jenkins-bot has submitted this change and it was merged.
Change subject: Add necessary functions to $wgRedactedFunctionArguments
......................................................................
Add necessary functions to $wgRedactedFunctionArguments
Any nonces or token secrets need to be redacted.
Bug: 54412
Change-Id: If3a17e2346e6bfa0d36e48ef0666164be9b221e7
---
M OAuth.php
M OAuth.setup.php
2 files changed, 19 insertions(+), 2 deletions(-)
Approvals:
CSteipp: Looks good to me, but someone else must approve
Aaron Schulz: Looks good to me, approved
jenkins-bot: Verified
diff --git a/OAuth.php b/OAuth.php
index a0deb37..cccdd03 100644
--- a/OAuth.php
+++ b/OAuth.php
@@ -36,7 +36,9 @@
# Define were PHP files and i18n files are located
require( __DIR__ . '/OAuth.setup.php' );
-MWOAuthSetup::defineSourcePaths( $wgAutoloadClasses, $wgExtensionMessagesFiles
);
+MWOAuthSetup::defineSourcePaths(
+ $wgAutoloadClasses, $wgExtensionMessagesFiles,
$wgRedactedFunctionArguments
+);
# Setup steps that does not depend on configuration
MWOAuthSetup::unconditionalSetup();
diff --git a/OAuth.setup.php b/OAuth.setup.php
index d1a4bcf..193fdc7 100644
--- a/OAuth.setup.php
+++ b/OAuth.setup.php
@@ -9,9 +9,12 @@
*
* @param $classes Array $classes
* @param $messagesFiles Array $messagesFiles
+ * @param $redactedFunctionArgs Array $redactedFunctionArgs
* @return void
*/
- public static function defineSourcePaths( array &$classes, array
&$messagesFiles ) {
+ public static function defineSourcePaths(
+ array &$classes, array &$messagesFiles, array
&$redactedFunctionArgs
+ ) {
$dir = __DIR__;
# Basic directory layout
@@ -79,6 +82,18 @@
# Schema changes
$classes['MWOAuthUpdaterHooks'] =
"$schemaDir/MWOAuthUpdater.hooks.php";
+
+ # Indicate functions with arguments that need redaction
+ $redactedFunctionArgs += array(
+ 'MWOAuthDAO::setField' => 1, # $value could be a secret
+ 'MWOAuthUtils::hmacDBSecret' => 0,
+ 'OAuthConsumer::__construct' => 1,
+ 'OAuthToken::__construct' => 1,
+ 'OAuthRequest::set_parameter' => 1, # $value could be
the nonce
+ 'OAuthServer::check_nonce' => 2,
+ 'OAuthDataStore::lookup_nonce' => 2,
+ 'OAuthUtil::urlencode_rfc3986' => 0, # Value being
encoded may contain secrets
+ );
}
/**
--
To view, visit https://gerrit.wikimedia.org/r/87617
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: If3a17e2346e6bfa0d36e48ef0666164be9b221e7
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/OAuth
Gerrit-Branch: master
Gerrit-Owner: Anomie <[email protected]>
Gerrit-Reviewer: Aaron Schulz <[email protected]>
Gerrit-Reviewer: Anomie <[email protected]>
Gerrit-Reviewer: CSteipp <[email protected]>
Gerrit-Reviewer: jenkins-bot
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
