jenkins-bot has submitted this change and it was merged.
Change subject: Account for changed login process
......................................................................
Account for changed login process
CentralAuth stores some relevant information about the submission before
doing its redirect to loginwiki. This includes the state of the
"remember me" checkbox and the 'type' ('' meaning login, or 'signup'
meaning account creation).
Pre-AuthManager, both of these values were available in the submitted
request. With AuthManager, however, they may no longer be present (e.g.
if a UI or REDIRECT response intervened). Instead, we can fetch the
"remember me" state directly from the Session (since AuthManager will
already have set it by the time this is called) and the type by looking
at whether it's Special:UserLogin or Special:CreateAccount.
There's a similar situation for the no-longer-present "wfForceHttps"
checkbox, where again we can just check the session.
Change-Id: If1744ef31cc967fb828ade60004f25d03fba6372
(cherry picked from commit 895dc85073e815128192410257afc0a9abc15432)
---
M includes/CentralAuthHooks.php
1 file changed, 14 insertions(+), 3 deletions(-)
Approvals:
Thcipriani: Looks good to me, approved
jenkins-bot: Verified
diff --git a/includes/CentralAuthHooks.php b/includes/CentralAuthHooks.php
index 4283266..65d7cca 100644
--- a/includes/CentralAuthHooks.php
+++ b/includes/CentralAuthHooks.php
@@ -471,7 +471,7 @@
* @return bool
*/
protected static function doCentralLoginRedirect( User $user,
CentralAuthUser $centralUser, &$inject_html ) {
- global $wgCentralAuthLoginWiki, $wgSecureLogin;
+ global $wgCentralAuthLoginWiki, $wgSecureLogin,
$wgDisableAuthManager;
$context = RequestContext::getMain();
$request = $context->getRequest();
@@ -507,12 +507,23 @@
$finalProto = 'http';
if ( $request->getBool( 'wpForceHttps', false )
||
+
$request->getSession()->shouldForceHTTPS() ||
( $user->getBoolOption( 'prefershttps'
) && wfCanIPUseHTTPS( $request->getIP() ) )
) {
$finalProto = 'https';
}
$secureCookies = ( ( $finalProto === 'https' )
&& $user->getBoolOption( 'prefershttps' ) );
+ }
+
+ if ( $wgDisableAuthManager ) {
+ // Old login form, look for the checkbox
+ $remember = $request->getCheck( 'wpRemember' );
+ $type = $request->getText( 'type' );
+ } else {
+ // AuthManager login, the session already has
the needed value set.
+ $remember =
$request->getSession()->shouldRememberUser();
+ $type = $title->isSpecial( 'CreateAccount' ) ?
'signup' : '';
}
// When POSTs triggered from Special:CentralLogin/start
are sent back to
@@ -523,12 +534,12 @@
$secret = MWCryptRand::generateHex( 32 );
$request->setSessionData(
'CentralAuth:autologin:current-attempt', array(
'secret' => $secret,
- 'remember' => $request->getCheck(
'wpRemember' ),
+ 'remember' => $remember,
'returnTo' => $returnTo,
'returnToQuery' => $returnToQuery,
'stickHTTPS' => $secureCookies, // cookies
set secure or not (local CentralAuth cookies)
'finalProto' => $finalProto, // final page
http or https
- 'type' => $request->getText( 'type' )
+ 'type' => $type,
) );
// Create a new token to pass to
Special:CentralLogin/start (central wiki)
--
To view, visit https://gerrit.wikimedia.org/r/294318
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: If1744ef31cc967fb828ade60004f25d03fba6372
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: wmf/1.28.0-wmf.5
Gerrit-Owner: Gergő Tisza <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: Legoktm <[email protected]>
Gerrit-Reviewer: Thcipriani <[email protected]>
Gerrit-Reviewer: jenkins-bot <>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
