3 namespace MediaWiki\Session
;
12 * @covers MediaWiki\Session\SessionManager
14 class SessionManagerTest
extends MediaWikiTestCase
{
16 protected $config, $logger, $store;
18 protected function getManager() {
19 \ObjectCache
::$instances['testSessionStore'] = new TestBagOStuff();
20 $this->config
= new \
HashConfig( array(
21 'LanguageCode' => 'en',
22 'SessionCacheType' => 'testSessionStore',
23 'ObjectCacheSessionExpiry' => 100,
24 'SessionProviders' => array(
25 array( 'class' => 'DummySessionProvider' ),
28 $this->logger
= new \
TestLogger( false, function ( $m ) {
29 return substr( $m, 0, 15 ) === 'SessionBackend ' ?
null : $m;
31 $this->store
= new TestBagOStuff();
33 return new SessionManager( array(
34 'config' => $this->config
,
35 'logger' => $this->logger
,
36 'store' => $this->store
,
40 protected function objectCacheDef( $object ) {
41 return array( 'factory' => function () use ( $object ) {
46 public function testSingleton() {
47 $reset = TestUtils
::setSessionManagerSingleton( null );
49 $singleton = SessionManager
::singleton();
50 $this->assertInstanceOf( 'MediaWiki\\Session\\SessionManager', $singleton );
51 $this->assertSame( $singleton, SessionManager
::singleton() );
54 public function testGetGlobalSession() {
55 $context = \RequestContext
::getMain();
57 if ( !PHPSessionHandler
::isInstalled() ) {
58 PHPSessionHandler
::install( SessionManager
::singleton() );
60 $rProp = new \
ReflectionProperty( 'MediaWiki\\Session\\PHPSessionHandler', 'instance' );
61 $rProp->setAccessible( true );
62 $handler = \TestingAccessWrapper
::newFromObject( $rProp->getValue() );
63 $oldEnable = $handler->enable
;
64 $reset[] = new \
ScopedCallback( function () use ( $handler, $oldEnable ) {
65 if ( $handler->enable
) {
66 session_write_close();
68 $handler->enable
= $oldEnable;
70 $reset[] = TestUtils
::setSessionManagerSingleton( $this->getManager() );
72 $handler->enable
= true;
73 $request = new \
FauxRequest();
74 $context->setRequest( $request );
75 $id = $request->getSession()->getId();
78 $session = SessionManager
::getGlobalSession();
79 $this->assertSame( $id, $session->getId() );
81 session_id( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' );
82 $session = SessionManager
::getGlobalSession();
83 $this->assertSame( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', $session->getId() );
84 $this->assertSame( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', $request->getSession()->getId() );
86 session_write_close();
87 $handler->enable
= false;
88 $request = new \
FauxRequest();
89 $context->setRequest( $request );
90 $id = $request->getSession()->getId();
93 $session = SessionManager
::getGlobalSession();
94 $this->assertSame( $id, $session->getId() );
96 session_id( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' );
97 $session = SessionManager
::getGlobalSession();
98 $this->assertSame( $id, $session->getId() );
99 $this->assertSame( $id, $request->getSession()->getId() );
102 public function testConstructor() {
103 $manager = \TestingAccessWrapper
::newFromObject( $this->getManager() );
104 $this->assertSame( $this->config
, $manager->config
);
105 $this->assertSame( $this->logger
, $manager->logger
);
106 $this->assertSame( $this->store
, $manager->permStore
);
108 $manager = \TestingAccessWrapper
::newFromObject( new SessionManager() );
109 $this->assertSame( \RequestContext
::getMain()->getConfig(), $manager->config
);
111 $manager = \TestingAccessWrapper
::newFromObject( new SessionManager( array(
112 'config' => $this->config
,
114 $this->assertSame( \ObjectCache
::$instances['testSessionStore'], $manager->permStore
);
117 'config' => '$options[\'config\'] must be an instance of Config',
118 'logger' => '$options[\'logger\'] must be an instance of LoggerInterface',
119 'store' => '$options[\'store\'] must be an instance of BagOStuff',
120 ) as $key => $error ) {
122 new SessionManager( array( $key => new \stdClass
) );
123 $this->fail( 'Expected exception not thrown' );
124 } catch ( \InvalidArgumentException
$ex ) {
125 $this->assertSame( $error, $ex->getMessage() );
130 public function testGetSessionForRequest() {
131 $manager = $this->getManager();
132 $request = new \
FauxRequest();
136 $idEmpty = 'empty-session-------------------';
138 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
140 array( 'provideSessionInfo', 'newSessionInfo', '__toString', 'describe' )
143 $provider1 = $providerBuilder->getMock();
144 $provider1->expects( $this->any() )->method( 'provideSessionInfo' )
145 ->with( $this->identicalTo( $request ) )
146 ->will( $this->returnCallback( function ( $request ) {
147 return $request->info1
;
149 $provider1->expects( $this->any() )->method( 'newSessionInfo' )
150 ->will( $this->returnCallback( function () use ( $idEmpty, $provider1 ) {
151 return new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
152 'provider' => $provider1,
158 $provider1->expects( $this->any() )->method( '__toString' )
159 ->will( $this->returnValue( 'Provider1' ) );
160 $provider1->expects( $this->any() )->method( 'describe' )
161 ->will( $this->returnValue( '#1 sessions' ) );
163 $provider2 = $providerBuilder->getMock();
164 $provider2->expects( $this->any() )->method( 'provideSessionInfo' )
165 ->with( $this->identicalTo( $request ) )
166 ->will( $this->returnCallback( function ( $request ) {
167 return $request->info2
;
169 $provider2->expects( $this->any() )->method( '__toString' )
170 ->will( $this->returnValue( 'Provider2' ) );
171 $provider2->expects( $this->any() )->method( 'describe' )
172 ->will( $this->returnValue( '#2 sessions' ) );
174 $this->config
->set( 'SessionProviders', array(
175 $this->objectCacheDef( $provider1 ),
176 $this->objectCacheDef( $provider2 ),
179 // No provider returns info
180 $request->info1
= null;
181 $request->info2
= null;
182 $session = $manager->getSessionForRequest( $request );
183 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
184 $this->assertSame( $idEmpty, $session->getId() );
186 // Both providers return info, picks best one
187 $request->info1
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, array(
188 'provider' => $provider1,
189 'id' => ( $id1 = $manager->generateSessionId() ),
193 $request->info2
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
2, array(
194 'provider' => $provider2,
195 'id' => ( $id2 = $manager->generateSessionId() ),
199 $session = $manager->getSessionForRequest( $request );
200 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
201 $this->assertSame( $id2, $session->getId() );
203 $request->info1
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
2, array(
204 'provider' => $provider1,
205 'id' => ( $id1 = $manager->generateSessionId() ),
209 $request->info2
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, array(
210 'provider' => $provider2,
211 'id' => ( $id2 = $manager->generateSessionId() ),
215 $session = $manager->getSessionForRequest( $request );
216 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
217 $this->assertSame( $id1, $session->getId() );
220 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
221 'provider' => $provider1,
222 'id' => ( $id1 = $manager->generateSessionId() ),
224 'userInfo' => UserInfo
::newAnonymous(),
227 $request->info2
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
228 'provider' => $provider2,
229 'id' => ( $id2 = $manager->generateSessionId() ),
231 'userInfo' => UserInfo
::newAnonymous(),
235 $manager->getSessionForRequest( $request );
236 $this->fail( 'Expcected exception not thrown' );
237 } catch ( \OverFlowException
$ex ) {
238 $this->assertStringStartsWith(
239 'Multiple sessions for this request tied for top priority: ',
242 $this->assertCount( 2, $ex->sessionInfos
);
243 $this->assertContains( $request->info1
, $ex->sessionInfos
);
244 $this->assertContains( $request->info2
, $ex->sessionInfos
);
248 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
249 'provider' => $provider2,
250 'id' => ( $id1 = $manager->generateSessionId() ),
254 $request->info2
= null;
256 $manager->getSessionForRequest( $request );
257 $this->fail( 'Expcected exception not thrown' );
258 } catch ( \UnexpectedValueException
$ex ) {
260 'Provider1 returned session info for a different provider: ' . $request->info1
,
265 // Unusable session info
266 $this->logger
->setCollect( true );
267 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
268 'provider' => $provider1,
269 'id' => ( $id1 = $manager->generateSessionId() ),
271 'userInfo' => UserInfo
::newFromName( 'UTSysop', false ),
274 $request->info2
= new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
275 'provider' => $provider2,
276 'id' => ( $id2 = $manager->generateSessionId() ),
280 $session = $manager->getSessionForRequest( $request );
281 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
282 $this->assertSame( $id2, $session->getId() );
283 $this->logger
->setCollect( false );
285 // Unpersisted session ID
286 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, array(
287 'provider' => $provider1,
288 'id' => ( $id1 = $manager->generateSessionId() ),
289 'persisted' => false,
290 'userInfo' => UserInfo
::newFromName( 'UTSysop', true ),
293 $request->info2
= null;
294 $session = $manager->getSessionForRequest( $request );
295 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
296 $this->assertSame( $id1, $session->getId() );
298 $this->assertTrue( $session->isPersistent(), 'sanity check' );
301 public function testGetSessionById() {
302 $manager = $this->getManager();
304 // Disable the in-process cache so our $this->store->setSession() takes effect.
