authAction = $action === 'unlinkaccount' ? AuthManager::ACTION_UNLINK : AuthManager::ACTION_REMOVE; $this->operation = $action === 'unlinkaccount' ? 'UnlinkAccount' : 'RemoveCredentials'; } public function execute() { if ( !$this->getUser()->isLoggedIn() ) { $this->dieWithError( 'apierror-mustbeloggedin-removeauth', 'notloggedin' ); } $params = $this->extractRequestParams(); $manager = MediaWikiServices::getInstance()->getAuthManager(); // Check security-sensitive operation status ApiAuthManagerHelper::newForModule( $this, $manager ) ->securitySensitiveOperation( $this->operation ); // Fetch the request. No need to load from the request, so don't use // ApiAuthManagerHelper's method. $blacklist = $this->authAction === AuthManager::ACTION_REMOVE ? array_flip( $this->getConfig()->get( 'RemoveCredentialsBlacklist' ) ) : []; $reqs = array_filter( $manager->getAuthenticationRequests( $this->authAction, $this->getUser() ), function ( AuthenticationRequest $req ) use ( $params, $blacklist ) { return $req->getUniqueId() === $params['request'] && !isset( $blacklist[get_class( $req )] ); } ); if ( count( $reqs ) !== 1 ) { $this->dieWithError( 'apierror-changeauth-norequest', 'badrequest' ); } $req = reset( $reqs ); // Perform the removal $status = $manager->allowsAuthenticationDataChange( $req, true ); $this->getHookRunner()->onChangeAuthenticationDataAudit( $req, $status ); if ( !$status->isGood() ) { $this->dieStatus( $status ); } $manager->changeAuthenticationData( $req ); $this->getResult()->addValue( null, $this->getModuleName(), [ 'status' => 'success' ] ); } public function isWriteMode() { return true; } public function needsToken() { return 'csrf'; } public function getAllowedParams() { return ApiAuthManagerHelper::getStandardParams( $this->authAction, 'request' ); } protected function getExamplesMessages() { $path = $this->getModulePath(); $action = $this->getModuleName(); return [ "action={$action}&request=FooAuthenticationRequest&token=123ABC" => "apihelp-{$path}-example-simple", ]; } public function getHelpUrls() { return 'https://www.mediawiki.org/wiki/Special:MyLanguage/API:Manage_authentication_data'; } }