2016-06-08 20:30:51 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
use MediaWiki\Logger\LoggerFactory;
|
2020-05-21 04:22:38 +00:00
|
|
|
use MediaWiki\MediaWikiServices;
|
2016-07-12 20:04:36 +00:00
|
|
|
use MediaWiki\Session\SessionManager;
|
2021-06-24 19:21:49 +00:00
|
|
|
use MediaWiki\User\UserIdentity;
|
2016-06-08 20:30:51 +00:00
|
|
|
|
|
|
|
class EchoForeignWikiRequest {
|
|
|
|
|
2019-01-04 14:03:05 +00:00
|
|
|
/** @var User */
|
|
|
|
protected $user;
|
|
|
|
|
|
|
|
/** @var array */
|
|
|
|
protected $params;
|
|
|
|
|
|
|
|
/** @var array */
|
|
|
|
protected $wikis;
|
|
|
|
|
2020-12-16 21:31:09 +00:00
|
|
|
/** @var string|null */
|
2019-01-04 14:03:05 +00:00
|
|
|
protected $wikiParam;
|
|
|
|
|
|
|
|
/** @var string */
|
|
|
|
protected $method;
|
|
|
|
|
|
|
|
/** @var string|null */
|
|
|
|
protected $tokenType;
|
|
|
|
|
|
|
|
/** @var string[]|null */
|
|
|
|
protected $csrfTokens;
|
|
|
|
|
2016-06-08 20:30:51 +00:00
|
|
|
/**
|
2018-06-17 16:56:02 +00:00
|
|
|
* @param User $user
|
2017-06-20 02:41:30 +00:00
|
|
|
* @param array $params Request parameters
|
|
|
|
* @param array $wikis Wikis to send the request to
|
2018-05-26 02:15:41 +00:00
|
|
|
* @param string|null $wikiParam Parameter name to set to the name of the wiki
|
2018-08-30 00:30:06 +00:00
|
|
|
* @param string|null $postToken If set, use POST requests and inject a token of this type;
|
|
|
|
* if null, use GET requests.
|
2016-06-08 20:30:51 +00:00
|
|
|
*/
|
2018-08-30 00:30:06 +00:00
|
|
|
public function __construct( User $user, array $params, array $wikis, $wikiParam = null, $postToken = null ) {
|
2016-06-08 20:30:51 +00:00
|
|
|
$this->user = $user;
|
|
|
|
$this->params = $params;
|
|
|
|
$this->wikis = $wikis;
|
|
|
|
$this->wikiParam = $wikiParam;
|
2018-08-30 00:30:06 +00:00
|
|
|
$this->method = $postToken === null ? 'GET' : 'POST';
|
|
|
|
$this->tokenType = $postToken;
|
|
|
|
|
|
|
|
$this->csrfTokens = null;
|
2016-06-08 20:30:51 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Execute the request
|
2021-10-21 11:19:39 +00:00
|
|
|
* @param WebRequest|null $originalRequest Original request data to be sent with these requests
|
2018-08-13 07:25:22 +00:00
|
|
|
* @return array[] [ wiki => result ]
|
2016-06-08 20:30:51 +00:00
|
|
|
*/
|
2021-10-21 11:19:39 +00:00
|
|
|
public function execute( ?WebRequest $originalRequest = null ) {
|
2016-07-19 00:18:25 +00:00
|
|
|
if ( !$this->canUseCentralAuth() ) {
|
2016-12-05 18:51:07 +00:00
|
|
|
return [];
|
2016-07-12 07:05:30 +00:00
|
|
|
}
|
|
|
|
|
2021-10-21 11:19:39 +00:00
|
|
|
$reqs = $this->getRequestParams(
|
|
|
|
$this->method,
|
|
|
|
function ( string $wiki ) use ( $originalRequest ) {
|
|
|
|
return $this->getQueryParams( $wiki, $originalRequest );
|
|
|
|
},
|
|
|
|
$originalRequest
|
|
|
|
);
|
2016-06-08 20:30:51 +00:00
|
|
|
return $this->doRequests( $reqs );
|
|
|
|
}
|
|
|
|
|
2021-06-24 19:21:49 +00:00
|
|
|
/**
|
|
|
|
* @param UserIdentity $user
|
|
|
|
* @return int
|
|
|
|
*/
|
2016-07-12 18:52:43 +00:00
|
|
|
protected function getCentralId( $user ) {
|
2021-06-24 19:21:49 +00:00
|
|
|
