3 namespace MediaWiki\Session
;
12 * @covers MediaWiki\Session\SessionManager
14 class SessionManagerTest
extends MediaWikiTestCase
{
16 protected $config, $logger, $store;
18 protected function getManager() {
19 \ObjectCache
::$instances['testSessionStore'] = new TestBagOStuff();
20 $this->config
= new \
HashConfig( array(
21 'LanguageCode' => 'en',
22 'SessionCacheType' => 'testSessionStore',
23 'ObjectCacheSessionExpiry' => 100,
24 'SessionProviders' => array(
25 array( 'class' => 'DummySessionProvider' ),
28 $this->logger
= new \
TestLogger( false, function ( $m ) {
29 return substr( $m, 0, 15 ) === 'SessionBackend ' ?
null : $m;
31 $this->store
= new TestBagOStuff();
33 return new SessionManager( array(
34 'config' => $this->config
,
35 'logger' => $this->logger
,
36 'store' => $this->store
,
40 protected function objectCacheDef( $object ) {
41 return array( 'factory' => function () use ( $object ) {
46 public function testSingleton() {
47 $reset = TestUtils
::setSessionManagerSingleton( null );
49 $singleton = SessionManager
::singleton();
50 $this->assertInstanceOf( 'MediaWiki\\Session\\SessionManager', $singleton );
51 $this->assertSame( $singleton, SessionManager
::singleton() );
54 public function testGetGlobalSession() {
55 $context = \RequestContext
::getMain();
57 if ( !PHPSessionHandler
::isInstalled() ) {
58 PHPSessionHandler
::install( SessionManager
::singleton() );
60 $rProp = new \
ReflectionProperty( 'MediaWiki\\Session\\PHPSessionHandler', 'instance' );
61 $rProp->setAccessible( true );
62 $handler = \TestingAccessWrapper
::newFromObject( $rProp->getValue() );
63 $oldEnable = $handler->enable
;
64 $reset[] = new \
ScopedCallback( function () use ( $handler, $oldEnable ) {
65 if ( $handler->enable
) {
66 session_write_close();
68 $handler->enable
= $oldEnable;
70 $reset[] = TestUtils
::setSessionManagerSingleton( $this->getManager() );
72 $handler->enable
= true;
73 $request = new \
FauxRequest();
74 $context->setRequest( $request );
75 $id = $request->getSession()->getId();
78 $session = SessionManager
::getGlobalSession();
79 $this->assertSame( $id, $session->getId() );
81 session_id( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' );
82 $session = SessionManager
::getGlobalSession();
83 $this->assertSame( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', $session->getId() );
84 $this->assertSame( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', $request->getSession()->getId() );
86 session_write_close();
87 $handler->enable
= false;
88 $request = new \
FauxRequest();
89 $context->setRequest( $request );
90 $id = $request->getSession()->getId();
93 $session = SessionManager
::getGlobalSession();
94 $this->assertSame( $id, $session->getId() );
96 session_id( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' );
97 $session = SessionManager
::getGlobalSession();
98 $this->assertSame( $id, $session->getId() );
99 $this->assertSame( $id, $request->getSession()->getId() );
102 public function testConstructor() {
103 $manager = \TestingAccessWrapper
::newFromObject( $this->getManager() );
104 $this->assertSame( $this->config
, $manager->config
);
105 $this->assertSame( $this->logger
, $manager->logger
);
106 $this->assertSame( $this->store
, $manager->store
);
108 $manager = \TestingAccessWrapper
::newFromObject( new SessionManager() );
109 $this->assertSame( \RequestContext
::getMain()->getConfig(), $manager->config
);
111 $manager = \TestingAccessWrapper
::newFromObject( new SessionManager( array(
112 'config' => $this->config
,
114 $this->assertSame( \ObjectCache
::$instances['testSessionStore'], $manager->store
);
117 'config' => '$options[\'config\'] must be an instance of Config',
118 'logger' => '$options[\'logger\'] must be an instance of LoggerInterface',
119 'store' => '$options[\'store\'] must be an instance of BagOStuff',
120 ) as $key => $error ) {
122 new SessionManager( array( $key => new \stdClass
) );
123 $this->fail( 'Expected exception not thrown' );
124 } catch ( \InvalidArgumentException
$ex ) {
125 $this->assertSame( $error, $ex->getMessage() );
130 public function testGetSessionForRequest() {
131 $manager = $this->getManager();
132 $request = new \
FauxRequest();
136 $idEmpty = 'empty-session-------------------';
138 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
140 array( 'provideSessionInfo', 'newSessionInfo', '__toString', 'describe' )
143 $provider1 = $providerBuilder->getMock();
144 $provider1->expects( $this->any() )->method( 'provideSessionInfo' )
145 ->with( $this->identicalTo( $request ) )
146 ->will( $this->returnCallback( function ( $request ) {
147 return $request->info1
;
149 $provider1->expects( $this->any() )->method( 'newSessionInfo' )
150 ->will( $this->returnCallback( function () use ( $idEmpty, $provider1 ) {
151 return new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
152 'provider' => $provider1,
158 $provider1->expects( $this->any() )->method( '__toString' )
159 ->will( $this->returnValue( 'Provider1' ) );
160 $provider1->expects( $this->any() )->method( 'describe' )
161 ->will( $this->returnValue( '#1 sessions' ) );
163 $provider2 = $providerBuilder->getMock();
164 $provider2->expects( $this->any() )->method( 'provideSessionInfo' )
165 ->with( $this->identicalTo( $request ) )
166 ->will( $this->returnCallback( function ( $request ) {
167 return $request->info2
;
169 $provider2->expects( $this->any() )->method( '__toString' )
170 ->will( $this->returnValue( 'Provider2' ) );
171 $provider2->expects( $this->any() )->method( 'describe' )
172 ->will( $this->returnValue( '#2 sessions' ) );
174 $this->config
->set( 'SessionProviders', array(
175 $this->objectCacheDef( $provider1 ),
176 $this->objectCacheDef( $provider2 ),
179 // No provider returns info
180 $request->info1
= null;
181 $request->info2
= null;
182 $session = $manager->getSessionForRequest( $request );
183 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
184 $this->assertSame( $idEmpty, $session->getId() );
186 // Both providers return info, picks best one
187 $request->info1
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, array(
188 'provider' => $provider1,
189 'id' => ( $id1 = $manager->generateSessionId() ),
193 $request->info2
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
2, array(
194 'provider' => $provider2,
195 'id' => ( $id2 = $manager->generateSessionId() ),
199 $session = $manager->getSessionForRequest( $request );
200 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
201 $this->assertSame( $id2, $session->getId() );
203 $request->info1
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
2, array(
204 'provider' => $provider1,
205 'id' => ( $id1 = $manager->generateSessionId() ),
