| From 9166f1db0d070e06c6f29a9e395bfa55bddfed5d Mon Sep 17 00:00:00 2001 | |
| From: csteipp <[email protected]> | |
| Date: Thu, 18 Jun 2015 15:57:44 -0700 | |
| Subject: [PATCH] Check IP when communicating with Consumer | |
| Check IP restriction whenever validating an OAuth request. | |
| Bug: T103022 | |
| Change-Id: Id4d9d42ff0c39fb66dd9b55383b48d754af87b4c | |
| --- | |
| backend/MWOAuthServer.php | 11 +++++++++++ | |
| 1 file changed, 11 insertions(+) | |
| diff --git a/backend/MWOAuthServer.php b/backend/MWOAuthServer.php | |
| index 69c10b5..b05dd51 100644 | |
| --- a/backend/MWOAuthServer.php | |
| +++ b/backend/MWOAuthServer.php | |
| @@ -132,6 +132,17 @@ class MWOAuthServer extends OAuthServer { | |
| } | |
| /** | |
| + * Wrap the call to the parent function and check that the source IP of | |
| + * the request is allowed by this consumer's restrictions. | |
| + * @return array | |
| + */ | |
| + public function verify_request( &$request ) { | |
| + list( $consumer, $token ) = parent::verify_request( $request ); | |
| + $this->checkSourceIP( $consumer, $request ); | |
| + return array( $consumer, $token ); | |
| + } | |
| + | |
| + /** | |
| * Ensure the request comes from an approved IP address, if IP restriction has been | |
| * setup by the Consumer. It throws an exception if IP address is invalid. | |
| * | |
| -- | |
| 1.8.4.5 | |
File Metadata
File Metadata
- Mime Type
- text/x-diff
- Storage Engine
- blob
- Storage Format
- Raw Data
- Storage Handle
- 173913
- Default Alt Text
- T103022.patch (1 KB)