Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 33 |
|
0.00% |
0 / 27 |
CRAP | |
0.00% |
0 / 1 |
ConsumerAccessControl | |
0.00% |
0 / 33 |
|
0.00% |
0 / 27 |
756 | |
0.00% |
0 / 1 |
getId | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getConsumerKey | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getName | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getOAuthVersion | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getUserId | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getVersion | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getCallbackUrl | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getCallbackIsPrefix | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getDescription | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getEmail | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getEmailAuthenticated | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getDeveloperAgreement | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getOwnerOnly | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getWiki | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getGrants | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getRegistration | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getSecretKey | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getRsaKey | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getRestrictions | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getStage | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getStageTimestamp | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getDeleted | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getUserName | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
2 | |||
getWikiName | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
2 | |||
getNameAndVersion | |
0.00% |
0 / 3 |
|
0.00% |
0 / 1 |
2 | |||
isConfidential | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 | |||
getDAO | |
0.00% |
0 / 1 |
|
0.00% |
0 / 1 |
2 |
1 | <?php |
2 | |
3 | namespace MediaWiki\Extension\OAuth\Control; |
4 | |
5 | use MediaWiki\Extension\OAuth\Backend\Consumer; |
6 | use MediaWiki\Extension\OAuth\Backend\Utils; |
7 | use MediaWiki\Extension\OAuth\Entity\ClientEntity; |
8 | use MediaWiki\User\User; |
9 | use Message; |
10 | use MWRestrictions; |
11 | |
12 | class ConsumerAccessControl extends DAOAccessControl { |
13 | // accessor fields copied from MWOAuthConsumer, except they can return a Message on access error |
14 | |
15 | /** |
16 | * Internal ID (DB primary key). |
17 | * Returns a Message when the user does not have permission to see this field. |
18 | * @return int|Message |
19 | */ |
20 | public function getId() { |
21 | return $this->get( 'id' ); |
22 | } |
23 | |
24 | /** |
25 | * Consumer key (32-character hexadecimal string that's used in the OAuth protocol |
26 | * and in URLs). This is used as the consumer ID for most external purposes. |
27 | * Returns a Message when the user does not have permission to see this field. |
28 | * @return string|Message |
29 | */ |
30 | public function getConsumerKey() { |
31 | return $this->get( 'consumerKey' ); |
32 | } |
33 | |
34 | /** |
35 | * Name of the consumer. |
36 | * Returns a Message when the user does not have permission to see this field. |
37 | * @return string|Message |
38 | */ |
39 | public function getName() { |
40 | return $this->get( 'name' ); |
41 | } |
42 | |
43 | /** |
44 | * @return int |
45 | */ |
46 | public function getOAuthVersion() { |
47 | return (int)$this->get( 'oauthVersion' ); |
48 | } |
49 | |
50 | /** |
51 | * Central ID of the owner. |
52 | * Returns a Message when the user does not have permission to see this field. |
53 | * @return int|Message |
54 | */ |
55 | public function getUserId() { |
56 | return $this->get( 'userId' ); |
57 | } |
58 | |
59 | /** |
60 | * Consumer version. This is mostly meant for humans: different versions of the same |
61 | * application have different keys and are handled as different consumers internally. |
62 | * Returns a Message when the user does not have permission to see this field. |
63 | * @return string|Message |
64 | */ |
65 | public function getVersion() { |
66 | return $this->get( 'version' ); |
67 | } |
68 | |
69 | /** |
70 | * Callback URL (or prefix). The browser will be redirected to this URL at the end of |
71 | * an OAuth handshake. See getCallbackIsPrefix() for the interpretation of this field. |
72 | * Returns a Message when the user does not have permission to see this field. |
73 | * @return string|Message |
74 | */ |
75 | public function getCallbackUrl() { |
76 | return $this->get( 'callbackUrl' ); |
77 | } |
78 | |
79 | /** |
80 | * When true, getCallbackUrl() returns a prefix; the callback URL can be provided by the caller |
81 | * as long as the prefix matches. When false, the callback URL will be determined by |
82 | * getCallbackUrl(). |
83 | * Returns a Message when the user does not have permission to see this field. |
84 | * @return bool|Message |
85 | */ |
86 | public function getCallbackIsPrefix() { |
87 | return $this->get( 'callbackIsPrefix' ); |
88 | } |
89 | |
90 | /** |
91 | * Description of the consumer. Currently interpreted as plain text; might change to wikitext |
92 | * in the future. |
93 | * Returns a Message when the user does not have permission to see this field. |
94 | * @return string|Message |
95 | */ |
96 | public function getDescription() { |
97 | return $this->get( 'description' ); |
98 | } |
99 | |
100 | /** |
101 | * Email address of the owner. |
102 | * Returns a Message when the user does not have permission to see this field. |
103 | * @return string|Message |
104 | */ |
105 | public function getEmail() { |
106 | return $this->get( 'email' ); |
107 | } |
108 | |
109 | /** |
110 | * Date of verifying the email, in TS_MW format. In practice this will be the same as |
111 | * getRegistration(). |
112 | * Returns null if the timestamp is not set. |
