|
|
|
@ -72,7 +72,10 @@ class IsekaiOIDCAuth extends AbstractPrimaryAuthenticationProvider {
|
|
|
|
global $wgIsekaiOIDC;
|
|
|
|
global $wgIsekaiOIDC;
|
|
|
|
$config = $wgIsekaiOIDC;
|
|
|
|
$config = $wgIsekaiOIDC;
|
|
|
|
|
|
|
|
|
|
|
|
$oidc =self::getOpenIDConnectClient();
|
|
|
|
$oidc = self::getOpenIDConnectClient();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$requestCtx = RequestContext::getMain();
|
|
|
|
|
|
|
|
|
|
|
|
if ($oidc->authenticate()) {
|
|
|
|
if ($oidc->authenticate()) {
|
|
|
|
$accessToken = $oidc->getAccessToken();
|
|
|
|
$accessToken = $oidc->getAccessToken();
|
|
|
|
$refreshToken = $oidc->getRefreshToken();
|
|
|
|
$refreshToken = $oidc->getRefreshToken();
|
|
|
|
@ -88,7 +91,7 @@ class IsekaiOIDCAuth extends AbstractPrimaryAuthenticationProvider {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$authManager = MediaWikiServices::getInstance()->getAuthManager();
|
|
|
|
$authManager = MediaWikiServices::getInstance()->getAuthManager();
|
|
|
|
$request = RequestContext::getMain()->getRequest();
|
|
|
|
$request = $requestCtx->getRequest();
|
|
|
|
$session = $request->getSession();
|
|
|
|
$session = $request->getSession();
|
|
|
|
$session->clear('AuthManager::AutoCreateBlacklist'); // 防止缓存检测
|
|
|
|
$session->clear('AuthManager::AutoCreateBlacklist'); // 防止缓存检测
|
|
|
|
|
|
|
|
|
|
|
|
@ -251,7 +254,7 @@ class IsekaiOIDCAuth extends AbstractPrimaryAuthenticationProvider {
|
|
|
|
$oidc->setRedirectURL( $redirectURL );
|
|
|
|
$oidc->setRedirectURL( $redirectURL );
|
|
|
|
wfDebugLog( self::LOG_TAG, 'Redirect URL: ' . $redirectURL );
|
|
|
|
wfDebugLog( self::LOG_TAG, 'Redirect URL: ' . $redirectURL );
|
|
|
|
|
|
|
|
|
|
|
|
if ( isset( $_REQUEST['forcelogin'] ) ) {
|
|
|
|
if ( isset( $_REQUEST['force'] ) || isset( $_REQUEST['forcelogin'] ) ) {
|
|
|
|
$oidc->addAuthParam( [ 'prompt' => 'login' ] );
|
|
|
|
$oidc->addAuthParam( [ 'prompt' => 'login' ] );
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ( isset( $config['authparam'] ) &&
|
|
|
|
if ( isset( $config['authparam'] ) &&
|
|
|
|
|
