MediaWiki  master
ApiTokens.php
Go to the documentation of this file.
1 <?php
27 class ApiTokens extends ApiBase {
28 
29  public function execute() {
30  $this->addDeprecation(
31  [ 'apiwarn-deprecation-withreplacement', 'action=tokens', 'action=query&meta=tokens' ],
32  'action=tokens'
33  );
34 
35  $params = $this->extractRequestParams();
36  $res = [
37  ApiResult::META_TYPE => 'assoc',
38  ];
39 
40  $types = $this->getTokenTypes();
41  foreach ( $params['type'] as $type ) {
42  $val = call_user_func( $types[$type], null, null );
43 
44  if ( $val === false ) {
45  $this->addWarning( [ 'apiwarn-tokennotallowed', $type ] );
46  } else {
47  $res[$type . 'token'] = $val;
48  }
49  }
50 
51  $this->getResult()->addValue( null, $this->getModuleName(), $res );
52  }
53 
54  private function getTokenTypes() {
55  // If we're in a mode that breaks the same-origin policy, no tokens can
56  // be obtained
57  if ( $this->lacksSameOriginSecurity() ) {
58  return [];
59  }
60 
61  static $types = null;
62  if ( $types ) {
63  return $types;
64  }
65  $types = [ 'patrol' => [ ApiQueryRecentChanges::class, 'getPatrolToken' ] ];
66  $names = [ 'edit', 'delete', 'protect', 'move', 'block', 'unblock',
67  'email', 'import', 'watch', 'options' ];
68  foreach ( $names as $name ) {
69  $types[$name] = [ ApiQueryInfo::class, 'get' . ucfirst( $name ) . 'Token' ];
70  }
71  $this->getHookRunner()->onApiTokensGetTokenTypes( $types );
72 
73  // For forwards-compat, copy any token types from ApiQueryTokens that
74  // we don't already have something for.
75  $user = $this->getUser();
76  $request = $this->getRequest();
77  foreach ( ApiQueryTokens::getTokenTypeSalts() as $name => $salt ) {
78  if ( !isset( $types[$name] ) ) {
79  $types[$name] = function () use ( $salt, $user, $request ) {
80  return ApiQueryTokens::getToken( $user, $request->getSession(), $salt )->toString();
81  };
82  }
83  }
84 
85  ksort( $types );
86 
87  return $types;
88  }
89 
90  public function isDeprecated() {
91  return true;
92  }
93 
94  public function getAllowedParams() {
95  return [
96  'type' => [
97  ApiBase::PARAM_DFLT => 'edit',
98  ApiBase::PARAM_ISMULTI => true,
99  ApiBase::PARAM_TYPE => array_keys( $this->getTokenTypes() ),
100  ],
101  ];
102  }
103 
104  protected function getExamplesMessages() {
105  return [
106  'action=tokens'
107  => 'apihelp-tokens-example-edit',
108  'action=tokens&type=email|move'
109  => 'apihelp-tokens-example-emailmove',
110  ];
111  }
112 }
ApiBase\addWarning
addWarning( $msg, $code=null, $data=null)
Add a warning for this module.
Definition: ApiBase.php:1355
ApiResult\META_TYPE
const META_TYPE
Key for the 'type' metadata item.
Definition: ApiResult.php:110
ApiBase\PARAM_TYPE
const PARAM_TYPE
(boolean) Inverse of IntegerDef::PARAM_IGNORE_RANGE
Definition: ApiBase.php:70
ApiBase\getResult
getResult()
Get the result object.
Definition: ApiBase.php:564
ContextSource\getRequest
getRequest()
Definition: ContextSource.php:76
$res
$res
Definition: testCompression.php:57
ContextSource\getUser
getUser()
Stable for overriding.
Definition: ContextSource.php:131
ApiBase\lacksSameOriginSecurity
lacksSameOriginSecurity()
Returns true if the current request breaks the same-origin policy.
Definition: ApiBase.php:492
ApiTokens\execute
execute()
Evaluates the parameters, performs the requested query, and sets up the result.
Definition: ApiTokens.php:29
ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition: ApiBase.php:52
ApiTokens\getAllowedParams
getAllowedParams()
Returns an array of allowed parameters (parameter name) => (default value) or (parameter name) => (ar...
Definition: ApiTokens.php:94
ApiQueryTokens\getTokenTypeSalts
static getTokenTypeSalts()
Get the salts for known token types.
Definition: ApiQueryTokens.php:66
ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition: ApiBase.php:716
ApiTokens\getExamplesMessages
getExamplesMessages()
Returns usage examples for this module.
Definition: ApiTokens.php:104
ApiTokens\getTokenTypes
getTokenTypes()
Definition: ApiTokens.php:54
ApiBase\addDeprecation
addDeprecation( $msg, $feature, $data=[])
Add a deprecation warning for this module.
Definition: ApiBase.php:1369
ApiQueryTokens\getToken
static getToken(User $user, MediaWiki\Session\Session $session, $salt)
Get a token from a salt.
Definition: ApiQueryTokens.php:99
ApiTokens\isDeprecated
isDeprecated()
Indicates whether this module is deprecated.
Definition: ApiTokens.php:90
ApiBase\PARAM_DFLT
const PARAM_DFLT
(boolean) Inverse of IntegerDef::PARAM_IGNORE_RANGE
Definition: ApiBase.php:68
ApiBase\getModuleName
getModuleName()
Get the name of the module being executed by this instance.
Definition: ApiBase.php:443
ApiBase\PARAM_ISMULTI
const PARAM_ISMULTI
(boolean) Inverse of IntegerDef::PARAM_IGNORE_RANGE
Definition: ApiBase.php:69
ApiTokens
Definition: ApiTokens.php:27
ApiBase\getHookRunner
getHookRunner()
Get an ApiHookRunner for running core API hooks.
Definition: ApiBase.php:661
$type
$type
Definition: testCompression.php:52