foreach ( $cookies as $key => $value ) {
if ( $value === false ) {
- $response->clearCookie( $key, $options );
+ $this->clearCookie( $request, $response, $key, $options );
} else {
if ( $extendedExpiry !== null && in_array( $key, $extendedCookies ) ) {
$expiry = time() + (int)$extendedExpiry;
'Token' => false,
);
- $response->clearCookie(
- $this->params['sessionName'], array( 'prefix' => '' ) + $this->cookieOptions
- );
+ $this->clearCookie( $request, $response, $this->params['sessionName'],
+ array( 'prefix' => '' ) + $this->cookieOptions );
foreach ( $cookies as $key => $value ) {
- $response->clearCookie( $key, $this->cookieOptions );
+ $this->clearCookie( $request, $response, $key, $this->cookieOptions );
}
- $response->clearCookie( 'forceHTTPS',
+ $this->clearCookie( $request, $response, 'forceHTTPS',
array( 'prefix' => '', 'secure' => false ) + $this->cookieOptions );
}
return $value;
}
+ /**
+ * Delete a cookie. Contains an auth-specific hack.
+ * @param \WebRequest $request
+ * @param \WebResponse $response
+ * @param string $key
+ * @param array $options
+ */
+ protected function clearCookie( $request, $response, $key, $options = array() ) {
+ global $wgCookiePrefix;
+
+ $prefix = isset( $options['prefix'] ) ? $options['prefix'] : $wgCookiePrefix;
+
+ if ( $request->getCookie( $key, $prefix ) ) {
+ $response->clearCookie( $key, $options );
+ }
+ }
+
/**
* Return the data to store in cookies
* @param User $user
$request = new \FauxRequest();
$provider->persistSession( $backend, $request );
$this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
- $this->assertSame( '', $request->response()->getCookie( 'xUserID' ) );
- $this->assertSame( null, $request->response()->getCookie( 'xUserName' ) );
- $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
- $this->assertSame( null, $request->response()->getCookie( 'forceHTTPS' ) );
+ $this->assertNull( $request->response()->getCookie( 'xUserID' ) );
+ $this->assertNull( $request->response()->getCookie( 'xUserName' ) );
+ $this->assertNull( $request->response()->getCookie( 'xToken' ) );
+ $this->assertNull( $request->response()->getCookie( 'forceHTTPS' ) );
$this->assertSame( array(), $backend->getData() );
// Logged-in user, no remember
$this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
$this->assertSame( (string)$user->getId(), $request->response()->getCookie( 'xUserID' ) );
$this->assertSame( $user->getName(), $request->response()->getCookie( 'xUserName' ) );
- $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
- $this->assertSame( null, $request->response()->getCookie( 'forceHTTPS' ) );
+ $this->assertNull( $request->response()->getCookie( 'xToken' ) );
+ $this->assertNull( $request->response()->getCookie( 'forceHTTPS' ) );
$this->assertSame( array(), $backend->getData() );
// Logged-in user, remember
'xUserName' => array(
'value' => $user->getName(),
) + $defaults,
- 'xToken' => array(
- 'value' => $remember ? $user->getToken() : '',
- 'expire' => $remember ? $extendedExpiry : -31536000,
+ 'xToken' => !$remember ? null : array(
+ 'value' => $user->getToken(),
+ 'expire' => $extendedExpiry,
) + $defaults,
'forceHTTPS' => !$secure ? null : array(
'value' => 'true',
$request = new \FauxRequest();
$provider->persistSession( $backend, $request );
$this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
- $this->assertSame( '', $request->response()->getCookie( 'xUserID' ) );
- $this->assertSame( null, $request->response()->getCookie( 'xUserName' ) );
- $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
- $this->assertSame( null, $request->response()->getCookie( 'forceHTTPS' ) );
+ $this->assertNull( $request->response()->getCookie( 'xUserID' ) );
+ $this->assertNull( $request->response()->getCookie( 'xUserName' ) );
+ $this->assertNull( $request->response()->getCookie( 'xToken' ) );
+ $this->assertNull( $request->response()->getCookie( 'forceHTTPS' ) );
$this->assertSame( array(), $backend->getData() );
$provider->persistSession( $backend, $this->getSentRequest() );
$this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
$this->assertSame( (string)$user->getId(), $request->response()->getCookie( 'xUserID' ) );
$this->assertSame( $user->getName(), $request->response()->getCookie( 'xUserName' ) );
- $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
- $this->assertSame( null, $request->response()->getCookie( 'forceHTTPS' ) );
+ $this->assertNull( $request->response()->getCookie( 'xToken' ) );
+ $this->assertNull( $request->response()->getCookie( 'forceHTTPS' ) );
$this->assertSame( 'bar!', $request->response()->getCookie( 'xbar' ) );
$this->assertSame( (string)$loggedOut, $request->response()->getCookie( 'xLoggedOut' ) );
$this->assertEquals( array(
$request = new \FauxRequest();
$provider->unpersistSession( $request );
- $this->assertSame( '', $request->response()->getCookie( 'MySessionName' ) );
- $this->assertSame( '', $request->response()->getCookie( 'xUserID' ) );
- $this->assertSame( null, $request->response()->getCookie( 'xUserName' ) );
- $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
- $this->assertSame( '', $request->response()->getCookie( 'forceHTTPS' ) );
+ $this->assertNull( $request->response()->getCookie( 'MySessionName' ) );
+ $this->assertNull( $request->response()->getCookie( 'xUserID' ) );
+ $this->assertNull( $request->response()->getCookie( 'xUserName' ) );
+ $this->assertNull( $request->response()->getCookie( 'xToken' ) );
+ $this->assertNull( $request->response()->getCookie( 'forceHTTPS' ) );
$provider->unpersistSession( $this->getSentRequest() );
}