3 namespace MediaWiki\Session
;
12 * @covers MediaWiki\Session\CookieSessionProvider
14 class CookieSessionProviderTest
extends MediaWikiTestCase
{
16 private function getConfig() {
17 global $wgCookieExpiration;
18 return new \
HashConfig( array(
19 'CookiePrefix' => 'CookiePrefix',
20 'CookiePath' => 'CookiePath',
21 'CookieDomain' => 'CookieDomain',
22 'CookieSecure' => true,
23 'CookieHttpOnly' => true,
24 'SessionName' => false,
25 'ExtendedLoginCookies' => array( 'UserID', 'Token' ),
26 'ExtendedLoginCookieExpiration' => $wgCookieExpiration * 2,
30 public function testConstructor() {
32 new CookieSessionProvider();
33 $this->fail( 'Expected exception not thrown' );
34 } catch ( \InvalidArgumentException
$ex ) {
36 'MediaWiki\\Session\\CookieSessionProvider::__construct: priority must be specified',
42 new CookieSessionProvider( array( 'priority' => 'foo' ) );
43 $this->fail( 'Expected exception not thrown' );
44 } catch ( \InvalidArgumentException
$ex ) {
46 'MediaWiki\\Session\\CookieSessionProvider::__construct: Invalid priority',
51 new CookieSessionProvider( array( 'priority' => SessionInfo
::MIN_PRIORITY
- 1 ) );
52 $this->fail( 'Expected exception not thrown' );
53 } catch ( \InvalidArgumentException
$ex ) {
55 'MediaWiki\\Session\\CookieSessionProvider::__construct: Invalid priority',
60 new CookieSessionProvider( array( 'priority' => SessionInfo
::MAX_PRIORITY +
1 ) );
61 $this->fail( 'Expected exception not thrown' );
62 } catch ( \InvalidArgumentException
$ex ) {
64 'MediaWiki\\Session\\CookieSessionProvider::__construct: Invalid priority',
70 new CookieSessionProvider( array( 'priority' => 1, 'cookieOptions' => null ) );
71 $this->fail( 'Expected exception not thrown' );
72 } catch ( \InvalidArgumentException
$ex ) {
74 'MediaWiki\\Session\\CookieSessionProvider::__construct: cookieOptions must be an array',
79 $config = $this->getConfig();
80 $p = \TestingAccessWrapper
::newFromObject(
81 new CookieSessionProvider( array( 'priority' => 1 ) )
83 $p->setLogger( new \
TestLogger() );
84 $p->setConfig( $config );
85 $this->assertEquals( 1, $p->priority
);
86 $this->assertEquals( array(
87 'callUserSetCookiesHook' => false,
88 'sessionName' => 'CookiePrefix_session',
90 $this->assertEquals( array(
91 'prefix' => 'CookiePrefix',
92 'path' => 'CookiePath',
93 'domain' => 'CookieDomain',
96 ), $p->cookieOptions
);
98 $config->set( 'SessionName', 'SessionName' );
99 $p = \TestingAccessWrapper
::newFromObject(
100 new CookieSessionProvider( array( 'priority' => 3 ) )
102 $p->setLogger( new \
TestLogger() );
103 $p->setConfig( $config );
104 $this->assertEquals( 3, $p->priority
);
105 $this->assertEquals( array(
106 'callUserSetCookiesHook' => false,
107 'sessionName' => 'SessionName',
109 $this->assertEquals( array(
110 'prefix' => 'CookiePrefix',
111 'path' => 'CookiePath',
112 'domain' => 'CookieDomain',
115 ), $p->cookieOptions
);
117 $p = \TestingAccessWrapper
::newFromObject( new CookieSessionProvider( array(
119 'callUserSetCookiesHook' => true,
120 'cookieOptions' => array(
121 'prefix' => 'XPrefix',
123 'domain' => 'XDomain',
124 'secure' => 'XSecure',
125 'httpOnly' => 'XHttpOnly',
127 'sessionName' => 'XSession',
129 $p->setLogger( new \
TestLogger() );
130 $p->setConfig( $config );
131 $this->assertEquals( 10, $p->priority
);
132 $this->assertEquals( array(
133 'callUserSetCookiesHook' => true,
134 'sessionName' => 'XSession',
136 $this->assertEquals( array(
137 'prefix' => 'XPrefix',
139 'domain' => 'XDomain',
