uber-archive / canduit Goto Github PK
View Code? Open in Web Editor NEWNode.js Phabricator Conduit API client. This project is deprecated and not maintained.
License: MIT License
canduit's People
Contributors
Stargazers
Watchers
Forkers
lxe dmtsui joshma crccheck timhirsh satish-ravi mlanter rdohms calvium atul9911 lucasmarshall dswho tesoy-xx wmdecanduit's Issues
Canduit should fallback gracefully if HOME environment does not exist
I'm running a process that uses canduit in upstart, and I have no HOME, so I encountered:
TypeError: Arguments to path.join must be strings
My workaround was to set HOME=/tmp for now. I can do a PR later.
support xhr requests in canduit and new api.token parameter
The canduit api now appears to require a parameter api.token for requests.
Also on the client side requests a CSRF token is required and should be set in the header: X-Phabricator-Csrf.
I was able to figure out how to fix the issue by consulting these two pages:
https://secure.phabricator.com/P2028
https://secure.phabricator.com/T6661#85813
The validation for the csrf token appears to be in this php controller.
In the documentation for maniphest.search on http://<your-phabricator.url>/conduit/method/maniphest.search/ the curl requests is documented as:
$ curl https://<your-phabricator.url>/api/maniphest.search \
-d api.token=api-token \
-d param=value \
...Reproduce Error
Login into phabricator and open the chrome developer console,
and then enter the following code and replace the template variables <your-phabricator.url> <your-user.name> with your appropriate values.
// Get phabricator token:
// https://<your-phabricator.url>/settings/user/<your-user.name>/page/apitokens/
var phabricatorUrl = 'https://<your-phabricator.url>/'
var token = "token from https://<your-phabricator.url>/settings/user/<your-user.name>/page/apitokens/";
var data=`api.token=${token}`;
var xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === 4) {
console.log(this.responseText);
}
});
xhr.open("POST", `${phabricatorUrl}/api/maniphest.search`);
xhr.setRequestHeader("content-type", "application/x-www-form-urlencoded");
xhr.setRequestHeader("cache-control", "no-cache");
xhr.send(data);
/* Here is the error in the logs.
{"result":null,"error_code":"ERR-CONDUIT-CORE","error_info":"You are trying to save some data to Phabricator, but the request your browser made included an incorrect token. Reload the page and try again. You may need to clear your cookies.\nThis was a Web request.\nThis request had no CSRF token."}
*/
Successful Request
// Get phabricator token and csrf:
// Get your phabricator csrf token from 'http://your.phabricator.url/login/refresh/'
// Copy paste the token in the request
var baseUrl = 'https://<your-phabricator.url>'
var token = "token form https://<your-phabricator.url>/settings/user/<your-user.name>/page/apitokens/";
var data = `api.token=${token}`;
var csrfToken = "token from http://<your.phabricator.url/>login/refresh/'"
var xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === 4) {
console.log(this.responseText);
}
});
xhr.open("POST", `${baseUrl}/api/maniphest.search`);
xhr.setRequestHeader("content-type", "application/x-www-form-urlencoded");
xhr.setRequestHeader("cache-control", "no-cache");
/*X-Phabricator-Csrf is now set*/
xhr.setRequestHeader('X-Phabricator-Csrf', csrfToken);
xhr.send(data);
// You should see a list of maniphest tasks that match the search criteriaI'm currently working on a patch for this, but wanted to create this issue for more visibility.
The code that needs to be refactored is createRequest
Params in token requests are not properly JSON decoded
Steps to reproduce:
- make a token request to
maniphest.searchwith params{ "constraints": { "ids": [1] } }
canduit.exec('maniphest.search', {
constraints: {
ids: [1]
}
}, function (err, tasks) {
// Expected: successful response with task id 1
// Actual: { [Error: Expected a list of integers, but item with index "0" is not an integer.] code: 'ERR-CONDUIT-CORE' }
console.log(err);
});
Decoding params from the GET query string results in type ambiguity (see https://github.com/phacility/phabricator/blob/master/src/applications/conduit/controller/PhabricatorConduitAPIController.php#L597 for how Phabricator decodes params). Converting this request to a POST with a params form key should solve this.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.