209 $request->info2
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, array(
210 'provider' => $provider2,
211 'id' => ( $id2 = $manager->generateSessionId() ),
215 $session = $manager->getSessionForRequest( $request );
216 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
217 $this->assertSame( $id1, $session->getId() );
220 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
221 'provider' => $provider1,
222 'id' => ( $id1 = $manager->generateSessionId() ),
224 'userInfo' => UserInfo
::newAnonymous(),
227 $request->info2
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
228 'provider' => $provider2,
229 'id' => ( $id2 = $manager->generateSessionId() ),
231 'userInfo' => UserInfo
::newAnonymous(),
235 $manager->getSessionForRequest( $request );
236 $this->fail( 'Expcected exception not thrown' );
237 } catch ( \OverFlowException
$ex ) {
238 $this->assertStringStartsWith(
239 'Multiple sessions for this request tied for top priority: ',
242 $this->assertCount( 2, $ex->sessionInfos
);
243 $this->assertContains( $request->info1
, $ex->sessionInfos
);
244 $this->assertContains( $request->info2
, $ex->sessionInfos
);
248 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
249 'provider' => $provider2,
250 'id' => ( $id1 = $manager->generateSessionId() ),
254 $request->info2
= null;
256 $manager->getSessionForRequest( $request );
257 $this->fail( 'Expcected exception not thrown' );
258 } catch ( \UnexpectedValueException
$ex ) {
260 'Provider1 returned session info for a different provider: ' . $request->info1
,
265 // Unusable session info
266 $this->logger
->setCollect( true );
267 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
268 'provider' => $provider1,
269 'id' => ( $id1 = $manager->generateSessionId() ),
271 'userInfo' => UserInfo
::newFromName( 'UTSysop', false ),
274 $request->info2
= new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
275 'provider' => $provider2,
276 'id' => ( $id2 = $manager->generateSessionId() ),
280 $session = $manager->getSessionForRequest( $request );
281 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
282 $this->assertSame( $id2, $session->getId() );
283 $this->logger
->setCollect( false );
285 // Unpersisted session ID
286 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
287 'provider' => $provider1,
288 'id' => ( $id1 = $manager->generateSessionId() ),
289 'persisted' => false,
290 'userInfo' => UserInfo
::newFromName( 'UTSysop', true ),
293 $request->info2
= null;
294 $session = $manager->getSessionForRequest( $request );
295 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
296 $this->assertSame( $id1, $session->getId() );
298 $this->assertTrue( $session->isPersistent(), 'sanity check' );
301 public function testGetSessionById() {
302 $manager = $this->getManager();
304 $manager->getSessionById( 'bad' );
305 $this->fail( 'Expected exception not thrown' );
306 } catch ( \InvalidArgumentException
$ex ) {
307 $this->assertSame( 'Invalid session ID', $ex->getMessage() );
310 // Unknown session ID
311 $id = $manager->generateSessionId();
312 $session = $manager->getSessionById( $id, true );
313 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
314 $this->assertSame( $id, $session->getId() );
316 $id = $manager->generateSessionId();
317 $this->assertNull( $manager->getSessionById( $id, false ) );
319 // Known but unloadable session ID
320 $this->logger
->setCollect( true );
321 $id = $manager->generateSessionId();
322 $this->store
->setSession( $id, array( 'metadata' => array(
323 'userId' => User
::idFromName( 'UTSysop' ),
324 'userToken' => 'bad',
327 $this->assertNull( $manager->getSessionById( $id, true ) );
328 $this->assertNull( $manager->getSessionById( $id, false ) );
329 $this->logger
->setCollect( false );
332 $this->store
->setSession( $id, array() );
333 $session = $manager->getSessionById( $id, false );
334 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
335 $this->assertSame( $id, $session->getId() );
338 public function testGetEmptySession() {
339 $manager = $this->getManager();
340 $pmanager = \TestingAccessWrapper
::newFromObject( $manager );
341 $request = new \
FauxRequest();
343 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
344 ->setMethods( array( 'provideSessionInfo', 'newSessionInfo', '__toString' ) );
350 $provider1 = $providerBuilder->getMock();
351 $provider1->expects( $this->any() )->method( 'provideSessionInfo' )
352 ->will( $this->returnValue( null ) );
353 $provider1->expects( $this->any() )->method( 'newSessionInfo' )
354 ->with( $this->callback( function ( $id ) use ( &$expectId ) {
355 return $id === $expectId;
357 ->will( $this->returnCallback( function () use ( &$info1 ) {
360 $provider1->expects( $this->any() )->method( '__toString' )
361 ->will( $this->returnValue( 'MockProvider1' ) );
363 $provider2 = $providerBuilder->getMock();
364 $provider2->expects( $this->any() )->method( 'provideSessionInfo' )
365 ->will( $this->returnValue( null ) );
366 $provider2->expects( $this->any() )->method( 'newSessionInfo' )
367 ->with( $this->callback( function ( $id ) use ( &$expectId ) {
368 return $id === $expectId;
370 ->will( $this->returnCallback( function () use ( &$info2 ) {
373 $provider1->expects( $this->any() )->method( '__toString' )
374 ->will( $this->returnValue( 'MockProvider2' ) );
376 $this->config
->set( 'SessionProviders', array(
377 $this->objectCacheDef( $provider1 ),
378 $this->objectCacheDef( $provider2 ),
386 $manager->getEmptySession();
387 $this->fail( 'Expected exception not thrown' );
388 } catch ( \UnexpectedValueException
$ex ) {
390 'No provider could provide an empty session!',
397 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
398 'provider' => $provider1,
399 'id' => 'empty---------------------------',
404 $session = $manager->getEmptySession();
405 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
406 $this->assertSame( 'empty---------------------------', $session->getId() );
409 $expectId = 'expected------------------------';
410 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
411 'provider' => $provider1,
417 $session = $pmanager->getEmptySessionInternal( null, $expectId );
418 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
419 $this->assertSame( $expectId, $session->getId() );
422 $expectId = 'expected-----------------------2';
423 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
424 'provider' => $provider1,
425 'id' => "un$expectId",
431 $pmanager->getEmptySessionInternal( null, $expectId );
432 $this->fail( 'Expected exception not thrown' );
433 } catch ( \UnexpectedValueException
$ex ) {
435 'MockProvider1 returned empty session info with a wrong id: ' .