140 'secure' => 'XSecure',
141 'httpOnly' => 'XHttpOnly',
142 ), $p->cookieOptions
);
145 public function testBasics() {
146 $provider = new CookieSessionProvider( array( 'priority' => 10 ) );
148 $this->assertTrue( $provider->persistsSessionID() );
149 $this->assertTrue( $provider->canChangeUser() );
151 $msg = $provider->whyNoSession();
152 $this->assertInstanceOf( 'Message', $msg );
153 $this->assertSame( 'sessionprovider-nocookies', $msg->getKey() );
156 public function testProvideSessionInfo() {
159 'sessionName' => 'session',
160 'cookieOptions' => array( 'prefix' => 'x' ),
162 $provider = new CookieSessionProvider( $params );
163 $logger = new \
TestLogger( true );
164 $provider->setLogger( $logger );
165 $provider->setConfig( $this->getConfig() );
166 $provider->setManager( new SessionManager() );
168 $user = User
::newFromName( 'UTSysop' );
169 $id = $user->getId();
170 $name = $user->getName();
171 $token = $user->getToken( true );
173 $sessionId = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
176 $request = new \
FauxRequest();
177 $info = $provider->provideSessionInfo( $request );
178 $this->assertNull( $info );
179 $this->assertSame( array(), $logger->getBuffer() );
180 $logger->clearBuffer();
183 $request = new \
FauxRequest();
184 $request->setCookies( array(
185 'session' => $sessionId,
187 $info = $provider->provideSessionInfo( $request );
188 $this->assertNotNull( $info );
189 $this->assertSame( $params['priority'], $info->getPriority() );
190 $this->assertSame( $sessionId, $info->getId() );
191 $this->assertNotNull( $info->getUserInfo() );
192 $this->assertSame( 0, $info->getUserInfo()->getId() );
193 $this->assertNull( $info->getUserInfo()->getName() );
194 $this->assertFalse( $info->forceHTTPS() );
195 $this->assertSame( array(
198 'Session "{session}" requested without UserID cookie',
200 ), $logger->getBuffer() );
201 $logger->clearBuffer();
203 // User, no session key
204 $request = new \
FauxRequest();
205 $request->setCookies( array(
209 $info = $provider->provideSessionInfo( $request );
210 $this->assertNotNull( $info );
211 $this->assertSame( $params['priority'], $info->getPriority() );
212 $this->assertNotSame( $sessionId, $info->getId() );
213 $this->assertNotNull( $info->getUserInfo() );
214 $this->assertSame( $id, $info->getUserInfo()->getId() );
215 $this->assertSame( $name, $info->getUserInfo()->getName() );
216 $this->assertFalse( $info->forceHTTPS() );
217 $this->assertSame( array(), $logger->getBuffer() );
218 $logger->clearBuffer();
220 // User and session key
221 $request = new \
FauxRequest();
222 $request->setCookies( array(
223 'session' => $sessionId,
227 $info = $provider->provideSessionInfo( $request );
228 $this->assertNotNull( $info );
229 $this->assertSame( $params['priority'], $info->getPriority() );
230 $this->assertSame( $sessionId, $info->getId() );
231 $this->assertNotNull( $info->getUserInfo() );
232 $this->assertSame( $id, $info->getUserInfo()->getId() );
233 $this->assertSame( $name, $info->getUserInfo()->getName() );
234 $this->assertFalse( $info->forceHTTPS() );
235 $this->assertSame( array(), $logger->getBuffer() );
236 $logger->clearBuffer();
238 // User with bad token
239 $request = new \
FauxRequest();
240 $request->setCookies( array(
241 'session' => $sessionId,
243 'xToken' => 'BADTOKEN',
245 $info = $provider->provideSessionInfo( $request );
246 $this->assertNull( $info );
247 $this->assertSame( array(
250 'Session "{session}" requested with invalid Token cookie.'
