3 namespace MediaWiki\Session
;
12 * @covers MediaWiki\Session\SessionManager
14 class SessionManagerTest
extends MediaWikiTestCase
{
16 protected $config, $logger, $store;
18 protected function getManager() {
19 \ObjectCache
::$instances['testSessionStore'] = new TestBagOStuff();
20 $this->config
= new \
HashConfig( [
21 'LanguageCode' => 'en',
22 'SessionCacheType' => 'testSessionStore',
23 'ObjectCacheSessionExpiry' => 100,
24 'SessionProviders' => [
25 [ 'class' => 'DummySessionProvider' ],
28 $this->logger
= new \
TestLogger( false, function ( $m ) {
29 return substr( $m, 0, 15 ) === 'SessionBackend ' ?
null : $m;
31 $this->store
= new TestBagOStuff();
33 return new SessionManager( [
34 'config' => $this->config
,
35 'logger' => $this->logger
,
36 'store' => $this->store
,
40 protected function objectCacheDef( $object ) {
41 return [ 'factory' => function () use ( $object ) {
46 public function testSingleton() {
47 $reset = TestUtils
::setSessionManagerSingleton( null );
49 $singleton = SessionManager
::singleton();
50 $this->assertInstanceOf( SessionManager
::class, $singleton );
51 $this->assertSame( $singleton, SessionManager
::singleton() );
54 public function testGetGlobalSession() {
55 $context = \RequestContext
::getMain();
57 if ( !PHPSessionHandler
::isInstalled() ) {
58 PHPSessionHandler
::install( SessionManager
::singleton() );
60 $rProp = new \
ReflectionProperty( PHPSessionHandler
::class, 'instance' );
61 $rProp->setAccessible( true );
62 $handler = \TestingAccessWrapper
::newFromObject( $rProp->getValue() );
63 $oldEnable = $handler->enable
;
64 $reset[] = new \Wikimedia\
ScopedCallback( function () use ( $handler, $oldEnable ) {
65 if ( $handler->enable
) {
66 session_write_close();
68 $handler->enable
= $oldEnable;
70 $reset[] = TestUtils
::setSessionManagerSingleton( $this->getManager() );
72 $handler->enable
= true;
73 $request = new \
FauxRequest();
74 $context->setRequest( $request );
75 $id = $request->getSession()->getId();
78 $session = SessionManager
::getGlobalSession();
79 $this->assertSame( $id, $session->getId() );
81 session_id( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' );
82 $session = SessionManager
::getGlobalSession();
83 $this->assertSame( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', $session->getId() );
84 $this->assertSame( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', $request->getSession()->getId() );
86 session_write_close();
87 $handler->enable
= false;
88 $request = new \
FauxRequest();
89 $context->setRequest( $request );
90 $id = $request->getSession()->getId();
93 $session = SessionManager
::getGlobalSession();
94 $this->assertSame( $id, $session->getId() );
96 session_id( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' );
97 $session = SessionManager
::getGlobalSession();
98 $this->assertSame( $id, $session->getId() );
99 $this->assertSame( $id, $request->getSession()->getId() );
102 public function testConstructor() {
103 $manager = \TestingAccessWrapper
::newFromObject( $this->getManager() );
104 $this->assertSame( $this->config
, $manager->config
);
105 $this->assertSame( $this->logger
, $manager->logger
);
106 $this->assertSame( $this->store
, $manager->store
);
108 $manager = \TestingAccessWrapper
::newFromObject( new SessionManager() );
109 $this->assertSame( \RequestContext
::getMain()->getConfig(), $manager->config
);
111 $manager = \TestingAccessWrapper
::newFromObject( new SessionManager( [
112 'config' => $this->config
,
114 $this->assertSame( \ObjectCache
::$instances['testSessionStore'], $manager->store
);
117 'config' => '$options[\'config\'] must be an instance of Config',
118 'logger' => '$options[\'logger\'] must be an instance of LoggerInterface',
119 'store' => '$options[\'store\'] must be an instance of BagOStuff',
120 ] as $key => $error ) {
122 new SessionManager( [ $key => new \stdClass
] );
123 $this->fail( 'Expected exception not thrown' );
124 } catch ( \InvalidArgumentException
$ex ) {
125 $this->assertSame( $error, $ex->getMessage() );
130 public function testGetSessionForRequest() {
131 $manager = $this->getManager();
132 $request = new \
FauxRequest();