436 "un$expectId != $expectId",
442 $expectId = 'expected-----------------------2';
443 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
444 'provider' => $provider1,
450 $pmanager->getEmptySessionInternal( null, $expectId );
451 $this->fail( 'Expected exception not thrown' );
452 } catch ( \UnexpectedValueException
$ex ) {
454 'MockProvider1 returned empty session info with id flagged unsafe',
461 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
462 'provider' => $provider2,
463 'id' => 'empty---------------------------',
469 $manager->getEmptySession();
470 $this->fail( 'Expected exception not thrown' );
471 } catch ( \UnexpectedValueException
$ex ) {
473 'MockProvider1 returned an empty session info for a different provider: ' . $info1,
478 // Highest priority wins
480 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, array(
481 'provider' => $provider1,
482 'id' => 'empty1--------------------------',
486 $info2 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
487 'provider' => $provider2,
488 'id' => 'empty2--------------------------',
492 $session = $manager->getEmptySession();
493 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
494 $this->assertSame( 'empty1--------------------------', $session->getId() );
497 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, array(
498 'provider' => $provider1,
499 'id' => 'empty1--------------------------',
503 $info2 = new SessionInfo( SessionInfo
::MIN_PRIORITY +
2, array(
504 'provider' => $provider2,
505 'id' => 'empty2--------------------------',
509 $session = $manager->getEmptySession();
510 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
511 $this->assertSame( 'empty2--------------------------', $session->getId() );
513 // Tied priorities throw an exception
515 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
516 'provider' => $provider1,
517 'id' => 'empty1--------------------------',
519 'userInfo' => UserInfo
::newAnonymous(),
522 $info2 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
523 'provider' => $provider2,
524 'id' => 'empty2--------------------------',
526 'userInfo' => UserInfo
::newAnonymous(),
530 $manager->getEmptySession();
531 $this->fail( 'Expected exception not thrown' );
532 } catch ( \UnexpectedValueException
$ex ) {
533 $this->assertStringStartsWith(
534 'Multiple empty sessions tied for top priority: ',
541 $pmanager->getEmptySessionInternal( null, 'bad' );
542 $this->fail( 'Expected exception not thrown' );
543 } catch ( \InvalidArgumentException
$ex ) {
544 $this->assertSame( 'Invalid session ID', $ex->getMessage() );
547 // Session already exists
548 $expectId = 'expected-----------------------3';
549 $this->store
->setSessionMeta( $expectId, array(
550 'provider' => 'MockProvider2',
556 $pmanager->getEmptySessionInternal( null, $expectId );
557 $this->fail( 'Expected exception not thrown' );
558 } catch ( \InvalidArgumentException
$ex ) {
559 $this->assertSame( 'Session ID already exists', $ex->getMessage() );
563 public function testGetVaryHeaders() {
564 $manager = $this->getManager();
566 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
567 ->setMethods( array( 'getVaryHeaders', '__toString' ) );
569 $provider1 = $providerBuilder->getMock();
570 $provider1->expects( $this->once() )->method( 'getVaryHeaders' )
571 ->will( $this->returnValue( array(
573 'Bar' => array( 'X', 'Bar1' ),
576 $provider1->expects( $this->any() )->method( '__toString' )
577 ->will( $this->returnValue( 'MockProvider1' ) );
579 $provider2 = $providerBuilder->getMock();
580 $provider2->expects( $this->once() )->method( 'getVaryHeaders' )
581 ->will( $this->returnValue( array(
583 'Bar' => array( 'X', 'Bar2' ),
584 'Quux' => array( 'Quux' ),
586 $provider2->expects( $this->any() )->method( '__toString' )
587 ->will( $this->returnValue( 'MockProvider2' ) );
589 $this->config
->set( 'SessionProviders', array(
590 $this->objectCacheDef( $provider1 ),
591 $this->objectCacheDef( $provider2 ),
596 'Bar' => array( 'X', 'Bar1', 3 => 'Bar2' ),
597 'Quux' => array( 'Quux' ),
599 'Quux' => array( 'Quux' ),
602 $this->assertEquals( $expect, $manager->getVaryHeaders() );
604 // Again, to ensure it's cached
605 $this->assertEquals( $expect, $manager->getVaryHeaders() );
608 public function testGetVaryCookies() {
609 $manager = $this->getManager();
611 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
612 ->setMethods( array( 'getVaryCookies', '__toString' ) );
614 $provider1 = $providerBuilder->getMock();
615 $provider1->expects( $this->once() )->method( 'getVaryCookies' )
616 ->will( $this->returnValue( array( 'Foo', 'Bar' ) ) );
617 $provider1->expects( $this->any() )->method( '__toString' )
618 ->will( $this->returnValue( 'MockProvider1' ) );
620 $provider2 = $providerBuilder->getMock();
621 $provider2->expects( $this->once() )->method( 'getVaryCookies' )
622 ->will( $this->returnValue( array( 'Foo', 'Baz' ) ) );
623 $provider2->expects( $this->any() )->method( '__toString' )
624 ->will( $this->returnValue( 'MockProvider2' ) );
626 $this->config
->set( 'SessionProviders', array(
627 $this->objectCacheDef( $provider1 ),
628 $this->objectCacheDef( $provider2 ),
631 $expect = array( 'Foo', 'Bar', 'Baz' );
633 $this->assertEquals( $expect, $manager->getVaryCookies() );
635 // Again, to ensure it's cached
636 $this->assertEquals( $expect, $manager->getVaryCookies() );
639 public function testGetProviders() {
640 $realManager = $this->getManager();
641 $manager = \TestingAccessWrapper
::newFromObject( $realManager );
643 $this->config
->set( 'SessionProviders', array(
644 array( 'class' => 'DummySessionProvider' ),
646 $providers = $manager->getProviders();
647 $this->assertArrayHasKey( 'DummySessionProvider', $providers );
648 $provider = \TestingAccessWrapper
::newFromObject( $providers['DummySessionProvider'] );
649 $this->assertSame( $manager->logger
, $provider->logger
);
650 $this->assertSame( $manager->config
, $provider->config
);
651 $this->assertSame( $realManager, $provider->getManager() );
653 $this->config
->set( 'SessionProviders', array(
654 array( 'class' => 'DummySessionProvider' ),
655 array( 'class' => 'DummySessionProvider' ),
657 $manager->sessionProviders
= null;
659 $manager->getProviders();
660 $this->fail( 'Expected exception not thrown' );
661 } catch ( \UnexpectedValueException
$ex ) {
663 'Duplicate provider name "DummySessionProvider"',
669 public function testShutdown() {
670 $manager = \TestingAccessWrapper
::newFromObject( $this->getManager() );
671 $manager->setLogger( new \Psr\Log\
NullLogger() );
673 $mock = $this->getMock( 'stdClass', array( 'save' ) );
674 $mock->expects( $this->once() )->method( 'save' );
676 $manager->allSessionBackends
= array( $mock );
677 $manager->shutdown();
680 public function testGetSessionFromInfo() {
681 $manager = \TestingAccessWrapper
::newFromObject( $this->getManager() );
682 $request = new \
FauxRequest();
684 $id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
686 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
687 'provider' => $manager->getProvider( 'DummySessionProvider' ),
690 'userInfo' => UserInfo
::newFromName( 'UTSysop', true ),
693 \TestingAccessWrapper
::newFromObject( $info )->idIsSafe
= true;
694 $session1 = \TestingAccessWrapper
::newFromObject(
695 $manager->getSessionFromInfo( $info, $request )
697 $session2 = \TestingAccessWrapper
