Add methods to get raw request in WebRequest

Make it possible to get the raw parameters given to the request, with
no escaping. This is needed for features like OAuth, where a signature
is calculated over the parameters to verify their integrity and source.

FauxRequest is extended so the original request doesn't pollute the
fake one. This could be extended so "raw" values could be set and used,
but there isn't a use case for that yet, so it's not done here.

Change-Id: I8710844f21d21cbbf28517b0cc25b0713b506bee

diff --git a/includes/WebRequest.php b/includes/WebRequest.php
index dbd0740..80881c9 100644 (file)
--- a/includes/WebRequest.php
+++ b/includes/WebRequest.php
@@ -568,6 +568,44 @@ class WebRequest {
                return $_GET;
        }
 
+       /**
+        * Return the contents of the Query with no decoding. Use when you need to
+        * know exactly what was sent, e.g. for an OAuth signature over the elements.
+        *
+        * @return String
+        */
+       public function getRawQueryString() {
+               return $_SERVER['QUERY_STRING'];
+       }
+
+       /**
+        * Return the contents of the POST with no decoding. Use when you need to
+        * know exactly what was sent, e.g. for an OAuth signature over the elements.
+        *
+        * @return String
+        */
+       public function getRawPostString() {
+               if ( !$this->wasPosted() ) {
+                       return '';
+               }
+               return $this->getRawInput();
+       }
+
+       /**
+        * Return the raw request body, with no processing. Cached since some methods
+        * disallow reading the stream more than once. As stated in the php docs, this
+        * does not work with enctype="multipart/form-data".
+        *
+        * @return String
+        */
+       public function getRawInput() {
+               static $input = false;
+               if ( $input === false ) {
+                       $input = file_get_contents( 'php://input' );
+               }
+               return $input;
+       }
+
        /**
         * Get the HTTP method used for this request.
         *
@@ -1391,6 +1429,30 @@ class FauxRequest extends WebRequest {
                return false;
        }
 
+       /**
+        * FauxRequests shouldn't depend on raw request data (but that could be implemented here)
+        * @return String
+        */
+       public function getRawQueryString() {
+               return '';
+       }
+
+       /**
+        * FauxRequests shouldn't depend on raw request data (but that could be implemented here)
+        * @return String
+        */
+       public function getRawPostString() {
+               return '';
+       }
+
+       /**
+        * FauxRequests shouldn't depend on raw request data (but that could be implemented here)
+        * @return String
+        */
+       public function getRawInput() {
+               return '';
+       }
+
        /**
         * @param array $extWhitelist
         * @return bool