Commit graph

30 commits

Author SHA1 Message Date
Gergő Tisza 79ee292ca4
Fix logging of cross-wiki API errors
Error messages included a non-existent 'code' parameter; use the
curl error message instead. Also log the error status (which is
there somewhere in 'response' but logstash doesn't manipulate JSON
fields well).

Bug: T328128
Change-Id: If295d7a3b397b22301986a226a54df908c2ccf4d
2023-03-19 16:48:10 -07:00
Taavi Väänänen 30306fd923 SECURITY: Send original client info on x-wiki requests
Bug: T285116
Change-Id: I0551fe64042676f8a2b35afb82a3b4e9c09ea673
2022-04-04 15:42:18 -05:00
Alexander Vorwerk ce7532b212 Replace usages of deprecated wfWikiID()
The global function wfWikiID() is deprecated since 1.35 and it's usages
should be replaced with WikiMap::getCurrentWikiId().

Bug: T298059
Change-Id: Ia8cbc992eb80ee6d531cf11bdf2bc06181bce8b0
2021-12-21 02:01:11 +00:00
Cole White fea3813907 Pass entire response object to response attribute
Fixes mapper parsing errors in Logstash because most other producers
generate the response field as an object.

Bug: T239458
Change-Id: I95436dce23efde7f4aa460007187a7544cc36462
2021-12-01 01:31:53 +00:00
Urbanecm 055ee16c1c Revert "Use namespaced CentralAuthSessionProvider"
This reverts commit 393aace621.

Reason for revert: namespacing reverted in I1d358d178a3999e82e7a25e17851c3cf60d7ddaa.

Change-Id: If4f7ddf51cbd63dc782e61b389b3f45effc13299
2021-10-07 19:29:20 +00:00
Alexander Vorwerk 393aace621 Use namespaced CentralAuthSessionProvider
Change-Id: I56fbd065cbb4f1f0c882759e8a5d6d0ffb4dcec1
2021-09-29 22:28:47 +02:00
Petr Pchelko a10b0b07c8 Use CentralIdLookupFactory and pass UserIdentity
Change-Id: I44144df7cf244eb867c1b261c10cc29b020f8409
2021-07-21 19:23:42 -07:00
DannyS712 3269afae8e Remove use of global $wgUser
This partially reverts commit 83a181ce9c
and fully reverts 82896eff62

To avoid regressing to the errors from T139665, check if the user
retrieved from RequestContext::getMain()->getUser() is safe to load
instead of $wgUser, still in addition to the other checks that
EchoForeignWikiRequest::$user is safe to load.

Bug: T243732
Change-Id: I22c4918fc7e8b3d1364a95de3958c055059971b8
2021-07-14 04:57:34 +00:00
Kosta Harlan 294ed3c2cb ForeignWikiRequest: Guard against bad response
See also I4dde4e3bb4ff2ea8b7669bb18b2689410e5e7713

Bug: T274408
Change-Id: I3ab7d0a4b58a150fe940bc8441b5fb127142ad9f
2021-02-17 10:11:10 +01:00
Umherirrender d7556b1d96 Add missing @var and improve documentation
Change-Id: I729d5ff5afd4d45022fa0a4e42d060d35543b567
2020-12-17 20:55:49 +01:00
Reedy 82896eff62 Ignore usage of $wgUser
Bug: T262110
Change-Id: Ia4a24d0216ce33d3ae915c12619c149d54d321b2
2020-09-05 03:16:37 +00:00
Tim Starling 5252624729 Use HttpRequestFactory::createMultiClient()
Use the globally configured request timeout instead of MultiHttpClient's
hard-coded default. This means that the request timeout for
ForeignWikiRequest will typically be reduced from 900s to 25s.

Bug: T245170
Depends-On: I8252f6c854b98059f4916d5460ea71cf4b580149
Change-Id: I1c3d96720709253ad15bb8528cdd132571de2e4e
2020-05-21 14:23:28 +10:00
Umherirrender f62ab66363 build: Updating mediawiki/mediawiki-phan-config to 0.8.0
Bug: T235049
Change-Id: I93844dc6fae8a3dca3ced591d43caa2f994ba2f1
2019-11-18 20:03:13 +01:00
Daimona Eaytoy e21e3b4a8d Add phan
Change-Id: I65ae6adc10941c05a2646e551b1baa829e4e8654
2019-04-10 18:51:59 +02:00
Derick Alangi 3971e32f1b Code improvements for includes/ **only** directory
This code improvements seeks to improve on code readability, consistency,
maintainability and efficiency.

Change-Id: I4f07886044e9a75824f9e7ddad039f3112b1c4a1
2019-03-05 18:58:52 +01:00
Umherirrender fdc2b42b2b Declare class properties in Formatter and WikiRequest
Change-Id: Iaf4c2f7bb75896d3daafbb445f7b5f6341543f8e
2019-02-18 19:25:56 +00:00
Roan Kattouw 55a5823d45 Add cross-wiki proxying to the action=markasread API
Add support for POST requests and tokens to EchoForeignRequest
and ApiCrossWiki, and add the ApiCrossWiki trait to ApiEchoMarkRead.

