[MediaWiki-commits] [Gerrit] mediawiki...OAuth[master]: Fix bugs with handling of missing request parameters
jenkins-bot has submitted this change and it was merged.
Change subject: Fix bugs with handling of missing request parameters
..
Fix bugs with handling of missing request parameters
* make MWOAuthDAO methods type-safe in the face of MySQL non-strict
mode weirdness
* throw an exception when cancelled with an invalid consumer key
(should not happen under normal circumstances as the authorization
dialog won't display)
* fix phpdoc so it's easier to follow in an IDE what happens
Bug: T147414
Change-Id: Ibb938ccb9bfae6c52444f7676dc475f6a3024cd8
---
M backend/MWOAuthConsumer.php
M backend/MWOAuthConsumerAcceptance.php
M backend/MWOAuthDAO.php
M backend/MWOAuthDataStore.php
M backend/MWOAuthServer.php
M frontend/specialpages/SpecialMWOAuth.php
6 files changed, 21 insertions(+), 10 deletions(-)
Approvals:
Anomie: Looks good to me, approved
jenkins-bot: Verified
diff --git a/backend/MWOAuthConsumer.php b/backend/MWOAuthConsumer.php
index 2289888..d63fde3 100644
--- a/backend/MWOAuthConsumer.php
+++ b/backend/MWOAuthConsumer.php
@@ -163,7 +163,7 @@
public static function newFromKey( \DBConnRef $db, $key, $flags = 0 ) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( 'oarc_consumer_key' => $key ),
+ array( 'oarc_consumer_key' => (string)$key ),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
);
@@ -190,7 +190,11 @@
) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( 'oarc_name' => $name, 'oarc_version' =>
$version, 'oarc_user_id' => $userId ),
+ array(
+ 'oarc_name' => (string)$name,
+ 'oarc_version' => (string)$version,
+ 'oarc_user_id' => (int)$userId
+ ),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
);
diff --git a/backend/MWOAuthConsumerAcceptance.php
b/backend/MWOAuthConsumerAcceptance.php
index 1851278..474f992 100644
--- a/backend/MWOAuthConsumerAcceptance.php
+++ b/backend/MWOAuthConsumerAcceptance.php
@@ -81,7 +81,7 @@
public static function newFromToken( \DBConnRef $db, $token, $flags = 0
) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( 'oaac_access_token' => $token ),
+ array( 'oaac_access_token' => (string)$token ),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
);
@@ -108,9 +108,10 @@
) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( 'oaac_user_id' => $userId,
+ array(
+ 'oaac_user_id' => (int)$userId,
'oaac_consumer_id' => $consumer->get( 'id' ),
- 'oaac_wiki' => $wiki
+ 'oaac_wiki' => (string)$wiki
),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
diff --git a/backend/MWOAuthDAO.php b/backend/MWOAuthDAO.php
index 6b3d76f..62683e9 100644
--- a/backend/MWOAuthDAO.php
+++ b/backend/MWOAuthDAO.php
@@ -75,7 +75,7 @@
final public static function newFromId( \DBConnRef $db, $id, $flags = 0
) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( static::getIdColumn() => $id ),
+ array( static::getIdColumn() => (int)$id ),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
);
diff --git a/backend/MWOAuthDataStore.php b/backend/MWOAuthDataStore.php
index 2dd2d81..76de10f 100644
--- a/backend/MWOAuthDataStore.php
+++ b/backend/MWOAuthDataStore.php
@@ -149,7 +149,7 @@
* Return a consumer key associated with the given request token.
*
* @param MWOAuthToken $requestToken the request token
-* @return String the consumer key
+* @return string|false the consumer key or false if nothing is stored
for the request token
*/
public function getConsumerKey( $requestToken ) {
$cacheKey = MWOAuthUtils::getCacheKey( 'consumer', 'request',
$requestToken );
@@
[MediaWiki-commits] [Gerrit] mediawiki...OAuth[master]: Fix bugs with handling of missing request parameters
Gergő Tisza has uploaded a new change for review.
https://gerrit.wikimedia.org/r/315346
Change subject: Fix bugs with handling of missing request parameters
..
