26use InvalidArgumentException;
43 private $isApiRequest;
54 if ( !isset(
$params[
'sessionCookieName'] ) ) {
55 $params[
'sessionCookieName'] =
'_BPsession';
59 if ( !isset(
$params[
'priority'] ) ) {
60 throw new InvalidArgumentException( __METHOD__ .
': priority must be specified' );
65 throw new InvalidArgumentException( __METHOD__ .
': Invalid priority' );
68 $this->priority =
$params[
'priority'];
70 $this->grantsInfo = $grantsInfo;
72 $this->isApiRequest =
$params[
'isApiRequest']
73 ?? ( defined(
'MW_API' ) || defined(
'MW_REST_API' ) );
78 if ( !$this->isApiRequest ) {
118 'persisted' => $id !==
null,
123 'rights' => $this->grantsInfo->getGrantRights( $bp->
getGrants() ),
127 $session = $this->
getManager()->getSessionFromInfo( $info, $request );
137 $missingKeys = array_diff(
138 [
'centralId',
'appId',
'token' ],
139 array_keys( $metadata )
141 if ( $missingKeys ) {
142 $this->logger->info(
'Session "{session}": Missing metadata: {missing}', [
144 'missing' => implode(
', ', $missingKeys ),
149 $bp = BotPassword::newFromCentralId( $metadata[
'centralId'], $metadata[
'appId'] );
152 'Session "{session}": No BotPassword for {centralId} {appId}',
155 'centralId' => $metadata[
'centralId'],
156 'appId' => $metadata[
'appId'],
161 if ( !hash_equals( $metadata[
'token'], $bp->getToken() ) ) {
162 $this->logger->info(
'Session "{session}": BotPassword token check failed', [
164 'centralId' => $metadata[
'centralId'],
165 'appId' => $metadata[
'appId'],
170 $status = $bp->getRestrictions()->check( $request );
171 if ( !$status->isOK() ) {
173 'Session "{session}": Restrictions check failed',
176 'restrictions' => $status->getValue(),
177 'centralId' => $metadata[
'centralId'],
178 'appId' => $metadata[
'appId'],
184 $metadata[
'rights'] = $this->grantsInfo->getGrantRights( $bp->getGrants() );
194 BotPassword::removeAllPasswordsForUser( $username );
199 throw new InvalidArgumentException(
'Backend\'s provider isn\'t $this' );
202 if ( $data && isset( $data[
'rights'] ) && is_array( $data[
'rights'] ) ) {
203 return $data[
'rights'];
207 $this->logger->debug( __METHOD__ .
': No provider metadata, returning no rights allowed' );
212 if ( $data && isset( $data[
'restrictions'] ) && is_string( $data[
'restrictions'] ) ) {
214 return MWRestrictions::newFromJson( $data[
'restrictions'] );
215 }
catch ( InvalidArgumentException $e ) {
216 $this->logger->warning( __METHOD__ .
': Failed to parse restrictions: {restrictions}', [
217 'restrictions' => $data[
'restrictions']
array $params
The job parameters.
if(!defined('MW_SETUP_CALLBACK'))
A class to check request restrictions expressed as a JSON object.
A class containing constants representing the names of configuration variables.
const EnableBotPasswords
Name constant for the EnableBotPasswords setting, for use with Config::get()