252 ), $logger->getBuffer() );
253 $logger->clearBuffer();
255 // User id with no token
256 $request = new \
FauxRequest();
257 $request->setCookies( array(
258 'session' => $sessionId,
261 $info = $provider->provideSessionInfo( $request );
262 $this->assertNotNull( $info );
263 $this->assertSame( $params['priority'], $info->getPriority() );
264 $this->assertSame( $sessionId, $info->getId() );
265 $this->assertNotNull( $info->getUserInfo() );
266 $this->assertFalse( $info->getUserInfo()->isVerified() );
267 $this->assertSame( $id, $info->getUserInfo()->getId() );
268 $this->assertSame( $name, $info->getUserInfo()->getName() );
269 $this->assertFalse( $info->forceHTTPS() );
270 $this->assertSame( array(), $logger->getBuffer() );
271 $logger->clearBuffer();
273 $request = new \
FauxRequest();
274 $request->setCookies( array(
277 $info = $provider->provideSessionInfo( $request );
278 $this->assertNull( $info );
279 $this->assertSame( array(), $logger->getBuffer() );
280 $logger->clearBuffer();
282 // User and session key, with forceHTTPS flag
283 $request = new \
FauxRequest();
284 $request->setCookies( array(
285 'session' => $sessionId,
288 'forceHTTPS' => true,
290 $info = $provider->provideSessionInfo( $request );
291 $this->assertNotNull( $info );
292 $this->assertSame( $params['priority'], $info->getPriority() );
293 $this->assertSame( $sessionId, $info->getId() );
294 $this->assertNotNull( $info->getUserInfo() );
295 $this->assertSame( $id, $info->getUserInfo()->getId() );
296 $this->assertSame( $name, $info->getUserInfo()->getName() );
297 $this->assertTrue( $info->forceHTTPS() );
298 $this->assertSame( array(), $logger->getBuffer() );
299 $logger->clearBuffer();
302 $request = new \
FauxRequest();
303 $request->setCookies( array(
304 'session' => $sessionId,
307 $info = $provider->provideSessionInfo( $request );
308 $this->assertNull( $info );
309 $this->assertSame( array(), $logger->getBuffer() );
310 $logger->clearBuffer();
312 // User id with matching name
313 $request = new \
FauxRequest();
314 $request->setCookies( array(
315 'session' => $sessionId,
317 'xUserName' => $name,
319 $info = $provider->provideSessionInfo( $request );
320 $this->assertNotNull( $info );
321 $this->assertSame( $params['priority'], $info->getPriority() );
322 $this->assertSame( $sessionId, $info->getId() );
323 $this->assertNotNull( $info->getUserInfo() );
324 $this->assertFalse( $info->getUserInfo()->isVerified() );
325 $this->assertSame( $id, $info->getUserInfo()->getId() );
326 $this->assertSame( $name, $info->getUserInfo()->getName() );
327 $this->assertFalse( $info->forceHTTPS() );
328 $this->assertSame( array(), $logger->getBuffer() );
329 $logger->clearBuffer();
331 // User id with wrong name
332 $request = new \
FauxRequest();
333 $request->setCookies( array(
334 'session' => $sessionId,
336 'xUserName' => 'Wrong',
338 $info = $provider->provideSessionInfo( $request );
339 $this->assertNull( $info );
340 $this->assertSame( array(
343 'Session "{session}" requested with mismatched UserID and UserName cookies.',
345 ), $logger->getBuffer() );
346 $logger->clearBuffer();
