* @file
*/
+use MediaWiki\Session\Token;
+
/**
* @since 1.25
* @ingroup API
$params = $this->extractRequestParams();
$token = $params['token'];
$maxage = $params['maxtokenage'];
- $request = $this->getRequest();
$salts = ApiQueryTokens::getTokenTypeSalts();
- $salt = $salts[$params['type']];
- $res = array();
+ $res = [];
+
+ $tokenObj = ApiQueryTokens::getToken(
+ $this->getUser(), $this->getRequest()->getSession(), $salts[$params['type']]
+ );
- if ( $this->getUser()->matchEditToken( $token, $salt, $request, $maxage ) ) {
+ if ( substr( $token, -strlen( urldecode( Token::SUFFIX ) ) ) === urldecode( Token::SUFFIX ) ) {
+ $this->addWarning( 'apiwarn-checktoken-percentencoding' );
+ }
+
+ if ( $tokenObj->match( $token, $maxage ) ) {
$res['result'] = 'valid';
- } elseif ( $maxage !== null && $this->getUser()->matchEditToken( $token, $salt, $request ) ) {
+ } elseif ( $maxage !== null && $tokenObj->match( $token ) ) {
$res['result'] = 'expired';
} else {
$res['result'] = 'invalid';
}
- $ts = User::getEditTokenTimestamp( $token );
+ $ts = Token::getTimestamp( $token );
if ( $ts !== null ) {
$mwts = new MWTimestamp();
$mwts->timestamp->setTimestamp( $ts );
}
public function getAllowedParams() {
- return array(
- 'type' => array(
+ return [
+ 'type' => [
ApiBase::PARAM_TYPE => array_keys( ApiQueryTokens::getTokenTypeSalts() ),
ApiBase::PARAM_REQUIRED => true,
- ),
- 'token' => array(
+ ],
+ 'token' => [
ApiBase::PARAM_TYPE => 'string',
ApiBase::PARAM_REQUIRED => true,
- ),
- 'maxtokenage' => array(
+ ],
+ 'maxtokenage' => [
ApiBase::PARAM_TYPE => 'integer',
- ),
- );
+ ],
+ ];
}
protected function getExamplesMessages() {
- return array(
+ return [
'action=checktoken&type=csrf&token=123ABC'
=> 'apihelp-checktoken-example-simple',
- );
+ ];
}
}
dépôts / lhc / web / wiklou.git / blobdiff