summaryrefslogtreecommitdiff
path: root/includes/api/ApiQueryTokens.php
diff options
context:
space:
mode:
authorPierre Schmitz <pierre@archlinux.de>2014-12-27 15:41:37 +0100
committerPierre Schmitz <pierre@archlinux.de>2014-12-31 11:43:28 +0100
commitc1f9b1f7b1b77776192048005dcc66dcf3df2bfb (patch)
tree2b38796e738dd74cb42ecd9bfd151803108386bc /includes/api/ApiQueryTokens.php
parentb88ab0086858470dd1f644e64cb4e4f62bb2be9b (diff)
Update to MediaWiki 1.24.1
Diffstat (limited to 'includes/api/ApiQueryTokens.php')
-rw-r--r--includes/api/ApiQueryTokens.php104
1 files changed, 104 insertions, 0 deletions
diff --git a/includes/api/ApiQueryTokens.php b/includes/api/ApiQueryTokens.php
new file mode 100644
index 00000000..ba9c9377
--- /dev/null
+++ b/includes/api/ApiQueryTokens.php
@@ -0,0 +1,104 @@
+<?php
+/**
+ * Module to fetch tokens via action=query&meta=tokens
+ *
+ * Created on August 8, 2014
+ *
+ * Copyright © 2014 Brad Jorsch bjorsch@wikimedia.org
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ * @since 1.24
+ */
+
+/**
+ * Module to fetch tokens via action=query&meta=tokens
+ *
+ * @ingroup API
+ * @since 1.24
+ */
+class ApiQueryTokens extends ApiQueryBase {
+
+ public function execute() {
+ $params = $this->extractRequestParams();
+ $res = array();
+
+ if ( $this->getMain()->getRequest()->getVal( 'callback' ) !== null ) {
+ $this->setWarning( 'Tokens may not be obtained when using a callback' );
+ return;
+ }
+
+ $salts = self::getTokenTypeSalts();
+ foreach ( $params['type'] as $type ) {
+ $salt = $salts[$type];
+ $val = $this->getUser()->getEditToken( $salt, $this->getRequest() );
+ $res[$type . 'token'] = $val;
+ }
+
+ $this->getResult()->addValue( 'query', $this->getModuleName(), $res );
+ }
+
+ public static function getTokenTypeSalts() {
+ static $salts = null;
+ if ( !$salts ) {
+ wfProfileIn( __METHOD__ );
+ $salts = array(
+ 'csrf' => '',
+ 'watch' => 'watch',
+ 'patrol' => 'patrol',
+ 'rollback' => 'rollback',
+ 'userrights' => 'userrights',
+ );
+ wfRunHooks( 'ApiQueryTokensRegisterTypes', array( &$salts ) );
+ ksort( $salts );
+ wfProfileOut( __METHOD__ );
+ }
+
+ return $salts;
+ }
+
+ public function getAllowedParams() {
+ return array(
+ 'type' => array(
+ ApiBase::PARAM_DFLT => 'csrf',
+ ApiBase::PARAM_ISMULTI => true,
+ ApiBase::PARAM_TYPE => array_keys( self::getTokenTypeSalts() ),
+ ),
+ );
+ }
+
+ public function getParamDescription() {
+ return array(
+ 'type' => 'Type of token(s) to request'
+ );
+ }
+
+ public function getDescription() {
+ return 'Gets tokens for data-modifying actions.';
+ }
+
+ protected function getExamples() {
+ return array(
+ 'api.php?action=query&meta=tokens' => 'Retrieve a csrf token (the default)',
+ 'api.php?action=query&meta=tokens&type=watch|patrol' => 'Retrieve a watch token and a patrol token'
+ );
+ }
+
+ public function getCacheMode( $params ) {
+ return 'private';
+ }
+}