349 public function testGetVaryCookies() {
350 $provider = new CookieSessionProvider( array(
352 'sessionName' => 'MySessionName',
353 'cookieOptions' => array( 'prefix' => 'MyCookiePrefix' ),
355 $this->assertArrayEquals( array(
356 'MyCookiePrefixToken',
357 'MyCookiePrefixLoggedOut',
360 ), $provider->getVaryCookies() );
363 public function testSuggestLoginUsername() {
364 $provider = new CookieSessionProvider( array(
366 'sessionName' => 'MySessionName',
367 'cookieOptions' => array( 'prefix' => 'x' ),
370 $request = new \
FauxRequest();
371 $this->assertEquals( null, $provider->suggestLoginUsername( $request ) );
373 $request->setCookies( array(
374 'xUserName' => 'Example',
376 $this->assertEquals( 'Example', $provider->suggestLoginUsername( $request ) );
379 public function testPersistSession() {
380 $this->setMwGlobals( array( 'wgCookieExpiration' => 100 ) );
382 $provider = new CookieSessionProvider( array(
384 'sessionName' => 'MySessionName',
385 'callUserSetCookiesHook' => false,
386 'cookieOptions' => array( 'prefix' => 'x' ),
388 $config = $this->getConfig();
389 $provider->setLogger( new \
TestLogger() );
390 $provider->setConfig( $config );
391 $provider->setManager( SessionManager
::singleton() );
393 $sessionId = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
394 $store = new TestBagOStuff();
395 $user = User
::newFromName( 'UTSysop' );
398 $backend = new SessionBackend(
399 new SessionId( $sessionId ),
400 new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
401 'provider' => $provider,
407 new \Psr\Log\
NullLogger(),
410 \TestingAccessWrapper
::newFromObject( $backend )->usePhpSessionHandling
= false;
412 $mock = $this->getMock( 'stdClass', array( 'onUserSetCookies' ) );
413 $mock->expects( $this->never() )->method( 'onUserSetCookies' );
414 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'UserSetCookies' => array( $mock ) ) );
417 $backend->setUser( $anon );
418 $backend->setRememberUser( true );
419 $backend->setForceHTTPS( false );
420 $request = new \
FauxRequest();
421 $provider->persistSession( $backend, $request );
422 $this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
423 $this->assertSame( '', $request->response()->getCookie( 'xUserID' ) );
424 $this->assertSame( null, $request->response()->getCookie( 'xUserName' ) );
425 $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
426 $this->assertSame( '', $request->response()->getCookie( 'forceHTTPS' ) );
427 $this->assertSame( array(), $backend->getData() );
429 // Logged-in user, no remember
430 $backend->setUser( $user );
431 $backend->setRememberUser( false );
432 $backend->setForceHTTPS( false );
433 $request = new \
FauxRequest();
434 $provider->persistSession( $backend, $request );
435 $this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
436 $this->assertSame( (string)$user->getId(), $request->response()->getCookie( 'xUserID' ) );
437 $this->assertSame( $user->getName(), $request->response()->getCookie( 'xUserName' ) );
438 $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
439 $this->assertSame( '', $request->response()->getCookie( 'forceHTTPS' ) );
