jenkins-bot has submitted this change and it was merged.

Change subject: Bypass login page if no user input is required.
......................................................................


Bypass login page if no user input is required.

Bug: T141474
Bug: T110464
Change-Id: I9588a2b87a423f614fc5d2e771ad1ac7279ebd0b
---
M includes/auth/AuthenticationRequest.php
M includes/auth/RememberMeAuthenticationRequest.php
M includes/specialpage/LoginSignupSpecialPage.php
3 files changed, 53 insertions(+), 0 deletions(-)

Approvals:
  Brian Wolff: Looks good to me, but someone else must approve
  Gergő Tisza: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/includes/auth/AuthenticationRequest.php 
b/includes/auth/AuthenticationRequest.php
index ff4569b..7fc362a 100644
--- a/includes/auth/AuthenticationRequest.php
+++ b/includes/auth/AuthenticationRequest.php
@@ -108,6 +108,10 @@
         *  - optional: (bool) If set and truthy, the field may be left empty
         *  - sensitive: (bool) If set and truthy, the field is considered 
sensitive. Code using the
         *      request should avoid exposing the value of the field.
+        *  - skippable: (bool) If set and truthy, the client is free to hide 
this
+        *      field from the user to streamline the workflow. If all fields 
are
+        *      skippable (except possibly a single button), no user 
interaction is
+        *      required at all.
         *
         * All AuthenticationRequests are populated from the same data, so most 
of the time you'll
         * want to prefix fields names with something unique to the 
extension/provider (although
diff --git a/includes/auth/RememberMeAuthenticationRequest.php 
b/includes/auth/RememberMeAuthenticationRequest.php
index d487e31..06060b1 100644
--- a/includes/auth/RememberMeAuthenticationRequest.php
+++ b/includes/auth/RememberMeAuthenticationRequest.php
@@ -58,6 +58,7 @@
                                'label' => wfMessage( 
'userlogin-remembermypassword' )->numParams( $expirationDays ),
                                'help' => wfMessage( 
'authmanager-userlogin-remembermypassword-help' ),
                                'optional' => true,
+                               'skippable' => true,
                        ]
                ];
        }
diff --git a/includes/specialpage/LoginSignupSpecialPage.php 
b/includes/specialpage/LoginSignupSpecialPage.php
index bf83e7b..d3cd577 100644
--- a/includes/specialpage/LoginSignupSpecialPage.php
+++ b/includes/specialpage/LoginSignupSpecialPage.php
@@ -294,6 +294,14 @@
                        return;
                }
 
+               if ( $this->canBypassForm( $button_name ) ) {
+                       $this->setRequest( [], true );
+                       $this->getRequest()->setVal( $this->getTokenName(), 
$this->getToken() );
+                       if ( $button_name ) {
+                               $this->getRequest()->setVal( $button_name, true 
);
+                       }
+               }
+
                $status = $this->trySubmit();
 
                if ( !$status || !$status->isGood() ) {
@@ -367,6 +375,46 @@
        }
 
        /**
+        * Determine if the login form can be bypassed. This will be the case 
when no more than one
+        * button is present and no other user input fields that are not marked 
as 'skippable' are
+        * present. If the login form were not bypassed, the user would be 
presented with a
+        * superfluous page on which they must press the single button to 
proceed with login.
+        * Not only does this cause an additional mouse click and page load, it 
confuses users,
+        * especially since there are a help link and forgotten password link 
that are
+        * provided on the login page that do not apply to this situation.
+        *
+        * @param string|null &$button_name if the form has a single button, 
returns
+        *   the name of the button; otherwise, returns null
+        * @return bool
+        */
+       private function canBypassForm( &$button_name ) {
+               $button_name = null;
+               if ( $this->isContinued() ) {
+                       return false;
+               }
+               $fields = AuthenticationRequest::mergeFieldInfo( 
$this->authRequests );
+               foreach ( $fields as $fieldname => $field ) {
+                       if ( !isset( $field['type'] ) ) {
+                               return false;
+                       }
+                       if ( !empty( $field['skippable'] ) ) {
+                               continue;
+                       }
+                       if ( $field['type'] === 'button' ) {
+                               if ( $button_name !== null ) {
+                                       $button_name = null;
+                                       return false;
+                               } else {
+                                       $button_name = $fieldname;
+                               }
+                       } elseif ( $field['type'] !== 'null' ) {
+                               return false;
+                       }
+               }
+               return true;
+       }
+
+       /**
         * Show the success page.
         *
         * @param string $type Condition of return to; see `executeReturnTo`

-- 
To view, visit https://gerrit.wikimedia.org/r/312865
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I9588a2b87a423f614fc5d2e771ad1ac7279ebd0b
Gerrit-PatchSet: 13
Gerrit-Project: mediawiki/core
Gerrit-Branch: master
Gerrit-Owner: Cicalese <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: Brian Wolff <[email protected]>
Gerrit-Reviewer: Cicalese <[email protected]>
Gerrit-Reviewer: Dpatrick <[email protected]>
Gerrit-Reviewer: Florianschmidtwelzow <[email protected]>
Gerrit-Reviewer: GergÅ‘ Tisza <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to