Change-Id: Idadaacd0d0c4a957bf2499049fc105a60c73bc52
2018-09-03 08:07:39 -07:00
Umherirrender 2cd8d9d0eb Split long lines over 140 chars
This makes the code easier to read even on big screens

Change-Id: I14bfb97b2986f389ad11a6ddc97ba61468774782
2018-08-25 12:51:14 +02:00
Thiemo Kreuz c1c3c7b672 Make "@… array" type hints more specific
There are about 200 of such generic "array" type hints in this code base,
the majority in @param tags. I started with what I found most relevant:
@var and @return tags. I might continue working on this later, but
wanted to stop for now to keep this patch moderately small.

Change-Id: Iff0d9590a794ae0f885466ef6bb336b0b42a6cd3
2018-08-13 09:27:37 +02:00
Thiemo Kreuz 75a55b80ee Remove some non-helpful lines of documentation
Explaining that a variable named "$username" contains a "username" is
not helpful. One have to read this comment first to understand that it
does not add anything to what's already obvious from the variable name
and the type.

Change-Id: I9a43866498d0c94422caf16233f502320a8e36c9
2018-07-06 15:14:44 +00:00
libraryupgrader d1ef3a9514 build: Updating mediawiki/mediawiki-codesniffer to 20.0.0
Change-Id: I69d6907eadd607cbeaef63d813ef79aea4e7983c
2018-05-26 02:15:41 +00:00
Kunal Mehta aaf061c725 build: Updating mediawiki/mediawiki-codesniffer to 0.9.0
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.FunctionComment.ExtraParamComment
* MediaWiki.Commenting.FunctionComment.MissingParamComment
* MediaWiki.Commenting.FunctionComment.MissingParamName
* MediaWiki.Commenting.FunctionComment.MissingParamTag
* MediaWiki.Commenting.FunctionComment.MissingReturn
* MediaWiki.Commenting.FunctionComment.ParamNameNoMatch
* MediaWiki.Commenting.FunctionComment.WrongStyle
* MediaWiki.FunctionComment.Missing.Protected
* MediaWiki.FunctionComment.Missing.Public
* MediaWiki.NamingConventions.LowerCamelFunctionsName.FunctionName
* MediaWiki.WhiteSpace.SpaceBeforeSingleLineComment.NewLineComment

Change-Id: I8401abf121a7413fa191d7bc535e0ddd6cf8c3f7
2017-06-22 14:13:28 +00:00
James D. Forrester 8c810dff48 build: Update mediawiki/mediawiki-codesniffer to 0.7.1
Also added "composer fix" command.

Change-Id: I25cb61b3b92798f1259d1575a336e2b056d5764f
2016-12-05 15:54:30 -08:00
Matthew Flaschen c1365be90d Fix typo (canUseCentralAuthl -> canUseCentralAuth)
Change-Id: Ic27240df0744c6025e7b1922d31250377f0a2bc4
2016-07-19 10:16:57 -07:00
Roan Kattouw 83a181ce9c ForeignWikiRequest: Also check User::isSafeToLoad()
Check it for both $wgUser and $this->user because they
could theoretically be different.

Bug: T139665
Change-Id: I59cb4f0122a9fccb32ca165fda065dee2467b1da
2016-07-18 14:49:43 -07:00
Matthew Flaschen 8f7499286d getCentralAuthToken back to protected.
This was for testing, I didn't mean to commit it.

Follow up 03262edf24

Change-Id: Ia5e8ec482d5b32891de67fe3da6e8c52cca099e9
2016-07-12 18:45:31 -04:00
Matthew Flaschen e578bb4ab4 CentralAuth: Bail if not fully initialized
Bug: T140144
Change-Id: I2bc242e98f864af50af5545424a4da318abc360f
2016-07-12 16:31:53 -04:00
Matthew Flaschen 03262edf24 Troubleshoot why Echo is still triggering CA failures
If we have a central ID, in theory it should not trigger
CA failures when getting a token.  However, it is, so maybe:

* This is the wrong way of checking attached-ness.
* It is somehow losing the central ID later.

or something else is going on.

Bug: T140144
Bug: T119736
Change-Id: I71c6f121a728e503aa9d62778e64c650cd8d46af
2016-07-12 15:07:01 -04:00
Roan Kattouw e63b8799a4 ForeignWikiRequest: Bail early for non-global users
Attempting to get a CentralAuth token for an unattached
user (or a user mid-attachment) throws an exception.

Bug: T119736
Change-Id: I2a34754f55b952f5bcd4da6c6f89a32ebc29ecf1
2016-07-12 09:05:30 +02:00
Roan Kattouw 05e531c7b6 Factor out cross-wiki API request code
Change-Id: Id926a607b99103d4489d1b734e00d104b7e80233
2016-06-08 22:35:57 +02:00