mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-23 14:00:56 +01:00
Get rid of file_get_contents($uri)
Summary: It requires `allow_url_fopen` which we don't check in setup and our installation is about to disable it. Test Plan: Login with OAuth. /oauth/facebook/diagnose/ Reviewers: epriestley Reviewed By: epriestley CC: aran, Korvin Differential Revision: https://secure.phabricator.com/D2787
This commit is contained in:
parent
a5b5128be9
commit
c762050b7c
10 changed files with 34 additions and 71 deletions
|
@ -86,21 +86,9 @@ final class PhabricatorOAuthDiagnosticsController
|
||||||
'Application secret is set.');
|
'Application secret is set.');
|
||||||
}
|
}
|
||||||
|
|
||||||
$timeout = stream_context_create(
|
$timeout = 5;
|
||||||
array(
|
|
||||||
'http' => array(
|
|
||||||
'ignore_errors' => true,
|
|
||||||
'timeout' => 5,
|
|
||||||
),
|
|
||||||
));
|
|
||||||
$timeout_strict = stream_context_create(
|
|
||||||
array(
|
|
||||||
'http' => array(
|
|
||||||
'timeout' => 5,
|
|
||||||
),
|
|
||||||
));
|
|
||||||
|
|
||||||
$internet = @file_get_contents("http://google.com/", false, $timeout);
|
$internet = HTTPSFuture::loadContent("http://google.com/", $timeout);
|
||||||
if ($internet === false) {
|
if ($internet === false) {
|
||||||
$results['internet'] = array(
|
$results['internet'] = array(
|
||||||
$res_no,
|
$res_no,
|
||||||
|
@ -116,7 +104,7 @@ final class PhabricatorOAuthDiagnosticsController
|
||||||
|
|
||||||
$test_uris = $provider->getTestURIs();
|
$test_uris = $provider->getTestURIs();
|
||||||
foreach ($test_uris as $uri) {
|
foreach ($test_uris as $uri) {
|
||||||
$success = @file_get_contents($uri, false, $timeout);
|
$success = HTTPSFuture::loadContent($uri, $timeout);
|
||||||
if ($success === false) {
|
if ($success === false) {
|
||||||
$results[$uri] = array(
|
$results[$uri] = array(
|
||||||
$res_no,
|
$res_no,
|
||||||
|
@ -140,22 +128,23 @@ final class PhabricatorOAuthDiagnosticsController
|
||||||
'grant_type' => 'client_credentials',
|
'grant_type' => 'client_credentials',
|
||||||
));
|
));
|
||||||
|
|
||||||
$token_value = @file_get_contents($test_uri, false, $timeout);
|
$future = new HTTPSFuture($test_uri);
|
||||||
$token_strict = @file_get_contents($test_uri, false, $timeout_strict);
|
$future->setTimeout($timeout);
|
||||||
if ($token_value === false) {
|
try {
|
||||||
|
list($body) = $future->resolvex();
|
||||||
$results['App Login'] = array(
|
$results['App Login'] = array(
|
||||||
$res_no,
|
$res_ok,
|
||||||
null,
|
'(A Valid Token)',
|
||||||
"Unable to perform an application login with your Application ID ".
|
"Raw application login to {$name} works.");
|
||||||
"and Application Secret. You may have mistyped or misconfigured ".
|
} catch (Exception $ex) {
|
||||||
"them; {$name} may have revoked your authorization; or {$name} may ".
|
if ($ex instanceof HTTPFutureResponseStatusCURL) {
|
||||||
"be having technical problems.");
|
|
||||||
} else {
|
|
||||||
if ($token_strict) {
|
|
||||||
$results['App Login'] = array(
|
$results['App Login'] = array(
|
||||||
$res_ok,
|
$res_no,
|
||||||
'(A Valid Token)',
|
null,
|
||||||
"Raw application login to {$name} works.");
|
"Unable to perform an application login with your Application ID ".
