Changeset View
Changeset View
Standalone View
Standalone View
src/applications/conduit/method/ConduitAPI_conduit_connect_Method.php
| <?php | <?php | ||||
| /** | |||||
| * @group conduit | |||||
| */ | |||||
| final class ConduitAPI_conduit_connect_Method extends ConduitAPIMethod { | final class ConduitAPI_conduit_connect_Method extends ConduitAPIMethod { | ||||
| public function shouldRequireAuthentication() { | public function shouldRequireAuthentication() { | ||||
| return false; | return false; | ||||
| } | } | ||||
| public function shouldAllowUnguardedWrites() { | public function shouldAllowUnguardedWrites() { | ||||
| return true; | return true; | ||||
| Show All 36 Lines | return array( | ||||
| "The challenge token you are authenticating with is outside of the ". | "The challenge token you are authenticating with is outside of the ". | ||||
| "allowed time range. Either your system clock is out of whack or ". | "allowed time range. Either your system clock is out of whack or ". | ||||
| "you're executing a replay attack.", | "you're executing a replay attack.", | ||||
| 'ERR-NO-CERTIFICATE' => 'This server requires authentication.', | 'ERR-NO-CERTIFICATE' => 'This server requires authentication.', | ||||
| ); | ); | ||||
| } | } | ||||
| protected function execute(ConduitAPIRequest $request) { | protected function execute(ConduitAPIRequest $request) { | ||||
| $client = $request->getValue('client'); | $client = $request->getValue('client'); | ||||
| $client_version = (int)$request->getValue('clientVersion'); | $client_version = (int)$request->getValue('clientVersion'); | ||||
| $client_description = (string)$request->getValue('clientDescription'); | $client_description = (string)$request->getValue('clientDescription'); | ||||
| // TODO: This should be character-oriented, not display-oriented. | // TODO: This should be character-oriented, not display-oriented. | ||||
| // See T3307. | // See T3307. | ||||
| $client_description = phutil_utf8_shorten($client_description, 255); | $client_description = phutil_utf8_shorten($client_description, 255); | ||||
| $username = (string)$request->getValue('user'); | $username = (string)$request->getValue('user'); | ||||
| Show All 37 Lines | switch ($client) { | ||||
| default: | default: | ||||
| // Allow new clients by default. | // Allow new clients by default. | ||||
| break; | break; | ||||
| } | } | ||||
| $token = $request->getValue('authToken'); | $token = $request->getValue('authToken'); | ||||
| $signature = $request->getValue('authSignature'); | $signature = $request->getValue('authSignature'); | ||||
| $user = id(new PhabricatorUser())->loadOneWhere( | $user = id(new PhabricatorUser())->loadOneWhere('username = %s', $username); | ||||
| 'username = %s', | |||||
| $username); | |||||
| if (!$user) { | if (!$user) { | ||||
| throw new ConduitException('ERR-INVALID-USER'); | throw new ConduitException('ERR-INVALID-USER'); | ||||
| } | } | ||||
| $session_key = null; | $session_key = null; | ||||
| if ($token && $signature) { | if ($token && $signature) { | ||||
| $threshold = 60 * 15; | $threshold = 60 * 15; | ||||
| $now = time(); | $now = time(); | ||||
| Show All 39 Lines | |||||