113 | * Returns a Message when the user does not have permission to see this field. |
114 | * @return string|null|Message |
115 | */ |
116 | public function getEmailAuthenticated() { |
117 | return $this->get( 'emailAuthenticated' ); |
118 | } |
119 | |
120 | /** |
121 | * Did the user accept the developer agreement (the terms of use checkbox at the bottom of the |
122 | * registration form)? Except for very old users, always true. |
123 | * Returns a Message when the user does not have permission to see this field. |
124 | * @return bool|Message |
125 | */ |
126 | public function getDeveloperAgreement() { |
127 | return $this->get( 'developerAgreement' ); |
128 | } |
129 | |
130 | /** |
131 | * Owner-only consumers will use one-legged flow instead of three-legged (see |
132 | * https://github.com/Mashape/mashape-oauth/blob/master/FLOWS.md#oauth-10a-one-legged ); there |
133 | * is only one user (who is the same as the owner) and they learn the access token at |
134 | * consumer registration time. |
135 | * Returns a Message when the user does not have permission to see this field. |
136 | * @return bool|Message |
137 | */ |
138 | public function getOwnerOnly() { |
139 | return $this->get( 'ownerOnly' ); |
140 | } |
141 | |
142 | /** |
143 | * The wiki on which the consumer is allowed to access user accounts. A wiki ID or '*' for all. |
144 | * Returns a Message when the user does not have permission to see this field. |
145 | * @return string|Message |
146 | */ |
147 | public function getWiki() { |
148 | return $this->get( 'wiki' ); |
149 | } |
150 | |
151 | /** |
152 | * The list of grants required by this application. |
153 | * Returns a Message when the user does not have permission to see this field. |
154 | * @return string[]|Message |
155 | */ |
156 | public function getGrants() { |
157 | return $this->get( 'grants' ); |
158 | } |
159 | |
160 | /** |
161 | * Consumer registration date in TS_MW format. |
162 | * Returns a Message when the user does not have permission to see this field. |
163 | * @return string|Message |
164 | */ |
165 | public function getRegistration() { |
166 | return $this->get( 'registration' ); |
167 | } |
168 | |
169 | /** |
170 | * Secret key used to derive the consumer secret for HMAC-SHA1 signed OAuth requests. |
171 | * The actual consumer secret will be calculated via Utils::hmacDBSecret() to mitigate |
172 | * DB leaks. |
173 | * Returns a Message when the user does not have permission to see this field. |
174 | * @return string|Message |
175 | */ |
176 | public function getSecretKey() { |
177 | return $this->get( 'secretKey' ); |
178 | } |
179 | |
180 | /** |
181 | * Public RSA key for RSA-SHA1 signed OAuth requests. |
182 | * Returns a Message when the user does not have permission to see this field. |
183 | * @return string|Message |
184 | */ |
185 | public function getRsaKey() { |
186 | return $this->get( 'rsaKey' ); |
187 | } |
188 | |
189 | /** |
190 | * Application restrictions (such as allowed IPs). |
191 | * Returns a Message when the user does not have permission to see this field. |
192 | * @return MWRestrictions|Message |
193 | */ |
194 | public function getRestrictions() { |
195 | return $this->get( 'restrictions' ); |
196 | } |
197 | |
198 | /** |
199 | * Stage at which the consumer is in the review workflow (proposed, approved etc). |
200 | * Returns a Message when the user does not have permission to see this field. |
201 | * @return int|Message One of the STAGE_* constants |
202 | */ |
203 | public function getStage() { |
204 | return $this->get( 'stage' ); |
205 | } |
206 | |
207 | /** |
208 | * Date at which the consumer was moved to the current stage, in TS_MW format. |
209 | * Returns a Message when the user does not have permission to see this field. |
210 | * @return string|Message |
211 | */ |
212 | public function getStageTimestamp() { |
213 | return $this->get( 'stageTimestamp' ); |
214 | } |
215 | |
216 | /** |
217 | * Is the consumer suppressed? (There is no plain deletion; the closest equivalent is the |
218 | * rejected/disabled stage.) |
219 | * Returns a Message when the user does not have permission to see this field. |
220 | * @return bool|Message |
221 | */ |
222 | public function getDeleted() { |
223 | return $this->get( 'deleted' ); |
224 | } |
225 | |
226 | // accessors for common formatting |
227 | |
228 | /** |
229 | * Owner username. |
230 | * Note that this method triggers a DB lookup. |
231 | * @param User|bool $audience show hidden names based on this user, or false for public |
232 | * @return string|Message |
233 | */ |
234 | public function getUserName( $audience = false ) { |
235 | return $this->get( 'userId', static function ( $id ) use ( $audience ) { |
236 | return Utils::getCentralUserNameFromId( $id, $audience ); |
237 | } ); |
238 | } |
239 | |
240 | /** |
241 | * Pretty wiki name. |
242 | * @return string|Message |
243 | */ |
244 | public function getWikiName() { |
245 | return $this->get( 'wiki', static function ( $wikiId ) { |
246 | return Utils::getWikiIdName( $wikiId ); |
247 | } ); |
248 | } |
249 | |
250 | /** |
251 | * Consumer name and version in a "Foo [1.0]" format. |
252 | * @return string|Message |
253 | */ |
254 | public function getNameAndVersion() { |
255 | return $this->get( 'name', function ( $s ) { |
256 | return $s . ' ' . $this->msg( 'brackets', $this->getVersion() )->plain(); |
257 | } ); |
258 | } |
259 | |
260 | /** |
261 | * Whether the consumer is confidential or not. |
262 | * Only meaningful for OAuth 2.0 consumers (see {@link getOAuthVersion()}) |
263 | * and must not be called otherwise. |
264 | * @return bool |
265 | */ |
266 | public function isConfidential() { |
267 | return (bool)$this->get( 'oauth2IsConfidential' ); |
268 | } |
269 | |
270 | /** |
271 | * @return Consumer|ClientEntity |
272 | */ |
273 | public function getDAO() { |
274 | // @phan-suppress-next-line PhanTypeMismatchReturnSuperType |
275 | return $this->dao; |
276 | } |
277 | } |