305 \TestingAccessWrapper
::newFromObject( $manager )->tempStore
= new \EmptyBagOStuff
;
308 $manager->getSessionById( 'bad' );
309 $this->fail( 'Expected exception not thrown' );
310 } catch ( \InvalidArgumentException
$ex ) {
311 $this->assertSame( 'Invalid session ID', $ex->getMessage() );
314 // Unknown session ID
315 $id = $manager->generateSessionId();
316 $session = $manager->getSessionById( $id, true );
317 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
318 $this->assertSame( $id, $session->getId() );
320 $id = $manager->generateSessionId();
321 $this->assertNull( $manager->getSessionById( $id, false ) );
323 // Known but unloadable session ID
324 $this->logger
->setCollect( true );
325 $id = $manager->generateSessionId();
326 $this->store
->setSession( $id, array( 'metadata' => array(
327 'userId' => User
::idFromName( 'UTSysop' ),
328 'userToken' => 'bad',
331 $this->assertNull( $manager->getSessionById( $id, true ) );
332 $this->assertNull( $manager->getSessionById( $id, false ) );
333 $this->logger
->setCollect( false );
336 $this->store
->setSession( $id, array() );
337 $session = $manager->getSessionById( $id, false );
338 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
339 $this->assertSame( $id, $session->getId() );
342 public function testGetEmptySession() {
343 $manager = $this->getManager();
344 $pmanager = \TestingAccessWrapper
::newFromObject( $manager );
345 $request = new \
FauxRequest();
347 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
348 ->setMethods( array( 'provideSessionInfo', 'newSessionInfo', '__toString' ) );
354 $provider1 = $providerBuilder->getMock();
355 $provider1->expects( $this->any() )->method( 'provideSessionInfo' )
356 ->will( $this->returnValue( null ) );
357 $provider1->expects( $this->any() )->method( 'newSessionInfo' )
358 ->with( $this->callback( function ( $id ) use ( &$expectId ) {
359 return $id === $expectId;
361 ->will( $this->returnCallback( function () use ( &$info1 ) {
364 $provider1->expects( $this->any() )->method( '__toString' )
365 ->will( $this->returnValue( 'MockProvider1' ) );
367 $provider2 = $providerBuilder->getMock();
368 $provider2->expects( $this->any() )->method( 'provideSessionInfo' )
369 ->will( $this->returnValue( null ) );
370 $provider2->expects( $this->any() )->method( 'newSessionInfo' )
371 ->with( $this->callback( function ( $id ) use ( &$expectId ) {
372 return $id === $expectId;
374 ->will( $this->returnCallback( function () use ( &$info2 ) {
377 $provider1->expects( $this->any() )->method( '__toString' )
378 ->will( $this->returnValue( 'MockProvider2' ) );
380 $this->config
->set( 'SessionProviders', array(
381 $this->objectCacheDef( $provider1 ),
382 $this->objectCacheDef( $provider2 ),
390 $manager->getEmptySession();
391 $this->fail( 'Expected exception not thrown' );
392 } catch ( \UnexpectedValueException
$ex ) {
394 'No provider could provide an empty session!',
401 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
402 'provider' => $provider1,
403 'id' => 'empty---------------------------',
408 $session = $manager->getEmptySession();
409 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
410 $this->assertSame( 'empty---------------------------', $session->getId() );
413 $expectId = 'expected------------------------';
414 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
415 'provider' => $provider1,
421 $session = $pmanager->getEmptySessionInternal( null, $expectId );
422 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
423 $this->assertSame( $expectId, $session->getId() );
426 $expectId = 'expected-----------------------2';
427 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
428 'provider' => $provider1,
429 'id' => "un$expectId",
435 $pmanager->getEmptySessionInternal( null, $expectId );
436 $this->fail( 'Expected exception not thrown' );
437 } catch ( \UnexpectedValueException
$ex ) {
439 'MockProvider1 returned empty session info with a wrong id: ' .