::newFromObject(
698 $manager->getSessionFromInfo( $info, $request )
701 $this->assertSame( $session1->backend
, $session2->backend
);
702 $this->assertNotEquals( $session1->index
, $session2->index
);
703 $this->assertSame( $session1->getSessionId(), $session2->getSessionId() );
704 $this->assertSame( $id, $session1->getId() );
706 \TestingAccessWrapper
::newFromObject( $info )->idIsSafe
= false;
707 $session3 = $manager->getSessionFromInfo( $info, $request );
708 $this->assertNotSame( $id, $session3->getId() );
711 public function testBackendRegistration() {
712 $manager = $this->getManager();
714 $session = $manager->getSessionForRequest( new \FauxRequest
);
715 $backend = \TestingAccessWrapper
::newFromObject( $session )->backend
;
716 $sessionId = $session->getSessionId();
717 $id = (string)$sessionId;
719 $this->assertSame( $sessionId, $manager->getSessionById( $id, true )->getSessionId() );
721 $manager->changeBackendId( $backend );
722 $this->assertSame( $sessionId, $session->getSessionId() );
723 $this->assertNotEquals( $id, (string)$sessionId );
724 $id = (string)$sessionId;
726 $this->assertSame( $sessionId, $manager->getSessionById( $id, true )->getSessionId() );
728 // Destruction of the session here causes the backend to be deregistered
732 $manager->changeBackendId( $backend );
733 $this->fail( 'Expected exception not thrown' );
734 } catch ( \InvalidArgumentException
$ex ) {
736 'Backend was not registered with this SessionManager', $ex->getMessage()
741 $manager->deregisterSessionBackend( $backend );
742 $this->fail( 'Expected exception not thrown' );
743 } catch ( \InvalidArgumentException
$ex ) {
745 'Backend was not registered with this SessionManager', $ex->getMessage()
749 $session = $manager->getSessionById( $id, true );
750 $this->assertSame( $sessionId, $session->getSessionId() );
753 public function testGenerateSessionId() {
754 $manager = $this->getManager();
756 $id = $manager->generateSessionId();
757 $this->assertTrue( SessionManager
::validateSessionId( $id ), "Generated ID: $id" );
760 public function testAutoCreateUser() {
761 global $wgGroupPermissions;
765 \ObjectCache
::$instances[__METHOD__
] = new TestBagOStuff();
766 $this->setMwGlobals( array( 'wgMainCacheType' => __METHOD__
) );
768 $this->stashMwGlobals( array( 'wgGroupPermissions' ) );
769 $wgGroupPermissions['*']['createaccount'] = true;
770 $wgGroupPermissions['*']['autocreateaccount'] = false;
772 // Replace the global singleton with one configured for testing
773 $manager = $this->getManager();
774 $reset = TestUtils
::setSessionManagerSingleton( $manager );
776 $logger = new \
TestLogger( true, function ( $m ) {
777 if ( substr( $m, 0, 15 ) === 'SessionBackend ' ) {
781 $m = str_replace( 'MediaWiki\Session\SessionManager::autoCreateUser: ', '', $m );
782 $m = preg_replace( '/ - from: .*$/', ' - from: XXX', $m );
785 $manager->setLogger( $logger );
787 $session = SessionManager
::getGlobalSession();
789 // Can't create an already-existing user
790 $user = User
::newFromName( 'UTSysop' );
791 $id = $user->getId();
792 $this->assertFalse( $manager->autoCreateUser( $user ) );
793 $this->assertSame( $id, $user->getId() );
794 $this->assertSame( 'UTSysop', $user->getName() );
795 $this->assertSame( array(), $logger->getBuffer() );
796 $logger->clearBuffer();
798 // Sanity check that creation works at all
799 $user = User
::newFromName( 'UTSessionAutoCreate1' );
800 $this->assertSame( 0, $user->getId(), 'sanity check' );
801 $this->assertTrue( $manager->autoCreateUser( $user ) );
802 $this->assertNotEquals( 0, $user->getId() );
803 $this->assertSame( 'UTSessionAutoCreate1', $user->getName() );
805 $user->getId(), User
::idFromName( 'UTSessionAutoCreate1', User
::READ_LATEST
)
807 $this->assertSame( array(
808 array( LogLevel
::INFO
, 'creating new user (UTSessionAutoCreate1) - from: XXX' ),
809 ), $logger->getBuffer() );
810 $logger->clearBuffer();
812 // Check lack of permissions
813 $wgGroupPermissions['*']['createaccount'] = false;
814 $wgGroupPermissions['*']['autocreateaccount'] = false;
815 $user = User
::newFromName( 'UTDoesNotExist' );
816 $this->assertFalse( $manager->autoCreateUser( $user ) );
817 $this->assertSame( 0, $user->getId() );
818 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
819 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
821 $this->assertSame( array(
822 array( LogLevel
::DEBUG
, 'user is blocked from this wiki, blacklisting' ),
823 ), $logger->getBuffer() );
824 $logger->clearBuffer();
826 // Check other permission
827 $wgGroupPermissions['*']['createaccount'] = false;
828 $wgGroupPermissions['*']['autocreateaccount'] = true;
829 $user = User
::newFromName( 'UTSessionAutoCreate2' );
830 $this->assertSame( 0, $user->getId(), 'sanity check' );
831 $this->assertTrue( $manager->autoCreateUser( $user ) );
832 $this->assertNotEquals( 0, $user->getId() );
833 $this->assertSame( 'UTSessionAutoCreate2', $user->getName() );
835 $user->getId(), User
::idFromName( 'UTSessionAutoCreate2', User
::READ_LATEST
)
837 $this->assertSame( array(
838 array( LogLevel
::INFO
, 'creating new user (UTSessionAutoCreate2) - from: XXX' ),
839 ), $logger->getBuffer() );
840 $logger->clearBuffer();
842 // Test account-creation block
844 $block = new \
Block( array(
845 'address' => $anon->getName(),
847 'reason' => __METHOD__
,
848 'expiry' => time() +
100500,
849 'createAccount' => true,
852 $this->assertInstanceOf( 'Block', $anon->isBlockedFromCreateAccount(), 'sanity check' );
853 $reset2 = new \
ScopedCallback( array( $block, 'delete' ) );
854 $user = User
::newFromName( 'UTDoesNotExist' );
855 $this->assertFalse( $manager->autoCreateUser( $user ) );
856 $this->assertSame( 0, $user->getId() );
857 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
858 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
859 \ScopedCallback
::consume( $reset2 );
861 $this->assertSame( array(
862 array( LogLevel
::DEBUG
, 'user is blocked from this wiki, blacklisting' ),
863 ), $logger->getBuffer() );
864 $logger->clearBuffer();
866 // Sanity check that creation still works
867 $user = User
::newFromName( 'UTSessionAutoCreate3' );
868 $this->assertSame( 0, $user->getId(), 'sanity check' );
869 $this->assertTrue( $manager->autoCreateUser( $user ) );
870 $this->assertNotEquals( 0, $user->getId() );
871 $this->assertSame( 'UTSessionAutoCreate3', $user->getName() );
873 $user->getId(), User
::idFromName( 'UTSessionAutoCreate3', User
::READ_LATEST
)
875 $this->assertSame( array(
876 array( LogLevel
::INFO
, 'creating new user (UTSessionAutoCreate3) - from: XXX' ),
877 ), $logger->getBuffer() );
878 $logger->clearBuffer();
880 // Test prevention by AuthPlugin
882 $oldWgAuth = $wgAuth;
883 $mockWgAuth = $this->getMock( 'AuthPlugin', array( 'autoCreate' ) );
884 $mockWgAuth->expects( $this->once() )->method( 'autoCreate' )
885 ->will( $this->returnValue( false ) );
886 $this->setMwGlobals( array(
887 'wgAuth' => $mockWgAuth,
889 $user = User
::newFromName( 'UTDoesNotExist' );
890 $this->assertFalse( $manager->autoCreateUser( $user ) );
891 $this->assertSame( 0, $user->getId() );
892 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
893 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
894 $this->setMwGlobals( array(
895 'wgAuth' => $oldWgAuth,
898 $this->assertSame( array(
899 array( LogLevel
::DEBUG
