7 use Wikimedia\TestingAccessWrapper;
18 $config->set(
'CookiePrefix',
'wgCookiePrefix' );
19 $config->set(
'ForceHTTPS', $forceHTTPS );
22 'sessionCookieName' =>
$name,
23 'sessionCookieOptions' => [],
25 if ( $prefix !==
null ) {
26 $params[
'sessionCookieOptions'][
'prefix'] = $prefix;
30 ->setConstructorArgs( [
$params ] )
31 ->getMockForAbstractClass();
33 $provider->setConfig(
$config );
41 ->getMockForAbstractClass();
42 $priv = TestingAccessWrapper::newFromObject( $provider );
43 $this->assertNull( $priv->sessionCookieName );
44 $this->assertSame( [], $priv->sessionCookieOptions );
47 ->setConstructorArgs( [ [
48 'sessionCookieName' =>
'Foo',
49 'sessionCookieOptions' => [
'Bar' ],
51 ->getMockForAbstractClass();
52 $priv = TestingAccessWrapper::newFromObject( $provider );
53 $this->assertSame(
'Foo', $priv->sessionCookieName );
54 $this->assertSame( [
'Bar' ], $priv->sessionCookieOptions );
58 ->setConstructorArgs( [ [
59 'sessionCookieName' =>
false,
61 ->getMockForAbstractClass();
62 $this->fail(
'Expected exception not thrown' );
63 }
catch ( \InvalidArgumentException $ex ) {
65 'sessionCookieName must be a string',
72 ->setConstructorArgs( [ [
73 'sessionCookieOptions' =>
'x',
75 ->getMockForAbstractClass();
76 $this->fail(
'Expected exception not thrown' );
77 }
catch ( \InvalidArgumentException $ex ) {
79 'sessionCookieOptions must be an array',
87 $this->assertFalse( $provider->persistsSessionID() );
88 $this->assertFalse( $provider->canChangeUser() );
91 $this->assertTrue( $provider->persistsSessionID() );
92 $this->assertFalse( $provider->canChangeUser() );
94 $msg = $provider->whyNoSession();
96 $this->assertSame(
'sessionprovider-nocookies', $msg->getKey() );
101 $this->assertSame( [], $provider->getVaryCookies() );
104 $this->assertSame( [
'wgCookiePrefixFoo' ], $provider->getVaryCookies() );
107 $this->assertSame( [
'BarFoo' ], $provider->getVaryCookies() );
110 $this->assertSame( [
'Foo' ], $provider->getVaryCookies() );
114 $this->
setMwGlobals(
'wgCookiePrefix',
'wgCookiePrefix' );
117 '' =>
'empty---------------------------',
118 'Foo' =>
'foo-----------------------------',
119 'wgCookiePrefixFoo' =>
'wgfoo---------------------------',
120 'BarFoo' =>
'foobar--------------------------',
124 $provider = TestingAccessWrapper::newFromObject( $this->
getProvider(
null ) );
126 $provider->getSessionIdFromCookie(
$request );
127 $this->fail(
'Expected exception not thrown' );
128 }
catch ( \BadMethodCallException $ex ) {
130 'MediaWiki\\Session\\ImmutableSessionProviderWithCookie::getSessionIdFromCookie ' .