Fix bugs with handling of missing request parameters
* make MWOAuthDAO methods type-safe in the face of MySQL non-strict
mode weirdness
* throw an exception when cancelled with an invalid consumer key
(should not happen under normal circumstances as the authorization
dialog won't display)
* fix phpdoc so it's easier to follow in an IDE what happens
Bug: T147414
Change-Id: Ibb938ccb9bfae6c52444f7676dc475f6a3024cd8
---
M backend/MWOAuthConsumer.php
M backend/MWOAuthConsumerAcceptance.php
M backend/MWOAuthDAO.php
M backend/MWOAuthDataStore.php
M backend/MWOAuthServer.php
M frontend/specialpages/SpecialMWOAuth.php
6 files changed, 21 insertions(+), 10 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/OAuth
refs/changes/46/315346/1
diff --git a/backend/MWOAuthConsumer.php b/backend/MWOAuthConsumer.php
index 2289888..d63fde3 100644
--- a/backend/MWOAuthConsumer.php
+++ b/backend/MWOAuthConsumer.php
@@ -163,7 +163,7 @@
public static function newFromKey( \DBConnRef $db, $key, $flags = 0 ) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( 'oarc_consumer_key' => $key ),
+ array( 'oarc_consumer_key' => (string)$key ),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
);
@@ -190,7 +190,11 @@
) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( 'oarc_name' => $name, 'oarc_version' =>
$version, 'oarc_user_id' => $userId ),
+ array(
+ 'oarc_name' => (string)$name,
+ 'oarc_version' => (string)$version,
+ 'oarc_user_id' => (int)$userId
+ ),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
);
diff --git a/backend/MWOAuthConsumerAcceptance.php
b/backend/MWOAuthConsumerAcceptance.php
index 1851278..474f992 100644
--- a/backend/MWOAuthConsumerAcceptance.php
+++ b/backend/MWOAuthConsumerAcceptance.php
@@ -81,7 +81,7 @@
public static function newFromToken( \DBConnRef $db, $token, $flags = 0
) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( 'oaac_access_token' => $token ),
+ array( 'oaac_access_token' => (string)$token ),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
);
@@ -108,9 +108,10 @@
) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( 'oaac_user_id' => $userId,
+ array(
+ 'oaac_user_id' => (int)$userId,
'oaac_consumer_id' => $consumer->get( 'id' ),
- 'oaac_wiki' => $wiki
+ 'oaac_wiki' => (string)$wiki
),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
diff --git a/backend/MWOAuthDAO.php b/backend/MWOAuthDAO.php
index 6b3d76f..62683e9 100644
--- a/backend/MWOAuthDAO.php
+++ b/backend/MWOAuthDAO.php
@@ -75,7 +75,7 @@
final public static function newFromId( \DBConnRef $db, $id, $flags = 0
) {
$row = $db->selectRow( static::getTable(),
array_values( static::getFieldColumnMap() ),
- array( static::getIdColumn() => $id ),
+ array( static::getIdColumn() => (int)$id ),
__METHOD__,
( $flags & self::READ_LOCKING ) ? array( 'FOR UPDATE' )
: array()
);
diff --git a/backend/MWOAuthDataStore.php b/backend/MWOAuthDataStore.php
index 2dd2d81..76de10f 100644
--- a/backend/MWOAuthDataStore.php
+++ b/backend/MWOAuthDataStore.php
@@ -149,7 +149,7 @@
* Return a consumer key associated with the given request token.
*
* @param MWOAuthToken $requestToken the request token
-* @return String the consumer key
+* @return string|false the consumer key or false if nothing is stored
for the request token
*/
public function getConsumerKey( $requestToken ) {
$cacheKey =
