bool - */ - public function tryDisableSubmit( $formData ) { - $verify = $this->OATHUser->getKey()->verifyToken( $formData['token'] ); - if ( !$verify ) { - $this->getOutput()->addWikiMsg( 'oathauth-failedtovalidateoauth' ); - $out = '<br />'; - $out .= Linker::link( - $this->getPageTitle(), - $this->msg( 'oathauth-reattemptdisable' )->escaped(), - array(), - array( 'action' => 'disable' ) - ); - $this->getOutput()->addHTML( $out ); - return true; - } - - $this->OATHUser->setKey( null ); - $this->OATHUser->save(); - - $this->getOutput()->addWikiMsg( 'oathauth-disabledoath' ); - if ( $formData['returnto'] ) { - $out = '<br />'; - $title = Title::newFromText( $formData['returnto'] ); - $out .= Linker::link( $title, $this->msg( 'oathauth-backtopreferences' )->escaped() ); - $this->getOutput()->addHTML( $out ); - } - - return true; - } -} +} \ No newline at end of file diff --git a/special/SpecialOATHDisable.php b/special/SpecialOATHDisable.php new file mode 100644 index 0000000..26d3418 --- /dev/null +++ b/special/SpecialOATHDisable.php @@ -0,0 +1,200 @@ +<?php + +/** + * Special page to display key information to the user + * + * @file + * @ingroup Extensions + */ +class SpecialOATHEnable extends FormSpecialPage { + /** @var OATHUser|null */ + private $OATHUser; + + /** @var string Either 'enable' or 'disable' */ + private $action; + + /** + * Initialize the OATH user based on the current local User object in the context + */ + public function __construct( OATHUser $oathuser ) { + parent::__construct( 'OATH' ); + + $this->OATHUser = $oathuser; + $this->action = $this->OATHUser->getKey() === null ? 'enable' : 'disable'; + } + + /** + * Set the page title and add JavaScript RL modules + * + * @param HTMLForm $form + */ + public function alterForm( HTMLForm $form ) { + $form->setMessagePrefix( 'oathauth' ); + $form->setWrapperLegend( false ); + $form->setDisplayFormat( 'vform' ); + + if ( $this->action === 'enable' ) { + $form->getOutput()->setPagetitle( $this->msg( 'oathauth-enable' ) ); + } else { + $form->getOutput()->setPagetitle( $this->msg( 'oathauth-disable' ) ); + } + + $form->getOutput()->addModules( 'ext.oathauth' ); + } + + /** + * @return bool + */ + public function isListed() { + return false; + } + + /** + * @return bool + */ + public function requiresUnblock() { + return false; + } + + /** + * Require users to be logged in + * + * @param User $user + * + * @return bool|void + */ + protected function checkExecutePermissions( User $user ) { + parent::checkExecutePermissions( $user ); + + $this->requireLogin(); + } + + /** + * @return array[] + */ + protected function getFormFields() { + $a = array(); + + if ( $this->action === 'enable' ) { + $key = $this->getRequest()->getSessionData( 'oathauth_key' ); + + if ( $key === null ) { + $key = OATHAuthKey::newFromRandom(); + $this->getRequest()->setSessionData( 'oathauth_key', $key ); + } + + $this->getOutput()->addInlineScript( + 'jQuery("#qrcode").qrcode("otpauth://totp/' + . $this->OATHUser->getAccount() + . '?secret=' . $key->getSecret() . '")' + ); + + $a += array( + 'step1' => array( + 'type' => 'info', + 'label-message' => 'oathauth-step1', + 'default' => $this->msg( 'oathauth-step1-test' )->escaped(), + 'raw' => true, + ), + 'qrcode' => array( + 'type' => 'info', + 'label-message' => 'oathauth-step2', + 'default' => '<div id="qrcode"></div>', + 'raw' => true, + ), + 'manual' => array( + 'type' => 'info', + 'label-message' => 'oathauth-step2alt', + 'default' => + '<strong>' . $this->msg( 'oathauth-account' )->escaped() . '</strong><br/>' + . $this->OATHUser->getAccount() . '<br/><br/>' + . '<strong>' . $this->msg( 