, 'denied by AuthPlugin' ),
900 ), $logger->getBuffer() );
901 $logger->clearBuffer();
903 // Test prevention by wfReadOnly()
904 $this->setMwGlobals( array(
905 'wgReadOnly' => 'Because',
907 $user = User
::newFromName( 'UTDoesNotExist' );
908 $this->assertFalse( $manager->autoCreateUser( $user ) );
909 $this->assertSame( 0, $user->getId() );
910 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
911 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
912 $this->setMwGlobals( array(
913 'wgReadOnly' => false,
916 $this->assertSame( array(
917 array( LogLevel
::DEBUG
, 'denied by wfReadOnly()' ),
918 ), $logger->getBuffer() );
919 $logger->clearBuffer();
921 // Test prevention by a previous session
922 $session->set( 'MWSession::AutoCreateBlacklist', 'test' );
923 $user = User
::newFromName( 'UTDoesNotExist' );
924 $this->assertFalse( $manager->autoCreateUser( $user ) );
925 $this->assertSame( 0, $user->getId() );
926 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
927 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
929 $this->assertSame( array(
930 array( LogLevel
::DEBUG
, 'blacklisted in session (test)' ),
931 ), $logger->getBuffer() );
932 $logger->clearBuffer();
934 // Test uncreatable name
935 $user = User
::newFromName( 'UTDoesNotExist@' );
936 $this->assertFalse( $manager->autoCreateUser( $user ) );
937 $this->assertSame( 0, $user->getId() );
938 $this->assertNotSame( 'UTDoesNotExist@', $user->getName() );
939 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
941 $this->assertSame( array(
942 array( LogLevel
::DEBUG
, 'Invalid username, blacklisting' ),
943 ), $logger->getBuffer() );
944 $logger->clearBuffer();
946 // Test AbortAutoAccount hook
947 $mock = $this->getMock( __CLASS__
, array( 'onAbortAutoAccount' ) );
948 $mock->expects( $this->once() )->method( 'onAbortAutoAccount' )
949 ->will( $this->returnCallback( function ( User
$user, &$msg ) {
953 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'AbortAutoAccount' => array( $mock ) ) );
954 $user = User
::newFromName( 'UTDoesNotExist' );
955 $this->assertFalse( $manager->autoCreateUser( $user ) );
956 $this->assertSame( 0, $user->getId() );
957 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
958 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
959 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'AbortAutoAccount' => array() ) );
961 $this->assertSame( array(
962 array( LogLevel
::DEBUG
, 'denied by hook: No way!' ),
963 ), $logger->getBuffer() );
964 $logger->clearBuffer();
966 // Test AbortAutoAccount hook screwing up the name
967 $mock = $this->getMock( 'stdClass', array( 'onAbortAutoAccount' ) );
968 $mock->expects( $this->once() )->method( 'onAbortAutoAccount' )
969 ->will( $this->returnCallback( function ( User
$user ) {
970 $user->setName( 'UTDoesNotExistEither' );
972 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'AbortAutoAccount' => array( $mock ) ) );
974 $user = User
::newFromName( 'UTDoesNotExist' );
975 $manager->autoCreateUser( $user );
976 $this->fail( 'Expected exception not thrown' );
977 } catch ( \UnexpectedValueException
$ex ) {
979 'AbortAutoAccount hook tried to change the user name',
983 $this->assertSame( 0, $user->getId() );
984 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
985 $this->assertNotSame( 'UTDoesNotExistEither', $user->getName() );
986 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
987 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExistEither', User
::READ_LATEST
) );
988 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'AbortAutoAccount' => array() ) );
990 $this->assertSame( array(), $logger->getBuffer() );
991 $logger->clearBuffer();
993 // Test for "exception backoff"
994 $user = User
::newFromName( 'UTDoesNotExist' );
995 $cache = \ObjectCache
::getLocalClusterInstance();
996 $backoffKey = wfMemcKey( 'MWSession', 'autocreate-failed', md5( $user->getName() ) );
997 $cache->set( $backoffKey, 1, 60 * 10 );
998 $this->assertFalse( $manager->autoCreateUser( $user ) );
999 $this->assertSame( 0, $user->getId() );
1000 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
1001 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
1002 $cache->delete( $backoffKey );
1004 $this->assertSame( array(
1005 array( LogLevel
::DEBUG
, 'denied by prior creation attempt failures' ),
1006 ), $logger->getBuffer() );
1007 $logger->clearBuffer();
1009 // Sanity check that creation still works, and test completion hook
1010 $cb = $this->callback( function ( User
$user ) use ( $that ) {
1011 $that->assertNotEquals( 0, $user->getId() );
1012 $that->assertSame( 'UTSessionAutoCreate4', $user->getName() );
1013 $that->assertEquals(
1014 $user->getId(), User
::idFromName( 'UTSessionAutoCreate4', User
::READ_LATEST
)
1018 $mock = $this->getMock( 'stdClass',
1019 array( 'onAuthPluginAutoCreate', 'onLocalUserCreated' ) );
1020 $mock->expects( $this->once() )->method( 'onAuthPluginAutoCreate' )
1022 $mock->expects( $this->once() )->method( 'onLocalUserCreated' )
1023 ->with( $cb, $this->identicalTo( true ) );
1024 $this->mergeMwGlobalArrayValue( 'wgHooks', array(
1025 'AuthPluginAutoCreate' => array( $mock ),
1026 'LocalUserCreated' => array( $mock ),
1028 $user = User
::newFromName( 'UTSessionAutoCreate4' );
1029 $this->assertSame( 0, $user->getId(), 'sanity check' );
1030 $this->assertTrue( $manager->autoCreateUser( $user ) );
1031 $this->assertNotEquals( 0, $user->getId() );
1032 $this->assertSame( 'UTSessionAutoCreate4', $user->getName() );
1033 $this->assertEquals(
1035 User
::idFromName( 'UTSessionAutoCreate4', User
::READ_LATEST
)
1037 $this->mergeMwGlobalArrayValue( 'wgHooks', array(
1038 'AuthPluginAutoCreate' => array(),
1039 'LocalUserCreated' => array(),
1041 $this->assertSame( array(
1042 array( LogLevel
::INFO
, 'creating new user (UTSessionAutoCreate4) - from: XXX' ),
1043 ), $logger->getBuffer() );
1044 $logger->clearBuffer();
1047 public function onAbortAutoAccount( User
$user, &$msg ) {
1050 public function testPreventSessionsForUser() {
1051 $manager = $this->getManager();
1053 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
1054 ->setMethods( array( 'preventSessionsForUser', '__toString' ) );
1056 $provider1 = $providerBuilder->getMock();
1057 $provider1->expects( $this->once() )->method( 'preventSessionsForUser' )
1058 ->with( $this->equalTo( 'UTSysop' ) );
1059 $provider1->expects( $this->any() )->method( '__toString' )
1060 ->will( $this->returnValue( 'MockProvider1' ) );
1062 $this->config
->set( 'SessionProviders', array(
1063 $this->objectCacheDef( $provider1 ),
1066 $user = User
::newFromName( 'UTSysop' );
1067 $token = $user->getToken( true );
1069 $this->assertFalse( $manager->isUserSessionPrevented( 'UTSysop' ) );
1070 $manager->preventSessionsForUser( 'UTSysop' );
1071 $this->assertNotEquals( $token, User
::newFromName( 'UTSysop' )->getToken() );
1072 $this->assertTrue( $manager->isUserSessionPrevented( 'UTSysop' ) );
1075 public function testLoadSessionInfoFromStore() {
1076 $manager = $this->getManager();
1077 $logger = new \
TestLogger( true, function ( $m ) {
1078 return preg_replace(
1079 '/^Session \[\d+\]\w+<(?:null|anon|[+-]:\d+:\w+)>\w+: /', 'Session X: ', $m
1082 $manager->setLogger( $logger );
1083 $request = new \
FauxRequest();
1085 // TestingAccessWrapper can't handle methods with reference arguments, sigh.
