From 9166f1db0d070e06c6f29a9e395bfa55bddfed5d Mon Sep 17 00:00:00 2001
From: csteipp <csteipp@wikimedia.org>
Date: Thu, 18 Jun 2015 15:57:44 -0700
Subject: [PATCH] Check IP when communicating with Consumer

Check IP restriction whenever validating an OAuth request.

Bug: T103022
Change-Id: Id4d9d42ff0c39fb66dd9b55383b48d754af87b4c
---
 backend/MWOAuthServer.php | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/backend/MWOAuthServer.php b/backend/MWOAuthServer.php
index 69c10b5..b05dd51 100644
--- a/backend/MWOAuthServer.php
+++ b/backend/MWOAuthServer.php
@@ -132,6 +132,17 @@ class MWOAuthServer extends OAuthServer {
 	}
 
 	/**
+	 * Wrap the call to the parent function and check that the source IP of
+	 * the request is allowed by this consumer's restrictions.
+	 * @return array
+	 */
+	public function verify_request( &$request ) {
+		list( $consumer, $token ) = parent::verify_request( $request );
+		$this->checkSourceIP( $consumer, $request );
+		return array( $consumer, $token );
+	}
+
+	/**
 	 * Ensure the request comes from an approved IP address, if IP restriction has been
 	 * setup by the Consumer. It throws an exception if IP address is invalid.
 	 *
-- 
1.8.4.5