From fd29ee56c4678749c00e7698ef245f7e2967ee10 Mon Sep 17 00:00:00 2001 From: Simon Green Date: Sun, 27 Jul 2014 18:47:21 +1000 Subject: Bug 726696 - All authenticated WebServices methods should require username/pass, token or a valid API key for authentication r=dkl, a=sgreen --- Bugzilla/Token.pm | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'Bugzilla/Token.pm') diff --git a/Bugzilla/Token.pm b/Bugzilla/Token.pm index 535263868..71f24183b 100644 --- a/Bugzilla/Token.pm +++ b/Bugzilla/Token.pm @@ -23,13 +23,21 @@ use Digest::SHA qw(hmac_sha256_base64); use parent qw(Exporter); -@Bugzilla::Token::EXPORT = qw(issue_session_token check_token_data delete_token +@Bugzilla::Token::EXPORT = qw(issue_api_token issue_session_token + check_token_data delete_token issue_hash_token check_hash_token); ################################################################################ # Public Functions ################################################################################ +# Create a token used for internal API authentication +sub issue_api_token { + # Generates a random token, adds it to the tokens table, and returns + # the token to the caller. + return _create_token(Bugzilla->user->id, 'api_token', ''); +} + # Creates and sends a token to create a new user account. # It assumes that the login has the correct format and is not already in use. sub issue_new_user_account_token { @@ -466,6 +474,14 @@ Bugzilla::Token - Provides different routines to manage tokens. =over +=item C + + Description: Creates a token that can be used for API calls on the web page. + + Params: None. + + Returns: The token. + =item C Description: Creates and sends a token per email to the email address -- cgit v1.2.3-24-g4f1b