1086 $rClass = new \
ReflectionClass( $manager );
1087 $rMethod = $rClass->getMethod( 'loadSessionInfoFromStore' );
1088 $rMethod->setAccessible( true );
1089 $loadSessionInfoFromStore = function ( &$info ) use ( $rMethod, $manager, $request ) {
1090 return $rMethod->invokeArgs( $manager, array( &$info, $request ) );
1093 $userInfo = UserInfo
::newFromName( 'UTSysop', true );
1094 $unverifiedUserInfo = UserInfo
::newFromName( 'UTSysop', false );
1096 $id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
1098 'userId' => $userInfo->getId(),
1099 'userName' => $userInfo->getName(),
1100 'userToken' => $userInfo->getToken( true ),
1101 'provider' => 'Mock',
1104 $builder = $this->getMockBuilder( 'MediaWiki\\Session\\SessionProvider' )
1105 ->setMethods( array( '__toString', 'mergeMetadata', 'refreshSessionInfo' ) );
1107 $provider = $builder->getMockForAbstractClass();
1108 $provider->setManager( $manager );
1109 $provider->expects( $this->any() )->method( 'persistsSessionId' )
1110 ->will( $this->returnValue( true ) );
1111 $provider->expects( $this->any() )->method( 'canChangeUser' )
1112 ->will( $this->returnValue( true ) );
1113 $provider->expects( $this->any() )->method( 'refreshSessionInfo' )
1114 ->will( $this->returnValue( true ) );
1115 $provider->expects( $this->any() )->method( '__toString' )
1116 ->will( $this->returnValue( 'Mock' ) );
1117 $provider->expects( $this->any() )->method( 'mergeMetadata' )
1118 ->will( $this->returnCallback( function ( $a, $b ) {
1119 if ( $b === array( 'Throw' ) ) {
1120 throw new \
UnexpectedValueException( 'no merge!' );
1122 return array( 'Merged' );
1125 $provider2 = $builder->getMockForAbstractClass();
1126 $provider2->setManager( $manager );
1127 $provider2->expects( $this->any() )->method( 'persistsSessionId' )
1128 ->will( $this->returnValue( false ) );
1129 $provider2->expects( $this->any() )->method( 'canChangeUser' )
1130 ->will( $this->returnValue( false ) );
1131 $provider2->expects( $this->any() )->method( '__toString' )
1132 ->will( $this->returnValue( 'Mock2' ) );
1133 $provider2->expects( $this->any() )->method( 'refreshSessionInfo' )
1134 ->will( $this->returnCallback( function ( $info, $request, &$metadata ) {
1135 $metadata['changed'] = true;
1139 $provider3 = $builder->getMockForAbstractClass();
1140 $provider3->setManager( $manager );
1141 $provider3->expects( $this->any() )->method( 'persistsSessionId' )
1142 ->will( $this->returnValue( true ) );
1143 $provider3->expects( $this->any() )->method( 'canChangeUser' )
1144 ->will( $this->returnValue( true ) );
1145 $provider3->expects( $this->once() )->method( 'refreshSessionInfo' )
1146 ->will( $this->returnValue( false ) );
1147 $provider3->expects( $this->any() )->method( '__toString' )
1148 ->will( $this->returnValue( 'Mock3' ) );
1150 \TestingAccessWrapper
::newFromObject( $manager )->sessionProviders
= array(
1151 (string)$provider => $provider,
1152 (string)$provider2 => $provider2,
1153 (string)$provider3 => $provider3,
1156 // No metadata, basic usage
1157 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1158 'provider' => $provider,
1160 'userInfo' => $userInfo
1162 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1163 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1164 $this->assertFalse( $info->isIdSafe() );
1165 $this->assertSame( array(), $logger->getBuffer() );
1167 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1168 'provider' => $provider,
1169 'userInfo' => $userInfo
1171 $this->assertTrue( $info->isIdSafe(), 'sanity check' );
1172 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1173 $this->assertTrue( $info->isIdSafe() );
1174 $this->assertSame( array(), $logger->getBuffer() );
1176 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1177 'provider' => $provider2,
1179 'userInfo' => $userInfo
1181 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1182 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1183 $this->assertTrue( $info->isIdSafe() );
1184 $this->assertSame( array(), $logger->getBuffer() );
1186 // Unverified user, no metadata
1187 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1188 'provider' => $provider,
1190 'userInfo' => $unverifiedUserInfo
1192 $this->assertSame( $unverifiedUserInfo, $info->getUserInfo() );
1193 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1194 $this->assertSame( array(
1195 array( LogLevel
::WARNING
, 'Session X: Unverified user provided and no metadata to auth it' )
1196 ), $logger->getBuffer() );
1197 $logger->clearBuffer();
1199 // No metadata, missing data
1200 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1202 'userInfo' => $userInfo
1204 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1205 $this->assertSame( array(
1206 array( LogLevel
::WARNING
, 'Session X: Null provider and no metadata' ),
1207 ), $logger->getBuffer() );
1208 $logger->clearBuffer();
1210 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1211 'provider' => $provider,
1214 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1215 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1216 $this->assertInstanceOf( 'MediaWiki\\Session\\UserInfo', $info->getUserInfo() );
1217 $this->assertTrue( $info->getUserInfo()->isVerified() );
1218 $this->assertTrue( $info->getUserInfo()->isAnon() );
1219 $this->assertFalse( $info->isIdSafe() );
1220 $this->assertSame( array(), $logger->getBuffer() );
1222 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1223 'provider' => $provider2,
1226 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1227 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1228 $this->assertSame( array(
1229 array( LogLevel
::INFO
, 'Session X: No user provided and provider cannot set user' )
1230 ), $logger->getBuffer() );
1231 $logger->clearBuffer();
1233 // Incomplete/bad metadata
1234 $this->store
->setRawSession( $id, true );
1235 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1236 $this->assertSame( array(
1237 array( LogLevel
::WARNING
, 'Session X: Bad data' ),
1238 ), $logger->getBuffer() );
1239 $logger->clearBuffer();
1241 $this->store
->setRawSession( $id, array( 'data' => array() ) );
1242 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1243 $this->assertSame( array(
1244 array( LogLevel
::WARNING
, 'Session X: Bad data structure' ),
1245 ), $logger->getBuffer() );
1246 $logger->clearBuffer();
1248 $this->store
->deleteSession( $id );
1249 $this->store
->setRawSession( $id, array( 'metadata' => $metadata ) );
1250 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1251 $this->assertSame( array(
1252 array( LogLevel
::WARNING
, 'Session X: Bad data structure' ),
1253 ), $logger->getBuffer() );
1254 $logger->clearBuffer();
1256 $this->store
->setRawSession( $id, array( 'metadata' => $metadata, 'data' => true ) );
1257 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1258 $this->assertSame( array(
1259 array( LogLevel
::WARNING
, 'Session X: Bad data structure' ),
1260 ), $logger->getBuffer() );
1261 $logger->clearBuffer();
1263 $this->store
->setRawSession( $id, array( 'metadata' => true, 'data' => array() ) );
1264 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1265 $this->assertSame( array(
1266 array( LogLevel
::WARNING
, 'Session X: Bad data structure' ),
