3 namespace MediaWiki\Session
;
11 * @covers MediaWiki\Session\ImmutableSessionProviderWithCookie
13 class ImmutableSessionProviderWithCookieTest
extends MediaWikiTestCase
{
15 private function getProvider( $name, $prefix = null ) {
16 $config = new \
HashConfig();
17 $config->set( 'CookiePrefix', 'wgCookiePrefix' );
20 'sessionCookieName' => $name,
21 'sessionCookieOptions' => array(),
23 if ( $prefix !== null ) {
24 $params['sessionCookieOptions']['prefix'] = $prefix;
27 $provider = $this->getMockBuilder( 'MediaWiki\\Session\\ImmutableSessionProviderWithCookie' )
28 ->setConstructorArgs( array( $params ) )
29 ->getMockForAbstractClass();
30 $provider->setLogger( new \
TestLogger() );
31 $provider->setConfig( $config );
32 $provider->setManager( new SessionManager() );
37 public function testConstructor() {
38 $provider = $this->getMockBuilder( 'MediaWiki\\Session\\ImmutableSessionProviderWithCookie' )
39 ->getMockForAbstractClass();
40 $priv = \TestingAccessWrapper
::newFromObject( $provider );
41 $this->assertNull( $priv->sessionCookieName
);
42 $this->assertSame( array(), $priv->sessionCookieOptions
);
44 $provider = $this->getMockBuilder( 'MediaWiki\\Session\\ImmutableSessionProviderWithCookie' )
45 ->setConstructorArgs( array( array(
46 'sessionCookieName' => 'Foo',
47 'sessionCookieOptions' => array( 'Bar' ),
49 ->getMockForAbstractClass();
50 $priv = \TestingAccessWrapper
::newFromObject( $provider );
51 $this->assertSame( 'Foo', $priv->sessionCookieName
);
52 $this->assertSame( array( 'Bar' ), $priv->sessionCookieOptions
);
55 $provider = $this->getMockBuilder( 'MediaWiki\\Session\\ImmutableSessionProviderWithCookie' )
56 ->setConstructorArgs( array( array(
57 'sessionCookieName' => false,
59 ->getMockForAbstractClass();
60 $this->fail( 'Expected exception not thrown' );
61 } catch ( \InvalidArgumentException
$ex ) {
63 'sessionCookieName must be a string',
69 $provider = $this->getMockBuilder( 'MediaWiki\\Session\\ImmutableSessionProviderWithCookie' )
70 ->setConstructorArgs( array( array(
71 'sessionCookieOptions' => 'x',
73 ->getMockForAbstractClass();
74 $this->fail( 'Expected exception not thrown' );
75 } catch ( \InvalidArgumentException
$ex ) {
77 'sessionCookieOptions must be an array',
83 public function testBasics() {
84 $provider = $this->getProvider( null );
85 $this->assertFalse( $provider->persistsSessionID() );
86 $this->assertFalse( $provider->canChangeUser() );
88 $provider = $this->getProvider( 'Foo' );
89 $this->assertTrue( $provider->persistsSessionID() );
90 $this->assertFalse( $provider->canChangeUser() );
92 $msg = $provider->whyNoSession();
93 $this->assertInstanceOf( 'Message', $msg );
94 $this->assertSame( 'sessionprovider-nocookies', $msg->getKey() );
97 public function testGetVaryCookies() {
98 $provider = $this->getProvider( null );
99 $this->assertSame( array(), $provider->getVaryCookies() );
101 $provider = $this->getProvider( 'Foo' );
102 $this->assertSame( array( 'wgCookiePrefixFoo' ), $provider->getVaryCookies() );
104 $provider = $this->getProvider( 'Foo', 'Bar' );
105 $this->assertSame( array( 'BarFoo' ), $provider->getVaryCookies() );
107 $provider = $this->getProvider( 'Foo', '' );
108 $this->assertSame( array( 'Foo' ), $provider->getVaryCookies() );
111 public function testGetSessionIdFromCookie() {
112 $this->setMwGlobals( 'wgCookiePrefix', 'wgCookiePrefix' );
113 $request = new \
FauxRequest();
114 $request->setCookies( array(
115 '' => 'empty---------------------------',
116 'Foo' => 'foo-----------------------------',
117 'wgCookiePrefixFoo' => 'wgfoo---------------------------',
118 'BarFoo' => 'foobar--------------------------',
122 $provider = \TestingAccessWrapper
::newFromObject( $this->getProvider( null ) );
124 $provider->getSessionIdFromCookie( $request );
125 $this->fail( 'Expected exception not thrown' );
126 } catch ( \BadMethodCallException
$ex ) {
128 'MediaWiki\\Session\\ImmutableSessionProviderWithCookie::getSessionIdFromCookie ' .