return MediaWikiServices::getInstance()
|
|
|
|
->getCentralIdLookup()
|
|
|
|
->centralIdFromLocalUser( $user, CentralIdLookup::AUDIENCE_RAW );
|
2016-07-12 18:52:43 +00:00
|
|
|
}
|
|
|
|
|
2016-07-19 00:18:25 +00:00
|
|
|
protected function canUseCentralAuth() {
|
2020-01-27 01:52:28 +00:00
|
|
|
global $wgFullyInitialised;
|
2016-07-12 20:04:36 +00:00
|
|
|
|
|
|
|
return $wgFullyInitialised &&
|
2020-01-27 01:52:28 +00:00
|
|
|
RequestContext::getMain()->getUser()->isSafeToLoad() &&
|
2016-07-18 21:49:43 +00:00
|
|
|
$this->user->isSafeToLoad() &&
|
2016-07-12 20:04:36 +00:00
|
|
|
SessionManager::getGlobalSession()->getProvider() instanceof CentralAuthSessionProvider &&
|
|
|
|
$this->getCentralId( $this->user ) !== 0;
|
2016-07-12 07:05:30 +00:00
|
|
|
}
|
|
|
|
|
2016-06-08 20:30:51 +00:00
|
|
|
/**
|
2016-07-12 18:52:43 +00:00
|
|
|
* Returns CentralAuth token, or null on failure.
|
|
|
|
*
|
2016-06-08 20:30:51 +00:00
|
|
|
* @param User $user
|
2016-07-12 18:52:43 +00:00
|
|
|
* @return string|null
|
2016-06-08 20:30:51 +00:00
|
|
|
*/
|
2016-07-12 22:45:31 +00:00
|
|
|
protected function getCentralAuthToken( User $user ) {
|
2016-06-08 20:30:51 +00:00
|
|
|
$context = new RequestContext;
|
2016-12-05 18:51:07 +00:00
|
|
|
$context->setRequest( new FauxRequest( [ 'action' => 'centralauthtoken' ] ) );
|
2016-06-08 20:30:51 +00:00
|
|
|
$context->setUser( $user );
|
|
|
|
|
|
|
|
$api = new ApiMain( $context );
|
|
|
|
|
2016-07-12 18:52:43 +00:00
|
|
|
try {
|
|
|
|
$api->execute();
|
|
|
|
|
2016-12-05 18:51:07 +00:00
|
|
|
return $api->getResult()->getResultData( [ 'centralauthtoken', 'centralauthtoken' ] );
|
2016-07-12 18:52:43 +00:00
|
|
|
} catch ( Exception $ex ) {
|
|
|
|
LoggerFactory::getInstance( 'Echo' )->debug(
|
2018-08-25 10:51:14 +00:00
|
|
|
'Exception when fetching CentralAuth token: wiki: {wiki}, userName: {userName}, ' .
|
|
|
|
'userId: {userId}, centralId: {centralId}, exception: {exception}',
|
2016-12-05 18:51:07 +00:00
|
|
|
[
|
2021-12-21 00:47:31 +00:00
|
|
|
'wiki' => WikiMap::getCurrentWikiId(),
|
2016-07-12 18:52:43 +00:00
|
|
|
'userName' => $user->getName(),
|
|
|
|
'userId' => $user->getId(),
|
|
|
|
'centralId' => $this->getCentralId( $user ),
|
|
|
|
'exception' => $ex,
|
2016-12-05 18:51:07 +00:00
|
|
|
]
|
2016-07-12 18:52:43 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
MWExceptionHandler::logException( $ex );
|
|
|
|
|
|
|
|
return null;
|
|
|
|
}
|
2016-06-08 20:30:51 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2018-08-30 00:30:06 +00:00
|
|
|
* Get the CSRF token for a given wiki.
|
|
|
|
* This method fetches the tokens for all requested wikis at once and caches the result.
|
|
|
|
*
|
|
|
|
* @param string $wiki Name of the wiki to get a token for
|
2021-10-21 11:19:39 +00:00
|
|
|
* @param WebRequest|null $originalRequest Original request data to be sent with these requests
|
2019-03-11 13:25:18 +00:00
|
|
|
* @suppress PhanTypeInvalidCallableArraySize getRequestParams can take an array, too (phan bug)
|
2021-02-17 09:08:33 +00:00
|
|
|
* @return string Token, or empty string if an unable to retrieve the token.
