[MediaWiki-commits] [Gerrit] Add necessary functions to $wgRedactedFunctionArguments - change (mediawiki...OAuth)

Fri, 04 Oct 2013 13:01:23 -0700 

Anomie has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/87617


Change subject: Add necessary functions to $wgRedactedFunctionArguments
......................................................................

Add necessary functions to $wgRedactedFunctionArguments

Any nonces or token secrets need to be redacted.

Bug: 54412
Change-Id: If3a17e2346e6bfa0d36e48ef0666164be9b221e7
---
M OAuth.php
M OAuth.setup.php
2 files changed, 19 insertions(+), 2 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/OAuth 
refs/changes/17/87617/1

diff --git a/OAuth.php b/OAuth.php
index a0deb37..cccdd03 100644
--- a/OAuth.php
+++ b/OAuth.php
@@ -36,7 +36,9 @@
 
 # Define were PHP files and i18n files are located
 require( __DIR__ . '/OAuth.setup.php' );
-MWOAuthSetup::defineSourcePaths( $wgAutoloadClasses, $wgExtensionMessagesFiles 
);
+MWOAuthSetup::defineSourcePaths(
+       $wgAutoloadClasses, $wgExtensionMessagesFiles, 
$wgRedactedFunctionArguments
+);
 
 # Setup steps that does not depend on configuration
 MWOAuthSetup::unconditionalSetup();
diff --git a/OAuth.setup.php b/OAuth.setup.php
index d1a4bcf..193fdc7 100644
--- a/OAuth.setup.php
+++ b/OAuth.setup.php
@@ -9,9 +9,12 @@
         *
         * @param $classes Array $classes
         * @param $messagesFiles Array $messagesFiles
+        * @param $redactedFunctionArgs Array $redactedFunctionArgs
         * @return void
         */
-       public static function defineSourcePaths( array &$classes, array 
&$messagesFiles ) {
+       public static function defineSourcePaths(
+               array &$classes, array &$messagesFiles, array 
&$redactedFunctionArgs
+       ) {
                $dir = __DIR__;
 
                # Basic directory layout
@@ -79,6 +82,18 @@
 
                # Schema changes
                $classes['MWOAuthUpdaterHooks'] = 
"$schemaDir/MWOAuthUpdater.hooks.php";
+
+               # Indicate functions with arguments that need redaction
+               $redactedFunctionArgs += array(
+                       'MWOAuthDAO::setField' => 1, # $value could be a secret
+                       'MWOAuthUtils::hmacDBSecret' => 0,
+                       'OAuthConsumer::__construct' => 1,
+                       'OAuthToken::__construct' => 1,
+                       'OAuthRequest::set_parameter' => 1, # $value could be 
the nonce
+                       'OAuthServer::check_nonce' => 2,
+                       'OAuthDataStore::lookup_nonce' => 2,
+                       'OAuthUtil::urlencode_rfc3986' => 0, # Value being 
encoded may contain secrets
+               );
        }
 
        /**

-- 
To view, visit https://gerrit.wikimedia.org/r/87617
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: If3a17e2346e6bfa0d36e48ef0666164be9b221e7
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/OAuth
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to