REL1_33/php/ApiCheckToken_8php_source.html

<?php

use MediaWiki\Session\Token;


class ApiCheckToken extends ApiBase {


    public function execute() {

        $params = $this->extractRequestParams();

        $token = $params['token'];

        $maxage = $params['maxtokenage'];

        $salts = ApiQueryTokens::getTokenTypeSalts();


        $res = [];


        $tokenObj = ApiQueryTokens::getToken(

            $this->getUser(), $this->getRequest()->getSession(), $salts[$params['type']]

        );


        if ( substr( $token, -strlen( urldecode( Token::SUFFIX ) ) ) === urldecode( Token::SUFFIX ) ) {

            $this->addWarning( 'apiwarn-checktoken-percentencoding' );

        }


        if ( $tokenObj->match( $token, $maxage ) ) {

            $res['result'] = 'valid';

        } elseif ( $maxage !== null && $tokenObj->match( $token ) ) {

            $res['result'] = 'expired';

        } else {

            $res['result'] = 'invalid';

        }


        $ts = Token::getTimestamp( $token );

        if ( $ts !== null ) {

            $mwts = new MWTimestamp();

            $mwts->timestamp->setTimestamp( $ts );

            $res['generated'] = $mwts->getTimestamp( TS_ISO_8601 );

        }


        $this->getResult()->addValue( null, $this->getModuleName(), $res );

    }


    public function getAllowedParams() {

        return [

            'type' => [

                ApiBase::PARAM_TYPE => array_keys( ApiQueryTokens::getTokenTypeSalts() ),

                ApiBase::PARAM_REQUIRED => true,

            ],

            'token' => [

                ApiBase::PARAM_TYPE => 'string',

                ApiBase::PARAM_REQUIRED => true,

                ApiBase::PARAM_SENSITIVE => true,

            ],

            'maxtokenage' => [

                ApiBase::PARAM_TYPE => 'integer',

            ],

        ];

    }


    protected function getExamplesMessages() {

        return [

            'action=checktoken&type=csrf&token=123ABC'

                => 'apihelp-checktoken-example-simple',

        ];

    }


}


and
and that you know you can do these things To protect your we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certain responsibilities for you if you distribute copies of the or if you modify it For if you distribute copies of such a whether gratis or for a you must give the recipients all the rights that you have You must make sure that receive or can get the source code And you must show them these terms so they know their rights We protect your rights with two and(2) offer you this license which gives you legal permission to copy

ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:37

ApiBase\PARAM_REQUIRED
const PARAM_REQUIRED
(boolean) Is the parameter required?
Definition ApiBase.php:111

ApiBase\PARAM_TYPE
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below.
Definition ApiBase.php:87

ApiBase\PARAM_SENSITIVE
const PARAM_SENSITIVE
(boolean) Is the parameter sensitive? Note 'password'-type fields are always sensitive regardless of ...
Definition ApiBase.php:193

ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:632

ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:743

ApiBase\addWarning
addWarning( $msg, $code=null, $data=null)
Add a warning for this module.
Definition ApiBase.php:1909

ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition ApiBase.php:512

ApiCheckToken
Definition ApiCheckToken.php:29

ApiCheckToken\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition ApiCheckToken.php:82

ApiCheckToken\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition ApiCheckToken.php:65

ApiCheckToken\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition ApiCheckToken.php:31

ApiQueryTokens\getTokenTypeSalts
static getTokenTypeSalts()
Get the salts for known token types.
Definition ApiQueryTokens.php:63

ApiQueryTokens\getToken
static getToken(User $user, MediaWiki\Session\Session $session, $salt)
Get a token from a salt.
Definition ApiQueryTokens.php:94

ContextSource\getUser
getUser()
Definition ContextSource.php:120

ContextSource\getRequest
getRequest()
Definition ContextSource.php:71

MWTimestamp
Library for creating and parsing MW-style timestamps.
Definition MWTimestamp.php:32

MediaWiki\Session\Token
Value object representing a CSRF token.
Definition Token.php:32

$res
$res
Definition database.txt:21

$params
$params
Definition styleTest.css.php:44