diff options
author | Simon Green <sgreen@redhat.com> | 2014-07-27 10:47:21 +0200 |
---|---|---|
committer | Simon Green <sgreen@redhat.com> | 2014-07-27 10:47:21 +0200 |
commit | fd29ee56c4678749c00e7698ef245f7e2967ee10 (patch) | |
tree | 9d0696c9a89b8df8a6d46e2be6602a449b7354c3 /Bugzilla/Token.pm | |
parent | 9f0f44b7fb73e9af0cdaefe8f5ff617f14fec2ed (diff) | |
download | bugzilla-fd29ee56c4678749c00e7698ef245f7e2967ee10.tar.gz bugzilla-fd29ee56c4678749c00e7698ef245f7e2967ee10.tar.xz |
Bug 726696 - All authenticated WebServices methods should require username/pass, token or a valid API key for authentication
r=dkl, a=sgreen
Diffstat (limited to 'Bugzilla/Token.pm')
-rw-r--r-- | Bugzilla/Token.pm | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm index 535263868..71f24183b 100644 --- a/Bugzilla/Token.pm +++ b/Bugzilla/Token.pm @@ -23,13 +23,21 @@ use Digest::SHA qw(hmac_sha256_base64); use parent qw(Exporter); -@Bugzilla::Token::EXPORT = qw(issue_session_token check_token_data delete_token +@Bugzilla::Token::EXPORT = qw(issue_api_token issue_session_token + check_token_data delete_token issue_hash_token check_hash_token); ################################################################################ # Public Functions ################################################################################ +# Create a token used for internal API authentication +sub issue_api_token { + # Generates a random token, adds it to the tokens table, and returns + # the token to the caller. + return _create_token(Bugzilla->user->id, 'api_token', ''); +} + # Creates and sends a token to create a new user account. # It assumes that the login has the correct format and is not already in use. sub issue_new_user_account_token { @@ -466,6 +474,14 @@ Bugzilla::Token - Provides different routines to manage tokens. =over +=item C<issue_api_token($login_name)> + + Description: Creates a token that can be used for API calls on the web page. + + Params: None. + + Returns: The token. + =item C<issue_new_user_account_token($login_name)> Description: Creates and sends a token per email to the email address |