440 "un$expectId != $expectId",
446 $expectId = 'expected-----------------------2';
447 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
448 'provider' => $provider1,
454 $pmanager->getEmptySessionInternal( null, $expectId );
455 $this->fail( 'Expected exception not thrown' );
456 } catch ( \UnexpectedValueException
$ex ) {
458 'MockProvider1 returned empty session info with id flagged unsafe',
465 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
466 'provider' => $provider2,
467 'id' => 'empty---------------------------',
473 $manager->getEmptySession();
474 $this->fail( 'Expected exception not thrown' );
475 } catch ( \UnexpectedValueException
$ex ) {
477 'MockProvider1 returned an empty session info for a different provider: ' . $info1,
482 // Highest priority wins
484 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, array(
485 'provider' => $provider1,
486 'id' => 'empty1--------------------------',
490 $info2 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
491 'provider' => $provider2,
492 'id' => 'empty2--------------------------',
496 $session = $manager->getEmptySession();
497 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
498 $this->assertSame( 'empty1--------------------------', $session->getId() );
501 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, array(
502 'provider' => $provider1,
503 'id' => 'empty1--------------------------',
507 $info2 = new SessionInfo( SessionInfo
::MIN_PRIORITY +
2, array(
508 'provider' => $provider2,
509 'id' => 'empty2--------------------------',
513 $session = $manager->getEmptySession();
514 $this->assertInstanceOf( 'MediaWiki\\Session\\Session', $session );
515 $this->assertSame( 'empty2--------------------------', $session->getId() );
517 // Tied priorities throw an exception
519 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
520 'provider' => $provider1,
521 'id' => 'empty1--------------------------',
523 'userInfo' => UserInfo
::newAnonymous(),
526 $info2 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
527 'provider' => $provider2,
528 'id' => 'empty2--------------------------',
530 'userInfo' => UserInfo
::newAnonymous(),
534 $manager->getEmptySession();
535 $this->fail( 'Expected exception not thrown' );
536 } catch ( \UnexpectedValueException
$ex ) {
537 $this->assertStringStartsWith(
538 'Multiple empty sessions tied for top priority: ',
545 $pmanager->getEmptySessionInternal( null, 'bad' );
546 $this->fail( 'Expected exception not thrown' );
547 } catch ( \InvalidArgumentException
$ex ) {
548 $this->assertSame( 'Invalid session ID', $ex->getMessage() );
551 // Session already exists
552 $expectId = 'expected-----------------------3';
553 $this->store
->setSessionMeta( $expectId, array(
554 'provider' => 'MockProvider2',
560 $pmanager->getEmptySessionInternal( null, $expectId );
561 $this->fail( 'Expected exception not thrown' );
562 } catch ( \InvalidArgumentException
$ex ) {
563 $this->assertSame( 'Session ID already exists', $ex->getMessage() );
567 public function testGetVaryHeaders() {
568 $manager = $this->getManager();
570 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
571 ->setMethods( array( 'getVaryHeaders', '__toString' ) );
573 $provider1 = $providerBuilder->getMock();
574 $provider1->expects( $this->once() )->method( 'getVaryHeaders' )
575 ->will( $this->returnValue( array(
577 'Bar' => array( 'X', 'Bar1' ),
580 $provider1->expects( $this->any() )->method( '__toString' )
581 ->will( $this->returnValue( 'MockProvider1' ) );
583 $provider2 = $providerBuilder->getMock();
584 $provider2->expects( $this->once() )->method( 'getVaryHeaders' )
585 ->will( $this->returnValue( array(
587 'Bar' => array( 'X', 'Bar2' ),
588 'Quux' => array( 'Quux' ),
590 $provider2->expects( $this->any() )->method( '__toString' )
591 ->will( $this->returnValue( 'MockProvider2' ) );
593 $this->config
->set( 'SessionProviders', array(
594 $this->objectCacheDef( $provider1 ),
595 $this->objectCacheDef( $provider2 ),
600 'Bar' => array( 'X', 'Bar1', 3 => 'Bar2' ),
601 'Quux' => array( 'Quux' ),
603 'Quux' => array( 'Quux' ),
606 $this->assertEquals( $expect, $manager->getVaryHeaders() );
608 // Again, to ensure it's cached
609 $this->assertEquals( $expect, $manager->getVaryHeaders() );
612 public function testGetVaryCookies() {
613 $manager = $this->getManager();
615 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
616 ->setMethods( array( 'getVaryCookies', '__toString' ) );
618 $provider1 = $providerBuilder->getMock();
619 $provider1->expects( $this->once() )->method( 'getVaryCookies' )
620 ->will( $this->returnValue( array( 'Foo', 'Bar' ) ) );
621 $provider1->expects( $this->any() )->method( '__toString' )
622 ->will( $this->returnValue( 'MockProvider1' ) );
624 $provider2 = $providerBuilder->getMock();
625 $provider2->expects( $this->once() )->method( 'getVaryCookies' )
626 ->will( $this->returnValue( array( 'Foo', 'Baz' ) ) );
627 $provider2->expects( $this->any() )->method( '__toString' )
628 ->will( $this->returnValue( 'MockProvider2' ) );
630 $this->config
->set( 'SessionProviders', array(
631 $this->objectCacheDef( $provider1 ),
632 $this->objectCacheDef( $provider2 ),
635 $expect = array( 'Foo', 'Bar', 'Baz' );
637 $this->assertEquals( $expect, $manager->getVaryCookies() );
639 // Again, to ensure it's cached
640 $this->assertEquals( $expect, $manager->getVaryCookies() );
643 public function testGetProviders() {
644 $realManager = $this->getManager();
645 $manager = \TestingAccessWrapper
::newFromObject( $realManager );
647 $this->config
->set( 'SessionProviders', array(
648 array( 'class' => 'DummySessionProvider' ),
650 $providers = $manager->getProviders();
651 $this->assertArrayHasKey( 'DummySessionProvider', $providers );
652 $provider = \TestingAccessWrapper
::newFromObject( $providers['DummySessionProvider'] );
653 $this->assertSame( $manager->logger
, $provider->logger
);
654 $this->assertSame( $manager->config
, $provider->config
);
655 $this->assertSame( $realManager, $provider->getManager() );
657 $this->config
->set( 'SessionProviders', array(
658 array( 'class' => 'DummySessionProvider' ),
659 array( 'class' => 'DummySessionProvider' ),
661 $manager->sessionProviders
= null;
663 $manager->getProviders();
664 $this->fail( 'Expected exception not thrown' );
665 } catch ( \UnexpectedValueException
$ex ) {
667 'Duplicate provider name "DummySessionProvider"',
673 public function testShutdown() {
674 $manager = \TestingAccessWrapper
::newFromObject( $this->getManager() );
675 $manager->setLogger( new \Psr\Log\
NullLogger() );
677 $mock = $this->getMock( 'stdClass', array( 'save' ) );
678 $mock->expects( $this->once() )->method( 'save' );
680 $manager->allSessionBackends
= array( $mock );
681 $manager->shutdown();
684 public function testGetSessionFromInfo() {
685 $manager = \TestingAccessWrapper
::newFromObject( $this->getManager() );
686 $request = new \
FauxRequest();
688 $id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
690 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
691 'provider' => $manager->getProvider( 'DummySessionProvider' ),
694 'userInfo' => UserInfo
::newFromName( 'UTSysop', true ),
697 \TestingAccessWrapper
::newFromObject( $info )->idIsSafe
= true;
698 $session1 = \TestingAccessWrapper
::newFromObject(