440 $this->assertSame( array(), $backend->getData() );
442 // Logged-in user, remember
443 $backend->setUser( $user );
444 $backend->setRememberUser( true );
445 $backend->setForceHTTPS( true );
446 $request = new \
FauxRequest();
448 $provider->persistSession( $backend, $request );
449 $this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
450 $this->assertSame( (string)$user->getId(), $request->response()->getCookie( 'xUserID' ) );
451 $this->assertSame( $user->getName(), $request->response()->getCookie( 'xUserName' ) );
452 $this->assertSame( $user->getToken(), $request->response()->getCookie( 'xToken' ) );
453 $this->assertSame( 'true', $request->response()->getCookie( 'forceHTTPS' ) );
454 $this->assertSame( array(), $backend->getData() );
458 * @dataProvider provideCookieData
459 * @param bool $secure
460 * @param bool $remember
462 public function testCookieData( $secure, $remember ) {
463 $this->setMwGlobals( array(
464 'wgCookieExpiration' => 100,
465 'wgSecureLogin' => false,
468 $provider = new CookieSessionProvider( array(
470 'sessionName' => 'MySessionName',
471 'callUserSetCookiesHook' => false,
472 'cookieOptions' => array( 'prefix' => 'x' ),
474 $config = $this->getConfig();
475 $config->set( 'CookieSecure', $secure );
476 $provider->setLogger( new \
TestLogger() );
477 $provider->setConfig( $config );
478 $provider->setManager( SessionManager
::singleton() );
480 $sessionId = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
481 $user = User
::newFromName( 'UTSysop' );
482 $this->assertFalse( $user->requiresHTTPS(), 'sanity check' );
484 $backend = new SessionBackend(
485 new SessionId( $sessionId ),
486 new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
487 'provider' => $provider,
493 new \Psr\Log\
NullLogger(),
496 \TestingAccessWrapper
::newFromObject( $backend )->usePhpSessionHandling
= false;
497 $backend->setUser( $user );
498 $backend->setRememberUser( $remember );
499 $backend->setForceHTTPS( $secure );
500 $request = new \
FauxRequest();
502 $provider->persistSession( $backend, $request );
505 'expire' => (int)100,
506 'path' => $config->get( 'CookiePath' ),
507 'domain' => $config->get( 'CookieDomain' ),
509 'httpOnly' => $config->get( 'CookieHttpOnly' ),
512 $extendedExpiry = $config->get( 'ExtendedLoginCookieExpiration' );
513 $extendedExpiry = (int)( $extendedExpiry === null ?
0 : $extendedExpiry );
514 $this->assertEquals( array( 'UserID', 'Token' ), $config->get( 'ExtendedLoginCookies' ),
517 'MySessionName' => array(
518 'value' => (string)$sessionId,
522 'value' => (string)$user->getId(),
523 'expire' => $extendedExpiry,
525 'xUserName' => array(
526 'value' => $user->getName(),
529 'value' => $remember ?
$user->getToken() : '',
530 'expire' => $remember ?
$extendedExpiry : -31536000,
532 'forceHTTPS' => array(
533 'value' => $secure ?
'true' : '',
535 'expire' => $secure ?
$remember ?
$defaults['expire'] : 0 : -31536000,
538 foreach ( $expect as $key => $value ) {
539 $actual = $request->response()->getCookieData( $key );
540 if ( $actual && $actual['expire'] > 0 ) {
541 // Round expiry so we don't randomly fail if the seconds ticked during the test.