1267 ), $logger->getBuffer() );
1268 $logger->clearBuffer();
1270 foreach ( $metadata as $key => $dummy ) {
1272 unset( $tmp[$key] );
1273 $this->store
->setRawSession( $id, array( 'metadata' => $tmp, 'data' => array() ) );
1274 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1275 $this->assertSame( array(
1276 array( LogLevel
::WARNING
, 'Session X: Bad metadata' ),
1277 ), $logger->getBuffer() );
1278 $logger->clearBuffer();
1281 // Basic usage with metadata
1282 $this->store
->setRawSession( $id, array( 'metadata' => $metadata, 'data' => array() ) );
1283 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1284 'provider' => $provider,
1286 'userInfo' => $userInfo
1288 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1289 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1290 $this->assertTrue( $info->isIdSafe() );
1291 $this->assertSame( array(), $logger->getBuffer() );
1293 // Mismatched provider
1294 $this->store
->setSessionMeta( $id, array( 'provider' => 'Bad' ) +
$metadata );
1295 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1296 'provider' => $provider,
1298 'userInfo' => $userInfo
1300 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1301 $this->assertSame( array(
1302 array( LogLevel
::WARNING
, 'Session X: Wrong provider, Bad !== Mock' ),
1303 ), $logger->getBuffer() );
1304 $logger->clearBuffer();
1307 $this->store
->setSessionMeta( $id, array( 'provider' => 'Bad' ) +
$metadata );
1308 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1310 'userInfo' => $userInfo
1312 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1313 $this->assertSame( array(
1314 array( LogLevel
::WARNING
, 'Session X: Unknown provider, Bad' ),
1315 ), $logger->getBuffer() );
1316 $logger->clearBuffer();
1319 $this->store
->setSessionMeta( $id, $metadata );
1320 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1322 'userInfo' => $userInfo
1324 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1325 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1326 $this->assertTrue( $info->isIdSafe() );
1327 $this->assertSame( array(), $logger->getBuffer() );
1329 // Bad user metadata
1330 $this->store
->setSessionMeta( $id, array( 'userId' => -1, 'userToken' => null ) +
$metadata );
1331 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1332 'provider' => $provider,
1335 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1336 $this->assertSame( array(
1337 array( LogLevel
::ERROR
, 'Session X: Invalid ID' ),
1338 ), $logger->getBuffer() );
1339 $logger->clearBuffer();
1341 $this->store
->setSessionMeta(
1342 $id, array( 'userId' => 0, 'userName' => '<X>', 'userToken' => null ) +
$metadata
1344 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1345 'provider' => $provider,
1348 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1349 $this->assertSame( array(
1350 array( LogLevel
::ERROR
, 'Session X: Invalid user name' ),
1351 ), $logger->getBuffer() );
1352 $logger->clearBuffer();
1354 // Mismatched user by ID
1355 $this->store
->setSessionMeta(
1356 $id, array( 'userId' => $userInfo->getId() +
1, 'userToken' => null ) +
$metadata
1358 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1359 'provider' => $provider,
1361 'userInfo' => $userInfo
1363 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1364 $this->assertSame( array(
1365 array( LogLevel
::WARNING
, 'Session X: User ID mismatch, 2 !== 1' ),
1366 ), $logger->getBuffer() );
1367 $logger->clearBuffer();
1369 // Mismatched user by name
1370 $this->store
->setSessionMeta(
1371 $id, array( 'userId' => 0, 'userName' => 'X', 'userToken' => null ) +
$metadata
1373 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1374 'provider' => $provider,
1376 'userInfo' => $userInfo
1378 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1379 $this->assertSame( array(
1380 array( LogLevel
::WARNING
, 'Session X: User name mismatch, X !== UTSysop' ),
1381 ), $logger->getBuffer() );
1382 $logger->clearBuffer();
1384 // ID matches, name doesn't
1385 $this->store
->setSessionMeta(
1386 $id, array( 'userId' => $userInfo->getId(), 'userName' => 'X', 'userToken' => null ) +
$metadata
1388 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1389 'provider' => $provider,
1391 'userInfo' => $userInfo
1393 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1394 $this->assertSame( array(
1396 LogLevel
::WARNING
, 'Session X: User ID matched but name didn\'t (rename?), X !== UTSysop'
1398 ), $logger->getBuffer() );
1399 $logger->clearBuffer();
1401 // Mismatched anon user
1402 $this->store
->setSessionMeta(
1403 $id, array( 'userId' => 0, 'userName' => null, 'userToken' => null ) +
$metadata
1405 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1406 'provider' => $provider,
1408 'userInfo' => $userInfo
1410 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1411 $this->assertSame( array(
1413 LogLevel
::WARNING
, 'Session X: Metadata has an anonymous user, but a non-anon user was provided'
1415 ), $logger->getBuffer() );
1416 $logger->clearBuffer();
1418 // Lookup user by ID
1419 $this->store
->setSessionMeta( $id, array( 'userToken' => null ) +
$metadata );
1420 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1421 'provider' => $provider,
1424 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1425 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1426 $this->assertSame( $userInfo->getId(), $info->getUserInfo()->getId() );
1427 $this->assertTrue( $info->isIdSafe() );
1428 $this->assertSame( array(), $logger->getBuffer() );
1430 // Lookup user by name
1431 $this->store
->setSessionMeta(
1432 $id, array( 'userId' => 0, 'userName' => 'UTSysop', 'userToken' => null ) +
$metadata
1434 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1435 'provider' => $provider,
1438 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1439 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1440 $this->assertSame( $userInfo->getId(), $info->getUserInfo()->getId() );
1441 $this->assertTrue( $info->isIdSafe() );
1442 $this->assertSame( array(), $logger->getBuffer() );
1444 // Lookup anonymous user
1445 $this->store
->setSessionMeta(
1446 $id, array( 'userId' => 0, 'userName' => null, 'userToken' => null ) +
$metadata
1448 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1449 'provider' => $provider,
1452 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1453 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1454 $this->assertTrue( $info->getUserInfo()->isAnon() );
1455 $this->assertTrue( $info->isIdSafe() );
1456 $this->assertSame( array(), $logger->getBuffer() );
1458 // Unverified user with metadata
1459 $this->store
->setSessionMeta( $id, $metadata );
1460 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1461 'provider' => $provider,
1463 'userInfo' => $unverifiedUserInfo
1465 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1466 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1467 $this->assertTrue( $info->getUserInfo()->isVerified() );
1468 $this->assertSame( $unverifiedUserInfo->getId(), $info->getUserInfo()->getId() );
1469 $this->assertSame( $unverifiedUserInfo->getName(), $info->getUserInfo()->getName() );
1470 $this->assertTrue( $info->isIdSafe() );
1471 $this->assertSame( array(), $logger->getBuffer() );
