Use meta=tokens endpoint to get CSRF and watch tokens

The previously used "intoken" way to get tokens was deprecated since MediaWiki 1.24 and was removed since 1.37. This change breaks any Scripto installations that use versions less than 1.24 (released 2016-03-31).
omeka · Nov 23, 2021 · 7411ea6 · 7411ea6
1 parent 6d51381
commit 7411ea6
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 41 deletions.
diff --git a/libraries/Scripto/Document.php b/libraries/Scripto/Document.php
@@ -439,9 +439,7 @@ public function editTranscriptionPage($text)
         if (is_null($this->_pageId)) {
             throw new Scripto_Exception('The document page must be set before editing the transcription page.');
         }
-        $this->_mediawiki->edit($this->_baseTitle, 
-                                $text, 
-                                $this->_transcriptionPageInfo['edit_token']);
+        $this->_mediawiki->edit($this->_baseTitle, $text);
     }
 
     /**
@@ -455,9 +453,7 @@ public function editTalkPage($text)
         if (is_null($this->_pageId)) {
             throw new Scripto_Exception('The document page must be set before editing the talk page.');
         }
-        $this->_mediawiki->edit('Talk:' . $this->_baseTitle, 
-                                $text, 
-                                $this->_talkPageInfo['edit_token']);
+        $this->_mediawiki->edit('Talk:' . $this->_baseTitle, $text);
     }
 
     /**
@@ -468,7 +464,7 @@ public function protectTranscriptionPage()
         if (is_null($this->_pageId)) {
             throw new Scripto_Exception('The document page must be set before protecting the transcription page.');
         }
-        $this->_protectPage($this->_baseTitle, $this->_transcriptionPageInfo['protect_token']);
+        $this->_protectPage($this->_baseTitle, null);
 
         // Update information about this page.
         $this->_transcriptionPageInfo = $this->_getPageInfo($this->_baseTitle);
@@ -482,7 +478,7 @@ public function protectTalkPage()
         if (is_null($this->_pageId)) {
             throw new Scripto_Exception('The document page must be set before protecting the talk page.');
         }
-        $this->_protectPage('Talk:' . $this->_baseTitle, $this->_talkPageInfo['protect_token']);
+        $this->_protectPage('Talk:' . $this->_baseTitle, null);
 
         // Update information about this page.
         $this->_talkPageInfo = $this->_getPageInfo('Talk:' . $this->_baseTitle);
@@ -496,7 +492,7 @@ public function unprotectTranscriptionPage()
         if (is_null($this->_pageId)) {
             throw new Scripto_Exception('The document page must be set before unprotecting the transcription page.');
         }
-        $this->_unprotectPage($this->_baseTitle, $this->_transcriptionPageInfo['protect_token']);
+        $this->_unprotectPage($this->_baseTitle, null);
 
         // Update information about this page.
         $this->_transcriptionPageInfo = $this->_getPageInfo($this->_baseTitle);
@@ -510,7 +506,7 @@ public function unprotectTalkPage()
         if (is_null($this->_pageId)) {
             throw new Scripto_Exception('The document page must be set before unprotecting the talk page.');
         }
-        $this->_unprotectPage('Talk:' . $this->_baseTitle, $this->_talkPageInfo['protect_token']);
+        $this->_unprotectPage('Talk:' . $this->_baseTitle, null);
 
         // Update information about this page.
         $this->_talkPageInfo = $this->_getPageInfo('Talk:' . $this->_baseTitle);
@@ -799,8 +795,7 @@ protected function _getPageMediawikiUrl($title)
      */
     protected function _getPageInfo($title)
     {
-        $params = array('inprop' => 'protection|talkid|subjectid|url|watched', 
-                        'intoken' => 'edit|move|delete|protect');
+        $params = array('inprop' => 'protection|talkid|subjectid|url|watched');
         $response = $this->_mediawiki->getInfo($title, $params);
         $page = current($response['query']['pages']);
         $pageInfo = array('page_id'            => isset($page['pageid']) ? $page['pageid'] : null, 
@@ -810,10 +805,6 @@ protected function _getPageInfo($title)
                           'counter'            => isset($page['counter']) ? $page['counter'] : null, 
                           'length'             => isset($page['length']) ? $page['length'] : null, 
                           'start_timestamp'    => isset($page['starttimestamp']) ? $page['starttimestamp'] : null, 
-                          'edit_token'         => isset($page['edittoken']) ? $page['edittoken'] : null, 
-                          'move_token'         => isset($page['movetoken']) ? $page['movetoken'] : null, 
-                          'delete_token'       => isset($page['deletetoken']) ? $page['deletetoken'] : null, 
-                          'protect_token'      => isset($page['protecttoken']) ? $page['protecttoken'] : null, 
                           'protections'        => isset($page['protection']) ? $page['protection'] : null, 
                           'talk_id'            => isset($page['talkid']) ? $page['talkid'] : null, 
                           'mediawiki_full_url' => isset($page['fullurl']) ? $page['fullurl'] : null, 

diff --git a/libraries/Scripto/Service/MediaWiki.php b/libraries/Scripto/Service/MediaWiki.php
@@ -70,7 +70,7 @@ class Scripto_Service_MediaWiki extends Zend_Service_Abstract
             // title specifications
             'titles', 'revids', 'pageids', 
             // submodules
-            'meta', 'prop', 'list', 
+            'meta', 'prop', 'list', 'type',
             // meta submodule
             'siprop', 'sifilteriw', 'sishowalldb', 'sinumberingroup',
             'uiprop', 
@@ -304,14 +304,8 @@ public function getRevisionDiff($fromRevisionId, $toRevisionId = 'prev')
      */
     public function getEditToken($title)
     {
-        $response = $this->getInfo($title, array('intoken' => 'edit'));
-        $page = current($response['query']['pages']);
-
-        $edittoken = null;
-        if (isset($page['edittoken'])) {
-            $edittoken = $page['edittoken'];
-        }
-        return $edittoken;
+        $response = $this->query(['meta' => 'tokens', 'type' => 'csrf']);
+        return $response['query']['tokens']['csrftoken'];
     }
 
     /**
@@ -323,14 +317,8 @@ public function getEditToken($title)
      */
     public function getProtectToken($title)
     {
-        $response = $this->getInfo($title, array('intoken' => 'protect'));
-        $page = current($response['query']['pages']);
-
-        $protecttoken = null;
-        if (isset($page['protecttoken'])) {
-            $protecttoken = $page['protecttoken'];
-        }
-        return $protecttoken;
+        $response = $this->query(['meta' => 'tokens', 'type' => 'csrf']);
+        return $response['query']['tokens']['csrftoken'];
     }
 
     /**
@@ -342,14 +330,8 @@ public function getProtectToken($title)
      */
     public function getWatchToken($title)
     {
-        $response = $this->getInfo($title, array('intoken' => 'watch'));
-        $page = current($response['query']['pages']);
-
-        $watchtoken = null;
-        if (isset($page['watchtoken'])) {
-            $watchtoken = $page['watchtoken'];
-        }
-        return $watchtoken;
+        $response = $this->query(['meta' => 'tokens', 'type' => 'watch']);
+        return $response['query']['tokens']['watchtoken'];
     }
 
     /**