[MediaWiki-commits] [Gerrit] Prevent CentralAuth tokens if OAuth is used - change (mediawiki...OAuth)

Fri, 16 Aug 2013 15:55:36 -0700 

CSteipp has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/79441


Change subject: Prevent CentralAuth tokens if OAuth is used
......................................................................

Prevent CentralAuth tokens if OAuth is used

Prevent OAuth requests from asking for a centralauthtoken

Change-Id: Icd3c80e1c9f4f2404ac140b5c137d4142c479859
---
M api/MWOAuthAPI.setup.php
1 file changed, 14 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/OAuth 
refs/changes/41/79441/1

diff --git a/api/MWOAuthAPI.setup.php b/api/MWOAuthAPI.setup.php
index c8fb174..0af2377 100644
--- a/api/MWOAuthAPI.setup.php
+++ b/api/MWOAuthAPI.setup.php
@@ -17,6 +17,7 @@
                $wgHooks['UserIsEveryoneAllowed'][] = __CLASS__ . 
'::onUserIsEveryoneAllowed';
                $wgHooks['ApiCheckCanExecute'][] = __CLASS__ . 
'::onApiCheckCanExecute';
                $wgHooks['RecentChange_save'][] = __CLASS__ . 
'::onRecentChange_save';
+               $wgHooks['CentralAuthAbortCentralAuthToken'][] = __CLASS__ . 
'::onCentralAuthAbortCentralAuthToken';
        }
 
        /**
@@ -246,4 +247,17 @@
                }
                return true;
        }
+
+       /**
+        * Prevent CentralAuth from issuing centralauthtokens if we have
+        * OAuth headers in this request.
+        * @return boolean
+        */
+       public static function onCentralAuthAbortCentralAuthToken() {
+               $request = RequestContext::getMain()->getRequest();
+               if ( MWOAuthUtils::hasOAuthHeaders( $request ) ) {
+                       return false;
+               }
+               return true;
+       }
 }

-- 
To view, visit https://gerrit.wikimedia.org/r/79441
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Icd3c80e1c9f4f2404ac140b5c137d4142c479859
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/OAuth
Gerrit-Branch: master
Gerrit-Owner: CSteipp <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to