'oathauth-secret' )->escaped() . '</strong><br/>' + . $key->getSecret() . '<br/>', + 'raw' => true, + ), + 'scratchtokens' => array( + 'type' => 'info', + 'default' => + $this->msg( 'openstackmanager-scratchtokens' ) + . $this->createResourceList( $key->getScratchTokens() ), + 'label-message' => 'oathauth-step3', + 'raw' => true, + ) + ); + + } + + $a += array( + 'token' => array( + 'type' => 'text', + 'default' => '', + 'label-message' => 'oathauth-entertoken', + 'name' => 'token', + ), + 'returnto' => array( + 'type' => 'hidden', + 'default' => $this->getRequest()->getVal( 'returnto' ), + 'name' => 'returnto', + ), + 'returntoquery' => array( + 'type' => 'hidden', + 'default' => $this->getRequest()->getVal( 'returntoquery' ), + 'name' => 'returntoquery', + ) + ); + + return $a; + } + + /** + * @param array $formData + * + * @return array|bool + */ + public function onSubmit( array $formData ) { + /** @var OATHAuthKey $key */ + $key = null; + /** @var OATHAuthKey|null $newKey */ + $newKey = null; + + if ( $this->action == 'enable' ) { + $key = $this->getRequest()->getSessionData( 'oathauth_key' ); + $newKey = $key; + } else { + $key = $this->OATHUser->getKey(); + $newKey = null; + } + + if ( $key->verifyToken( $formData['token'] ) ) { + return array( 'oathauth-failedtovalidateoauth' ); + } + + $this->getRequest()->setSessionData( 'oathauth_key', null ); + $this->OATHUser->setKey( $newKey ); + $this->OATHUser->save(); + + return true; + } + + public function onSuccess() { + if ( $this->action === 'enable' ) { + $this->getOutput()->addWikiMsg( 'oathauth-validatedoath' ); + } else { + $this->getOutput()->addWikiMsg( 'oathauth-disabledoath' ); + } + + $this->getOutput()->returnToMain(); + } + + /** + * @param $resources array + * @return string + */ + private function createResourceList( $resources ) { + $resourceList = ''; + foreach ( $resources as $resource ) { + $resourceList .= Html::rawElement( 'li', array(), $resource ); + } + return Html::rawElement( 'ul', array(), $resourceList ); + } +} diff --git a/special/SpecialOATHEnable.php b/special/SpecialOATHEnable.php new file mode 100644 index 0000000..7773a34 --- /dev/null +++ b/special/SpecialOATHEnable.php @@ -0,0 +1,200 @@ +<?php + +/** + * Special page to display key information to the user + * + * @file + * @ingroup Extensions + */ +class SpecialOATHEnable extends FormSpecialPage { + /** @var OATHUser|null */ + private $OATHUser; + + /** @var string Either 'enable' or 'disable' */ + private $action; + + /** + * Initialize the OATH user based on the current local User object in the context + */ + public function __construct() { + parent::__construct( 'OATH' ); + + $this->OATHUser = OATHUser::newFromUser( $this->getUser() ); + $this->action = $this->OATHUser->getKey() === null ? 'enable' : 'disable'; + } + + /** + * Set the page title and add JavaScript RL modules + * + * @param HTMLForm $form + */ + public function alterForm( HTMLForm $form ) { + $form->setMessagePrefix( 'oathauth' ); + $form->setWrapperLegend( false ); + $form->setDisplayFormat( 'vform' ); + + if ( $this->action === 'enable' ) { + $form->getOutput()->setPagetitle( $this->msg( 'oathauth-enable' ) ); + } else { + $form->getOutput()->setPagetitle( $this->msg( 'oathauth-disable' ) ); + } + + $form->getOutput()->addModules( 'ext.oathauth' ); + } + + /** + * @return bool + */ + public function isListed() { + return false; + } + + /** + * @return bool + */ + public function requiresUnblock() { + return false; + } + + /** + * Require users to be logged in + * + * @param User $user + * + * @return bool|void + */ + protected function checkExecutePermissions( User $user ) { + parent::checkExecutePermissions( $user ); + + $this->requireLogin(); + } + + /** + * @return array[] + */ + protected function getFormFields() { + $a = array(); + + if ( $this->action === 'enable' ) { + $key = $this->getRequest()->getSessionData( 'oathauth_key' ); + + if ( $key === null ) { + $key = OATHAuthKey::newFromRandom(); + $this->getRequest()->setSessionData( 'oathauth_key', $key ); + } + + $this->getOutput()->addInlineScript( + 'jQuery("#qrcode").qrcode("otpauth://totp/' + . $this->OATHUser->getAccount() + . '?secret=' . $key->getSecret() . '")' + ); + + $a += array( + 'step1' => array( + 'type' => 'info', + 'label-message' => 'oathauth-step1', + 'default' => $this->msg( 'oathauth-step1-test' )->escaped(), + 'raw' => true, + ), + 'qrcode' => array( + 'type' => 'info', + 'label-message' => 'oathauth-step2', + 'default' => '<div id="qrcode"></div>', + 'raw' => true, + ), + 'manual' => array( + 'type' => 'info', + 'label-message' => 'oathauth-step2alt', + 'default' => + '<strong>' . $this->msg( 'oathauth-account' )->escaped() . '</strong><br/>' + . $this->OATHUser->getAccount() . '<br/><br/>' + . '<strong>' . $this->msg( 'oathauth-secret' )->escaped() . '</strong><br/>' + . $key->getSecret() . '<br/>', + 'raw' => true, + ), + 'scratchtokens' => array( + 'type' => 'info', + 'default' => + $this->msg( 'openstackmanager-scratchtokens' ) + . $this->createResourceList( $key->getScratchTokens() ), + 'label-message' => 'oathauth-step3', + 'raw' => true, + ) + ); + + } + + $a += array( + 'token' => array( + 'type' => 'text', + 'default' => '', + 'label-message' => 'oathauth-entertoken', + 'name' => 'token', + ), + 'returnto' => array( + 'type' => 'hidden', + 'default' => $this->getRequest()->getVal( 'returnto' ), + 'name' => 'returnto', + ), + 'returntoquery' => array( + 'type' => 'hidden', + 'default' => $this->getRequest()->getVal( 'returntoquery' ), + 'name' => 'returntoquery', + ) + ); + + return $a; + } + + /** + * @param array $formData + * + * @return array|bool + */ + public function onSubmit( array $formData ) { + /** @var OATHAuthKey $key */ + $key = null; + /** @var OATHAuthKey|null $newKey */ + $newKey = null; + + if ( $this->action == 'enable' ) { + $key = $this->getRequest()->getSessionData( 'oathauth_key' ); + $newKey = $key; + } else { + $key = $this->OATHUser->getKey(); + $newKey = null; + } + + if ( $key->verifyToken( $formData['token'] ) ) { + return array( 'oathauth-failedtovalidateoauth' ); + } + + $this->getRequest()->setSessionData( 'oathauth_key', null ); + $this->OATHUser->setKey( $newKey ); + $this->OATHUser->save(); + + return true; + } + + public function onSuccess() { + if ( $this->action === 'enable' ) { + $this->getOutput()->addWikiMsg( 'oathauth-validatedoath' ); + } else { + $this->getOutput()->addWikiMsg( 'oathauth-disabledoath' ); + } + + $this->getOutput()->returnToMain(); + } + + /** + * @param $resources array + * @return string + */ + private function createResourceList( $resources ) { + $resourceList = ''; + foreach ( $resources as $resource ) { + $resourceList .= Html::rawElement( 'li', array(), $resource ); + } + return Html::rawElement( 'ul', array(), $resourceList ); + } +} -- To view, visit https://gerrit.wikimedia.org/r/134789 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ib9117cbc9d7f044de9607db81a157e1b472b5ec0 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/OATHAuth Gerrit-Branch: master Gerrit-Owner: Parent5446 <tylerro...@gmail.com> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits