Merge "Import: Handle uploads with sha1 starting with 0 properly"
[mediawiki.git] / includes / api / ApiCheckToken.php
blob28c6ece7c09aca93a99a71ab9221503c3d0a2fc3
1 <?php
2 /**
3 * Created on Jan 29, 2015
5 * Copyright © 2015 Brad Jorsch bjorsch@wikimedia.org
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License along
18 * with this program; if not, write to the Free Software Foundation, Inc.,
19 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 * http://www.gnu.org/copyleft/gpl.html
22 * @file
25 /**
26 * @since 1.25
27 * @ingroup API
29 class ApiCheckToken extends ApiBase {
31 public function execute() {
32 $params = $this->extractRequestParams();
33 $token = $params['token'];
34 $maxage = $params['maxtokenage'];
35 $request = $this->getRequest();
36 $salts = ApiQueryTokens::getTokenTypeSalts();
37 $salt = $salts[$params['type']];
39 $res = array();
41 if ( $this->getUser()->matchEditToken( $token, $salt, $request, $maxage ) ) {
42 $res['result'] = 'valid';
43 } elseif ( $maxage !== null && $this->getUser()->matchEditToken( $token, $salt, $request ) ) {
44 $res['result'] = 'expired';
45 } else {
46 $res['result'] = 'invalid';
49 $ts = User::getEditTokenTimestamp( $token );
50 if ( $ts !== null ) {
51 $mwts = new MWTimestamp();
52 $mwts->timestamp->setTimestamp( $ts );
53 $res['generated'] = $mwts->getTimestamp( TS_ISO_8601 );
56 $this->getResult()->addValue( null, $this->getModuleName(), $res );
59 public function getAllowedParams() {
60 return array(
61 'type' => array(
62 ApiBase::PARAM_TYPE => array_keys( ApiQueryTokens::getTokenTypeSalts() ),
63 ApiBase::PARAM_REQUIRED => true,
65 'token' => array(
66 ApiBase::PARAM_TYPE => 'string',
67 ApiBase::PARAM_REQUIRED => true,
69 'maxtokenage' => array(
70 ApiBase::PARAM_TYPE => 'integer',
75 protected function getExamplesMessages() {
76 return array(
77 'action=checktoken&type=csrf&token=123ABC'
78 => 'apihelp-checktoken-example-simple',