jenkins-bot has submitted this change and it was merged. (
https://gerrit.wikimedia.org/r/575038 )
Change subject: [IMPR] Don't trust token from NeedToken response
......................................................................
[IMPR] Don't trust token from NeedToken response
Bug: T224712
Change-Id: I415d9c0d7cc3768e5780ced55ce0a75035cd6615
---
M pywikibot/data/api.py
1 file changed, 32 insertions(+), 2 deletions(-)
Approvals:
Xqt: Looks good to me, approved
jenkins-bot: Verified
diff --git a/pywikibot/data/api.py b/pywikibot/data/api.py
index d65c260..4a31c7f 100644
--- a/pywikibot/data/api.py
+++ b/pywikibot/data/api.py
@@ -3143,7 +3143,8 @@
return ''
elif login_result['login']['result'] == 'NeedToken':
# Kept for backwards compatibility
- token = login_result['login']['token']
+ # Generate a new token if invalid, see T224712
+ token =
self.get_login_token(login_result['login']['token'])
login_request['lgtoken'] = token
continue
elif login_result['login']['result'] == 'Throttled':
@@ -3159,17 +3160,21 @@
"""Ignore data; cookies are set by threadedhttp
module."""
http.cookie_jar.save()
- def get_login_token(self):
+ def get_login_token(self, old_token=None):
"""Fetch login token from action=query&meta=tokens.
Requires MediaWiki >= 1.27.
+ @param old_token: old token to try
+ @type old_token: str
@return: login token
@rtype: str
"""
if self.site.mw_version < '1.27':
raise NotImplementedError('The method get_login_token() requires '
'at least MediaWiki version 1.27.')
+ if old_token and self.check_login_token(old_token) == 'valid':
+ return old_token
login_token_request = self.site._request(
use_get=False,
parameters={'action': 'query', 'meta':
'tokens', 'type': 'login'},
@@ -3177,6 +3182,31 @@
login_token_result = login_token_request.submit()
return
login_token_result['query']['tokens'].get('logintoken')
+ def check_login_token(self, token):
+ """Check login token from action=checktoken.
+
+ Requires MediaWiki >= 1.27.
+
+ @param token: token to check
+ @tyoe token: str
+ @return: token validity status
+ @rtype: str
+ """
+ if self.site.mw_version < '1.27':
+ raise NotImplementedError('The method check_login_token() '
+ 'requires at least MediaWiki '
+ 'version 1.27.')
+ check_token_request = self.site._request(
+ use_get=False,
+ parameters={
+ 'action': 'checktoken',
+ 'type': 'login',
+ 'token': token,
+ },
+ )
+ check_token_result = check_token_request.submit()
+ return check_token_result['checktoken'].get('result')
+
def encode_url(query):
"""
--
To view, visit
https://gerrit.wikimedia.org/r/575038
To unsubscribe, or for help writing mail filters, visit
https://gerrit.wikimedia.org/r/settings
Gerrit-Project: pywikibot/core
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I415d9c0d7cc3768e5780ced55ce0a75035cd6615
Gerrit-Change-Number: 575038
Gerrit-PatchSet: 6
Gerrit-Owner: Dvorapa <dvorapa(a)seznam.cz>
Gerrit-Reviewer: D3r1ck <alangiderick(a)gmail.com>
Gerrit-Reviewer: D3r1ck01 <xsavitar.wiki(a)aol.com>
Gerrit-Reviewer: Dalba <dalba.wiki(a)gmail.com>
Gerrit-Reviewer: Dvorapa <dvorapa(a)seznam.cz>
Gerrit-Reviewer: Framawiki <framawiki(a)tools.wmflabs.org>
Gerrit-Reviewer: Huji <huji.huji(a)gmail.com>
Gerrit-Reviewer: JJMC89 <JJMC89.Wikimedia(a)gmail.com>
Gerrit-Reviewer: Ladsgroup <Ladsgroup(a)gmail.com>
Gerrit-Reviewer: Legoktm <legoktm(a)member.fsf.org>
Gerrit-Reviewer: Mpaa <mpaa.wiki(a)gmail.com>
Gerrit-Reviewer: XZise <CommodoreFabianus(a)gmx.de>
Gerrit-Reviewer: Xqt <info(a)gno.de>
Gerrit-Reviewer: Zhuyifei1999 <zhuyifei1999(a)gmail.com>
Gerrit-Reviewer: jenkins-bot (75)