699 $manager->getSessionFromInfo( $info, $request )
701 $session2 = \TestingAccessWrapper
::newFromObject(
702 $manager->getSessionFromInfo( $info, $request )
705 $this->assertSame( $session1->backend
, $session2->backend
);
706 $this->assertNotEquals( $session1->index
, $session2->index
);
707 $this->assertSame( $session1->getSessionId(), $session2->getSessionId() );
708 $this->assertSame( $id, $session1->getId() );
710 \TestingAccessWrapper
::newFromObject( $info )->idIsSafe
= false;
711 $session3 = $manager->getSessionFromInfo( $info, $request );
712 $this->assertNotSame( $id, $session3->getId() );
715 public function testBackendRegistration() {
716 $manager = $this->getManager();
718 $session = $manager->getSessionForRequest( new \FauxRequest
);
719 $backend = \TestingAccessWrapper
::newFromObject( $session )->backend
;
720 $sessionId = $session->getSessionId();
721 $id = (string)$sessionId;
723 $this->assertSame( $sessionId, $manager->getSessionById( $id, true )->getSessionId() );
725 $manager->changeBackendId( $backend );
726 $this->assertSame( $sessionId, $session->getSessionId() );
727 $this->assertNotEquals( $id, (string)$sessionId );
728 $id = (string)$sessionId;
730 $this->assertSame( $sessionId, $manager->getSessionById( $id, true )->getSessionId() );
732 // Destruction of the session here causes the backend to be deregistered
736 $manager->changeBackendId( $backend );
737 $this->fail( 'Expected exception not thrown' );
738 } catch ( \InvalidArgumentException
$ex ) {
740 'Backend was not registered with this SessionManager', $ex->getMessage()
745 $manager->deregisterSessionBackend( $backend );
746 $this->fail( 'Expected exception not thrown' );
747 } catch ( \InvalidArgumentException
$ex ) {
749 'Backend was not registered with this SessionManager', $ex->getMessage()
753 $session = $manager->getSessionById( $id, true );
754 $this->assertSame( $sessionId, $session->getSessionId() );
757 public function testGenerateSessionId() {
758 $manager = $this->getManager();
760 $id = $manager->generateSessionId();
761 $this->assertTrue( SessionManager
::validateSessionId( $id ), "Generated ID: $id" );
764 public function testAutoCreateUser() {
765 global $wgGroupPermissions;
769 \ObjectCache
::$instances[__METHOD__
] = new \
HashBagOStuff();
770 $this->setMwGlobals( array( 'wgMainCacheType' => __METHOD__
) );
772 $this->stashMwGlobals( array( 'wgGroupPermissions' ) );
773 $wgGroupPermissions['*']['createaccount'] = true;
774 $wgGroupPermissions['*']['autocreateaccount'] = false;
776 // Replace the global singleton with one configured for testing
777 $manager = $this->getManager();
778 $reset = TestUtils
::setSessionManagerSingleton( $manager );
780 $logger = new \
TestLogger( true, function ( $m ) {
781 if ( substr( $m, 0, 15 ) === 'SessionBackend ' ) {
785 $m = str_replace( 'MediaWiki\Session\SessionManager::autoCreateUser: ', '', $m );
786 $m = preg_replace( '/ - from: .*$/', ' - from: XXX', $m );
789 $manager->setLogger( $logger );
791 $session = SessionManager
::getGlobalSession();
793 // Can't create an already-existing user
794 $user = User
::newFromName( 'UTSysop' );
795 $id = $user->getId();
796 $this->assertFalse( $manager->autoCreateUser( $user ) );
797 $this->assertSame( $id, $user->getId() );
798 $this->assertSame( 'UTSysop', $user->getName() );
799 $this->assertSame( array(), $logger->getBuffer() );
800 $logger->clearBuffer();
802 // Sanity check that creation works at all
803 $user = User
::newFromName( 'UTSessionAutoCreate1' );
804 $this->assertSame( 0, $user->getId(), 'sanity check' );
805 $this->assertTrue( $manager->autoCreateUser( $user ) );
806 $this->assertNotEquals( 0, $user->getId() );
807 $this->assertSame( 'UTSessionAutoCreate1', $user->getName() );
809 $user->getId(), User
::idFromName( 'UTSessionAutoCreate1', User
::READ_LATEST
)
811 $this->assertSame( array(
812 array( LogLevel
::INFO
, 'creating new user (UTSessionAutoCreate1) - from: XXX' ),
813 ), $logger->getBuffer() );
814 $logger->clearBuffer();
816 // Check lack of permissions
817 $wgGroupPermissions['*']['createaccount'] = false;
818 $wgGroupPermissions['*']['autocreateaccount'] = false;
819 $user = User
::newFromName( 'UTDoesNotExist' );
820 $this->assertFalse( $manager->autoCreateUser( $user ) );
821 $this->assertSame( 0, $user->getId() );
822 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
823 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
825 $this->assertSame( array(
826 array( LogLevel
::DEBUG
, 'user is blocked from this wiki, blacklisting' ),
827 ), $logger->getBuffer() );
828 $logger->clearBuffer();
830 // Check other permission
831 $wgGroupPermissions['*']['createaccount'] = false;
832 $wgGroupPermissions['*']['autocreateaccount'] = true;
833 $user = User
::newFromName( 'UTSessionAutoCreate2' );
834 $this->assertSame( 0, $user->getId(), 'sanity check' );
835 $this->assertTrue( $manager->autoCreateUser( $user ) );
836 $this->assertNotEquals( 0, $user->getId() );
837 $this->assertSame( 'UTSessionAutoCreate2', $user->getName() );
839 $user->getId(), User
::idFromName( 'UTSessionAutoCreate2', User
::READ_LATEST
)
841 $this->assertSame( array(
842 array( LogLevel
::INFO
, 'creating new user (UTSessionAutoCreate2) - from: XXX' ),
843 ), $logger->getBuffer() );
844 $logger->clearBuffer();
846 // Test account-creation block
848 $block = new \
Block( array(
849 'address' => $anon->getName(),
851 'reason' => __METHOD__
,
852 'expiry' => time() +
100500,
853 'createAccount' => true,
856 $this->assertInstanceOf( 'Block', $anon->isBlockedFromCreateAccount(), 'sanity check' );
857 $reset2 = new \
ScopedCallback( array( $block, 'delete' ) );
858 $user = User
::newFromName( 'UTDoesNotExist' );
859 $this->assertFalse( $manager->autoCreateUser( $user ) );
860 $this->assertSame( 0, $user->getId() );
861 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
862 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
863 \ScopedCallback
::consume( $reset2 );
865 $this->assertSame( array(
866 array( LogLevel
::DEBUG
, 'user is blocked from this wiki, blacklisting' ),
867 ), $logger->getBuffer() );
868 $logger->clearBuffer();
870 // Sanity check that creation still works
871 $user = User
::newFromName( 'UTSessionAutoCreate3' );
872 $this->assertSame( 0, $user->getId(), 'sanity check' );
873 $this->assertTrue( $manager->autoCreateUser( $user ) );
874 $this->assertNotEquals( 0, $user->getId() );
875 $this->assertSame( 'UTSessionAutoCreate3', $user->getName() );
877 $user->getId(), User
::idFromName( 'UTSessionAutoCreate3', User
::READ_LATEST
)
879 $this->assertSame( array(
880 array( LogLevel
::INFO
, 'creating new user (UTSessionAutoCreate3) - from: XXX' ),
881 ), $logger->getBuffer() );
882 $logger->clearBuffer();
884 // Test prevention by AuthPlugin
886 $oldWgAuth = $wgAuth;
887 $mockWgAuth = $this->getMock( 'AuthPlugin', array( 'autoCreate' ) );
888 $mockWgAuth->expects( $this->once() )->method( 'autoCreate' )
889 ->will( $this->returnValue( false ) );
890 $this->setMwGlobals( array(
891 'wgAuth' => $mockWgAuth,
893 $user = User
::newFromName( 'UTDoesNotExist' );
894 $this->assertFalse( $manager->autoCreateUser( $user ) );
895 $this->assertSame( 0, $user->getId() );
896 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
897 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
898 $this->setMwGlobals( array(