133 $request->unpersist1
= false;
134 $request->unpersist2
= false;
138 $idEmpty = 'empty-session-------------------';
140 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
142 [ 'provideSessionInfo', 'newSessionInfo', '__toString', 'describe', 'unpersistSession' ]
145 $provider1 = $providerBuilder->getMock();
146 $provider1->expects( $this->any() )->method( 'provideSessionInfo' )
147 ->with( $this->identicalTo( $request ) )
148 ->will( $this->returnCallback( function ( $request ) {
149 return $request->info1
;
151 $provider1->expects( $this->any() )->method( 'newSessionInfo' )
152 ->will( $this->returnCallback( function () use ( $idEmpty, $provider1 ) {
153 return new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
154 'provider' => $provider1,
160 $provider1->expects( $this->any() )->method( '__toString' )
161 ->will( $this->returnValue( 'Provider1' ) );
162 $provider1->expects( $this->any() )->method( 'describe' )
163 ->will( $this->returnValue( '#1 sessions' ) );
164 $provider1->expects( $this->any() )->method( 'unpersistSession' )
165 ->will( $this->returnCallback( function ( $request ) {
166 $request->unpersist1
= true;
169 $provider2 = $providerBuilder->getMock();
170 $provider2->expects( $this->any() )->method( 'provideSessionInfo' )
171 ->with( $this->identicalTo( $request ) )
172 ->will( $this->returnCallback( function ( $request ) {
173 return $request->info2
;
175 $provider2->expects( $this->any() )->method( '__toString' )
176 ->will( $this->returnValue( 'Provider2' ) );
177 $provider2->expects( $this->any() )->method( 'describe' )
178 ->will( $this->returnValue( '#2 sessions' ) );
179 $provider2->expects( $this->any() )->method( 'unpersistSession' )
180 ->will( $this->returnCallback( function ( $request ) {
181 $request->unpersist2
= true;
184 $this->config
->set( 'SessionProviders', [
185 $this->objectCacheDef( $provider1 ),
186 $this->objectCacheDef( $provider2 ),
189 // No provider returns info
190 $request->info1
= null;
191 $request->info2
= null;
192 $session = $manager->getSessionForRequest( $request );
193 $this->assertInstanceOf( Session
::class, $session );
194 $this->assertSame( $idEmpty, $session->getId() );
195 $this->assertFalse( $request->unpersist1
);
196 $this->assertFalse( $request->unpersist2
);
198 // Both providers return info, picks best one
199 $request->info1
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, [
200 'provider' => $provider1,
201 'id' => ( $id1 = $manager->generateSessionId() ),
205 $request->info2
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
2, [
206 'provider' => $provider2,
207 'id' => ( $id2 = $manager->generateSessionId() ),
211 $session = $manager->getSessionForRequest( $request );
212 $this->assertInstanceOf( Session
::class, $session );
213 $this->assertSame( $id2, $session->getId() );
214 $this->assertFalse( $request->unpersist1
);
215 $this->assertFalse( $request->unpersist2
);
217 $request->info1
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
2, [
218 'provider' => $provider1,
219 'id' => ( $id1 = $manager->generateSessionId() ),
223 $request->info2
= new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, [
224 'provider' => $provider2,
225 'id' => ( $id2 = $manager->generateSessionId() ),
229 $session = $manager->getSessionForRequest( $request );
230 $this->assertInstanceOf( Session
::class, $session );
231 $this->assertSame( $id1, $session->getId() );
232 $this->assertFalse( $request->unpersist1
);
233 $this->assertFalse( $request->unpersist2
);
236 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, [
237 'provider' => $provider1,
238 'id' => ( $id1 = $manager->generateSessionId() ),
240 'userInfo' => UserInfo
::newAnonymous(),
243 $request->info2
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, [
244 'provider' => $provider2,
245 'id' => ( $id2 = $manager->generateSessionId() ),
247 'userInfo' => UserInfo
::newAnonymous(),
251 $manager->getSessionForRequest( $request );
252 $this->fail( 'Expcected exception not thrown' );
253 } catch ( \OverflowException
$ex ) {
254 $this->assertStringStartsWith(
255 'Multiple sessions for this request tied for top priority: ',
