MediaWiki REL1_33
ApiTokens.php
Go to the documentation of this file.
1<?php
27class ApiTokens extends ApiBase {
28
29 public function execute() {
30 $this->addDeprecation(
31 [ 'apiwarn-deprecation-withreplacement', 'action=tokens', 'action=query&meta=tokens' ],
32 'action=tokens'
33 );
34
35 $params = $this->extractRequestParams();
36 $res = [
37 ApiResult::META_TYPE => 'assoc',
38 ];
39
40 $types = $this->getTokenTypes();
41 foreach ( $params['type'] as $type ) {
42 $val = call_user_func( $types[$type], null, null );
43
44 if ( $val === false ) {
45 $this->addWarning( [ 'apiwarn-tokennotallowed', $type ] );
46 } else {
47 $res[$type . 'token'] = $val;
48 }
49 }
50
51 $this->getResult()->addValue( null, $this->getModuleName(), $res );
52 }
53
54 private function getTokenTypes() {
55 // If we're in a mode that breaks the same-origin policy, no tokens can
56 // be obtained
57 if ( $this->lacksSameOriginSecurity() ) {
58 return [];
59 }
60
61 static $types = null;
62 if ( $types ) {
63 return $types;
64 }
65 $types = [ 'patrol' => [ ApiQueryRecentChanges::class, 'getPatrolToken' ] ];
66 $names = [ 'edit', 'delete', 'protect', 'move', 'block', 'unblock',
67 'email', 'import', 'watch', 'options' ];
68 foreach ( $names as $name ) {
69 $types[$name] = [ ApiQueryInfo::class, 'get' . ucfirst( $name ) . 'Token' ];
70 }
71 Hooks::run( 'ApiTokensGetTokenTypes', [ &$types ] );
72
73 // For forwards-compat, copy any token types from ApiQueryTokens that
74 // we don't already have something for.
75 $user = $this->getUser();
76 $request = $this->getRequest();
77 foreach ( ApiQueryTokens::getTokenTypeSalts() as $name => $salt ) {
78 if ( !isset( $types[$name] ) ) {
79 $types[$name] = function () use ( $salt, $user, $request ) {
80 return ApiQueryTokens::getToken( $user, $request->getSession(), $salt )->toString();
81 };
82 }
83 }
84
85 ksort( $types );
86
87 return $types;
88 }
89
90 public function isDeprecated() {
91 return true;
92 }
93
94 public function getAllowedParams() {
95 return [
96 'type' => [
97 ApiBase::PARAM_DFLT => 'edit',
98 ApiBase::PARAM_ISMULTI => true,
99 ApiBase::PARAM_TYPE => array_keys( $this->getTokenTypes() ),
100 ],
101 ];
102 }
103
104 protected function getExamplesMessages() {
105 return [
106 'action=tokens'
107 => 'apihelp-tokens-example-edit',
108 'action=tokens&type=email|move'
109 => 'apihelp-tokens-example-emailmove',
110 ];
111 }
112}
and
and that you know you can do these things To protect your we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certain responsibilities for you if you distribute copies of the or if you modify it For if you distribute copies of such a whether gratis or for a you must give the recipients all the rights that you have You must make sure that receive or can get the source code And you must show them these terms so they know their rights We protect your rights with two and(2) offer you this license which gives you legal permission to copy
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:37
ApiBase\PARAM_TYPE
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below.
Definition ApiBase.php:87
ApiBase\PARAM_DFLT
const PARAM_DFLT
(null|boolean|integer|string) Default value of the parameter.
Definition ApiBase.php:48
ApiBase\addDeprecation
addDeprecation( $msg, $feature, $data=[])
Add a deprecation warning for this module.
Definition ApiBase.php:1923
ApiBase\getResult
getResult()
Get the result object.
Definition ApiBase.php:632
ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:743
ApiBase\addWarning
addWarning( $msg, $code=null, $data=null)
Add a warning for this module.
Definition ApiBase.php:1909
ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition ApiBase.php:512
ApiBase\PARAM_ISMULTI
const PARAM_ISMULTI
(boolean) Accept multiple pipe-separated values for this parameter (e.g.
Definition ApiBase.php:51
ApiBase\lacksSameOriginSecurity
lacksSameOriginSecurity()
Returns true if the current request breaks the same-origin policy.
Definition ApiBase.php:560
ApiQueryTokens\getTokenTypeSalts
static getTokenTypeSalts()
Get the salts for known token types.
Definition ApiQueryTokens.php:63
ApiQueryTokens\getToken
static getToken(User $user, MediaWiki\Session\Session $session, $salt)
Get a token from a salt.
Definition ApiQueryTokens.php:94
ApiResult\META_TYPE
const META_TYPE
Key for the 'type' metadata item.
Definition ApiResult.php:110
ApiTokens\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition ApiTokens.php:29
ApiTokens\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition ApiTokens.php:104
ApiTokens\getTokenTypes
getTokenTypes()
Definition ApiTokens.php:54
ApiTokens\isDeprecated
isDeprecated()
Indicates whether this module is deprecated.
Definition ApiTokens.php:90
ApiTokens\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition ApiTokens.php:94
$res
$res
Definition database.txt:21
$request
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on $request
Definition hooks.txt:2843
$name
Allows to change the fields on the form that will be generated $name
Definition hooks.txt:271
$params
$params
Definition styleTest.css.php:44