899 'wgAuth' => $oldWgAuth,
902 $this->assertSame( array(
903 array( LogLevel
::DEBUG
, 'denied by AuthPlugin' ),
904 ), $logger->getBuffer() );
905 $logger->clearBuffer();
907 // Test prevention by wfReadOnly()
908 $this->setMwGlobals( array(
909 'wgReadOnly' => 'Because',
911 $user = User
::newFromName( 'UTDoesNotExist' );
912 $this->assertFalse( $manager->autoCreateUser( $user ) );
913 $this->assertSame( 0, $user->getId() );
914 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
915 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
916 $this->setMwGlobals( array(
917 'wgReadOnly' => false,
920 $this->assertSame( array(
921 array( LogLevel
::DEBUG
, 'denied by wfReadOnly()' ),
922 ), $logger->getBuffer() );
923 $logger->clearBuffer();
925 // Test prevention by a previous session
926 $session->set( 'MWSession::AutoCreateBlacklist', 'test' );
927 $user = User
::newFromName( 'UTDoesNotExist' );
928 $this->assertFalse( $manager->autoCreateUser( $user ) );
929 $this->assertSame( 0, $user->getId() );
930 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
931 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
933 $this->assertSame( array(
934 array( LogLevel
::DEBUG
, 'blacklisted in session (test)' ),
935 ), $logger->getBuffer() );
936 $logger->clearBuffer();
938 // Test uncreatable name
939 $user = User
::newFromName( 'UTDoesNotExist@' );
940 $this->assertFalse( $manager->autoCreateUser( $user ) );
941 $this->assertSame( 0, $user->getId() );
942 $this->assertNotSame( 'UTDoesNotExist@', $user->getName() );
943 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
945 $this->assertSame( array(
946 array( LogLevel
::DEBUG
, 'Invalid username, blacklisting' ),
947 ), $logger->getBuffer() );
948 $logger->clearBuffer();
950 // Test AbortAutoAccount hook
951 $mock = $this->getMock( __CLASS__
, array( 'onAbortAutoAccount' ) );
952 $mock->expects( $this->once() )->method( 'onAbortAutoAccount' )
953 ->will( $this->returnCallback( function ( User
$user, &$msg ) {
957 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'AbortAutoAccount' => array( $mock ) ) );
958 $user = User
::newFromName( 'UTDoesNotExist' );
959 $this->assertFalse( $manager->autoCreateUser( $user ) );
960 $this->assertSame( 0, $user->getId() );
961 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
962 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
963 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'AbortAutoAccount' => array() ) );
965 $this->assertSame( array(
966 array( LogLevel
::DEBUG
, 'denied by hook: No way!' ),
967 ), $logger->getBuffer() );
968 $logger->clearBuffer();
970 // Test AbortAutoAccount hook screwing up the name
971 $mock = $this->getMock( 'stdClass', array( 'onAbortAutoAccount' ) );
972 $mock->expects( $this->once() )->method( 'onAbortAutoAccount' )
973 ->will( $this->returnCallback( function ( User
$user ) {
974 $user->setName( 'UTDoesNotExistEither' );
976 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'AbortAutoAccount' => array( $mock ) ) );
978 $user = User
::newFromName( 'UTDoesNotExist' );
979 $manager->autoCreateUser( $user );
980 $this->fail( 'Expected exception not thrown' );
981 } catch ( \UnexpectedValueException
$ex ) {
983 'AbortAutoAccount hook tried to change the user name',
987 $this->assertSame( 0, $user->getId() );
988 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
989 $this->assertNotSame( 'UTDoesNotExistEither', $user->getName() );
990 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
991 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExistEither', User
::READ_LATEST
) );
992 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'AbortAutoAccount' => array() ) );
994 $this->assertSame( array(), $logger->getBuffer() );
995 $logger->clearBuffer();
997 // Test for "exception backoff"
998 $user = User
::newFromName( 'UTDoesNotExist' );
999 $cache = \ObjectCache
::getLocalClusterInstance();
1000 $backoffKey = wfMemcKey( 'MWSession', 'autocreate-failed', md5( $user->getName() ) );
1001 $cache->set( $backoffKey, 1, 60 * 10 );
1002 $this->assertFalse( $manager->autoCreateUser( $user ) );
1003 $this->assertSame( 0, $user->getId() );
1004 $this->assertNotSame( 'UTDoesNotExist', $user->getName() );
1005 $this->assertEquals( 0, User
::idFromName( 'UTDoesNotExist', User
::READ_LATEST
) );
1006 $cache->delete( $backoffKey );
1008 $this->assertSame( array(
1009 array( LogLevel
::DEBUG
, 'denied by prior creation attempt failures' ),
1010 ), $logger->getBuffer() );
1011 $logger->clearBuffer();
1013 // Sanity check that creation still works, and test completion hook
1014 $cb = $this->callback( function ( User
$user ) use ( $that ) {
1015 $that->assertNotEquals( 0, $user->getId() );
1016 $that->assertSame( 'UTSessionAutoCreate4', $user->getName() );
1017 $that->assertEquals(
1018 $user->getId(), User
::idFromName( 'UTSessionAutoCreate4', User
::READ_LATEST
)
1022 $mock = $this->getMock( 'stdClass',
1023 array( 'onAuthPluginAutoCreate', 'onLocalUserCreated' ) );
1024 $mock->expects( $this->once() )->method( 'onAuthPluginAutoCreate' )
1026 $mock->expects( $this->once() )->method( 'onLocalUserCreated' )
1027 ->with( $cb, $this->identicalTo( true ) );
1028 $this->mergeMwGlobalArrayValue( 'wgHooks', array(
1029 'AuthPluginAutoCreate' => array( $mock ),
1030 'LocalUserCreated' => array( $mock ),
1032 $user = User
::newFromName( 'UTSessionAutoCreate4' );
1033 $this->assertSame( 0, $user->getId(), 'sanity check' );
1034 $this->assertTrue( $manager->autoCreateUser( $user ) );
1035 $this->assertNotEquals( 0, $user->getId() );
1036 $this->assertSame( 'UTSessionAutoCreate4', $user->getName() );
1037 $this->assertEquals(
1039 User
::idFromName( 'UTSessionAutoCreate4', User
::READ_LATEST
)
1041 $this->mergeMwGlobalArrayValue( 'wgHooks', array(
1042 'AuthPluginAutoCreate' => array(),
1043 'LocalUserCreated' => array(),
1045 $this->assertSame( array(
1046 array( LogLevel
::INFO
, 'creating new user (UTSessionAutoCreate4) - from: XXX' ),
1047 ), $logger->getBuffer() );
1048 $logger->clearBuffer();
1051 public function onAbortAutoAccount( User
$user, &$msg ) {
1054 public function testPreventSessionsForUser() {
1055 $manager = $this->getManager();
1057 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
1058 ->setMethods( array( 'preventSessionsForUser', '__toString' ) );
1060 $provider1 = $providerBuilder->getMock();
1061 $provider1->expects( $this->once() )->method( 'preventSessionsForUser' )
1062 ->with( $this->equalTo( 'UTSysop' ) );
1063 $provider1->expects( $this->any() )->method( '__toString' )
1064 ->will( $this->returnValue( 'MockProvider1' ) );
1066 $this->config
->set( 'SessionProviders', array(
1067 $this->objectCacheDef( $provider1 ),
1070 $this->assertFalse( $manager->isUserSessionPrevented( 'UTSysop' ) );
1071 $manager->preventSessionsForUser( 'UTSysop' );
1072 $this->assertTrue( $manager->isUserSessionPrevented( 'UTSysop' ) );
1075 public function testLoadSessionInfoFromStore() {
1076 $manager = $this->getManager();
1077 $logger = new \
TestLogger( true, function ( $m ) {
1078 return preg_replace(
1079 '/^Session \[\d+\]\w+<(?:null|anon|[+-]:\d+:\w+)>\w+: /', 'Session X: ', $m
1082 $manager->setLogger( $logger );
1083 $request = new \
FauxRequest();
1085 // Disable the in-process cache so our $this->store->setSession() takes effect.
