src/applications/oauthserver/controller/client/PhabricatorOAuthClientSecretController.php at upstream/main

@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge

phorge phabricator

fork atom

phorge / src / applications / oauthserver / controller / client / PhabricatorOAuthClientSecretController.php

at upstream/main 69 lines 2.1 kB view raw

wrap content

Andre Klapper Add a Copy button to OAuth Server Application Secret dialog 5w ago

50f2651c

 1<?php
 2
 3final class PhabricatorOAuthClientSecretController
 4  extends PhabricatorOAuthClientController {
 5
 6  public function handleRequest(AphrontRequest $request) {
 7    $viewer = $request->getUser();
 8
 9    $client = id(new PhabricatorOAuthServerClientQuery())
10      ->setViewer($viewer)
11      ->withIDs(array($request->getURIData('id')))
12      ->requireCapabilities(
13        array(
14          PhabricatorPolicyCapability::CAN_VIEW,
15          PhabricatorPolicyCapability::CAN_EDIT,
16        ))
17      ->executeOne();
18    if (!$client) {
19      return new Aphront404Response();
20    }
21
22    $view_uri = $client->getViewURI();
23    $token = id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(
24      $viewer,
25      $request,
26      $view_uri);
27
28    if ($request->isFormPost()) {
29      $secret = $client->getSecret();
30
31      Javelin::initBehavior('select-on-click');
32      $body = id(new PHUIFormLayoutView())
33        ->appendChild(
34          id(new AphrontFormTextControl())
35            ->setLabel(pht('Plaintext'))
36            ->setReadOnly(true)
37            ->setSigil('select-on-click')
38            ->setHasCopyButton(true)
39            ->setValue($secret));
40
41      return $this->newDialog()
42        ->setTitle(pht('Application Secret'))
43        ->appendChild($body)
44        ->addCancelButton($view_uri, pht('Done'));
45    }
46
47
48    $is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');
49
50    if ($is_serious) {
51      $body = pht(
52        'The secret associated with this OAuth application will be shown in '.
53        'plain text on your screen.');
54    } else {
55      $body = pht(
56        'The secret associated with this OAuth application will be shown in '.
57        'plain text on your screen. Before continuing, wrap your arms around '.
58        'your monitor to create a human shield, keeping it safe from prying '.
59        'eyes. Protect company secrets!');
60    }
61
62    return $this->newDialog()
63      ->setTitle(pht('Really show application secret?'))
64      ->appendChild($body)
65      ->addSubmitButton(pht('Show Application Secret'))
66      ->addCancelButton($view_uri);
67  }
68
69}