diff --git a/src/applications/conduit/controller/PhabricatorConduitAPIController.php b/src/applications/conduit/controller/PhabricatorConduitAPIController.php --- a/src/applications/conduit/controller/PhabricatorConduitAPIController.php +++ b/src/applications/conduit/controller/PhabricatorConduitAPIController.php @@ -7,18 +7,9 @@ return false; } - private $method; - - public function willProcessRequest(array $data) { - $this->method = $data['method']; - return $this; - } - - public function processRequest() { + public function handleRequest(AphrontRequest $request) { + $method = $request->getURIData('method'); $time_start = microtime(true); - $request = $this->getRequest(); - - $method = $this->method; $api_request = null; $method_implementation = null; @@ -55,7 +46,7 @@ $conduit_username = '-'; if ($call->shouldRequireAuthentication()) { $metadata['scope'] = $call->getRequiredScope(); - $auth_error = $this->authenticateUser($api_request, $metadata); + $auth_error = $this->authenticateUser($api_request, $metadata, $method); // If we've explicitly authenticated the user here and either done // CSRF validation or are using a non-web authentication mechanism. $allow_unguarded_writes = true; @@ -169,7 +160,8 @@ */ private function authenticateUser( ConduitAPIRequest $api_request, - array $metadata) { + array $metadata, + $method) { $request = $this->getRequest(); @@ -207,7 +199,7 @@ unset($protocol_data['scope']); ConduitClient::verifySignature( - $this->method, + $method, $api_request->getAllParameters(), $protocol_data, $ssl_public_key); diff --git a/src/applications/conduit/controller/PhabricatorConduitListController.php b/src/applications/conduit/controller/PhabricatorConduitListController.php --- a/src/applications/conduit/controller/PhabricatorConduitListController.php +++ b/src/applications/conduit/controller/PhabricatorConduitListController.php @@ -3,19 +3,13 @@ final class PhabricatorConduitListController extends PhabricatorConduitController { - private $queryKey; - public function shouldAllowPublic() { return true; } - public function willProcessRequest(array $data) { - $this->queryKey = idx($data, 'queryKey'); - } - - public function processRequest() { + public function handleRequest(AphrontRequest $request) { $controller = id(new PhabricatorApplicationSearchController()) - ->setQueryKey($this->queryKey) + ->setQueryKey($request->getURIData('queryKey')) ->setSearchEngine(new PhabricatorConduitSearchEngine()) ->setNavigation($this->buildSideNavView()); return $this->delegateToController($controller); diff --git a/src/applications/conduit/controller/PhabricatorConduitLogController.php b/src/applications/conduit/controller/PhabricatorConduitLogController.php --- a/src/applications/conduit/controller/PhabricatorConduitLogController.php +++ b/src/applications/conduit/controller/PhabricatorConduitLogController.php @@ -3,9 +3,8 @@ final class PhabricatorConduitLogController extends PhabricatorConduitController { - public function processRequest() { - $request = $this->getRequest(); - $viewer = $request->getUser(); + public function handleRequest(AphrontRequest $request) { + $viewer = $request->getViewer(); $conn_table = new PhabricatorConduitConnectionLog(); $call_table = new PhabricatorConduitMethodCallLog(); diff --git a/src/applications/conduit/controller/PhabricatorConduitTokenController.php b/src/applications/conduit/controller/PhabricatorConduitTokenController.php --- a/src/applications/conduit/controller/PhabricatorConduitTokenController.php +++ b/src/applications/conduit/controller/PhabricatorConduitTokenController.php @@ -3,11 +3,11 @@ final class PhabricatorConduitTokenController extends PhabricatorConduitController { - public function processRequest() { - $user = $this->getRequest()->getUser(); + public function handleRequest(AphrontRequest $request) { + $viewer = $request->getViewer(); id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession( - $user, + $viewer, $this->getRequest(), '/'); @@ -19,13 +19,13 @@ $old_token = id(new PhabricatorConduitCertificateToken()) ->loadOneWhere( 'userPHID = %s', - $user->getPHID()); + $viewer->getPHID()); if ($old_token) { $old_token->delete(); } $token = id(new PhabricatorConduitCertificateToken()) - ->setUserPHID($user->getPHID()) + ->setUserPHID($viewer->getPHID()) ->setToken(Filesystem::readRandomCharacters(40)) ->save(); @@ -42,7 +42,7 @@ Javelin::initBehavior('select-on-click'); $form = id(new AphrontFormView()) - ->setUser($user) + ->setUser($viewer) ->appendRemarkupInstructions($pre_instructions) ->appendChild( id(new AphrontFormTextAreaControl()) diff --git a/src/applications/conduit/controller/PhabricatorConduitTokenEditController.php b/src/applications/conduit/controller/PhabricatorConduitTokenEditController.php --- a/src/applications/conduit/controller/PhabricatorConduitTokenEditController.php +++ b/src/applications/conduit/controller/PhabricatorConduitTokenEditController.php @@ -5,8 +5,8 @@ public function handleRequest(AphrontRequest $request) { $viewer = $request->getViewer(); - $id = $request->getURIData('id'); + if ($id) { $token = id(new PhabricatorConduitTokenQuery()) ->setViewer($viewer) diff --git a/src/applications/conduit/controller/PhabricatorConduitTokenTerminateController.php b/src/applications/conduit/controller/PhabricatorConduitTokenTerminateController.php --- a/src/applications/conduit/controller/PhabricatorConduitTokenTerminateController.php +++ b/src/applications/conduit/controller/PhabricatorConduitTokenTerminateController.php @@ -5,9 +5,9 @@ public function handleRequest(AphrontRequest $request) { $viewer = $request->getViewer(); - $object_phid = $request->getStr('objectPHID'); $id = $request->getURIData('id'); + if ($id) { $token = id(new PhabricatorConduitTokenQuery()) ->setViewer($viewer)