1086 \TestingAccessWrapper
::newFromObject( $manager )->tempStore
= new \EmptyBagOStuff
;
1088 // TestingAccessWrapper can't handle methods with reference arguments, sigh.
1089 $rClass = new \
ReflectionClass( $manager );
1090 $rMethod = $rClass->getMethod( 'loadSessionInfoFromStore' );
1091 $rMethod->setAccessible( true );
1092 $loadSessionInfoFromStore = function ( &$info ) use ( $rMethod, $manager, $request ) {
1093 return $rMethod->invokeArgs( $manager, array( &$info, $request ) );
1096 $userInfo = UserInfo
::newFromName( 'UTSysop', true );
1097 $unverifiedUserInfo = UserInfo
::newFromName( 'UTSysop', false );
1099 $id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
1101 'userId' => $userInfo->getId(),
1102 'userName' => $userInfo->getName(),
1103 'userToken' => $userInfo->getToken( true ),
1104 'provider' => 'Mock',
1107 $builder = $this->getMockBuilder( 'MediaWiki\\Session\\SessionProvider' )
1108 ->setMethods( array( '__toString', 'mergeMetadata', 'refreshSessionInfo' ) );
1110 $provider = $builder->getMockForAbstractClass();
1111 $provider->setManager( $manager );
1112 $provider->expects( $this->any() )->method( 'persistsSessionId' )
1113 ->will( $this->returnValue( true ) );
1114 $provider->expects( $this->any() )->method( 'canChangeUser' )
1115 ->will( $this->returnValue( true ) );
1116 $provider->expects( $this->any() )->method( 'refreshSessionInfo' )
1117 ->will( $this->returnValue( true ) );
1118 $provider->expects( $this->any() )->method( '__toString' )
1119 ->will( $this->returnValue( 'Mock' ) );
1120 $provider->expects( $this->any() )->method( 'mergeMetadata' )
1121 ->will( $this->returnCallback( function ( $a, $b ) {
1122 if ( $b === array( 'Throw' ) ) {
1123 throw new \
UnexpectedValueException( 'no merge!' );
1125 return array( 'Merged' );
1128 $provider2 = $builder->getMockForAbstractClass();
1129 $provider2->setManager( $manager );
1130 $provider2->expects( $this->any() )->method( 'persistsSessionId' )
1131 ->will( $this->returnValue( false ) );
1132 $provider2->expects( $this->any() )->method( 'canChangeUser' )
1133 ->will( $this->returnValue( false ) );
1134 $provider2->expects( $this->any() )->method( '__toString' )
1135 ->will( $this->returnValue( 'Mock2' ) );
1136 $provider2->expects( $this->any() )->method( 'refreshSessionInfo' )
1137 ->will( $this->returnCallback( function ( $info, $request, &$metadata ) {
1138 $metadata['changed'] = true;
1142 $provider3 = $builder->getMockForAbstractClass();
1143 $provider3->setManager( $manager );
1144 $provider3->expects( $this->any() )->method( 'persistsSessionId' )
1145 ->will( $this->returnValue( true ) );
1146 $provider3->expects( $this->any() )->method( 'canChangeUser' )
1147 ->will( $this->returnValue( true ) );
1148 $provider3->expects( $this->once() )->method( 'refreshSessionInfo' )
1149 ->will( $this->returnValue( false ) );
1150 $provider3->expects( $this->any() )->method( '__toString' )
1151 ->will( $this->returnValue( 'Mock3' ) );
1153 \TestingAccessWrapper
::newFromObject( $manager )->sessionProviders
= array(
1154 (string)$provider => $provider,
1155 (string)$provider2 => $provider2,
1156 (string)$provider3 => $provider3,
1159 // No metadata, basic usage
1160 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1161 'provider' => $provider,
1163 'userInfo' => $userInfo
1165 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1166 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1167 $this->assertFalse( $info->isIdSafe() );
1168 $this->assertSame( array(), $logger->getBuffer() );
1170 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1171 'provider' => $provider,
1172 'userInfo' => $userInfo
1174 $this->assertTrue( $info->isIdSafe(), 'sanity check' );
1175 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1176 $this->assertTrue( $info->isIdSafe() );
1177 $this->assertSame( array(), $logger->getBuffer() );
1179 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1180 'provider' => $provider2,
1182 'userInfo' => $userInfo
1184 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1185 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1186 $this->assertTrue( $info->isIdSafe() );
1187 $this->assertSame( array(), $logger->getBuffer() );
1189 // Unverified user, no metadata
1190 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1191 'provider' => $provider,
1193 'userInfo' => $unverifiedUserInfo
1195 $this->assertSame( $unverifiedUserInfo, $info->getUserInfo() );
1196 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1197 $this->assertSame( array(
1198 array( LogLevel
::WARNING
, 'Session X: Unverified user provided and no metadata to auth it' )
1199 ), $logger->getBuffer() );
1200 $logger->clearBuffer();
1202 // No metadata, missing data
1203 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1205 'userInfo' => $userInfo
1207 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1208 $this->assertSame( array(
1209 array( LogLevel
::WARNING
, 'Session X: Null provider and no metadata' ),
1210 ), $logger->getBuffer() );
1211 $logger->clearBuffer();
1213 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1214 'provider' => $provider,
1217 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1218 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1219 $this->assertInstanceOf( 'MediaWiki\\Session\\UserInfo', $info->getUserInfo() );
1220 $this->assertTrue( $info->getUserInfo()->isVerified() );
1221 $this->assertTrue( $info->getUserInfo()->isAnon() );
1222 $this->assertFalse( $info->isIdSafe() );
1223 $this->assertSame( array(), $logger->getBuffer() );
1225 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1226 'provider' => $provider2,
1229 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1230 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1231 $this->assertSame( array(
1232 array( LogLevel
::INFO
, 'Session X: No user provided and provider cannot set user' )
1233 ), $logger->getBuffer() );
1234 $logger->clearBuffer();
1236 // Incomplete/bad metadata
1237 $this->store
->setRawSession( $id, true );
1238 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1239 $this->assertSame( array(
1240 array( LogLevel
::WARNING
, 'Session X: Bad data' ),
1241 ), $logger->getBuffer() );
1242 $logger->clearBuffer();
1244 $this->store
->setRawSession( $id, array( 'data' => array() ) );
1245 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1246 $this->assertSame( array(
1247 array( LogLevel
::WARNING
, 'Session X: Bad data structure' ),
1248 ), $logger->getBuffer() );
1249 $logger->clearBuffer();
1251 $this->store
->deleteSession( $id );
1252 $this->store
->setRawSession( $id, array( 'metadata' => $metadata ) );
1253 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1254 $this->assertSame( array(
1255 array( LogLevel
::WARNING
, 'Session X: Bad data structure' ),
1256 ), $logger->getBuffer() );
1257 $logger->clearBuffer();
1259 $this->store
->setRawSession( $id, array( 'metadata' => $metadata, 'data' => true ) );
1260 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1261 $this->assertSame( array(
1262 array( LogLevel
::WARNING
, 'Session X: Bad data structure' ),
1263 ), $logger->getBuffer() );
1264 $logger->clearBuffer();
1266 $this->store
->setRawSession( $id, array( 'metadata' => true, 'data' => array() ) );