|
||||||
|
"and Application Secret. You may have mistyped or misconfigured ".
|
||||||
|
"them; {$name} may have revoked your authorization; or {$name} ".
|
||||||
|
"may be having technical problems.");
|
||||||
} else {
|
} else {
|
||||||
$data = json_decode($token_value, true);
|
$data = json_decode($token_value, true);
|
||||||
if (!is_array($data)) {
|
if (!is_array($data)) {
|
||||||
|
|
|
@ -63,7 +63,7 @@ final class PhabricatorOAuthLoginController
|
||||||
$userinfo_uri = (string)$userinfo_uri;
|
$userinfo_uri = (string)$userinfo_uri;
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$user_data = @file_get_contents($userinfo_uri);
|
$user_data = HTTPSFuture::loadContent($userinfo_uri);
|
||||||
if ($user_data === false) {
|
if ($user_data === false) {
|
||||||
throw new PhabricatorOAuthProviderException(
|
throw new PhabricatorOAuthProviderException(
|
||||||
"Request to '{$userinfo_uri}' failed!");
|
"Request to '{$userinfo_uri}' failed!");
|
||||||
|
@ -262,34 +262,13 @@ final class PhabricatorOAuthLoginController
|
||||||
'code' => $code,
|
'code' => $code,
|
||||||
) + $provider->getExtraTokenParameters();
|
) + $provider->getExtraTokenParameters();
|
||||||
|
|
||||||
$post_data = http_build_query($query_data, '', '&');
|
$future = new HTTPSFuture($auth_uri, $query_data);
|
||||||
$post_length = strlen($post_data);
|
$future->setMethod('POST');
|
||||||
|
try {
|
||||||
$stream_context = stream_context_create(
|
list($response) = $future->resolvex();
|
||||||
array(
|
} catch (Exception $ex) {
|
||||||
'http' => array(
|
|
||||||
'method' => 'POST',
|
|
||||||
'header' =>
|
|
||||||
"Content-Type: application/x-www-form-urlencoded\r\n".
|
|
||||||
"Content-Length: {$post_length}\r\n",
|
|
||||||
'content' => $post_data,
|
|
||||||
),
|
|
||||||
));
|
|
||||||
|
|
||||||
$stream = fopen($auth_uri, 'r', false, $stream_context);
|
|
||||||
|
|
||||||
$response = false;
|
|
||||||
$meta = null;
|
|
||||||
if ($stream) {
|
|
||||||
$meta = stream_get_meta_data($stream);
|
|
||||||
$response = stream_get_contents($stream);
|
|
||||||
fclose($stream);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($response === false) {
|
|
||||||
return $this->buildErrorResponse(new PhabricatorOAuthFailureView());
|
return $this->buildErrorResponse(new PhabricatorOAuthFailureView());
|
||||||
}
|
}
|
||||||
|
|
||||||
$data = $provider->decodeTokenResponse($response);
|
$data = $provider->decodeTokenResponse($response);
|
||||||
|
|
||||||
$token = idx($data, 'access_token');
|
$token = idx($data, 'access_token');
|
||||||
|
|
|
@ -124,7 +124,7 @@ final class PhabricatorOAuthProviderDisqus extends PhabricatorOAuthProvider {
|
||||||
if ($avatar) {
|
if ($avatar) {
|
||||||
$uri = idx($avatar, 'permalink');
|
$uri = idx($avatar, 'permalink');
|
||||||
if ($uri) {
|
if ($uri) {
|
||||||
return @file_get_contents($uri);
|
return HTTPSFuture::loadContent($uri);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
|
|
|
@ -111,7 +111,7 @@ final class PhabricatorOAuthProviderFacebook extends PhabricatorOAuthProvider {
|
||||||
|
|
||||||
public function retrieveUserProfileImage() {
|
public function retrieveUserProfileImage() {
|
||||||
$uri = 'https://graph.facebook.com/me/picture?access_token=';
|
$uri = 'https://graph.facebook.com/me/picture?access_token=';
|
||||||
return @file_get_contents($uri.$this->getAccessToken());
|