258 $this->assertCount( 2, $ex->sessionInfos
);
259 $this->assertContains( $request->info1
, $ex->sessionInfos
);
260 $this->assertContains( $request->info2
, $ex->sessionInfos
);
262 $this->assertFalse( $request->unpersist1
);
263 $this->assertFalse( $request->unpersist2
);
266 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, [
267 'provider' => $provider2,
268 'id' => ( $id1 = $manager->generateSessionId() ),
272 $request->info2
= null;
274 $manager->getSessionForRequest( $request );
275 $this->fail( 'Expcected exception not thrown' );
276 } catch ( \UnexpectedValueException
$ex ) {
278 'Provider1 returned session info for a different provider: ' . $request->info1
,
282 $this->assertFalse( $request->unpersist1
);
283 $this->assertFalse( $request->unpersist2
);
285 // Unusable session info
286 $this->logger
->setCollect( true );
287 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, [
288 'provider' => $provider1,
289 'id' => ( $id1 = $manager->generateSessionId() ),
291 'userInfo' => UserInfo
::newFromName( 'UTSysop', false ),
294 $request->info2
= new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
295 'provider' => $provider2,
296 'id' => ( $id2 = $manager->generateSessionId() ),
300 $session = $manager->getSessionForRequest( $request );
301 $this->assertInstanceOf( Session
::class, $session );
302 $this->assertSame( $id2, $session->getId() );
303 $this->logger
->setCollect( false );
304 $this->assertTrue( $request->unpersist1
);
305 $this->assertFalse( $request->unpersist2
);
306 $request->unpersist1
= false;
308 $this->logger
->setCollect( true );
309 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, [
310 'provider' => $provider1,
311 'id' => ( $id1 = $manager->generateSessionId() ),
315 $request->info2
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, [
316 'provider' => $provider2,
317 'id' => ( $id2 = $manager->generateSessionId() ),
319 'userInfo' => UserInfo
::newFromName( 'UTSysop', false ),
322 $session = $manager->getSessionForRequest( $request );
323 $this->assertInstanceOf( Session
::class, $session );
324 $this->assertSame( $id1, $session->getId() );
325 $this->logger
->setCollect( false );
326 $this->assertFalse( $request->unpersist1
);
327 $this->assertTrue( $request->unpersist2
);
328 $request->unpersist2
= false;
330 // Unpersisted session ID
331 $request->info1
= new SessionInfo( SessionInfo
::MAX_PRIORITY
, [
332 'provider' => $provider1,
333 'id' => ( $id1 = $manager->generateSessionId() ),
334 'persisted' => false,
335 'userInfo' => UserInfo
::newFromName( 'UTSysop', true ),
338 $request->info2
= null;
339 $session = $manager->getSessionForRequest( $request );
340 $this->assertInstanceOf( Session
::class, $session );
341 $this->assertSame( $id1, $session->getId() );
342 $this->assertTrue( $request->unpersist1
); // The saving of the session does it
343 $this->assertFalse( $request->unpersist2
);
345 $this->assertTrue( $session->isPersistent(), 'sanity check' );
348 public function testGetSessionById() {
349 $manager = $this->getManager();
351 $manager->getSessionById( 'bad' );
352 $this->fail( 'Expected exception not thrown' );
353 } catch ( \InvalidArgumentException
$ex ) {
354 $this->assertSame( 'Invalid session ID', $ex->getMessage() );
357 // Unknown session ID
358 $id = $manager->generateSessionId();
359 $session = $manager->getSessionById( $id, true );
360 $this->assertInstanceOf( Session
::class, $session );
361 $this->assertSame( $id, $session->getId() );
363 $id = $manager->generateSessionId();
364 $this->assertNull( $manager->getSessionById( $id, false ) );
366 // Known but unloadable session ID
367 $this->logger
->setCollect( true );
368 $id = $manager->generateSessionId();
369 $this->store
->setSession( $id, [ 'metadata' => [
370 'userId' => User
::idFromName( 'UTSysop' ),
371 'userToken' => 'bad',
374 $this->assertNull( $manager->getSessionById( $id, true ) );
375 $this->assertNull( $manager->getSessionById( $id, false ) );
376 $this->logger
->setCollect( false );
379 $this->store
->setSession( $id, [] );
380 $session = $manager->getSessionById( $id, false );
381 $this->assertInstanceOf( Session
::class, $session );