129 'may not be called when $this->sessionCookieName === null',
134 $provider = \TestingAccessWrapper
::newFromObject( $this->getProvider( 'Foo' ) );
136 'wgfoo---------------------------',
137 $provider->getSessionIdFromCookie( $request )
140 $provider = \TestingAccessWrapper
::newFromObject( $this->getProvider( 'Foo', 'Bar' ) );
142 'foobar--------------------------',
143 $provider->getSessionIdFromCookie( $request )
146 $provider = \TestingAccessWrapper
::newFromObject( $this->getProvider( 'Foo', '' ) );
148 'foo-----------------------------',
149 $provider->getSessionIdFromCookie( $request )
152 $provider = \TestingAccessWrapper
::newFromObject( $this->getProvider( 'bad', '' ) );
153 $this->assertSame( null, $provider->getSessionIdFromCookie( $request ) );
155 $provider = \TestingAccessWrapper
::newFromObject( $this->getProvider( 'none', '' ) );
156 $this->assertSame( null, $provider->getSessionIdFromCookie( $request ) );
159 protected function getSentRequest() {
160 $sentResponse = $this->getMock( 'FauxResponse', array( 'headersSent', 'setCookie', 'header' ) );
161 $sentResponse->expects( $this->any() )->method( 'headersSent' )
162 ->will( $this->returnValue( true ) );
163 $sentResponse->expects( $this->never() )->method( 'setCookie' );
164 $sentResponse->expects( $this->never() )->method( 'header' );
166 $sentRequest = $this->getMock( 'FauxRequest', array( 'response' ) );
167 $sentRequest->expects( $this->any() )->method( 'response' )
168 ->will( $this->returnValue( $sentResponse ) );
173 * @dataProvider providePersistSession
174 * @param bool $secure
175 * @param bool $remember
177 public function testPersistSession( $secure, $remember ) {
178 $this->setMwGlobals( array(
179 'wgCookieExpiration' => 100,
180 'wgSecureLogin' => false,
183 $provider = $this->getProvider( 'session' );
184 $provider->setLogger( new \Psr\Log\
NullLogger() );
185 $priv = \TestingAccessWrapper
::newFromObject( $provider );
186 $priv->sessionCookieOptions
= array(
188 'path' => 'CookiePath',
189 'domain' => 'CookieDomain',
194 $sessionId = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
195 $user = User
::newFromName( 'UTSysop' );
196 $this->assertFalse( $user->requiresHTTPS(), 'sanity check' );
198 $backend = new SessionBackend(
199 new SessionId( $sessionId ),
200 new SessionInfo( SessionInfo
::MIN_PRIORITY
, array(
201 'provider' => $provider,
204 'userInfo' => UserInfo
::newFromUser( $user, true ),
207 new \
EmptyBagOStuff(),
208 new \
EmptyBagOStuff(),
209 new \Psr\Log\
NullLogger(),
212 \TestingAccessWrapper
::newFromObject( $backend )->usePhpSessionHandling
= false;
213 $backend->setRememberUser( $remember );
214 $backend->setForceHTTPS( $secure );
217 $priv->sessionCookieName
= null;
218 $request = new \
FauxRequest();
219 $provider->persistSession( $backend, $request );
220 $this->assertSame( array(), $request->response()->getCookies() );
223 $priv->sessionCookieName
= 'session';
224 $request = new \
FauxRequest();
226 $provider->persistSession( $backend, $request );
228 $cookie = $request->response()->getCookieData( 'xsession' );
229 $this->assertInternalType( 'array', $cookie );
230 if ( isset( $cookie['expire'] ) && $cookie['expire'] > 0 ) {
231 // Round expiry so we don't randomly fail if the seconds ticked during the test.
232 $cookie['expire'] = round( $cookie['expire'] - $time, -2 );
234 $this->assertEquals( array(
235 'value' => $sessionId,
237 'path' => 'CookiePath',
238 'domain' => 'CookieDomain',
244 $cookie = $request->response()->getCookieData( 'forceHTTPS' );
246 $this->assertInternalType( 'array', $cookie );
247 if ( isset( $cookie['expire'] ) && $cookie['expire'] > 0 ) {
248 // Round expiry so we don't randomly fail if the seconds ticked during the test.
249 $cookie['expire'] = round( $cookie['expire'] - $time, -2 );
251 $this->assertEquals( array(
253 'expire' => $remember ?
100 : null,
254 'path' => 'CookiePath',
255 'domain' => 'CookieDomain',
261 $this->assertNull( $cookie );
265 $request = $this->getSentRequest();
266 $provider->persistSession( $backend, $request );
267 $this->assertSame( array(), $request->response()->getCookies() );
270 public static function providePersistSession() {
272 array( false, false ),
273 array( false, true ),
274 array( true, false ),
279 public function testUnpersistSession() {
280 $provider = $this->getProvider( 'session', '' );
281 $provider->setLogger( new \Psr\Log\
NullLogger() );
282 $priv = \TestingAccessWrapper
::newFromObject( $provider );
285 $priv->sessionCookieName
= null;
286 $request = new \
FauxRequest();
287 $provider->unpersistSession( $request );
288 $this->assertSame( null, $request->response()->getCookie( 'session', '' ) );
291 $priv->sessionCookieName
= 'session';
292 $request = new \
FauxRequest();
293 $provider->unpersistSession( $request );
294 $this->assertSame( '', $request->response()->getCookie( 'session', '' ) );
297 $request = $this->getSentRequest();
298 $provider->unpersistSession( $request );
299 $this->assertSame( null, $request->response()->getCookie( 'session', '' ) );