Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F478400
ConduitGetCertificateConduitAPIMethod.php
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Flag For Later
Award Token
Size
2 KB
Referenced Files
None
Subscribers
None
ConduitGetCertificateConduitAPIMethod.php
View Options
<?php
final
class
ConduitGetCertificateConduitAPIMethod
extends
ConduitAPIMethod
{
public
function
getAPIMethodName
()
{
return
'conduit.getcertificate'
;
}
public
function
shouldRequireAuthentication
()
{
return
false
;
}
public
function
shouldAllowUnguardedWrites
()
{
// This method performs logging and is on the authentication pathway.
return
true
;
}
public
function
getMethodDescription
()
{
return
pht
(
'Retrieve certificate information for a user.'
);
}
protected
function
defineParamTypes
()
{
return
array
(
'token'
=>
'required string'
,
'host'
=>
'required string'
,
);
}
protected
function
defineReturnType
()
{
return
'dict<string, any>'
;
}
protected
function
defineErrorTypes
()
{
return
array
(
'ERR-BAD-TOKEN'
=>
pht
(
'Token does not exist or has expired.'
),
'ERR-RATE-LIMIT'
=>
pht
(
'You have made too many invalid token requests recently. Wait before '
.
'making more.'
),
);
}
protected
function
execute
(
ConduitAPIRequest
$request
)
{
$failed_attempts
=
PhabricatorUserLog
::
loadRecentEventsFromThisIP
(
PhabricatorConduitCertificateFailureUserLogType
::
LOGTYPE
,
60
*
5
);
if
(
count
(
$failed_attempts
)
>
5
)
{
$this
->
logFailure
(
$request
);
throw
new
ConduitException
(
'ERR-RATE-LIMIT'
);
}
$token
=
$request
->
getValue
(
'token'
);
$info
=
id
(
new
PhabricatorConduitCertificateToken
())->
loadOneWhere
(
'token = %s'
,
trim
(
$token
));
if
(!
$info
||
$info
->
getDateCreated
()
<
time
()
-
(
60
*
15
))
{
$this
->
logFailure
(
$request
,
$info
);
throw
new
ConduitException
(
'ERR-BAD-TOKEN'
);
}
else
{
$log
=
PhabricatorUserLog
::
initializeNewLog
(
$request
->
getUser
(),
$info
->
getUserPHID
(),
PhabricatorConduitCertificateUserLogType
::
LOGTYPE
)
->
save
();
}
$user
=
id
(
new
PhabricatorUser
())->
loadOneWhere
(
'phid = %s'
,
$info
->
getUserPHID
());
if
(!
$user
)
{
throw
new
Exception
(
pht
(
'Certificate token points to an invalid user!'
));
}
return
array
(
'username'
=>
$user
->
getUserName
(),
'certificate'
=>
$user
->
getConduitCertificate
(),
);
}
private
function
logFailure
(
ConduitAPIRequest
$request
,
?
PhabricatorConduitCertificateToken
$info
=
null
)
{
$log
=
PhabricatorUserLog
::
initializeNewLog
(
$request
->
getUser
(),
$info
?
$info
->
getUserPHID
()
:
'-'
,
PhabricatorConduitCertificateFailureUserLogType
::
LOGTYPE
)
->
save
();
}
}
File Metadata
Details
Attached
Mime Type
text/x-php
Expires
Wed, May 7, 8:01 AM (2 d)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
83034
Default Alt Text
ConduitGetCertificateConduitAPIMethod.php (2 KB)
Attached To
Mode
rP Phorge
Attached
Detach File
Event Timeline
Log In to Comment