return HTTPSFuture::loadContent($uri.$this->getAccessToken());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function retrieveUserAccountURI() {
|
public function retrieveUserAccountURI() {
|
||||||
|
|
|
@ -105,7 +105,7 @@ final class PhabricatorOAuthProviderGitHub extends PhabricatorOAuthProvider {
|
||||||
public function retrieveUserProfileImage() {
|
public function retrieveUserProfileImage() {
|
||||||
$uri = idx($this->userData, 'avatar_url');
|
$uri = idx($this->userData, 'avatar_url');
|
||||||
if ($uri) {
|
if ($uri) {
|
||||||
return @file_get_contents($uri);
|
return HTTPSFuture::loadContent($uri);
|
||||||
}
|
}
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
|
@ -126,7 +126,7 @@ extends PhabricatorOAuthProvider {
|
||||||
|
|
||||||
public function retrieveUserProfileImage() {
|
public function retrieveUserProfileImage() {
|
||||||
$uri = $this->userData['image'];
|
$uri = $this->userData['image'];
|
||||||
return @file_get_contents($uri);
|
return HTTPSFuture::loadContent($uri);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function retrieveUserAccountURI() {
|
public function retrieveUserAccountURI() {
|
||||||
|
|
|
@ -203,14 +203,9 @@ final class PhabricatorFile extends PhabricatorFileDAO {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
$timeout = stream_context_create(
|
$timeout = 5;
|
||||||
array(
|
|
||||||
'http' => array(
|
|
||||||
'timeout' => 5,
|
|
||||||
),
|
|
||||||
));
|
|
||||||
|
|
||||||
$file_data = @file_get_contents($uri, false, $timeout);
|
$file_data = HTTPSFuture::loadContent($uri, $timeout);
|
||||||
if ($file_data === false) {
|
if ($file_data === false) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
|
@ -206,7 +206,7 @@ final class PhabricatorUserOAuthSettingsPanelController
|
||||||
$token = $oauth_info->getToken();
|
$token = $oauth_info->getToken();
|
||||||
try {
|
try {
|
||||||
$userinfo_uri->setQueryParam('access_token', $token);
|
$userinfo_uri->setQueryParam('access_token', $token);
|
||||||
$user_data = @file_get_contents($userinfo_uri);
|
$user_data = HTTPSFuture::loadContent($userinfo_uri);
|
||||||
$provider->setUserData($user_data);
|
$provider->setUserData($user_data);
|
||||||
$provider->setAccessToken($token);
|
$provider->setAccessToken($token);
|
||||||
$image = $provider->retrieveUserProfileImage();
|
$image = $provider->retrieveUserProfileImage();
|
||||||
|
|
|
@ -155,8 +155,8 @@ final class PhabricatorSetup {
|
||||||
'iconv',
|
'iconv',
|
||||||
|
|
||||||
// There is a chance we might not need this, but some configurations (like
|
// There is a chance we might not need this, but some configurations (like
|
||||||
// Amazon SES) will require it. Just mark it 'required' since it's widely
|
// OAuth or Amazon SES) will require it. Just mark it 'required' since
|
||||||
// available and relatively core.
|
// it's widely available and relatively core.
|
||||||
'curl',
|
'curl',
|
||||||
);
|
);
|
||||||
foreach ($extensions as $extension) {
|
foreach ($extensions as $extension) {
|
||||||
|
|
|
@ -119,7 +119,7 @@ final class PhabricatorIRCMacroHandler extends PhabricatorIRCHandler {
|
||||||
}
|
}
|
||||||
|
|
||||||
public function rasterize($macro, $size, $aspect) {
|
public function rasterize($macro, $size, $aspect) {
|
||||||
$image = @file_get_contents($macro['uri']);
|
$image = HTTPSFuture::loadContent($macro['uri']);
|
||||||
if (!$image) {
|
if (!$image) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue