MediaWiki REL1_33
ApiLogoutTest.php
Go to the documentation of this file.
1<?php
2
10class ApiLogoutTest extends ApiTestCase {
11
12 protected function setUp() {
13 global $wgRequest, $wgUser;
14
15 parent::setUp();
16
17 // Link the user to the Session properly so User::doLogout() doesn't complain.
18 $wgRequest->getSession()->setUser( $wgUser );
19 $wgUser = User::newFromSession( $wgRequest );
20 $this->apiContext->setUser( $wgUser );
21 }
22
23 public function testUserLogoutBadToken() {
24 global $wgUser;
25
26 $this->setExpectedApiException( 'apierror-badtoken' );
27
28 try {
29 $token = 'invalid token';
30 $this->doUserLogout( $token );
31 } finally {
32 $this->assertTrue( $wgUser->isLoggedIn(), 'not logged out' );
33 }
34 }
35
36 public function testUserLogout() {
37 global $wgUser;
38
39 $this->assertTrue( $wgUser->isLoggedIn(), 'sanity check' );
40 $token = $this->getUserCsrfTokenFromApi();
41 $this->doUserLogout( $token );
42 $this->assertFalse( $wgUser->isLoggedIn() );
43 }
44
45 public function testUserLogoutWithWebToken() {
46 global $wgUser, $wgRequest;
47
48 $this->assertTrue( $wgUser->isLoggedIn(), 'sanity check' );
49
50 // Logic copied from SkinTemplate.
51 $token = $wgUser->getEditToken( 'logoutToken', $wgRequest );
52
53 $this->doUserLogout( $token );
54 $this->assertFalse( $wgUser->isLoggedIn() );
55 }
56
57 private function getUserCsrfTokenFromApi() {
58 $retToken = $this->doApiRequest( [
59 'action' => 'query',
60 'meta' => 'tokens',
61 'type' => 'csrf'
62 ] );
63
64 $this->assertArrayNotHasKey( 'warnings', $retToken );
65
66 return $retToken[0]['query']['tokens']['csrftoken'];
67 }
68
69 private function doUserLogout( $logoutToken ) {
70 return $this->doApiRequest( [
71 'action' => 'logout',
72 'token' => $logoutToken
73 ] );
74 }
75}
and
and that you know you can do these things To protect your we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights These restrictions translate to certain responsibilities for you if you distribute copies of the or if you modify it For if you distribute copies of such a whether gratis or for a you must give the recipients all the rights that you have You must make sure that receive or can get the source code And you must show them these terms so they know their rights We protect your rights with two and(2) offer you this license which gives you legal permission to copy
$wgRequest
if(! $wgDBerrorLogTZ) $wgRequest
Definition Setup.php:728
ApiLogoutTest
API Database medium.
Definition ApiLogoutTest.php:10
ApiLogoutTest\doUserLogout
doUserLogout( $logoutToken)
Definition ApiLogoutTest.php:69
ApiTestCase\setExpectedApiException
setExpectedApiException( $msg, $code=null, array $data=null, $httpCode=0)
Expect an ApiUsageException to be thrown with the given parameters, which are the same as ApiUsageExc...
Definition ApiTestCase.php:216
ApiTestCase\doApiRequest
doApiRequest(array $params, array $session=null, $appendModule=false, User $user=null, $tokenType=null)
Does the API request and returns the result.
Definition ApiTestCase.php:62
User\newFromSession
static newFromSession(WebRequest $request=null)
Create a new user object using data from session.
Definition User.php:750