35 $token = $params[
'token'];
36 $maxage = $params[
'maxtokenage'];
45 if ( str_ends_with( $token, urldecode( Token::SUFFIX ) ) ) {
46 $this->
addWarning(
'apiwarn-checktoken-percentencoding' );
49 if ( $tokenObj->match( $token, $maxage ) ) {
50 $res[
'result'] =
'valid';
51 } elseif ( $maxage !==
null && $tokenObj->match( $token ) ) {
52 $res[
'result'] =
'expired';
54 $res[
'result'] =
'invalid';
57 $ts = Token::getTimestamp( $token );
60 $mwts->timestamp->setTimestamp( $ts );
61 $res[
'generated'] = $mwts->getTimestamp( TS_ISO_8601 );
71 ParamValidator::PARAM_REQUIRED =>
true,
74 ParamValidator::PARAM_TYPE =>
'string',
75 ParamValidator::PARAM_REQUIRED =>
true,
76 ParamValidator::PARAM_SENSITIVE =>
true,
79 ParamValidator::PARAM_TYPE =>
'integer',
86 'action=checktoken&type=csrf&token=123ABC'
87 =>
'apihelp-checktoken-example-simple',
This abstract class implements many basic API functions, and is the base of all API classes.
getResult()
Get the result object.
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
addWarning( $msg, $code=null, $data=null)
Add a warning for this module.
getModuleName()
Get the name of the module being executed by this instance.
getExamplesMessages()
Returns usage examples for this module.
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
static getTokenTypeSalts()
Get the salts for known token types.
static getToken(User $user, MediaWiki\Session\Session $session, $salt)
Get a token from a salt.