382 $this->assertSame( $id, $session->getId() );
384 // Store isn't checked if the session is already loaded
385 $this->store
->setSession( $id, [ 'metadata' => [
386 'userId' => User
::idFromName( 'UTSysop' ),
387 'userToken' => 'bad',
389 $session2 = $manager->getSessionById( $id, false );
390 $this->assertInstanceOf( Session
::class, $session2 );
391 $this->assertSame( $id, $session2->getId() );
392 unset( $session, $session2 );
393 $this->logger
->setCollect( true );
394 $this->assertNull( $manager->getSessionById( $id, true ) );
395 $this->logger
->setCollect( false );
397 // Failure to create an empty session
398 $manager = $this->getManager();
399 $provider = $this->getMockBuilder( 'DummySessionProvider' )
400 ->setMethods( [ 'provideSessionInfo', 'newSessionInfo', '__toString' ] )
402 $provider->expects( $this->any() )->method( 'provideSessionInfo' )
403 ->will( $this->returnValue( null ) );
404 $provider->expects( $this->any() )->method( 'newSessionInfo' )
405 ->will( $this->returnValue( null ) );
406 $provider->expects( $this->any() )->method( '__toString' )
407 ->will( $this->returnValue( 'MockProvider' ) );
408 $this->config
->set( 'SessionProviders', [
409 $this->objectCacheDef( $provider ),
411 $this->logger
->setCollect( true );
412 $this->assertNull( $manager->getSessionById( $id, true ) );
413 $this->logger
->setCollect( false );
415 [ LogLevel
::ERROR
, 'Failed to create empty session: {exception}' ]
416 ], $this->logger
->getBuffer() );
419 public function testGetEmptySession() {
420 $manager = $this->getManager();
421 $pmanager = \TestingAccessWrapper
::newFromObject( $manager );
422 $request = new \
FauxRequest();
424 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
425 ->setMethods( [ 'provideSessionInfo', 'newSessionInfo', '__toString' ] );
431 $provider1 = $providerBuilder->getMock();
432 $provider1->expects( $this->any() )->method( 'provideSessionInfo' )
433 ->will( $this->returnValue( null ) );
434 $provider1->expects( $this->any() )->method( 'newSessionInfo' )
435 ->with( $this->callback( function ( $id ) use ( &$expectId ) {
436 return $id === $expectId;
438 ->will( $this->returnCallback( function () use ( &$info1 ) {
441 $provider1->expects( $this->any() )->method( '__toString' )
442 ->will( $this->returnValue( 'MockProvider1' ) );
444 $provider2 = $providerBuilder->getMock();
445 $provider2->expects( $this->any() )->method( 'provideSessionInfo' )
446 ->will( $this->returnValue( null ) );
447 $provider2->expects( $this->any() )->method( 'newSessionInfo' )
448 ->with( $this->callback( function ( $id ) use ( &$expectId ) {
449 return $id === $expectId;
451 ->will( $this->returnCallback( function () use ( &$info2 ) {
454 $provider1->expects( $this->any() )->method( '__toString' )
455 ->will( $this->returnValue( 'MockProvider2' ) );
457 $this->config
->set( 'SessionProviders', [
458 $this->objectCacheDef( $provider1 ),
459 $this->objectCacheDef( $provider2 ),
467 $manager->getEmptySession();
468 $this->fail( 'Expected exception not thrown' );
469 } catch ( \UnexpectedValueException
$ex ) {
471 'No provider could provide an empty session!',
478 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
479 'provider' => $provider1,
480 'id' => 'empty---------------------------',
485 $session = $manager->getEmptySession();
486 $this->assertInstanceOf( Session
::class, $session );
487 $this->assertSame( 'empty---------------------------', $session->getId() );
490 $expectId = 'expected------------------------';
491 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
492 'provider' => $provider1,
498 $session = $pmanager->getEmptySessionInternal( null, $expectId );
499 $this->assertInstanceOf( Session
::class, $session );
500 $this->assertSame( $expectId, $session->getId() );
503 $expectId = 'expected-----------------------2';
504 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
505 'provider' => $provider1,
506 'id' => "un$expectId",
512 $pmanager->getEmptySessionInternal( null, $expectId );
513 $this->fail( 'Expected exception not thrown' );
514 } catch ( \UnexpectedValueException
$ex ) {
516 'MockProvider1 returned empty session info with a wrong id: ' .
