phorge-phorge/src/applications/conduit/controller/PhabricatorConduitTokenHandshakeController.php

<?php

final class PhabricatorConduitTokenHandshakeController
  extends PhabricatorConduitController {

  public function handleRequest(AphrontRequest $request) {
    $viewer = $request->getViewer();

    id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
      $viewer,
      $request,
      '/');

    $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
      $token = PhabricatorConduitToken::initializeNewToken(
        $viewer->getPHID(),
        PhabricatorConduitToken::TYPE_COMMANDLINE);
      $token->save();
    unset($unguarded);

    $form = id(new AphrontFormView())
      ->setUser($viewer)
      ->appendRemarkupInstructions(
        pht(
          'Copy-paste the API Token below to grant access to your account.'))
      ->appendChild(
        id(new AphrontFormTextControl())
          ->setLabel(pht('API Token'))
          ->setValue($token->getToken()))
      ->appendRemarkupInstructions(
        pht(
          'This will authorize the requesting script to act on your behalf '.
          'permanently, like giving the script your account password.'))
      ->appendRemarkupInstructions(
        pht(
          'If you change your mind, you can revoke this token later in '.
          '{nav icon=wrench,name=Settings > Conduit API Tokens}.'));

    return $this->newDialog()
      ->setTitle(pht('Grant Account Access'))
      ->setWidth(AphrontDialogView::WIDTH_FULL)
      ->appendForm($form)
      ->addCancelButton('/');
  }

}
Add conduit.getcapabilities and a modern CLI handshake workflow Summary: Ref T5955. - Add `conduit.getcapabilities` to help arc (and other clients) determine formats, protocols, etc., the server supports. - Fixes T3117. Add a more modern version of the handshake workflow that allows all generated tokens to remain valid for an hour. - Generally, add a CLI token type. This token type expires after an hour when generated, then becomes permanent if used. Test Plan: - See D10988. - Ran `conduit.getcapabilities` and inspected output. Reviewers: btrahan Reviewed By: btrahan Subscribers: epriestley Maniphest Tasks: T3117, T5955 Differential Revision: https://secure.phabricator.com/D10989 2014-12-15 20:14:53 +01:00			`<?php`

			`final class PhabricatorConduitTokenHandshakeController`
			`extends PhabricatorConduitController {`

			`public function handleRequest(AphrontRequest $request) {`
			`$viewer = $request->getViewer();`

			`id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(`
			`$viewer,`
			`$request,`
			`'/');`

			`$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();`
			`$token = PhabricatorConduitToken::initializeNewToken(`
			`$viewer->getPHID(),`
			`PhabricatorConduitToken::TYPE_COMMANDLINE);`
			`$token->save();`
			`unset($unguarded);`

			`$form = id(new AphrontFormView())`
			`->setUser($viewer)`
			`->appendRemarkupInstructions(`
			`pht(`
			`'Copy-paste the API Token below to grant access to your account.'))`
			`->appendChild(`
			`id(new AphrontFormTextControl())`
			`->setLabel(pht('API Token'))`
			`->setValue($token->getToken()))`
			`->appendRemarkupInstructions(`
			`pht(`
			`'This will authorize the requesting script to act on your behalf '.`
			`'permanently, like giving the script your account password.'))`
			`->appendRemarkupInstructions(`
			`pht(`
			`'If you change your mind, you can revoke this token later in '.`
			`'{nav icon=wrench,name=Settings > Conduit API Tokens}.'));`

			`return $this->newDialog()`
			`->setTitle(pht('Grant Account Access'))`
			`->setWidth(AphrontDialogView::WIDTH_FULL)`
			`->appendForm($form)`
			`->addCancelButton('/');`
			`}`

			`}`