|
2018-08-30 00:30:06 +00:00
|
|
|
*/
|
2021-10-21 11:19:39 +00:00
|
|
|
protected function getCsrfToken( $wiki, ?WebRequest $originalRequest ) {
|
2018-08-30 00:30:06 +00:00
|
|
|
if ( $this->csrfTokens === null ) {
|
2019-11-07 19:35:03 +00:00
|
|
|
$this->csrfTokens = [];
|
2018-08-30 00:30:06 +00:00
|
|
|
$reqs = $this->getRequestParams( 'GET', [
|
|
|
|
'action' => 'query',
|
|
|
|
'meta' => 'tokens',
|
|
|
|
'type' => $this->tokenType,
|
|
|
|
'format' => 'json',
|
|
|
|
'centralauthtoken' => $this->getCentralAuthToken( $this->user ),
|
2021-10-21 11:19:39 +00:00
|
|
|
], $originalRequest );
|
2018-08-30 00:30:06 +00:00
|
|
|
$responses = $this->doRequests( $reqs );
|
|
|
|
foreach ( $responses as $w => $response ) {
|
2021-02-17 09:08:33 +00:00
|
|
|
if ( isset( $response['query']['tokens']['csrftoken'] ) ) {
|
|
|
|
$this->csrfTokens[$w] = $response['query']['tokens']['csrftoken'];
|
|
|
|
} else {
|
|
|
|
LoggerFactory::getInstance( 'Echo' )->warning(
|
|
|
|
__METHOD__ . ': Unexpected CSRF token API response from {wiki}',
|
|
|
|
[
|
|
|
|
'wiki' => $wiki,
|
|
|
|
'response' => $response,
|
|
|
|
]
|
|
|
|
);
|
|
|
|
}
|
2018-08-30 00:30:06 +00:00
|
|
|
}
|
|
|
|
}
|
2021-02-17 09:08:33 +00:00
|
|
|
return $this->csrfTokens[$wiki] ?? '';
|
2018-08-30 00:30:06 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param string $method 'GET' or 'POST'
|
|
|
|
* @param array|callable $params Associative array of query string / POST parameters,
|
|
|
|
* or a callback that takes a wiki name and returns such an array
|
2021-10-21 11:19:39 +00:00
|
|
|
* @param WebRequest|null $originalRequest Original request data to be sent with these requests
|
2018-08-30 00:30:06 +00:00
|
|
|
* @return array[] Array of request parameters to pass to doRequests(), keyed by wiki name
|
2016-06-08 20:30:51 +00:00
|
|
|
*/
|
2021-10-21 11:19:39 +00:00
|
|
|
protected function getRequestParams( $method, $params, ?WebRequest $originalRequest ) {
|
2016-06-08 20:30:51 +00:00
|
|
|
$apis = EchoForeignNotifications::getApiEndpoints( $this->wikis );
|
|
|
|
if ( !$apis ) {
|
2016-12-05 18:51:07 +00:00
|
|
|
return [];
|
2016-06-08 20:30:51 +00:00
|
|
|
}
|
|
|
|
|
2016-12-05 18:51:07 +00:00
|
|
|
$reqs = [];
|
2016-06-08 20:30:51 +00:00
|
|
|
foreach ( $apis as $wiki => $api ) {
|
2018-08-30 00:30:06 +00:00
|
|
|
$queryKey = $method === 'POST' ? 'body' : 'query';
|
2016-12-05 18:51:07 +00:00
|
|
|
$reqs[$wiki] = [
|
2018-08-30 00:30:06 +00:00
|
|
|
'method' => $method,
|
2016-06-08 20:30:51 +00:00
|
|
|
'url' => $api['url'],
|
2019-03-01 22:34:38 +00:00
|
|
|
$queryKey => is_callable( $params ) ? $params( $wiki ) : $params
|
2016-12-05 18:51:07 +00:00
|
|
|
];
|
2021-10-21 11:19:39 +00:00
|
|
|
|
|
|
|
if ( $originalRequest ) {
|
|
|
|
$reqs[$wiki]['headers'] = [
|
|
|
|
'X-Forwarded-For' => $originalRequest->getIP(),
|
|
|
|
'User-Agent' => (
|
|
|
|
$originalRequest->getHeader( 'User-Agent' )
|
|
|
|
. ' (via EchoForeignWikiRequest MediaWiki/' . MW_VERSION . ')'
|
|
|
|
),
|
|
|
|
];
|
|
|
|
}
|
2016-06-08 20:30:51 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return $reqs;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param string $wiki Wiki name
|
2021-10-21 11:19:39 +00:00
|
|
|
* @param WebRequest|null $originalRequest Original request data to be sent with these requests
|
2016-06-08 20:30:51 +00:00
|
|
|
* @return array
|
|
|
|
*/
|
2021-10-21 11:19:39 +00:00
|
|
|
protected function getQueryParams( $wiki, ?WebRequest $originalRequest ) {
|
2016-12-05 18:51:07 +00:00
|
|
|
$extraParams = [];
|
2016-06-08 20:30:51 +00:00
|
|
|
if ( $this->wikiParam ) {
|
|
|
|
// Only request data from that specific wiki, or they'd all spawn
|
|
|
|
// cross-wiki api requests...