1473 // Unverified user with metadata
1474 $this->store
->setSessionMeta( $id, $metadata );
1475 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1476 'provider' => $provider,
1478 'userInfo' => $unverifiedUserInfo
1480 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1481 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1482 $this->assertTrue( $info->getUserInfo()->isVerified() );
1483 $this->assertSame( $unverifiedUserInfo->getId(), $info->getUserInfo()->getId() );
1484 $this->assertSame( $unverifiedUserInfo->getName(), $info->getUserInfo()->getName() );
1485 $this->assertTrue( $info->isIdSafe() );
1486 $this->assertSame( array(), $logger->getBuffer() );
1489 $this->store
->setSessionMeta( $id, array( 'userToken' => 'Bad' ) +
$metadata );
1490 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1491 'provider' => $provider,
1493 'userInfo' => $userInfo
1495 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1496 $this->assertSame( array(
1497 array( LogLevel
::WARNING
, 'Session X: User token mismatch' ),
1498 ), $logger->getBuffer() );
1499 $logger->clearBuffer();
1501 // Provider metadata
1502 $this->store
->setSessionMeta( $id, array( 'provider' => 'Mock2' ) +
$metadata );
1503 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1504 'provider' => $provider2,
1506 'userInfo' => $userInfo,
1507 'metadata' => array( 'Info' ),
1509 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1510 $this->assertSame( array( 'Info', 'changed' => true ), $info->getProviderMetadata() );
1511 $this->assertSame( array(), $logger->getBuffer() );
1513 $this->store
->setSessionMeta( $id, array( 'providerMetadata' => array( 'Saved' ) ) +
$metadata );
1514 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1515 'provider' => $provider,
1517 'userInfo' => $userInfo,
1519 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1520 $this->assertSame( array( 'Saved' ), $info->getProviderMetadata() );
1521 $this->assertSame( array(), $logger->getBuffer() );
1523 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1524 'provider' => $provider,
1526 'userInfo' => $userInfo,
1527 'metadata' => array( 'Info' ),
1529 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1530 $this->assertSame( array( 'Merged' ), $info->getProviderMetadata() );
1531 $this->assertSame( array(), $logger->getBuffer() );
1533 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1534 'provider' => $provider,
1536 'userInfo' => $userInfo,
1537 'metadata' => array( 'Throw' ),
1539 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1540 $this->assertSame( array(
1541 array( LogLevel
::WARNING
, 'Session X: Metadata merge failed: no merge!' ),
1542 ), $logger->getBuffer() );
1543 $logger->clearBuffer();
1545 // Remember from session
1546 $this->store
->setSessionMeta( $id, $metadata );
1547 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1548 'provider' => $provider,
1551 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1552 $this->assertFalse( $info->wasRemembered() );
1553 $this->assertSame( array(), $logger->getBuffer() );
1555 $this->store
->setSessionMeta( $id, array( 'remember' => true ) +
$metadata );
1556 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1557 'provider' => $provider,
1560 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1561 $this->assertTrue( $info->wasRemembered() );
1562 $this->assertSame( array(), $logger->getBuffer() );
1564 $this->store
->setSessionMeta( $id, array( 'remember' => false ) +
$metadata );
1565 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1566 'provider' => $provider,
1568 'userInfo' => $userInfo
1570 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1571 $this->assertTrue( $info->wasRemembered() );
1572 $this->assertSame( array(), $logger->getBuffer() );
1574 // forceHTTPS from session
1575 $this->store
->setSessionMeta( $id, $metadata );
1576 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1577 'provider' => $provider,
1579 'userInfo' => $userInfo
1581 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1582 $this->assertFalse( $info->forceHTTPS() );
1583 $this->assertSame( array(), $logger->getBuffer() );
1585 $this->store
->setSessionMeta( $id, array( 'forceHTTPS' => true ) +
$metadata );
1586 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1587 'provider' => $provider,
1589 'userInfo' => $userInfo
1591 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1592 $this->assertTrue( $info->forceHTTPS() );
1593 $this->assertSame( array(), $logger->getBuffer() );
1595 $this->store
->setSessionMeta( $id, array( 'forceHTTPS' => false ) +
$metadata );
1596 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1597 'provider' => $provider,
1599 'userInfo' => $userInfo,
1600 'forceHTTPS' => true
1602 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1603 $this->assertTrue( $info->forceHTTPS() );
1604 $this->assertSame( array(), $logger->getBuffer() );
1606 // "Persist" flag from session
1607 $this->store
->setSessionMeta( $id, $metadata );
1608 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1609 'provider' => $provider,
1611 'userInfo' => $userInfo
1613 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1614 $this->assertFalse( $info->wasPersisted() );
1615 $this->assertSame( array(), $logger->getBuffer() );
1617 $this->store
->setSessionMeta( $id, array( 'persisted' => true ) +
$metadata );
1618 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1619 'provider' => $provider,
1621 'userInfo' => $userInfo
1623 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1624 $this->assertTrue( $info->wasPersisted() );
1625 $this->assertSame( array(), $logger->getBuffer() );
1627 $this->store
->setSessionMeta( $id, array( 'persisted' => false ) +
$metadata );
1628 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1629 'provider' => $provider,
1631 'userInfo' => $userInfo,
1634 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1635 $this->assertTrue( $info->wasPersisted() );
1636 $this->assertSame( array(), $logger->getBuffer() );
1638 // Provider refreshSessionInfo() returning false
1639 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1640 'provider' => $provider3,
1642 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1643 $this->assertSame( array(), $logger->getBuffer() );
1648 $data = array( 'foo' => 1 );
1649 $this->store
->setSession( $id, array( 'metadata' => $metadata, 'data' => $data ) );
1650 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1651 'provider' => $provider,
1653 'userInfo' => $userInfo
1655 $this->mergeMwGlobalArrayValue( 'wgHooks', array(
1656 'SessionCheckInfo' => array( function ( &$reason, $i, $r, $m, $d ) use (
1657 $that, $info, $metadata, $data, $request, &$called
1659 $that->assertSame( $info->getId(), $i->getId() );
1660 $that->assertSame( $info->getProvider(), $i->getProvider() );
1661 $that->assertSame( $info->getUserInfo(), $i->getUserInfo() );
1662 $that->assertSame( $request, $r );
1663 $that->assertEquals( $metadata, $m );
1664 $that->assertEquals( $data, $d );
1669 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1670 $this->assertTrue( $called );
1671 $this->assertSame( array(
1672 array( LogLevel
::WARNING
, 'Session X: Hook aborted' ),
1673 ), $logger->getBuffer() );
1674 $logger->clearBuffer();