1267 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1268 $this->assertSame( array(
1269 array( LogLevel
::WARNING
, 'Session X: Bad data structure' ),
1270 ), $logger->getBuffer() );
1271 $logger->clearBuffer();
1273 foreach ( $metadata as $key => $dummy ) {
1275 unset( $tmp[$key] );
1276 $this->store
->setRawSession( $id, array( 'metadata' => $tmp, 'data' => array() ) );
1277 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1278 $this->assertSame( array(
1279 array( LogLevel
::WARNING
, 'Session X: Bad metadata' ),
1280 ), $logger->getBuffer() );
1281 $logger->clearBuffer();
1284 // Basic usage with metadata
1285 $this->store
->setRawSession( $id, array( 'metadata' => $metadata, 'data' => array() ) );
1286 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1287 'provider' => $provider,
1289 'userInfo' => $userInfo
1291 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1292 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1293 $this->assertTrue( $info->isIdSafe() );
1294 $this->assertSame( array(), $logger->getBuffer() );
1296 // Mismatched provider
1297 $this->store
->setSessionMeta( $id, array( 'provider' => 'Bad' ) +
$metadata );
1298 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1299 'provider' => $provider,
1301 'userInfo' => $userInfo
1303 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1304 $this->assertSame( array(
1305 array( LogLevel
::WARNING
, 'Session X: Wrong provider, Bad !== Mock' ),
1306 ), $logger->getBuffer() );
1307 $logger->clearBuffer();
1310 $this->store
->setSessionMeta( $id, array( 'provider' => 'Bad' ) +
$metadata );
1311 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1313 'userInfo' => $userInfo
1315 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1316 $this->assertSame( array(
1317 array( LogLevel
::WARNING
, 'Session X: Unknown provider, Bad' ),
1318 ), $logger->getBuffer() );
1319 $logger->clearBuffer();
1322 $this->store
->setSessionMeta( $id, $metadata );
1323 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1325 'userInfo' => $userInfo
1327 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1328 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1329 $this->assertTrue( $info->isIdSafe() );
1330 $this->assertSame( array(), $logger->getBuffer() );
1332 // Bad user metadata
1333 $this->store
->setSessionMeta( $id, array( 'userId' => -1, 'userToken' => null ) +
$metadata );
1334 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1335 'provider' => $provider,
1338 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1339 $this->assertSame( array(
1340 array( LogLevel
::ERROR
, 'Session X: Invalid ID' ),
1341 ), $logger->getBuffer() );
1342 $logger->clearBuffer();
1344 $this->store
->setSessionMeta(
1345 $id, array( 'userId' => 0, 'userName' => '<X>', 'userToken' => null ) +
$metadata
1347 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1348 'provider' => $provider,
1351 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1352 $this->assertSame( array(
1353 array( LogLevel
::ERROR
, 'Session X: Invalid user name' ),
1354 ), $logger->getBuffer() );
1355 $logger->clearBuffer();
1357 // Mismatched user by ID
1358 $this->store
->setSessionMeta(
1359 $id, array( 'userId' => $userInfo->getId() +
1, 'userToken' => null ) +
$metadata
1361 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1362 'provider' => $provider,
1364 'userInfo' => $userInfo
1366 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1367 $this->assertSame( array(
1368 array( LogLevel
::WARNING
, 'Session X: User ID mismatch, 2 !== 1' ),
1369 ), $logger->getBuffer() );
1370 $logger->clearBuffer();
1372 // Mismatched user by name
1373 $this->store
->setSessionMeta(
1374 $id, array( 'userId' => 0, 'userName' => 'X', 'userToken' => null ) +
$metadata
1376 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1377 'provider' => $provider,
1379 'userInfo' => $userInfo
1381 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1382 $this->assertSame( array(
1383 array( LogLevel
::WARNING
, 'Session X: User name mismatch, X !== UTSysop' ),
1384 ), $logger->getBuffer() );
1385 $logger->clearBuffer();
1387 // ID matches, name doesn't
1388 $this->store
->setSessionMeta(
1389 $id, array( 'userId' => $userInfo->getId(), 'userName' => 'X', 'userToken' => null ) +
$metadata
1391 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1392 'provider' => $provider,
1394 'userInfo' => $userInfo
1396 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1397 $this->assertSame( array(
1399 LogLevel
::WARNING
, 'Session X: User ID matched but name didn\'t (rename?), X !== UTSysop'
1401 ), $logger->getBuffer() );
1402 $logger->clearBuffer();
1404 // Mismatched anon user
1405 $this->store
->setSessionMeta(
1406 $id, array( 'userId' => 0, 'userName' => null, 'userToken' => null ) +
$metadata
1408 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1409 'provider' => $provider,
1411 'userInfo' => $userInfo
1413 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1414 $this->assertSame( array(
1416 LogLevel
::WARNING
, 'Session X: Metadata has an anonymous user, but a non-anon user was provided'
1418 ), $logger->getBuffer() );
1419 $logger->clearBuffer();
1421 // Lookup user by ID
1422 $this->store
->setSessionMeta( $id, array( 'userToken' => null ) +
$metadata );
1423 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1424 'provider' => $provider,
1427 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1428 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1429 $this->assertSame( $userInfo->getId(), $info->getUserInfo()->getId() );
1430 $this->assertTrue( $info->isIdSafe() );
1431 $this->assertSame( array(), $logger->getBuffer() );
1433 // Lookup user by name
1434 $this->store
->setSessionMeta(
1435 $id, array( 'userId' => 0, 'userName' => 'UTSysop', 'userToken' => null ) +
$metadata
1437 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1438 'provider' => $provider,
1441 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1442 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1443 $this->assertSame( $userInfo->getId(), $info->getUserInfo()->getId() );
1444 $this->assertTrue( $info->isIdSafe() );
1445 $this->assertSame( array(), $logger->getBuffer() );
1447 // Lookup anonymous user
1448 $this->store
->setSessionMeta(
1449 $id, array( 'userId' => 0, 'userName' => null, 'userToken' => null ) +
$metadata
1451 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1452 'provider' => $provider,
1455 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1456 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1457 $this->assertTrue( $info->getUserInfo()->isAnon() );
1458 $this->assertTrue( $info->isIdSafe() );
1459 $this->assertSame( array(), $logger->getBuffer() );
1461 // Unverified user with metadata
1462 $this->store
->setSessionMeta( $id, $metadata );
1463 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1464 'provider' => $provider,
1466 'userInfo' => $unverifiedUserInfo
1468 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1469 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1470 $this->assertTrue( $info->getUserInfo()->isVerified() );
1471 $this->assertSame( $unverifiedUserInfo->getId(), $info->getUserInfo()->getId() );
1472 $this->assertSame( $unverifiedUserInfo->getName(), $info->getUserInfo()->getName() );
1473 $this->assertTrue( $info->isIdSafe() );
