mnalis/apps-android-commons
1
0
Fork 0
mirror of https://github.com/commons-app/apps-android-commons.git synced 2025-10-26 20:33:53 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Use central auth token only for cross wiki calls (#2318)

Browse source 
* Use central auth token only for cross wiki calls

* Fix tests

* Add test for wikidata edit token
This commit is contained in:
Vivek Maskara 2019-01-25 13:44:41 +05:30 committed by Josephine Lim
parent de9611821b
commit 68ae11e37f
3 changed files with 24 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

6
app/src/main/java/fr/free/nrw/commons/mwapi/ApacheHttpClientMediaWikiApi.java
View file

@ -230,7 +230,6 @@ public class ApacheHttpClientMediaWikiApi implements MediaWikiApi {
@Override
public String getEditToken() throws IOException {
String editToken = api.action("query")
.param("centralauthtoken", getCentralAuthToken())
.param("meta", "tokens")
.post()
.getString("/api/query/tokens/@csrftoken");
@ -288,7 +287,6 @@ public class ApacheHttpClientMediaWikiApi implements MediaWikiApi {
return api.action("edit")
.param("title", filename)
.param("token", getEditToken())
.param("centralauthtoken", getCentralAuthToken())
.param("text", processedPageContent)
.param("summary", summary)
.post()
@ -302,7 +300,6 @@ public class ApacheHttpClientMediaWikiApi implements MediaWikiApi {
return api.action("edit")
.param("title", filename)
.param("token", getEditToken())
.param("centralauthtoken", getCentralAuthToken())
.param("appendtext", processedPageContent)
.param("summary", summary)
.post()
@ -315,7 +312,6 @@ public class ApacheHttpClientMediaWikiApi implements MediaWikiApi {
return api.action("edit")
.param("title", filename)
.param("token", getEditToken())
.param("centralauthtoken", getCentralAuthToken())
.param("prependtext", processedPageContent)
.param("summary", summary)
.post()
@ -895,7 +891,7 @@ public class ApacheHttpClientMediaWikiApi implements MediaWikiApi {
Uri contentProviderUri,
final ProgressListener progressListener) throws IOException {
CustomApiResult result = api.upload(filename, file, dataLength, pageContents, editSummary, getCentralAuthToken(), getEditToken(), progressListener::onProgress);
CustomApiResult result = api.upload(filename, file, dataLength, pageContents, editSummary, getEditToken(), progressListener::onProgress);
Timber.d("Result: %s", result.toString());

11
app/src/main/java/fr/free/nrw/commons/mwapi/CustomMwApi.java
View file

@ -131,20 +131,19 @@ public class CustomMwApi {
}
}
public CustomApiResult upload(String filename, InputStream file, long length, String text, String comment, String centralAuthToken, String token) throws IOException {
return this.upload(filename, file, length, text, comment,centralAuthToken, token, null);
public CustomApiResult upload(String filename, InputStream file, long length, String text, String comment, String token) throws IOException {
return this.upload(filename, file, length, text, comment, token, null);
}
public CustomApiResult upload(String filename, InputStream file, String text, String comment, String centralAuthToken, String token) throws IOException {
return this.upload(filename, file, -1, text, comment,centralAuthToken, token, null);
public CustomApiResult upload(String filename, InputStream file, String text, String comment, String token) throws IOException {
return this.upload(filename, file, -1, text, comment, token, null);
}
public CustomApiResult upload(String filename, InputStream file, long length, String text, String comment, String centralAuthToken, String token, ProgressListener uploadProgressListener) throws IOException {
public CustomApiResult upload(String filename, InputStream file, long length, String text, String comment, String token, ProgressListener uploadProgressListener) throws IOException {
Timber.d("Initiating upload for file %s", filename);
Http.HttpRequestBuilder builder = Http.multipart(apiURL)
.data("action", "upload")
.data("token", token)
.data("centralauthtoken", centralAuthToken)
.data("text", text)
.data("ignorewarnings", "1")
.data("comment", comment)

20
app/src/test/kotlin/fr/free/nrw/commons/mwapi/ApacheHttpClientMediaWikiApiTest.kt
View file

@ -186,11 +186,27 @@ class ApacheHttpClientMediaWikiApiTest {
@Test
fun editToken() {
server.enqueue(MockResponse().setBody("<?xml version=\"1.0\"?><api><centralauthtoken centralauthtoken=\"abc\" /></api>"))
server.enqueue(MockResponse().setBody("<?xml version=\"1.0\"?><api><query><tokens csrftoken=\"baz\" /></query></api>"))
val result = testObject.editToken
assertBasicRequestParameters(server, "POST").let { editTokenRequest ->
parseBody(editTokenRequest.body.readUtf8()).let { body ->
assertEquals("query", body["action"])
assertEquals("tokens", body["meta"])
}
}
assertEquals("baz", result)
}
@Test
fun getWikidataEditToken() {
server.enqueue(MockResponse().setBody("<?xml version=\"1.0\"?><api><centralauthtoken centralauthtoken=\"abc\" /></api>"))
wikidataServer.enqueue(MockResponse().setBody("<?xml version=\"1.0\"?><api><query><tokens csrftoken=\"baz\" /></query></api>"))
val result = testObject.wikidataCsrfToken
assertBasicRequestParameters(server, "GET").let { centralAuthTokenRequest ->
parseQueryParams(centralAuthTokenRequest).let { params ->
assertEquals("xml", params["format"])
@ -198,7 +214,7 @@ class ApacheHttpClientMediaWikiApiTest {
}
}
assertBasicRequestParameters(server, "POST").let { editTokenRequest ->
assertBasicRequestParameters(wikidataServer, "POST").let { editTokenRequest ->
parseBody(editTokenRequest.body.readUtf8()).let { body ->
assertEquals("query", body["action"])
assertEquals("abc", body["centralauthtoken"])