542 $actual['expire'] = round( $actual['expire'] - $time, -2 );
544 $this->assertEquals( $value, $actual, "Cookie $key" );
548 public static function provideCookieData() {
550 array( false, false ),
551 array( false, true ),
552 array( true, false ),
557 protected function getSentRequest() {
558 $sentResponse = $this->getMock( 'FauxResponse', array( 'headersSent', 'setCookie', 'header' ) );
559 $sentResponse->expects( $this->any() )->method( 'headersSent' )
560 ->will( $this->returnValue( true ) );
561 $sentResponse->expects( $this->never() )->method( 'setCookie' );
562 $sentResponse->expects( $this->never() )->method( 'header' );
564 $sentRequest = $this->getMock( 'FauxRequest', array( 'response' ) );
565 $sentRequest->expects( $this->any() )->method( 'response' )
566 ->will( $this->returnValue( $sentResponse ) );
570 public function testPersistSessionWithHook() {
571 $provider = new CookieSessionProvider( array(
573 'sessionName' => 'MySessionName',
574 'callUserSetCookiesHook' => true,
575 'cookieOptions' => array( 'prefix' => 'x' ),
577 $provider->setLogger( new \Psr\Log\
NullLogger() );
578 $provider->setConfig( $this->getConfig() );
579 $provider->setManager( SessionManager
::singleton() );
581 $sessionId = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
582 $store = new TestBagOStuff();
583 $user = User
::newFromName( 'UTSysop' );
586 $backend = new SessionBackend(
587 new SessionId( $sessionId ),
588 new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
589 'provider' => $provider,
595 new \Psr\Log\
NullLogger(),
598 \TestingAccessWrapper
::newFromObject( $backend )->usePhpSessionHandling
= false;
601 $mock = $this->getMock( 'stdClass', array( 'onUserSetCookies' ) );
602 $mock->expects( $this->never() )->method( 'onUserSetCookies' );
603 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'UserSetCookies' => array( $mock ) ) );
604 $backend->setUser( $anon );
605 $backend->setRememberUser( true );
606 $backend->setForceHTTPS( false );
607 $request = new \
FauxRequest();
608 $provider->persistSession( $backend, $request );
609 $this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
610 $this->assertSame( '', $request->response()->getCookie( 'xUserID' ) );
611 $this->assertSame( null, $request->response()->getCookie( 'xUserName' ) );
612 $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
613 $this->assertSame( '', $request->response()->getCookie( 'forceHTTPS' ) );
614 $this->assertSame( array(), $backend->getData() );
616 $provider->persistSession( $backend, $this->getSentRequest() );
618 // Logged-in user, no remember
619 $mock = $this->getMock( __CLASS__
, array( 'onUserSetCookies' ) );
620 $mock->expects( $this->once() )->method( 'onUserSetCookies' )
621 ->will( $this->returnCallback( function ( $u, &$sessionData, &$cookies ) use ( $user ) {
622 $this->assertSame( $user, $u );
623 $this->assertEquals( array(
624 'wsUserID' => $user->getId(),
625 'wsUserName' => $user->getName(),
626 'wsToken' => $user->getToken(),
628 $this->assertEquals( array(
629 'UserID' => $user->getId(),
630 'UserName' => $user->getName(),
634 $sessionData['foo'] = 'foo!';
635 $cookies['bar'] = 'bar!';
638 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'UserSetCookies' => array( $mock ) ) );
639 $backend->setUser( $user );
640 $backend->setRememberUser( false );
641 $backend->setForceHTTPS( false );
642 $backend->setLoggedOutTimestamp( $loggedOut = time() );
643 $request = new \
FauxRequest();
644 $provider->persistSession( $backend, $request );
645 $this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
646 $this->assertSame( (string)$user->getId(), $request->response()->getCookie( 'xUserID' ) );
647 $this->assertSame( $user->getName(), $request->response()->getCookie( 'xUserName' ) );
648 $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
649 $this->assertSame( '', $request->response()->getCookie( 'forceHTTPS' ) );
650 $this->assertSame( 'bar!', $request->response()->getCookie( 'xbar' ) );
651 $this->assertSame( (string)$loggedOut, $request->response()->getCookie( 'xLoggedOut' ) );
652 $this->assertEquals( array(
653 'wsUserID' => $user->getId(),
654 'wsUserName' => $user->getName(),
655 'wsToken' => $user->getToken(),
657 ), $backend->getData() );
659 $provider->persistSession( $backend, $this->getSentRequest() );
661 // Logged-in user, remember
662 $mock = $this->getMock( __CLASS__
, array( 'onUserSetCookies' ) );
663 $mock->expects( $this->once() )->method( 'onUserSetCookies' )
664 ->will( $this->returnCallback( function ( $u, &$sessionData, &$cookies ) use ( $user ) {
665 $this->assertSame( $user, $u );
666 $this->assertEquals( array(
667 'wsUserID' => $user->getId(),
668 'wsUserName' => $user->getName(),
669 'wsToken' => $user->getToken(),
671 $this->assertEquals( array(
672 'UserID' => $user->getId(),
673 'UserName' => $user->getName(),
674 'Token' => $user->getToken(),
677 $sessionData['foo'] = 'foo 2!';
678 $cookies['bar'] = 'bar 2!';
681 $this->mergeMwGlobalArrayValue( 'wgHooks', array( 'UserSetCookies' => array( $mock ) ) );
682 $backend->setUser( $user );
683 $backend->setRememberUser( true );
684 $backend->setForceHTTPS( true );
685 $backend->setLoggedOutTimestamp( 0 );
686 $request = new \
FauxRequest();
687 $provider->persistSession( $backend, $request );
688 $this->assertSame( $sessionId, $request->response()->getCookie( 'MySessionName' ) );
689 $this->assertSame( (string)$user->getId(), $request->response()->getCookie( 'xUserID' ) );
690 $this->assertSame( $user->getName(), $request->response()->getCookie( 'xUserName' ) );
691 $this->assertSame( $user->getToken(), $request->response()->getCookie( 'xToken' ) );
692 $this->assertSame( 'true', $request->response()->getCookie( 'forceHTTPS' ) );
693 $this->assertSame( 'bar 2!', $request->response()->getCookie( 'xbar' ) );
694 $this->assertSame( null, $request->response()->getCookie( 'xLoggedOut' ) );
695 $this->assertEquals( array(
696 'wsUserID' => $user->getId(),
697 'wsUserName' => $user->getName(),
698 'wsToken' => $user->getToken(),
700 ), $backend->getData() );
702 $provider->persistSession( $backend, $this->getSentRequest() );
705 public function testUnpersistSession() {
706 $provider = new CookieSessionProvider( array(
708 'sessionName' => 'MySessionName',
709 'cookieOptions' => array( 'prefix' => 'x' ),
711 $provider->setLogger( new \Psr\Log\
NullLogger() );
712 $provider->setConfig( $this->getConfig() );
713 $provider->setManager( SessionManager
::singleton() );
715 $request = new \
FauxRequest();
716 $provider->unpersistSession( $request );
717 $this->assertSame( '', $request->response()->getCookie( 'MySessionName' ) );
718 $this->assertSame( '', $request->response()->getCookie( 'xUserID' ) );
719 $this->assertSame( null, $request->response()->getCookie( 'xUserName' ) );
720 $this->assertSame( '', $request->response()->getCookie( 'xToken' ) );
721 $this->assertSame( '', $request->response()->getCookie( 'forceHTTPS' ) );
723 $provider->unpersistSession( $this->getSentRequest() );
726 public function testSetLoggedOutCookie() {
727 $provider = \TestingAccessWrapper
::newFromObject( new CookieSessionProvider( array(
729 'sessionName' => 'MySessionName',
730 'cookieOptions' => array( 'prefix' => 'x' ),
732 $provider->setLogger( new \Psr\Log\
NullLogger() );
733 $provider->setConfig( $this->getConfig() );
734 $provider->setManager( SessionManager
::singleton() );
737 $t2 = time() - 86400 * 2;
740 $request = new \
FauxRequest();
741 $provider->setLoggedOutCookie( $t1, $request );
742 $this->assertSame( (string)$t1, $request->response()->getCookie( 'xLoggedOut' ) );
745 $request = new \
FauxRequest();
746 $provider->setLoggedOutCookie( $t2, $request );
747 $this->assertSame( null, $request->response()->getCookie( 'xLoggedOut' ) );
749 // Don't reset if it's already set
750 $request = new \
FauxRequest();
751 $request->setCookies( array(
754 $provider->setLoggedOutCookie( $t1, $request );
755 $this->assertSame( null, $request->response()->getCookie( 'xLoggedOut' ) );
759 * To be mocked for hooks, since PHPUnit can't otherwise mock methods that
762 public function onUserSetCookies( $user, &$sessionData, &$cookies ) {