Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€

Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€ - Ð ÐµÐ´Ð°ÐºÑ‚Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ - /var/www/html/mediawiki-1.43.1/includes/session/BotPasswordSessionProvider.php

ÐÐ°Ð·Ð°Ð´
<?php /** * Session provider for bot passwords * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License along * with this program; if not, write to the Free Software Foundation, Inc., * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * http://www.gnu.org/copyleft/gpl.html * * @file * @ingroup Session / namespace MediaWiki\Session; use InvalidArgumentException; use MediaWiki\MainConfigNames; use MediaWiki\Permissions\GrantsInfo; use MediaWiki\Request\WebRequest; use MediaWiki\User\BotPassword; use MediaWiki\User\User; use MWRestrictions; /* * Session provider for bot passwords * @since 1.27 / class BotPasswordSessionProvider extends ImmutableSessionProviderWithCookie { /* @var GrantsInfo / private $grantsInfo; /* @var bool Whether the current request is an API request. / private $isApiRequest; /* * @param GrantsInfo $grantsInfo * @param array $params Keys include: * - priority: (required) Set the priority * - sessionCookieName: Session cookie name. Default is '_BPsession'. * - sessionCookieOptions: Options to pass to WebResponse::setCookie(). * - isApiRequest: Whether the current request is an API request. Should be only set in tests. / public function __construct( GrantsInfo $grantsInfo, array $params = [] ) { if ( !isset( $params['sessionCookieName'] ) ) { $params['sessionCookieName'] = '_BPsession'; } parent::__construct( $params ); if ( !isset( $params['priority'] ) ) { throw new InvalidArgumentException( __METHOD__ . ': priority must be specified' ); } if ( $params['priority'] < SessionInfo::MIN_PRIORITY \|\| $params['priority'] > SessionInfo::MAX_PRIORITY ) { throw new InvalidArgumentException( __METHOD__ . ': Invalid priority' ); } $this->priority = $params['priority']; $this->grantsInfo = $grantsInfo; $this->isApiRequest = $params['isApiRequest'] ?? ( defined( 'MW_API' ) \|\| defined( 'MW_REST_API' ) ); } public function provideSessionInfo( WebRequest $request ) { // Only relevant for the (Action or REST) API if ( !$this->isApiRequest ) { return null; } // Enabled? if ( !$this->getConfig()->get( MainConfigNames::EnableBotPasswords ) ) { return null; } // Have a session ID? $id = $this->getSessionIdFromCookie( $request ); if ( $id === null ) { return null; } return new SessionInfo( $this->priority, [ 'provider' => $this, 'id' => $id, 'persisted' => true ] ); } public function newSessionInfo( $id = null ) { // We don't activate by default return null; } /* * Create a new session for a request * @param User $user * @param BotPassword $bp * @param WebRequest $request * @return Session / public function newSessionForRequest( User $user, BotPassword $bp, WebRequest $request ) { $id = $this->getSessionIdFromCookie( $request ); $info = new SessionInfo( SessionInfo::MAX_PRIORITY, [ 'provider' => $this, 'id' => $id, 'userInfo' => UserInfo::newFromUser( $user, true ), 'persisted' => $id !== null, 'metadata' => [ 'centralId' => $bp->getUserCentralId(), 'appId' => $bp->getAppId(), 'token' => $bp->getToken(), 'rights' => $this->grantsInfo->getGrantRights( $bp->getGrants() ), 'restrictions' => $bp->getRestrictions()->toJson(), ], ] ); $session = $this->getManager()->getSessionFromInfo( $info, $request ); $session->persist(); return $session; } /* * @inheritDoc * @phan-param array &$metadata / public function refreshSessionInfo( SessionInfo $info, WebRequest $request, &$metadata ) { $missingKeys = array_diff( [ 'centralId', 'appId', 'token' ], array_keys( $metadata ) ); if ( $missingKeys ) { $this->logger->info( 'Session "{session}": Missing metadata: {missing}', [ 'session' => $info->__toString(), 'missing' => implode( ', ', $missingKeys ), ] ); return false; } $bp = BotPassword::newFromCentralId( $metadata['centralId'], $metadata['appId'] ); if ( !$bp ) { $this->logger->info( 'Session "{session}": No BotPassword for {centralId} {appId}', [ 'session' => $info->__toString(), 'centralId' => $metadata['centralId'], 'appId' => $metadata['appId'], ] ); return false; } if ( !hash_equals( $metadata['token'], $bp->getToken() ) ) { $this->logger->info( 'Session "{session}": BotPassword token check failed', [ 'session' => $info->__toString(), 'centralId' => $metadata['centralId'], 'appId' => $metadata['appId'], ] ); return false; } $status = $bp->getRestrictions()->check( $request ); if ( !$status->isOK() ) { $this->logger->info( 'Session "{session}": Restrictions check failed', [ 'session' => $info->__toString(), 'restrictions' => $status->getValue(), 'centralId' => $metadata['centralId'], 'appId' => $metadata['appId'], ] ); return false; } // Update saved rights $metadata['rights'] = $this->grantsInfo->getGrantRights( $bp->getGrants() ); return true; } /* * @codeCoverageIgnore * @inheritDoc */ public function preventSessionsForUser( $username ) { BotPassword::removeAllPasswordsForUser( $username ); } public function getAllowedUserRights( SessionBackend $backend ) { if ( $backend->getProvider() !== $this ) { throw new InvalidArgumentException( 'Backend\'s provider isn\'t $this' ); } $data = $backend->getProviderMetadata(); if ( $data && isset( $data['rights'] ) && is_array( $data['rights'] ) ) { return $data['rights']; } // Should never happen $this->logger->debug( __METHOD__ . ': No provider metadata, returning no rights allowed' ); return []; } public function getRestrictions( ?array $data ): ?MWRestrictions { if ( $data && isset( $data['restrictions'] ) && is_string( $data['restrictions'] ) ) { try { return MWRestrictions::newFromJson( $data['restrictions'] ); } catch ( InvalidArgumentException $e ) { $this->logger->warning( __METHOD__ . ': Failed to parse restrictions: {restrictions}', [ 'restrictions' => $data['restrictions'] ] ); return null; } } return null; } }

| ver. 1.1 | | . | PHP 8.4.18 | Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ ÑÑ‚Ñ€Ð°Ð½Ð¸Ñ†Ñ‹: 0 | proxy | phpinfo | ÐÐ°ÑÑ‚Ñ€Ð¾Ð¹ÐºÐ°