MediaWiki  master
SessionInfo.php
Go to the documentation of this file.
1 <?php
24 namespace MediaWiki\Session;
25 
34 class SessionInfo {
36  const MIN_PRIORITY = 1;
37 
39  const MAX_PRIORITY = 100;
40 
42  private $provider;
43 
45  private $id;
46 
48  private $priority;
49 
51  private $userInfo = null;
52 
54  private $persisted = false;
55 
57  private $remembered = false;
58 
60  private $forceHTTPS = false;
61 
63  private $idIsSafe = false;
64 
66  private $forceUse = false;
67 
70 
96  public function __construct( $priority, array $data ) {
97  if ( $priority < self::MIN_PRIORITY || $priority > self::MAX_PRIORITY ) {
98  throw new \InvalidArgumentException( 'Invalid priority' );
99  }
100 
101  if ( isset( $data['copyFrom'] ) ) {
102  $from = $data['copyFrom'];
103  if ( !$from instanceof SessionInfo ) {
104  throw new \InvalidArgumentException( 'Invalid copyFrom' );
105  }
106  $data += [
107  'provider' => $from->provider,
108  'id' => $from->id,
109  'userInfo' => $from->userInfo,
110  'persisted' => $from->persisted,
111  'remembered' => $from->remembered,
112  'forceHTTPS' => $from->forceHTTPS,
113  'metadata' => $from->providerMetadata,
114  'idIsSafe' => $from->idIsSafe,
115  'forceUse' => $from->forceUse,
116  // @codeCoverageIgnoreStart
117  ];
118  // @codeCoverageIgnoreEnd
119  } else {
120  $data += [
121  'provider' => null,
122  'id' => null,
123  'userInfo' => null,
124  'persisted' => false,
125  'remembered' => true,
126  'forceHTTPS' => false,
127  'metadata' => null,
128  'idIsSafe' => false,
129  'forceUse' => false,
130  // @codeCoverageIgnoreStart
131  ];
132  // @codeCoverageIgnoreEnd
133  }
134 
135  if ( $data['id'] !== null && !SessionManager::validateSessionId( $data['id'] ) ) {
136  throw new \InvalidArgumentException( 'Invalid session ID' );
137  }
138 
139  if ( $data['userInfo'] !== null && !$data['userInfo'] instanceof UserInfo ) {
140  throw new \InvalidArgumentException( 'Invalid userInfo' );
141  }
142 
143  if ( !$data['provider'] && $data['id'] === null ) {
144  throw new \InvalidArgumentException(
145  'Must supply an ID when no provider is given'
146  );
147  }
148 
149  if ( $data['metadata'] !== null && !is_array( $data['metadata'] ) ) {
150  throw new \InvalidArgumentException( 'Invalid metadata' );
151  }
152 
153  $this->provider = $data['provider'];
154  if ( $data['id'] !== null ) {
155  $this->id = $data['id'];
156  $this->idIsSafe = $data['idIsSafe'];
157  $this->forceUse = $data['forceUse'] && $this->provider;
158  } else {
159  $this->id = $this->provider->getManager()->generateSessionId();
160  $this->idIsSafe = true;
161  $this->forceUse = false;
162  }
163  $this->priority = (int)$priority;
164  $this->userInfo = $data['userInfo'];
165  $this->persisted = (bool)$data['persisted'];
166  if ( $data['provider'] !== null ) {
167  if ( $this->userInfo !== null && !$this->userInfo->isAnon() && $this->userInfo->isVerified() ) {
168  $this->remembered = (bool)$data['remembered'];
169  }
170  $this->providerMetadata = $data['metadata'];
171  }
172  $this->forceHTTPS = (bool)$data['forceHTTPS'];
173  }
174 
179  final public function getProvider() {
180  return $this->provider;
181  }
182 
187  final public function getId() {
188  return $this->id;
189  }
190 
203  final public function isIdSafe() {
204  return $this->idIsSafe;
205  }
206 
218  final public function forceUse() {
219  return $this->forceUse;
220  }
221 
226  final public function getPriority() {
227  return $this->priority;
228  }
229 
234  final public function getUserInfo() {
235  return $this->userInfo;
236  }
237 
242  final public function wasPersisted() {
243  return $this->persisted;
244  }
245 
250  final public function getProviderMetadata() {
252  }
253 
269  final public function wasRemembered() {
270  return $this->remembered;
271  }
272 
277  final public function forceHTTPS() {
278  return $this->forceHTTPS;
279  }
280 
281  public function __toString() {
282  return '[' . $this->getPriority() . ']' .
283  ( $this->getProvider() ?: 'null' ) .
284  ( $this->userInfo ?: '<null>' ) . $this->getId();
285  }
286 
293  public static function compare( $a, $b ) {
294  return $a->getPriority() <=> $b->getPriority();
295  }
296 
297 }
const MIN_PRIORITY
Minimum allowed priority.
Definition: SessionInfo.php:36
getUserInfo()
Return the user.
Object holding data about a session&#39;s user.
Definition: UserInfo.php:51
getPriority()
Return the priority.
static compare( $a, $b)
Compare two SessionInfo objects by priority.
getId()
Return the session ID.
forceUse()
Force use of this SessionInfo if validation fails.
getManager()
Get the session manager.
getProvider()
Return the provider.
__construct( $priority, array $data)
Definition: SessionInfo.php:96
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not null
Definition: hooks.txt:767
getProviderMetadata()
Return provider metadata.
wasPersisted()
Return whether the session is persisted.
SessionProvider null $provider
Definition: SessionInfo.php:42
const MAX_PRIORITY
Maximum allowed priority.
Definition: SessionInfo.php:39
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
static validateSessionId( $id)
Validate a session ID.
forceHTTPS()
Whether this session should only be used over HTTPS.
Value object returned by SessionProvider.
Definition: SessionInfo.php:34
wasRemembered()
Return whether the user was remembered.
isIdSafe()
Indicate whether the ID is "safe".