517 "un$expectId != $expectId",
523 $expectId = 'expected-----------------------2';
524 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
525 'provider' => $provider1,
531 $pmanager->getEmptySessionInternal( null, $expectId );
532 $this->fail( 'Expected exception not thrown' );
533 } catch ( \UnexpectedValueException
$ex ) {
535 'MockProvider1 returned empty session info with id flagged unsafe',
542 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
543 'provider' => $provider2,
544 'id' => 'empty---------------------------',
550 $manager->getEmptySession();
551 $this->fail( 'Expected exception not thrown' );
552 } catch ( \UnexpectedValueException
$ex ) {
554 'MockProvider1 returned an empty session info for a different provider: ' . $info1,
559 // Highest priority wins
561 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, [
562 'provider' => $provider1,
563 'id' => 'empty1--------------------------',
567 $info2 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
568 'provider' => $provider2,
569 'id' => 'empty2--------------------------',
573 $session = $manager->getEmptySession();
574 $this->assertInstanceOf( Session
::class, $session );
575 $this->assertSame( 'empty1--------------------------', $session->getId() );
578 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY +
1, [
579 'provider' => $provider1,
580 'id' => 'empty1--------------------------',
584 $info2 = new SessionInfo( SessionInfo
::MIN_PRIORITY +
2, [
585 'provider' => $provider2,
586 'id' => 'empty2--------------------------',
590 $session = $manager->getEmptySession();
591 $this->assertInstanceOf( Session
::class, $session );
592 $this->assertSame( 'empty2--------------------------', $session->getId() );
594 // Tied priorities throw an exception
596 $info1 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
597 'provider' => $provider1,
598 'id' => 'empty1--------------------------',
600 'userInfo' => UserInfo
::newAnonymous(),
603 $info2 = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
604 'provider' => $provider2,
605 'id' => 'empty2--------------------------',
607 'userInfo' => UserInfo
::newAnonymous(),
611 $manager->getEmptySession();
612 $this->fail( 'Expected exception not thrown' );
613 } catch ( \UnexpectedValueException
$ex ) {
614 $this->assertStringStartsWith(
615 'Multiple empty sessions tied for top priority: ',
622 $pmanager->getEmptySessionInternal( null, 'bad' );
623 $this->fail( 'Expected exception not thrown' );
624 } catch ( \InvalidArgumentException
$ex ) {
625 $this->assertSame( 'Invalid session ID', $ex->getMessage() );
628 // Session already exists
629 $expectId = 'expected-----------------------3';
630 $this->store
->setSessionMeta( $expectId, [
631 'provider' => 'MockProvider2',
637 $pmanager->getEmptySessionInternal( null, $expectId );
638 $this->fail( 'Expected exception not thrown' );
639 } catch ( \InvalidArgumentException
$ex ) {
640 $this->assertSame( 'Session ID already exists', $ex->getMessage() );
644 public function testInvalidateSessionsForUser() {
645 $user = User
::newFromName( 'UTSysop' );
646 $manager = $this->getManager();
648 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
649 ->setMethods( [ 'invalidateSessionsForUser', '__toString' ] );
651 $provider1 = $providerBuilder->getMock();
652 $provider1->expects( $this->once() )->method( 'invalidateSessionsForUser' )
653 ->with( $this->identicalTo( $user ) );
654 $provider1->expects( $this->any() )->method( '__toString' )
655 ->will( $this->returnValue( 'MockProvider1' ) );
657 $provider2 = $providerBuilder->getMock();
658 $provider2->expects( $this->once() )->method( 'invalidateSessionsForUser' )
659 ->with( $this->identicalTo( $user ) );
660 $provider2->expects( $this->any() )->method( '__toString' )
661 ->will( $this->returnValue( 'MockProvider2' ) );
663 $this->config
