[ 'prefix' => '' ] + $options
);
- $extendedCookies = $this->config->get( 'ExtendedLoginCookies' );
- $extendedExpiry = $this->config->get( 'ExtendedLoginCookieExpiration' );
-
foreach ( $cookies as $key => $value ) {
if ( $value === false ) {
$response->clearCookie( $key, $options );
} else {
- if ( $extendedExpiry !== null && in_array( $key, $extendedCookies ) ) {
- $expiry = time() + (int)$extendedExpiry;
- } else {
- $expiry = 0; // Default cookie expiration
- }
- $response->setCookie( $key, (string)$value, $expiry, $options );
+ $expirationDuration = $this->getLoginCookieExpiration( $key );
+ $expiration = $expirationDuration ? $expirationDuration + time() : null;
+ $response->setCookie( $key, (string)$value, $expiration, $options );
}
}
) {
$response = $request->response();
if ( $set ) {
- $response->setCookie( 'forceHTTPS', 'true', $backend->shouldRememberUser() ? 0 : null,
+ if ( $backend->shouldRememberUser() ) {
+ $expirationDuration = $this->getLoginCookieExpiration( 'forceHTTPS' );
+ $expiration = $expirationDuration ? $expirationDuration + time() : null;
+ } else {
+ $expiration = null;
+ }
+ $response->setCookie( 'forceHTTPS', 'true', $expiration,
[ 'prefix' => '', 'secure' => false ] + $this->cookieOptions );
} else {
$response->clearCookie( 'forceHTTPS',
return wfMessage( 'sessionprovider-nocookies' );
}
+ public function getRememberUserDuration() {
+ return min( $this->getLoginCookieExpiration( 'UserID' ),
+ $this->getLoginCookieExpiration( 'Token' ) ) ?: null;
+ }
+
+ /**
+ * Returns the lifespan of the login cookies, in seconds. 0 means until the end of the session.
+ * @param string $cookieName
+ * @return int Cookie expiration time in seconds; 0 for session cookies
+ */
+ protected function getLoginCookieExpiration( $cookieName ) {
+ $normalExpiration = $this->config->get( 'CookieExpiration' );
+ $extendedExpiration = $this->config->get( 'ExtendedLoginCookieExpiration' );
+ $extendedCookies = $this->config->get( 'ExtendedLoginCookies' );
+
+ if ( !in_array( $cookieName, $extendedCookies, true ) ) {
+ return (int)$normalExpiration;
+ }
+ return ( $extendedExpiration !== null ) ? (int)$extendedExpiration : (int)$normalExpiration;
+ }
}
$options = $this->sessionCookieOptions;
if ( $session->shouldForceHTTPS() || $session->getUser()->requiresHTTPS() ) {
- $response->setCookie( 'forceHTTPS', 'true', $session->shouldRememberUser() ? 0 : null,
+ $response->setCookie( 'forceHTTPS', 'true', null,
[ 'prefix' => '', 'secure' => false ] + $options );
$options['secure'] = true;
}
*/
abstract public function canChangeUser();
+ /**
+ * Returns the duration (in seconds) for which users will be remembered when
+ * Session::setRememberUser() is set. Null means setting the remember flag will
+ * have no effect (and endpoints should not offer that option).
+ * @return int|null
+ */
+ public function getRememberUserDuration() {
+ return null;
+ }
+
/**
* Notification that the session ID was reset
*
class CookieSessionProviderTest extends MediaWikiTestCase {
private function getConfig() {
- global $wgCookieExpiration;
return new \HashConfig( [
'CookiePrefix' => 'CookiePrefix',
'CookiePath' => 'CookiePath',
'CookieSecure' => true,
'CookieHttpOnly' => true,
'SessionName' => false,
+ 'CookieExpiration' => 100,
'ExtendedLoginCookies' => [ 'UserID', 'Token' ],
- 'ExtendedLoginCookieExpiration' => $wgCookieExpiration * 2,
+ 'ExtendedLoginCookieExpiration' => 200,
] );
}
}
public function testPersistSession() {
- $this->setMwGlobals( [ 'wgCookieExpiration' => 100 ] );
-
$provider = new CookieSessionProvider( [
'priority' => 1,
'sessionName' => 'MySessionName',
*/
public function testCookieData( $secure, $remember ) {
$this->setMwGlobals( [
- 'wgCookieExpiration' => 100,
'wgSecureLogin' => false,
] );
$this->assertNull( $provider->getCookie( $request, 'Baz', 'x' ) );
}
+ public function testGetRememberUserDuration() {
+ $config = $this->getConfig();
+ $provider = new CookieSessionProvider( [ 'priority' => 10 ] );
+ $provider->setLogger( new \Psr\Log\NullLogger() );
+ $provider->setConfig( $config );
+ $provider->setManager( SessionManager::singleton() );
+
+ $this->assertSame( 200, $provider->getRememberUserDuration() );
+
+ $config->set( 'ExtendedLoginCookieExpiration', null );
+
+ $this->assertSame( 100, $provider->getRememberUserDuration() );
+
+ $config->set( 'ExtendedLoginCookieExpiration', 0 );
+
+ $this->assertSame( null, $provider->getRememberUserDuration() );
+ }
+
+ public function testGetLoginCookieExpiration() {
+ $config = $this->getConfig();
+ $provider = \TestingAccessWrapper::newFromObject( new CookieSessionProvider( [
+ 'priority' => 10
+ ] ) );
+ $provider->setLogger( new \Psr\Log\NullLogger() );
+ $provider->setConfig( $config );
+ $provider->setManager( SessionManager::singleton() );
+
+ $this->assertSame( 200, $provider->getLoginCookieExpiration( 'Token' ) );
+ $this->assertSame( 100, $provider->getLoginCookieExpiration( 'User' ) );
+
+ $config->set( 'ExtendedLoginCookieExpiration', null );
+
+ $this->assertSame( 100, $provider->getLoginCookieExpiration( 'Token' ) );
+ $this->assertSame( 100, $provider->getLoginCookieExpiration( 'User' ) );
+ }
}
}
$this->assertEquals( [
'value' => 'true',
- 'expire' => $remember ? 100 : null,
+ 'expire' => null,
'path' => 'CookiePath',
'domain' => 'CookieDomain',
'secure' => false,
$this->assertSame( get_class( $provider ), (string)$provider );
+ $this->assertNull( $provider->getRememberUserDuration() );
+
$this->assertNull( $provider->whyNoSession() );
$info = new SessionInfo( SessionInfo::MIN_PRIORITY, [