131 'may not be called when $this->sessionCookieName === null',
136 $provider = TestingAccessWrapper::newFromObject( $this->
getProvider(
'Foo' ) );
138 'wgfoo---------------------------',
139 $provider->getSessionIdFromCookie(
$request )
142 $provider = TestingAccessWrapper::newFromObject( $this->
getProvider(
'Foo',
'Bar' ) );
144 'foobar--------------------------',
145 $provider->getSessionIdFromCookie(
$request )
148 $provider = TestingAccessWrapper::newFromObject( $this->
getProvider(
'Foo',
'' ) );
150 'foo-----------------------------',
151 $provider->getSessionIdFromCookie(
$request )
154 $provider = TestingAccessWrapper::newFromObject( $this->
getProvider(
'bad',
'' ) );
155 $this->assertSame(
null, $provider->getSessionIdFromCookie(
$request ) );
157 $provider = TestingAccessWrapper::newFromObject( $this->
getProvider(
'none',
'' ) );
158 $this->assertSame(
null, $provider->getSessionIdFromCookie(
$request ) );
163 ->setMethods( [
'headersSent',
'setCookie',
'header' ] )
165 $sentResponse->expects( $this->
any() )->method(
'headersSent' )
166 ->will( $this->returnValue(
true ) );
167 $sentResponse->expects( $this->never() )->method(
'setCookie' );
168 $sentResponse->expects( $this->never() )->method(
'header' );
171 ->setMethods( [
'response' ] )->getMock();
172 $sentRequest->expects( $this->
any() )->method(
'response' )
173 ->will( $this->returnValue( $sentResponse ) );
185 'wgCookieExpiration' => 100,
186 'wgSecureLogin' =>
false,
187 'wgForceHTTPS' => $forceHTTPS,
190 $provider = $this->
getProvider(
'session',
null, $forceHTTPS );
191 $provider->setLogger(
new \Psr\Log\NullLogger() );
192 $priv = TestingAccessWrapper::newFromObject( $provider );
193 $priv->sessionCookieOptions = [
195 'path' =>
'CookiePath',
196 'domain' =>
'CookieDomain',
201 $sessionId =
'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
203 $this->assertSame( $forceHTTPS,
$user->requiresHTTPS(),
'sanity check' );
208 'provider' => $provider,
215 new \Psr\Log\NullLogger(),
218 TestingAccessWrapper::newFromObject( $backend )->usePhpSessionHandling =
false;
219 $backend->setRememberUser( $remember );
220 $backend->setForceHTTPS( $secure );
223 $priv->sessionCookieName =
null;
225 $provider->persistSession( $backend,
$request );
226 $this->assertSame( [],
$request->response()->getCookies() );
229 $priv->sessionCookieName =
'session';
232 $provider->persistSession( $backend,
$request );
234 $cookie =
$request->response()->getCookieData(
'xsession' );
235 $this->assertInternalType(
'array', $cookie );
236 if ( isset( $cookie[
'expire'] ) && $cookie[
'expire'] > 0 ) {
238 $cookie[
'expire'] = round( $cookie[
'expire'] -
$time, -2 );
240 $this->assertEquals( [
241 'value' => $sessionId,
243 'path' =>
'CookiePath',
244 'domain' =>
'CookieDomain',
245 'secure' => $secure || $forceHTTPS,
250 $cookie =
$request->response()->getCookieData(
'forceHTTPS' );
251 if ( $secure && !$forceHTTPS ) {
252 $this->assertInternalType(
'array', $cookie );
253 if ( isset( $cookie[
'expire'] ) && $cookie[
'expire'] > 0 ) {
255 $cookie[
'expire'] = round( $cookie[
'expire'] -
$time, -2 );
257 $this->assertEquals( [
260 'path' =>
'CookiePath',
261 'domain' =>
'CookieDomain',
267 $this->assertNull( $cookie );
272 $provider->persistSession( $backend,
$request );
273 $this->assertSame( [],
$request->response()->getCookies() );
277 return \ArrayUtils::cartesianProduct(
286 $provider->setLogger(
new \Psr\Log\NullLogger() );
287 $priv = TestingAccessWrapper::newFromObject( $provider );
290 $priv->sessionCookieName =
null;
292 $provider->unpersistSession(
$request );
293 $this->assertSame(
null,
$request->response()->getCookie(
'session',
'' ) );
296 $priv->sessionCookieName =
'session';
298 $provider->unpersistSession(
$request );
299 $this->assertSame(
'',
$request->response()->getCookie(
'session',
'' ) );
303 $provider->unpersistSession(
$request );
304 $this->assertSame(
null,
$request->response()->getCookie(
'session',
'' ) );