->set( 'SessionProviders', [
664 $this->objectCacheDef( $provider1 ),
665 $this->objectCacheDef( $provider2 ),
668 $oldToken = $user->getToken( true );
669 $manager->invalidateSessionsForUser( $user );
670 $this->assertNotEquals( $oldToken, $user->getToken() );
673 public function testGetVaryHeaders() {
674 $manager = $this->getManager();
676 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
677 ->setMethods( [ 'getVaryHeaders', '__toString' ] );
679 $provider1 = $providerBuilder->getMock();
680 $provider1->expects( $this->once() )->method( 'getVaryHeaders' )
681 ->will( $this->returnValue( [
683 'Bar' => [ 'X', 'Bar1' ],
686 $provider1->expects( $this->any() )->method( '__toString' )
687 ->will( $this->returnValue( 'MockProvider1' ) );
689 $provider2 = $providerBuilder->getMock();
690 $provider2->expects( $this->once() )->method( 'getVaryHeaders' )
691 ->will( $this->returnValue( [
693 'Bar' => [ 'X', 'Bar2' ],
694 'Quux' => [ 'Quux' ],
696 $provider2->expects( $this->any() )->method( '__toString' )
697 ->will( $this->returnValue( 'MockProvider2' ) );
699 $this->config
->set( 'SessionProviders', [
700 $this->objectCacheDef( $provider1 ),
701 $this->objectCacheDef( $provider2 ),
706 'Bar' => [ 'X', 'Bar1', 3 => 'Bar2' ],
707 'Quux' => [ 'Quux' ],
711 $this->assertEquals( $expect, $manager->getVaryHeaders() );
713 // Again, to ensure it's cached
714 $this->assertEquals( $expect, $manager->getVaryHeaders() );
717 public function testGetVaryCookies() {
718 $manager = $this->getManager();
720 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
721 ->setMethods( [ 'getVaryCookies', '__toString' ] );
723 $provider1 = $providerBuilder->getMock();
724 $provider1->expects( $this->once() )->method( 'getVaryCookies' )
725 ->will( $this->returnValue( [ 'Foo', 'Bar' ] ) );
726 $provider1->expects( $this->any() )->method( '__toString' )
727 ->will( $this->returnValue( 'MockProvider1' ) );
729 $provider2 = $providerBuilder->getMock();
730 $provider2->expects( $this->once() )->method( 'getVaryCookies' )
731 ->will( $this->returnValue( [ 'Foo', 'Baz' ] ) );
732 $provider2->expects( $this->any() )->method( '__toString' )
733 ->will( $this->returnValue( 'MockProvider2' ) );
735 $this->config
->set( 'SessionProviders', [
736 $this->objectCacheDef( $provider1 ),
737 $this->objectCacheDef( $provider2 ),
740 $expect = [ 'Foo', 'Bar', 'Baz' ];
742 $this->assertEquals( $expect, $manager->getVaryCookies() );
744 // Again, to ensure it's cached
745 $this->assertEquals( $expect, $manager->getVaryCookies() );
748 public function testGetProviders() {
749 $realManager = $this->getManager();
750 $manager = \TestingAccessWrapper
::newFromObject( $realManager );
752 $this->config
->set( 'SessionProviders', [
753 [ 'class' => 'DummySessionProvider' ],
755 $providers = $manager->getProviders();
756 $this->assertArrayHasKey( 'DummySessionProvider', $providers );
757 $provider = \TestingAccessWrapper
::newFromObject( $providers['DummySessionProvider'] );
758 $this->assertSame( $manager->logger
, $provider->logger
);
759 $this->assertSame( $manager->config
, $provider->config
);
760 $this->assertSame( $realManager, $provider->getManager() );
762 $this->config
->set( 'SessionProviders', [
763 [ 'class' => 'DummySessionProvider' ],
764 [ 'class' => 'DummySessionProvider' ],
766 $manager->sessionProviders
= null;
768 $manager->getProviders();
769 $this->fail( 'Expected exception not thrown' );
770 } catch ( \UnexpectedValueException
$ex ) {
772 'Duplicate provider name "DummySessionProvider"',
778 public function testShutdown() {
779 $manager = \TestingAccessWrapper
::newFromObject( $this->getManager() );
780 $manager->setLogger( new \Psr\Log\
NullLogger() );
782 $mock = $this->getMockBuilder( 'stdClass' )
783 ->setMethods( [ 'shutdown' ] )->getMock();
784 $mock->expects( $this->once() )->method( 'shutdown' );
