Differential D20671 Diff 49298 src/applications/conduit/method/ConduitGetCertificateConduitAPIMethod.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/conduit/method/ConduitGetCertificateConduitAPIMethod.php
| Show All 35 Lines | return array( | ||||
| 'ERR-RATE-LIMIT' => pht( | 'ERR-RATE-LIMIT' => pht( | ||||
| 'You have made too many invalid token requests recently. Wait before '. | 'You have made too many invalid token requests recently. Wait before '. | ||||
| 'making more.'), | 'making more.'), | ||||
| ); | ); | ||||
| } | } | ||||
| protected function execute(ConduitAPIRequest $request) { | protected function execute(ConduitAPIRequest $request) { | ||||
| $failed_attempts = PhabricatorUserLog::loadRecentEventsFromThisIP( | $failed_attempts = PhabricatorUserLog::loadRecentEventsFromThisIP( | ||||
| PhabricatorUserLog::ACTION_CONDUIT_CERTIFICATE_FAILURE, | PhabricatorConduitCertificateFailureUserLogType::LOGTYPE, | ||||
| 60 * 5); | 60 * 5); | ||||
| if (count($failed_attempts) > 5) { | if (count($failed_attempts) > 5) { | ||||
| $this->logFailure($request); | $this->logFailure($request); | ||||
| throw new ConduitException('ERR-RATE-LIMIT'); | throw new ConduitException('ERR-RATE-LIMIT'); | ||||
| } | } | ||||
| $token = $request->getValue('token'); | $token = $request->getValue('token'); | ||||
| $info = id(new PhabricatorConduitCertificateToken())->loadOneWhere( | $info = id(new PhabricatorConduitCertificateToken())->loadOneWhere( | ||||
| 'token = %s', | 'token = %s', | ||||
| trim($token)); | trim($token)); | ||||
| if (!$info || $info->getDateCreated() < time() - (60 * 15)) { | if (!$info || $info->getDateCreated() < time() - (60 * 15)) { | ||||
| $this->logFailure($request, $info); | $this->logFailure($request, $info); | ||||
| throw new ConduitException('ERR-BAD-TOKEN'); | throw new ConduitException('ERR-BAD-TOKEN'); | ||||
| } else { | } else { | ||||
| $log = PhabricatorUserLog::initializeNewLog( | $log = PhabricatorUserLog::initializeNewLog( | ||||
| $request->getUser(), | $request->getUser(), | ||||
| $info->getUserPHID(), | $info->getUserPHID(), | ||||
| PhabricatorUserLog::ACTION_CONDUIT_CERTIFICATE) | PhabricatorConduitCertificateUserLogType::LOGTYPE) | ||||
| ->save(); | ->save(); | ||||
| } | } | ||||
| $user = id(new PhabricatorUser())->loadOneWhere( | $user = id(new PhabricatorUser())->loadOneWhere( | ||||
| 'phid = %s', | 'phid = %s', | ||||
| $info->getUserPHID()); | $info->getUserPHID()); | ||||
| if (!$user) { | if (!$user) { | ||||
| throw new Exception(pht('Certificate token points to an invalid user!')); | throw new Exception(pht('Certificate token points to an invalid user!')); | ||||
| } | } | ||||
| return array( | return array( | ||||
| 'username' => $user->getUserName(), | 'username' => $user->getUserName(), | ||||
| 'certificate' => $user->getConduitCertificate(), | 'certificate' => $user->getConduitCertificate(), | ||||
| ); | ); | ||||
| } | } | ||||
| private function logFailure( | private function logFailure( | ||||
| ConduitAPIRequest $request, | ConduitAPIRequest $request, | ||||
| PhabricatorConduitCertificateToken $info = null) { | PhabricatorConduitCertificateToken $info = null) { | ||||
| $log = PhabricatorUserLog::initializeNewLog( | $log = PhabricatorUserLog::initializeNewLog( | ||||
| $request->getUser(), | $request->getUser(), | ||||
| $info ? $info->getUserPHID() : '-', | $info ? $info->getUserPHID() : '-', | ||||
| PhabricatorUserLog::ACTION_CONDUIT_CERTIFICATE_FAILURE) | PhabricatorConduitCertificateFailureUserLogType::LOGTYPE) | ||||
| ->save(); | ->save(); | ||||
| } | } | ||||
| } | } | ||||