Path: blob/master/src/applications/oauthserver/controller/client/PhabricatorOAuthClientSecretController.php
12242 views
<?php12final class PhabricatorOAuthClientSecretController3extends PhabricatorOAuthClientController {45public function handleRequest(AphrontRequest $request) {6$viewer = $request->getUser();78$client = id(new PhabricatorOAuthServerClientQuery())9->setViewer($viewer)10->withIDs(array($request->getURIData('id')))11->requireCapabilities(12array(13PhabricatorPolicyCapability::CAN_VIEW,14PhabricatorPolicyCapability::CAN_EDIT,15))16->executeOne();17if (!$client) {18return new Aphront404Response();19}2021$view_uri = $client->getViewURI();22$token = id(new PhabricatorAuthSessionEngine())->requireHighSecuritySession(23$viewer,24$request,25$view_uri);2627if ($request->isFormPost()) {28$secret = $client->getSecret();2930$body = id(new PHUIFormLayoutView())31->appendChild(32id(new AphrontFormTextAreaControl())33->setLabel(pht('Plaintext'))34->setReadOnly(true)35->setHeight(AphrontFormTextAreaControl::HEIGHT_VERY_SHORT)36->setValue($secret));3738return $this->newDialog()39->setWidth(AphrontDialogView::WIDTH_FORM)40->setTitle(pht('Application Secret'))41->appendChild($body)42->addCancelButton($view_uri, pht('Done'));43}444546$is_serious = PhabricatorEnv::getEnvConfig('phabricator.serious-business');4748if ($is_serious) {49$body = pht(50'The secret associated with this OAuth application will be shown in '.51'plain text on your screen.');52} else {53$body = pht(54'The secret associated with this OAuth application will be shown in '.55'plain text on your screen. Before continuing, wrap your arms around '.56'your monitor to create a human shield, keeping it safe from prying '.57'eyes. Protect company secrets!');58}5960return $this->newDialog()61->setTitle(pht('Really show application secret?'))62->appendChild($body)63->addSubmitButton(pht('Show Application Secret'))64->addCancelButton($view_uri);65}6667}686970