recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Improve error message for bad timestamps

Summary: Ref T3031. While we should probably do more than this, provide a more useful error message so I don't have to make users run `date` and such.

Test Plan:
Added `|| true` and ran `arc list`:

$ arc list --conduit-uri=http://local.aphront.com:8080/
Exception
ERR-INVALID-TOKEN: The request you submitted is signed with a timestamp, but that timestamp is not within 15 m of the current time. The signed timestamp is 1375454102 (Fri, 02 Aug 2013 07:35:02 -0700), and the current server time is 1375454102 (Fri, 02 Aug 2013 07:35:02 -0700). This is a differnce of 0 seconds, but the timestamps must differ from the server time by no more than 900 seconds. Your client or server clock may not be set correctly.
(Run with --trace for a full exception trace.)

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T3031

Differential Revision: https://secure.phabricator.com/D6653

epriestley f0857e4f 6c7f36f6

+20 -2
+20 -2
src/applications/conduit/method/ConduitAPI_conduit_connect_Method.php
··· 117 117 118 118 $session_key = null; 119 119 if ($token && $signature) { 120 - if (abs($token - time()) > 60 * 15) { 121 - throw new ConduitException('ERR-INVALID-TOKEN'); 120 + $threshold = 60 * 15; 121 + $now = time(); 122 + if (abs($token - $now) > $threshold) { 123 + throw id(new ConduitException('ERR-INVALID-TOKEN')) 124 + ->setErrorDescription( 125 + pht( 126 + "The request you submitted is signed with a timestamp, but that ". 127 + "timestamp is not within %s of the current time. The ". 128 + "signed timestamp is %s (%s), and the current server time is ". 129 + "%s (%s). This is a difference of %s seconds, but the ". 130 + "timestamp must differ from the server time by no more than ". 131 + "%s seconds. Your client or server clock may not be set ". 132 + "correctly.", 133 + phabricator_format_relative_time($threshold), 134 + $token, 135 + date('r', $token), 136 + $now, 137 + date('r', $now), 138 + ($token - $now), 139 + $threshold)); 122 140 } 123 141 $valid = sha1($token.$user->getConduitCertificate()); 124 142 if ($valid != $signature) {