786 $manager->allSessionBackends
= [ $mock ];
787 $manager->shutdown();
790 public function testGetSessionFromInfo() {
791 $manager = \TestingAccessWrapper
::newFromObject( $this->getManager() );
792 $request = new \
FauxRequest();
794 $id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
796 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
797 'provider' => $manager->getProvider( 'DummySessionProvider' ),
800 'userInfo' => UserInfo
::newFromName( 'UTSysop', true ),
803 \TestingAccessWrapper
::newFromObject( $info )->idIsSafe
= true;
804 $session1 = \TestingAccessWrapper
::newFromObject(
805 $manager->getSessionFromInfo( $info, $request )
807 $session2 = \TestingAccessWrapper
::newFromObject(
808 $manager->getSessionFromInfo( $info, $request )
811 $this->assertSame( $session1->backend
, $session2->backend
);
812 $this->assertNotEquals( $session1->index
, $session2->index
);
813 $this->assertSame( $session1->getSessionId(), $session2->getSessionId() );
814 $this->assertSame( $id, $session1->getId() );
816 \TestingAccessWrapper
::newFromObject( $info )->idIsSafe
= false;
817 $session3 = $manager->getSessionFromInfo( $info, $request );
818 $this->assertNotSame( $id, $session3->getId() );
821 public function testBackendRegistration() {
822 $manager = $this->getManager();
824 $session = $manager->getSessionForRequest( new \FauxRequest
);
825 $backend = \TestingAccessWrapper
::newFromObject( $session )->backend
;
826 $sessionId = $session->getSessionId();
827 $id = (string)$sessionId;
829 $this->assertSame( $sessionId, $manager->getSessionById( $id, true )->getSessionId() );
831 $manager->changeBackendId( $backend );
832 $this->assertSame( $sessionId, $session->getSessionId() );
833 $this->assertNotEquals( $id, (string)$sessionId );
834 $id = (string)$sessionId;
836 $this->assertSame( $sessionId, $manager->getSessionById( $id, true )->getSessionId() );
838 // Destruction of the session here causes the backend to be deregistered
842 $manager->changeBackendId( $backend );
843 $this->fail( 'Expected exception not thrown' );
844 } catch ( \InvalidArgumentException
$ex ) {
846 'Backend was not registered with this SessionManager', $ex->getMessage()
851 $manager->deregisterSessionBackend( $backend );
852 $this->fail( 'Expected exception not thrown' );
853 } catch ( \InvalidArgumentException
$ex ) {
855 'Backend was not registered with this SessionManager', $ex->getMessage()
859 $session = $manager->getSessionById( $id, true );
860 $this->assertSame( $sessionId, $session->getSessionId() );
863 public function testGenerateSessionId() {
864 $manager = $this->getManager();
866 $id = $manager->generateSessionId();
867 $this->assertTrue( SessionManager
::validateSessionId( $id ), "Generated ID: $id" );
870 public function testPreventSessionsForUser() {
871 $manager = $this->getManager();
873 $providerBuilder = $this->getMockBuilder( 'DummySessionProvider' )
874 ->setMethods( [ 'preventSessionsForUser', '__toString' ] );
876 $provider1 = $providerBuilder->getMock();
877 $provider1->expects( $this->once() )->method( 'preventSessionsForUser' )
878 ->with( $this->equalTo( 'UTSysop' ) );
879 $provider1->expects( $this->any() )->method( '__toString' )
880 ->will( $this->returnValue( 'MockProvider1' ) );
882 $this->config
->set( 'SessionProviders', [
883 $this->objectCacheDef( $provider1 ),
886 $this->assertFalse( $manager->isUserSessionPrevented( 'UTSysop' ) );
887 $manager->preventSessionsForUser( 'UTSysop' );
888 $this->assertTrue( $manager->isUserSessionPrevented( 'UTSysop' ) );
891 public function testLoadSessionInfoFromStore() {
892 $manager = $this->getManager();
893 $logger = new \
TestLogger( true );
894 $manager->setLogger( $logger );
895 $request = new \
FauxRequest();
897 // TestingAccessWrapper can't handle methods with reference arguments, sigh.
