MediaWiki REL1_31
ApiOATHValidate.php
Go to the documentation of this file.
1<?php
25class ApiOATHValidate extends ApiBase {
26 public function execute() {
27 // Be extra paranoid about the data that is sent
28 $this->requirePostedParameters( [ 'totp', 'token' ] );
29
31 if ( $params['user'] === null ) {
32 $params['user'] = $this->getUser()->getName();
33 }
34
35 $this->checkUserRightsAny( 'oathauth-api-all' );
36
37 $user = User::newFromName( $params['user'] );
38 if ( $user === false ) {
39 $this->dieWithError( 'noname' );
40 }
41
42 // Don't increase pingLimiter, just check for limit exceeded.
43 if ( $user->pingLimiter( 'badoath', 0 ) ) {
44 $this->dieWithError( 'apierror-ratelimited' );
45 }
46
47 $result = [
48 ApiResult::META_BC_BOOLS => [ 'enabled', 'valid' ],
49 'enabled' => false,
50 'valid' => false,
51 ];
52
53 if ( !$user->isAnon() ) {
55 ->findByUser( $user );
56 if ( $oathUser ) {
57 $key = $oathUser->getKey();
58 if ( $key !== null ) {
59 $result['enabled'] = true;
60 $result['valid'] = $key->verifyToken(
61 $params['totp'], $oathUser ) !== false;
62 }
63 }
64 }
65
66 $this->getResult()->addValue( null, $this->getModuleName(), $result );
67 }
68
69 public function getCacheMode( $params ) {
70 return 'private';
71 }
72
73 public function isInternal() {
74 return true;
75 }
76
77 public function needsToken() {
78 return 'csrf';
79 }
80
81 public function getAllowedParams() {
82 return [
83 'user' => [
84 ApiBase::PARAM_TYPE => 'user',
85 ],
86 'totp' => [
87 ApiBase::PARAM_TYPE => 'string',
89 ],
90 ];
91 }
92
93 protected function getExamplesMessages() {
94 return [
95 'action=oathvalidate&totp=123456&token=123ABC'
96 => 'apihelp-oathvalidate-example-1',
97 'action=oathvalidate&user=Example&totp=123456&token=123ABC'
98 => 'apihelp-oathvalidate-example-2',
99 ];
100 }
101}
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:37
const PARAM_REQUIRED
(boolean) Is the parameter required?
Definition ApiBase.php:111
checkUserRightsAny( $rights, $user=null)
Helper function for permission-denied errors.
Definition ApiBase.php:2006
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition ApiBase.php:1895
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below.
Definition ApiBase.php:87
requirePostedParameters( $params, $prefix='prefix')
Die if any of the specified parameters were found in the query part of the URL rather than the post b...
Definition ApiBase.php:881
extractRequestParams( $parseLimit=true)
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:749
getResult()
Get the result object.
Definition ApiBase.php:641
getModuleName()
Get the name of the module being executed by this instance.
Definition ApiBase.php:521
This program is free software; you can redistribute it and/or modify it under the terms of the GNU Ge...
getExamplesMessages()
Returns usage examples for this module.
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
needsToken()
Returns the token type this module requires in order to execute.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
isInternal()
Indicates whether this module is "internal" Internal API modules are not (yet) intended for 3rd party...
const META_BC_BOOLS
Key for the 'BC bools' metadata item.
static getOATHUserRepository()
Get the singleton OATH user repository.
static newFromName( $name, $validate='valid')
Static factory method for creation from username.
Definition User.php:591
$params