revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2025-02-23 12:09:12 +01:00
Code Issues Releases Wiki Activity

Remove shield for Conduit API responses

Browse source 
Summary: 'cuz we don't need it and it's lame complexity for API clients of all kinds. Rip the band-aid off now.

Test Plan: used conduit console and verified no more shield. also did some JS stuff around the suite to verify I didn't kill JS

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T891

Differential Revision: https://secure.phabricator.com/D3265
This commit is contained in:
Bob Trahan 2012-08-13 14:49:32 -07:00
parent 0f919ecd3c
commit dd26bc6d1a
3 changed files with 18 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
src/aphront/response/AphrontJSONResponse.php
View file

@ -22,15 +22,31 @@
final class AphrontJSONResponse extends AphrontResponse { final class AphrontJSONResponse extends AphrontResponse {
private $content; private $content;
private $addJSONShield;
public function setContent($content) { public function setContent($content) {
$this->content = $content; $this->content = $content;
return $this; return $this;
} }
public function setAddJSONShield($should_add) {
$this->addJSONShield = $should_add;
return $this;
}
public function shouldAddJSONShield() {
if ($this->addJSONShield === null) {
return true;
}
return (bool) $this->addJSONShield;
}
public function buildResponseString() { public function buildResponseString() {
$response = $this->encodeJSONForHTTPResponse($this->content); $response = $this->encodeJSONForHTTPResponse($this->content);
return $this->addJSONShield($response, $use_javelin_shield = false); if ($this->shouldAddJSONShield()) {
$response = $this->addJSONShield($response, $use_javelin_shield = false);
}
return $response;
} }
public function getHeaders() { public function getHeaders() {
@ -40,5 +56,4 @@ final class AphrontJSONResponse extends AphrontResponse {
$headers = array_merge(parent::getHeaders(), $headers); $headers = array_merge(parent::getHeaders(), $headers);
return $headers; return $headers;
} }
} }

2
src/applications/auth/oauth/provider/PhabricatorOAuthProviderPhabricator.php
View file

@ -104,8 +104,6 @@ extends PhabricatorOAuthProvider {
} }
public function setUserData($data) { public function setUserData($data) {
// need to strip the javascript shield from conduit
$data = substr($data, 8);
$data = idx(json_decode($data, true), 'result'); $data = idx(json_decode($data, true), 'result');
$this->validateUserData($data); $this->validateUserData($data);
$this->userData = $data; $this->userData = $data;

3
src/applications/conduit/controller/PhabricatorConduitAPIController.php
View file

@ -164,6 +164,7 @@ final class PhabricatorConduitAPIController
case 'json': case 'json':
default: default:
return id(new AphrontJSONResponse()) return id(new AphrontJSONResponse())
->setAddJSONShield(false)
->setContent($response->toDictionary()); ->setContent($response->toDictionary());
} }
} }
@ -218,8 +219,6 @@ final class PhabricatorConduitAPIController
} }
// handle oauth // handle oauth
// TODO - T897 (make error codes for OAuth more correct to spec)
// and T891 (strip shield from Conduit response)
$access_token = $request->getStr('access_token'); $access_token = $request->getStr('access_token');
$method_scope = $metadata['scope']; $method_scope = $metadata['scope'];
if ($access_token && if ($access_token &&