phorge-phorge/src/applications/conduit/controller/PhabricatorConduitTokenController.php

<?php

final class PhabricatorConduitTokenController
  extends PhabricatorConduitController {

  public function processRequest() {
    $user = $this->getRequest()->getUser();

    id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
      $user,
      $this->getRequest(),
      '/');

    // Ideally we'd like to verify this, but it's fine to leave it unguarded
    // for now and verifying it would need some Ajax junk or for the user to
    // click a button or similar.
    $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();

    $old_token = id(new PhabricatorConduitCertificateToken())
      ->loadOneWhere(
        'userPHID = %s',
        $user->getPHID());
    if ($old_token) {
      $old_token->delete();
    }

    $token = id(new PhabricatorConduitCertificateToken())
      ->setUserPHID($user->getPHID())
      ->setToken(Filesystem::readRandomCharacters(40))
      ->save();

    unset($unguarded);

    $pre_instructions = pht(
      'Copy and paste this token into the prompt given to you by '.
      '`arc install-certificate`');

    $post_instructions = pht(
      'After you copy and paste this token, `arc` will complete '.
      'the certificate install process for you.');

    Javelin::initBehavior('select-on-click');

    $form = id(new AphrontFormView())
      ->setUser($user)
      ->appendRemarkupInstructions($pre_instructions)
      ->appendChild(
        id(new AphrontFormTextAreaControl())
          ->setLabel(pht('Token'))
          ->setHeight(AphrontFormTextAreaControl::HEIGHT_VERY_SHORT)
          ->setReadonly(true)
          ->setSigil('select-on-click')
          ->setValue($token->getToken()))
      ->appendRemarkupInstructions($post_instructions);

    $crumbs = $this->buildApplicationCrumbs();
    $crumbs->addTextCrumb(pht('Install Certificate'));

    $object_box = id(new PHUIObjectBoxView())
      ->setHeaderText(pht('Certificate Token'))
      ->setForm($form);

    return $this->buildApplicationPage(
      array(
        $crumbs,
        $object_box,
      ),
      array(
        'title' => pht('Certificate Install Token'),
      ));
  }

}
"arc install-certificate", server-side components Summary: Provides a new workflow for making it non-horrible to install certificates. Basically you run "arc install-certificate" and then copy/paste a short token off a webpage and it does the ~/.arcrc edits for you. Test Plan: Installed certificates, used bad tokens, hit rate limiting. Reviewed By: aran Reviewers: aran, jungejason, tuomaspelkonen CC: aran Differential Revision: 460 2011-06-14 21:17:14 +02:00			`<?php`

Add "final" to all Phabricator "Controller" classes Summary: These are all unambiguously unextensible. Issues I hit: - Maniphest Change/Diff controllers, just consolidated them. - Some search controllers incorrectly extend from "Search" but should extend from "SearchBase". This has no runtime effects. - D1836 introduced a closure, which we don't handle correctly (somewhat on purpose; we target PHP 5.2). See T962. Test Plan: Ran "testEverythingImplemented" unit test to identify classes extending from `final` classes. Resolved issues. Reviewers: btrahan Reviewed By: btrahan CC: aran, epriestley Maniphest Tasks: T795 Differential Revision: https://secure.phabricator.com/D1843 2012-03-10 00:46:25 +01:00			`final class PhabricatorConduitTokenController`
			`extends PhabricatorConduitController {`
"arc install-certificate", server-side components Summary: Provides a new workflow for making it non-horrible to install certificates. Basically you run "arc install-certificate" and then copy/paste a short token off a webpage and it does the ~/.arcrc edits for you. Test Plan: Installed certificates, used bad tokens, hit rate limiting. Reviewed By: aran Reviewers: aran, jungejason, tuomaspelkonen CC: aran Differential Revision: 460 2011-06-14 21:17:14 +02:00
			`public function processRequest() {`
			`$user = $this->getRequest()->getUser();`

Make many actions require high security Summary: Ref T4398. Protects these actions behind a security barrier: - Link external account. - Retrieve Conduit token. - Reveal Passphrase credential. - Create user. - Admin/de-admin user. - Rename user. - Show conduit certificate. - Make primary email. - Change password. - Change VCS password. - Add SSH key. - Generate SSH key. Test Plan: Tried to take each action and was prompted for two-factor. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T4398 Differential Revision: https://secure.phabricator.com/D8921 2014-05-01 02:44:59 +02:00			`id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(`
			`$user,`
			`$this->getRequest(),`
			`'/');`

Unguard another safe write in Conduit token generation. 2011-08-17 21:00:35 +02:00			`// Ideally we'd like to verify this, but it's fine to leave it unguarded`
			`// for now and verifying it would need some Ajax junk or for the user to`
			`// click a button or similar.`
			`$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();`

"arc install-certificate", server-side components Summary: Provides a new workflow for making it non-horrible to install certificates. Basically you run "arc install-certificate" and then copy/paste a short token off a webpage and it does the ~/.arcrc edits for you. Test Plan: Installed certificates, used bad tokens, hit rate limiting. Reviewed By: aran Reviewers: aran, jungejason, tuomaspelkonen CC: aran Differential Revision: 460 2011-06-14 21:17:14 +02:00			`$old_token = id(new PhabricatorConduitCertificateToken())`
			`->loadOneWhere(`
			`'userPHID = %s',`
			`$user->getPHID());`
			`if ($old_token) {`
			`$old_token->delete();`
			`}`

			`$token = id(new PhabricatorConduitCertificateToken())`
			`->setUserPHID($user->getPHID())`
Replace callsites to sha1() that use it to asciify entropy with Filesystem::readRandomCharacters() Summary: See T547. To improve auditability of use of crypto-sensitive hash functions, use Filesystem::readRandomCharacters() in place of sha1(Filesystem::readRandomBytes()) when we're just generating random ASCII strings. Test Plan: - Generated a new PHID. - Logged out and logged back in (to test sessions). - Regenerated Conduit certificate. - Created a new task, verified mail key generated sensibly. - Created a new revision, verified mail key generated sensibly. - Ran "arc list", got blocked, installed new certificate, ran "arc list" again. Reviewers: jungejason, nh, tuomaspelkonen, aran, benmathews Reviewed By: jungejason CC: aran, epriestley, jungejason Differential Revision: 1000 2011-10-11 04:22:30 +02:00			`->setToken(Filesystem::readRandomCharacters(40))`
"arc install-certificate", server-side components Summary: Provides a new workflow for making it non-horrible to install certificates. Basically you run "arc install-certificate" and then copy/paste a short token off a webpage and it does the ~/.arcrc edits for you. Test Plan: Installed certificates, used bad tokens, hit rate limiting. Reviewed By: aran Reviewers: aran, jungejason, tuomaspelkonen CC: aran Differential Revision: 460 2011-06-14 21:17:14 +02:00			`->save();`

Modernize most Conduit console interfaces Summary: Ref T603. Ref T2625. Long chain of "doing the right thing" here: I want to clean this up, so I can clean up the Conduit logs, so I can add a setup issue for deprecated method calls, so I can remove deprecated methods, so I can get rid of `DifferentialRevisionListData`, so I can make Differntial policy-aware. Adds modern infrastructure and UI to all of the Conduit interfaces (except only partially for the logs, that will be the next diff). Test Plan: {F48201} {F48202} {F48203} {F48204} {F48206} This will get further updates in the next diff: {F48205} Reviewers: btrahan, chad Reviewed By: chad CC: aran Maniphest Tasks: T603, T2625 Differential Revision: https://secure.phabricator.com/D6331 2013-07-01 21:36:34 +02:00			`unset($unguarded);`

			`$pre_instructions = pht(`
			`'Copy and paste this token into the prompt given to you by '.`
			'`arc install-certificate`');

			`$post_instructions = pht(`
			'After you copy and paste this token, `arc` will complete '.
			`'the certificate install process for you.');`

Make conduit certificate readonly and select-on-click Summary: See comments in <https://secure.phabricator.com/D6331#comment-3> -- make the Conduit Token and Conduit Certificate interfaces readonly and select-on-click. Test Plan: - Viewed `/conduit/token/`, verified it was readonly and selected on click. - Viewed `/settings/panel/conduit/`, likewise. Reviewers: Avish, btrahan, wotte Reviewed By: btrahan CC: aran Differential Revision: https://secure.phabricator.com/D7819 2013-12-23 19:43:53 +01:00			`Javelin::initBehavior('select-on-click');`

Modernize most Conduit console interfaces Summary: Ref T603. Ref T2625. Long chain of "doing the right thing" here: I want to clean this up, so I can clean up the Conduit logs, so I can add a setup issue for deprecated method calls, so I can remove deprecated methods, so I can get rid of `DifferentialRevisionListData`, so I can make Differntial policy-aware. Adds modern infrastructure and UI to all of the Conduit interfaces (except only partially for the logs, that will be the next diff). Test Plan: {F48201} {F48202} {F48203} {F48204} {F48206} This will get further updates in the next diff: {F48205} Reviewers: btrahan, chad Reviewed By: chad CC: aran Maniphest Tasks: T603, T2625 Differential Revision: https://secure.phabricator.com/D6331 2013-07-01 21:36:34 +02:00			`$form = id(new AphrontFormView())`
			`->setUser($user)`
			`->appendRemarkupInstructions($pre_instructions)`
			`->appendChild(`
			`id(new AphrontFormTextAreaControl())`
			`->setLabel(pht('Token'))`
			`->setHeight(AphrontFormTextAreaControl::HEIGHT_VERY_SHORT)`
Make conduit certificate readonly and select-on-click Summary: See comments in <https://secure.phabricator.com/D6331#comment-3> -- make the Conduit Token and Conduit Certificate interfaces readonly and select-on-click. Test Plan: - Viewed `/conduit/token/`, verified it was readonly and selected on click. - Viewed `/settings/panel/conduit/`, likewise. Reviewers: Avish, btrahan, wotte Reviewed By: btrahan CC: aran Differential Revision: https://secure.phabricator.com/D7819 2013-12-23 19:43:53 +01:00			`->setReadonly(true)`
			`->setSigil('select-on-click')`
Modernize most Conduit console interfaces Summary: Ref T603. Ref T2625. Long chain of "doing the right thing" here: I want to clean this up, so I can clean up the Conduit logs, so I can add a setup issue for deprecated method calls, so I can remove deprecated methods, so I can get rid of `DifferentialRevisionListData`, so I can make Differntial policy-aware. Adds modern infrastructure and UI to all of the Conduit interfaces (except only partially for the logs, that will be the next diff). Test Plan: {F48201} {F48202} {F48203} {F48204} {F48206} This will get further updates in the next diff: {F48205} Reviewers: btrahan, chad Reviewed By: chad CC: aran Maniphest Tasks: T603, T2625 Differential Revision: https://secure.phabricator.com/D6331 2013-07-01 21:36:34 +02:00			`->setValue($token->getToken()))`
			`->appendRemarkupInstructions($post_instructions);`

			`$crumbs = $this->buildApplicationCrumbs();`
Provide convenience method addTextCrumb() to PhabricatorCrumbsView Summary: We currently have a lot of calls to `addCrumb(id(new PhabricatorCrumbView())->...)` which can be expressed much more simply with a convenience method. Nearly all crumbs are only textual. Test Plan: - This was mostly automated, then I cleaned up a few unusual sites manually. - Bunch of grep / randomly clicking around. Reviewers: btrahan, chad Reviewed By: btrahan CC: hach-que, aran Differential Revision: https://secure.phabricator.com/D7787 2013-12-19 02:47:34 +01:00			`$crumbs->addTextCrumb(pht('Install Certificate'));`
Modernize most Conduit console interfaces Summary: Ref T603. Ref T2625. Long chain of "doing the right thing" here: I want to clean this up, so I can clean up the Conduit logs, so I can add a setup issue for deprecated method calls, so I can remove deprecated methods, so I can get rid of `DifferentialRevisionListData`, so I can make Differntial policy-aware. Adds modern infrastructure and UI to all of the Conduit interfaces (except only partially for the logs, that will be the next diff). Test Plan: {F48201} {F48202} {F48203} {F48204} {F48206} This will get further updates in the next diff: {F48205} Reviewers: btrahan, chad Reviewed By: chad CC: aran Maniphest Tasks: T603, T2625 Differential Revision: https://secure.phabricator.com/D6331 2013-07-01 21:36:34 +02:00
Add ObjectBox to Condiut Cert Page Summary: adds a box, Fixes T4033 Test Plan: look at box Reviewers: epriestley Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T4033 Differential Revision: https://secure.phabricator.com/D7437 2013-10-29 22:54:10 +01:00			`$object_box = id(new PHUIObjectBoxView())`
			`->setHeaderText(pht('Certificate Token'))`
			`->setForm($form);`

Modernize most Conduit console interfaces Summary: Ref T603. Ref T2625. Long chain of "doing the right thing" here: I want to clean this up, so I can clean up the Conduit logs, so I can add a setup issue for deprecated method calls, so I can remove deprecated methods, so I can get rid of `DifferentialRevisionListData`, so I can make Differntial policy-aware. Adds modern infrastructure and UI to all of the Conduit interfaces (except only partially for the logs, that will be the next diff). Test Plan: {F48201} {F48202} {F48203} {F48204} {F48206} This will get further updates in the next diff: {F48205} Reviewers: btrahan, chad Reviewed By: chad CC: aran Maniphest Tasks: T603, T2625 Differential Revision: https://secure.phabricator.com/D6331 2013-07-01 21:36:34 +02:00			`return $this->buildApplicationPage(`
			`array(`
			`$crumbs,`
Add ObjectBox to Condiut Cert Page Summary: adds a box, Fixes T4033 Test Plan: look at box Reviewers: epriestley Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T4033 Differential Revision: https://secure.phabricator.com/D7437 2013-10-29 22:54:10 +01:00			`$object_box,`
Modernize most Conduit console interfaces Summary: Ref T603. Ref T2625. Long chain of "doing the right thing" here: I want to clean this up, so I can clean up the Conduit logs, so I can add a setup issue for deprecated method calls, so I can remove deprecated methods, so I can get rid of `DifferentialRevisionListData`, so I can make Differntial policy-aware. Adds modern infrastructure and UI to all of the Conduit interfaces (except only partially for the logs, that will be the next diff). Test Plan: {F48201} {F48202} {F48203} {F48204} {F48206} This will get further updates in the next diff: {F48205} Reviewers: btrahan, chad Reviewed By: chad CC: aran Maniphest Tasks: T603, T2625 Differential Revision: https://secure.phabricator.com/D6331 2013-07-01 21:36:34 +02:00			`),`
"arc install-certificate", server-side components Summary: Provides a new workflow for making it non-horrible to install certificates. Basically you run "arc install-certificate" and then copy/paste a short token off a webpage and it does the ~/.arcrc edits for you. Test Plan: Installed certificates, used bad tokens, hit rate limiting. Reviewed By: aran Reviewers: aran, jungejason, tuomaspelkonen CC: aran Differential Revision: 460 2011-06-14 21:17:14 +02:00			`array(`
Modernize most Conduit console interfaces Summary: Ref T603. Ref T2625. Long chain of "doing the right thing" here: I want to clean this up, so I can clean up the Conduit logs, so I can add a setup issue for deprecated method calls, so I can remove deprecated methods, so I can get rid of `DifferentialRevisionListData`, so I can make Differntial policy-aware. Adds modern infrastructure and UI to all of the Conduit interfaces (except only partially for the logs, that will be the next diff). Test Plan: {F48201} {F48202} {F48203} {F48204} {F48206} This will get further updates in the next diff: {F48205} Reviewers: btrahan, chad Reviewed By: chad CC: aran Maniphest Tasks: T603, T2625 Differential Revision: https://secure.phabricator.com/D6331 2013-07-01 21:36:34 +02:00			`'title' => pht('Certificate Install Token'),`
"arc install-certificate", server-side components Summary: Provides a new workflow for making it non-horrible to install certificates. Basically you run "arc install-certificate" and then copy/paste a short token off a webpage and it does the ~/.arcrc edits for you. Test Plan: Installed certificates, used bad tokens, hit rate limiting. Reviewed By: aran Reviewers: aran, jungejason, tuomaspelkonen CC: aran Differential Revision: 460 2011-06-14 21:17:14 +02:00			`));`
			`}`
Remove `@group` annotations Summary: I'm pretty sure that `@group` annotations are useless now... see D9855. Also fixed various other minor issues. Test Plan: Eye-ball it. Reviewers: #blessed_reviewers, epriestley, chad Reviewed By: #blessed_reviewers, epriestley Subscribers: epriestley, Korvin, hach-que Differential Revision: https://secure.phabricator.com/D9859 2014-07-10 00:12:48 +02:00
"arc install-certificate", server-side components Summary: Provides a new workflow for making it non-horrible to install certificates. Basically you run "arc install-certificate" and then copy/paste a short token off a webpage and it does the ~/.arcrc edits for you. Test Plan: Installed certificates, used bad tokens, hit rate limiting. Reviewed By: aran Reviewers: aran, jungejason, tuomaspelkonen CC: aran Differential Revision: 460 2011-06-14 21:17:14 +02:00			`}`