private function getTokenTypes() { // If we're in a mode that breaks the same-origin policy, no tokens can // be obtained if ($this->lacksSameOriginSecurity()) { return []; } static $types = null; if ($types) { return $types; } $types = ['patrol' => ['ApiQueryRecentChanges', 'getPatrolToken']]; $names = ['edit', 'delete', 'protect', 'move', 'block', 'unblock', 'email', 'import', 'watch', 'options']; foreach ($names as $name) { $types[$name] = ['ApiQueryInfo', 'get' . ucfirst($name) . 'Token']; } Hooks::run('ApiTokensGetTokenTypes', [&$types]); // For forwards-compat, copy any token types from ApiQueryTokens that // we don't already have something for. $user = $this->getUser(); $request = $this->getRequest(); foreach (ApiQueryTokens::getTokenTypeSalts() as $name => $salt) { if (!isset($types[$name])) { $types[$name] = function () use($salt, $user, $request) { return ApiQueryTokens::getToken($user, $request->getSession(), $salt)->toString(); }; } } ksort($types); return $types; }
public function execute() { $params = $this->extractRequestParams(); $token = $params['token']; $maxage = $params['maxtokenage']; $salts = ApiQueryTokens::getTokenTypeSalts(); $res = array(); $tokenObj = ApiQueryTokens::getToken($this->getUser(), $this->getRequest()->getSession(), $salts[$params['type']]); if ($tokenObj->match($token, $maxage)) { $res['result'] = 'valid'; } elseif ($maxage !== null && $tokenObj->match($token)) { $res['result'] = 'expired'; } else { $res['result'] = 'invalid'; } $ts = MediaWiki\Session\Token::getTimestamp($token); if ($ts !== null) { $mwts = new MWTimestamp(); $mwts->timestamp->setTimestamp($ts); $res['generated'] = $mwts->getTimestamp(TS_ISO_8601); } $this->getResult()->addValue(null, $this->getModuleName(), $res); }
/** * Validate the supplied token. * * @since 1.24 * @param string $token Supplied token * @param array $params All supplied parameters for the module * @return bool * @throws MWException */ public final function validateToken($token, array $params) { $tokenType = $this->needsToken(); $salts = ApiQueryTokens::getTokenTypeSalts(); if (!isset($salts[$tokenType])) { throw new MWException("Module '{$this->getModuleName()}' tried to use token type '{$tokenType}' " . 'without registering it'); } $tokenObj = ApiQueryTokens::getToken($this->getUser(), $this->getRequest()->getSession(), $salts[$tokenType]); if ($tokenObj->match($token)) { return true; } $webUiSalt = $this->getWebUITokenSalt($params); if ($webUiSalt !== null && $this->getUser()->matchEditToken($token, $webUiSalt, $this->getRequest())) { return true; } return false; }