jenkins-bot has submitted this change and it was merged.
Change subject: Fix central session usage in Special:CentralAutoLogin
......................................................................
Fix central session usage in Special:CentralAutoLogin
The central session expires when the user's browser is closed.
Special:CentralAutoLogin should check for this, and take appropriate
measures if the keys it had stored in the session are no longer present.
This fixes various PHP warnings and makes it better about honoring the
"remember me" checkbox from the original login.
Change-Id: I1f551fed312af7e70c5899d92e7f5726710f6f6d
---
M CentralAuthHooks.php
M specials/SpecialCentralAutoLogin.php
2 files changed, 40 insertions(+), 8 deletions(-)
Approvals:
CSteipp: Looks good to me, approved
jenkins-bot: Verified
diff --git a/CentralAuthHooks.php b/CentralAuthHooks.php
index 02079dc..11087e2 100644
--- a/CentralAuthHooks.php
+++ b/CentralAuthHooks.php
@@ -375,6 +375,7 @@
$url = wfAppendQuery( $wiki->getFullUrl(
'Special:CentralAutoLogin/refreshCookies' ), array(
'type' => '1x1',
'wikiid' => wfWikiID(),
+ 'proto' =>
RequestContext::getMain()->getRequest()->detectProtocol(),
) );
$inject_html .= Xml::element( 'img',
array(
@@ -1064,6 +1065,7 @@
$url = wfAppendQuery(
$wiki->getFullUrl( 'Special:CentralAutoLogin/refreshCookies' ), array(
'type' => '1x1',
'wikiid' => wfWikiID(),
+ 'proto' =>
RequestContext::getMain()->getRequest()->detectProtocol(),
) );
$out->addHTML( Xml::element(
'img',
array(
diff --git a/specials/SpecialCentralAutoLogin.php
b/specials/SpecialCentralAutoLogin.php
index ed500f3..e5de1ad 100644
--- a/specials/SpecialCentralAutoLogin.php
+++ b/specials/SpecialCentralAutoLogin.php
@@ -45,7 +45,8 @@
'from',
'return',
'returnto',
- 'returnquery'
+ 'returnquery',
+ 'proto'
);
switch ( strval( $par ) ) {
@@ -62,14 +63,20 @@
CentralAuthUser::setP3P();
$centralUser = CentralAuthUser::getInstance(
$this->getUser() );
if ( $centralUser && $centralUser->getId() ) {
- $centralSession = $centralUser->getSession();
+ $centralSession = $this->getCentralSession(
$centralUser );
+
+ // Refresh 'remember me' preference
+ $remember = (bool)$centralSession['remember'];
+ if ( $remember !=
$this->getUser()->getBoolOption( 'rememberpassword' ) ) {
+ $this->getUser()->setOption(
'rememberpassword', $remember ? 1 : 0 );
+ $this->getUser()->saveSettings();
+ }
+
$secureCookie = null;
if ( $centralSession['finalProto'] == 'http' ) {
$secureCookie = false;
}
- $centralUser->setGlobalCookies(
- $centralSession['remember'], false,
$secureCookie, $centralSession
- );
+ $centralUser->setGlobalCookies( $remember,
false, $secureCookie, $centralSession );
$this->doFinalOutput( true, 'success' );
} else {
$this->doFinalOutput( false, 'Not logged in' );
@@ -84,6 +91,7 @@
CentralAuthUser::setP3P();
$this->do302Redirect( $this->loginWiki,
'checkLoggedIn', array(
'wikiid' => wfWikiID(),
+ 'proto' => $request->detectProtocol(),
) + $params );
return;
@@ -165,10 +173,8 @@
return;
}
- // Notify the attached wiki if cookies need to be
insecure
- $centralSession = $centralUser->getSession();
-
// Write info for session creation into memc
+ $centralSession = $this->getCentralSession(
$centralUser );
$memcData += array(
'userName' => $centralUser->getName(),
'token' => $centralUser->getAuthToken(),
@@ -430,4 +436,28 @@
return true;
}
+
+ private function getCentralSession( $centralUser ) {
+ $centralSession = $centralUser->getSession();
+
+ // If there's no "finalProto", check if one was passed, and
otherwise
+ // assume the current.
+ if ( !isset( $centralSession['finalProto'] ) ) {
+ $request = $this->getRequest();
+ $centralSession['finalProto'] = $request->getVal(
'proto', $request->detectProtocol() );
+ }
+
+ // If there's no "remember", pull from the user preference.
+ if ( !isset( $centralSession['remember'] ) ) {
+ $user = User::newFromName( $centralUser->getName() );
+ $centralSession['remember'] = $user->getBoolOption(
'rememberpassword' );
+ }
+
+ // Make sure there's a session id by creating a session if
necessary.
+ if ( !isset( $centralSession['sessionId'] ) ) {
+ $centralSession['sessionId'] =
$centralUser->setSession( $centralSession );
+ }
+
+ return $centralSession;
+ }
}
--
To view, visit https://gerrit.wikimedia.org/r/76738
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I1f551fed312af7e70c5899d92e7f5726710f6f6d
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/CentralAuth
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>
Gerrit-Reviewer: Aaron Schulz <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: CSteipp <[email protected]>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
