php/html/ApiQueryTokens_8php_source.html

00001 <?php
00034 class ApiQueryTokens extends ApiQueryBase {
00035
00036     public function execute() {
00037         $params = $this->extractRequestParams();
00038         $res = array();
00039
00040         if ( $this->getMain()->getRequest()->getVal( 'callback' ) !== null ) {
00041             $this->setWarning( 'Tokens may not be obtained when using a callback' );
00042             return;
00043         }
00044
00045         $salts = self::getTokenTypeSalts();
00046         foreach ( $params['type'] as $type ) {
00047             $salt = $salts[$type];
00048             $val = $this->getUser()->getEditToken( $salt, $this->getRequest() );
00049             $res[$type . 'token'] = $val;
00050         }
00051
00052         $this->getResult()->addValue( 'query', $this->getModuleName(), $res );
00053     }
00054
00055     public static function getTokenTypeSalts() {
00056         static $salts = null;
00057         if ( !$salts ) {
00058             wfProfileIn( __METHOD__ );
00059             $salts = array(
00060                 'csrf' => '',
00061                 'watch' => 'watch',
00062                 'patrol' => 'patrol',
00063                 'rollback' => 'rollback',
00064                 'userrights' => 'userrights',
00065             );
00066             wfRunHooks( 'ApiQueryTokensRegisterTypes', array( &$salts ) );
00067             ksort( $salts );
00068             wfProfileOut( __METHOD__ );
00069         }
00070
00071         return $salts;
00072     }
00073
00074     public function getAllowedParams() {
00075         return array(
00076             'type' => array(
00077                 ApiBase::PARAM_DFLT => 'csrf',
00078                 ApiBase::PARAM_ISMULTI => true,
00079                 ApiBase::PARAM_TYPE => array_keys( self::getTokenTypeSalts() ),
00080             ),
00081         );
00082     }
00083
00084     public function getParamDescription() {
00085         return array(
00086             'type' => 'Type of token(s) to request'
00087         );
00088     }
00089
00090     public function getDescription() {
00091         return 'Gets tokens for data-modifying actions.';
00092     }
00093
00094     protected function getExamples() {
00095         return array(
00096             'api.php?action=query&meta=tokens' => 'Retrieve a csrf token (the default)',
00097             'api.php?action=query&meta=tokens&type=watch|patrol' => 'Retrieve a watch token and a patrol token'
00098         );
00099     }
00100
00101     public function getCacheMode( $params ) {
00102         return 'private';
00103     }
00104 }