1474 $this->assertSame( array(), $logger->getBuffer() );
1476 // Unverified user with metadata
1477 $this->store
->setSessionMeta( $id, $metadata );
1478 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1479 'provider' => $provider,
1481 'userInfo' => $unverifiedUserInfo
1483 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1484 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1485 $this->assertTrue( $info->getUserInfo()->isVerified() );
1486 $this->assertSame( $unverifiedUserInfo->getId(), $info->getUserInfo()->getId() );
1487 $this->assertSame( $unverifiedUserInfo->getName(), $info->getUserInfo()->getName() );
1488 $this->assertTrue( $info->isIdSafe() );
1489 $this->assertSame( array(), $logger->getBuffer() );
1492 $this->store
->setSessionMeta( $id, array( 'userToken' => 'Bad' ) +
$metadata );
1493 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1494 'provider' => $provider,
1496 'userInfo' => $userInfo
1498 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1499 $this->assertSame( array(
1500 array( LogLevel
::WARNING
, 'Session X: User token mismatch' ),
1501 ), $logger->getBuffer() );
1502 $logger->clearBuffer();
1504 // Provider metadata
1505 $this->store
->setSessionMeta( $id, array( 'provider' => 'Mock2' ) +
$metadata );
1506 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1507 'provider' => $provider2,
1509 'userInfo' => $userInfo,
1510 'metadata' => array( 'Info' ),
1512 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1513 $this->assertSame( array( 'Info', 'changed' => true ), $info->getProviderMetadata() );
1514 $this->assertSame( array(), $logger->getBuffer() );
1516 $this->store
->setSessionMeta( $id, array( 'providerMetadata' => array( 'Saved' ) ) +
$metadata );
1517 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1518 'provider' => $provider,
1520 'userInfo' => $userInfo,
1522 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1523 $this->assertSame( array( 'Saved' ), $info->getProviderMetadata() );
1524 $this->assertSame( array(), $logger->getBuffer() );
1526 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1527 'provider' => $provider,
1529 'userInfo' => $userInfo,
1530 'metadata' => array( 'Info' ),
1532 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1533 $this->assertSame( array( 'Merged' ), $info->getProviderMetadata() );
1534 $this->assertSame( array(), $logger->getBuffer() );
1536 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1537 'provider' => $provider,
1539 'userInfo' => $userInfo,
1540 'metadata' => array( 'Throw' ),
1542 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1543 $this->assertSame( array(
1544 array( LogLevel
::WARNING
, 'Session X: Metadata merge failed: no merge!' ),
1545 ), $logger->getBuffer() );
1546 $logger->clearBuffer();
1548 // Remember from session
1549 $this->store
->setSessionMeta( $id, $metadata );
1550 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1551 'provider' => $provider,
1554 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1555 $this->assertFalse( $info->wasRemembered() );
1556 $this->assertSame( array(), $logger->getBuffer() );
1558 $this->store
->setSessionMeta( $id, array( 'remember' => true ) +
$metadata );
1559 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1560 'provider' => $provider,
1563 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1564 $this->assertTrue( $info->wasRemembered() );
1565 $this->assertSame( array(), $logger->getBuffer() );
1567 $this->store
->setSessionMeta( $id, array( 'remember' => false ) +
$metadata );
1568 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1569 'provider' => $provider,
1571 'userInfo' => $userInfo
1573 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1574 $this->assertTrue( $info->wasRemembered() );
1575 $this->assertSame( array(), $logger->getBuffer() );
1577 // forceHTTPS from session
1578 $this->store
->setSessionMeta( $id, $metadata );
1579 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1580 'provider' => $provider,
1582 'userInfo' => $userInfo
1584 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1585 $this->assertFalse( $info->forceHTTPS() );
1586 $this->assertSame( array(), $logger->getBuffer() );
1588 $this->store
->setSessionMeta( $id, array( 'forceHTTPS' => true ) +
$metadata );
1589 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1590 'provider' => $provider,
1592 'userInfo' => $userInfo
1594 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1595 $this->assertTrue( $info->forceHTTPS() );
1596 $this->assertSame( array(), $logger->getBuffer() );
1598 $this->store
->setSessionMeta( $id, array( 'forceHTTPS' => false ) +
$metadata );
1599 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1600 'provider' => $provider,
1602 'userInfo' => $userInfo,
1603 'forceHTTPS' => true
1605 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1606 $this->assertTrue( $info->forceHTTPS() );
1607 $this->assertSame( array(), $logger->getBuffer() );
1609 // "Persist" flag from session
1610 $this->store
->setSessionMeta( $id, $metadata );
1611 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1612 'provider' => $provider,
1614 'userInfo' => $userInfo
1616 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1617 $this->assertFalse( $info->wasPersisted() );
1618 $this->assertSame( array(), $logger->getBuffer() );
1620 $this->store
->setSessionMeta( $id, array( 'persisted' => true ) +
$metadata );
1621 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1622 'provider' => $provider,
1624 'userInfo' => $userInfo
1626 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1627 $this->assertTrue( $info->wasPersisted() );
1628 $this->assertSame( array(), $logger->getBuffer() );
1630 $this->store
->setSessionMeta( $id, array( 'persisted' => false ) +
$metadata );
1631 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1632 'provider' => $provider,
1634 'userInfo' => $userInfo,
1637 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1638 $this->assertTrue( $info->wasPersisted() );
1639 $this->assertSame( array(), $logger->getBuffer() );
1641 // Provider refreshSessionInfo() returning false
1642 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1643 'provider' => $provider3,
1645 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1646 $this->assertSame( array(), $logger->getBuffer() );
1651 $data = array( 'foo' => 1 );
1652 $this->store
->setSession( $id, array( 'metadata' => $metadata, 'data' => $data ) );
1653 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
1654 'provider' => $provider,
1656 'userInfo' => $userInfo
1658 $this->mergeMwGlobalArrayValue( 'wgHooks', array(
1659 'SessionCheckInfo' => array( function ( &$reason, $i, $r, $m, $d ) use (
1660 $that, $info, $metadata, $data, $request, &$called
1662 $that->assertSame( $info->getId(), $i->getId() );
1663 $that->assertSame( $info->getProvider(), $i->getProvider() );
1664 $that->assertSame( $info->getUserInfo(), $i->getUserInfo() );
1665 $that->assertSame( $request, $r );
1666 $that->assertEquals( $metadata, $m );
1667 $that->assertEquals( $data, $d );
1672 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1673 $this->assertTrue( $called );
1674 $this->assertSame( array(
1675 array( LogLevel
::WARNING
, 'Session X: Hook aborted' ),
1676 ), $logger->getBuffer() );
1677 $logger->clearBuffer();