|
|
|
|
$extraParams[$this->wikiParam] = $wiki;
|
|
|
|
}
|
2018-08-30 00:30:06 +00:00
|
|
|
if ( $this->method === 'POST' ) {
|
2021-10-21 11:19:39 +00:00
|
|
|
$extraParams['token'] = $this->getCsrfToken( $wiki, $originalRequest );
|
2018-08-30 00:30:06 +00:00
|
|
|
}
|
2016-06-08 20:30:51 +00:00
|
|
|
|
2016-12-05 18:51:07 +00:00
|
|
|
return [
|
2016-06-08 20:30:51 +00:00
|
|
|
'centralauthtoken' => $this->getCentralAuthToken( $this->user ),
|
|
|
|
// once all the results are gathered & merged, they'll be output in the
|
|
|
|
// user requested format
|
|
|
|
// but this is going to be an internal request & we don't want those
|
|
|
|
// results in the format the user requested but in a fixed format that
|
|
|
|
// we can interpret here
|
|
|
|
'format' => 'json',
|
2016-12-05 18:51:07 +00:00
|
|
|
] + $extraParams + $this->params;
|
2016-06-08 20:30:51 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param array $reqs API request params
|
2018-08-13 07:25:22 +00:00
|
|
|
* @return array[]
|
2016-06-08 20:30:51 +00:00
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
protected function doRequests( array $reqs ) {
|
2020-05-21 04:22:38 +00:00
|
|
|
$http = MediaWikiServices::getInstance()->getHttpRequestFactory()->createMultiClient();
|
2016-06-08 20:30:51 +00:00
|
|
|
$responses = $http->runMulti( $reqs );
|
|
|
|
|
2016-12-05 18:51:07 +00:00
|
|
|
$results = [];
|
2016-06-08 20:30:51 +00:00
|
|
|
foreach ( $responses as $wiki => $response ) {
|
|
|
|
$statusCode = $response['response']['code'];
|
|
|
|
|
|
|
|
if ( $statusCode >= 200 && $statusCode <= 299 ) {
|
|
|
|
$parsed = json_decode( $response['response']['body'], true );
|
|
|
|
if ( $parsed ) {
|
|
|
|
$results[$wiki] = $parsed;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( !isset( $results[$wiki] ) ) {
|
|
|
|
LoggerFactory::getInstance( 'Echo' )->warning(
|
2023-03-19 23:48:10 +00:00
|
|
|
'Failed to fetch API response from {wiki}. Error: {error}',
|
2016-12-05 18:51:07 +00:00
|
|
|
[
|
2016-06-08 20:30:51 +00:00
|
|
|
'wiki' => $wiki,
|
2023-03-19 23:48:10 +00:00
|
|
|
'error' => $response['response']['error'] ?? 'unknown',
|
|
|
|
'statusCode' => $statusCode,
|
2021-12-01 01:31:53 +00:00
|
|
|
'response' => $response['response'],
|
2016-06-08 20:30:51 +00:00
|
|
|
'request' => $reqs[$wiki],
|
2016-12-05 18:51:07 +00:00
|
|
|
]
|
2016-06-08 20:30:51 +00:00
|
|
|
);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return $results;
|
|
|
|
}
|
|
|
|
}
|