898 $rClass = new \
ReflectionClass( $manager );
899 $rMethod = $rClass->getMethod( 'loadSessionInfoFromStore' );
900 $rMethod->setAccessible( true );
901 $loadSessionInfoFromStore = function ( &$info ) use ( $rMethod, $manager, $request ) {
902 return $rMethod->invokeArgs( $manager, [ &$info, $request ] );
905 $userInfo = UserInfo
::newFromName( 'UTSysop', true );
906 $unverifiedUserInfo = UserInfo
::newFromName( 'UTSysop', false );
908 $id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
910 'userId' => $userInfo->getId(),
911 'userName' => $userInfo->getName(),
912 'userToken' => $userInfo->getToken( true ),
913 'provider' => 'Mock',
916 $builder = $this->getMockBuilder( SessionProvider
::class )
917 ->setMethods( [ '__toString', 'mergeMetadata', 'refreshSessionInfo' ] );
919 $provider = $builder->getMockForAbstractClass();
920 $provider->setManager( $manager );
921 $provider->expects( $this->any() )->method( 'persistsSessionId' )
922 ->will( $this->returnValue( true ) );
923 $provider->expects( $this->any() )->method( 'canChangeUser' )
924 ->will( $this->returnValue( true ) );
925 $provider->expects( $this->any() )->method( 'refreshSessionInfo' )
926 ->will( $this->returnValue( true ) );
927 $provider->expects( $this->any() )->method( '__toString' )
928 ->will( $this->returnValue( 'Mock' ) );
929 $provider->expects( $this->any() )->method( 'mergeMetadata' )
930 ->will( $this->returnCallback( function ( $a, $b ) {
931 if ( $b === [ 'Throw' ] ) {
932 throw new MetadataMergeException( 'no merge!' );
937 $provider2 = $builder->getMockForAbstractClass();
938 $provider2->setManager( $manager );
939 $provider2->expects( $this->any() )->method( 'persistsSessionId' )
940 ->will( $this->returnValue( false ) );
941 $provider2->expects( $this->any() )->method( 'canChangeUser' )
942 ->will( $this->returnValue( false ) );
943 $provider2->expects( $this->any() )->method( '__toString' )
944 ->will( $this->returnValue( 'Mock2' ) );
945 $provider2->expects( $this->any() )->method( 'refreshSessionInfo' )
946 ->will( $this->returnCallback( function ( $info, $request, &$metadata ) {
947 $metadata['changed'] = true;
951 $provider3 = $builder->getMockForAbstractClass();
952 $provider3->setManager( $manager );
953 $provider3->expects( $this->any() )->method( 'persistsSessionId' )
954 ->will( $this->returnValue( true ) );
955 $provider3->expects( $this->any() )->method( 'canChangeUser' )
956 ->will( $this->returnValue( true ) );
957 $provider3->expects( $this->once() )->method( 'refreshSessionInfo' )
958 ->will( $this->returnValue( false ) );
959 $provider3->expects( $this->any() )->method( '__toString' )
960 ->will( $this->returnValue( 'Mock3' ) );
962 \TestingAccessWrapper
::newFromObject( $manager )->sessionProviders
= [
963 (string)$provider => $provider,
964 (string)$provider2 => $provider2,
965 (string)$provider3 => $provider3,
968 // No metadata, basic usage
969 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
970 'provider' => $provider,
972 'userInfo' => $userInfo
974 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
975 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
976 $this->assertFalse( $info->isIdSafe() );
977 $this->assertSame( [], $logger->getBuffer() );
979 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
980 'provider' => $provider,
981 'userInfo' => $userInfo
983 $this->assertTrue( $info->isIdSafe(), 'sanity check' );
984 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
985 $this->assertTrue( $info->isIdSafe() );
986 $this->assertSame( [], $logger->getBuffer() );
988 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
989 'provider' => $provider2,
991 'userInfo' => $userInfo
993 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
994 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
995 $this->assertTrue( $info->isIdSafe() );
996 $this->assertSame( [], $logger->getBuffer() );
998 // Unverified user, no metadata
999 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1000 'provider' => $provider,
1002 'userInfo' => $unverifiedUserInfo
1004 $this->assertSame( $unverifiedUserInfo, $info->getUserInfo() );
1005 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1006 $this->assertSame( [
1009 'Session "{session}": Unverified user provided and no metadata to auth it',
1011 ], $logger->getBuffer() );
1012 $logger->clearBuffer();
1014 // No metadata, missing data
1015 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1017 'userInfo' => $userInfo
1019 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1020 $this->assertSame( [
1021 [ LogLevel
::WARNING
, 'Session "{session}": Null provider and no metadata' ],
1022 ], $logger->getBuffer() );
1023 $logger->clearBuffer();
1025 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1026 'provider' => $provider,
1029 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1030 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1031 $this->assertInstanceOf( UserInfo
::class, $info->getUserInfo() );
1032 $this->assertTrue( $info->getUserInfo()->isVerified() );
1033 $this->assertTrue( $info->getUserInfo()->isAnon() );
1034 $this->assertFalse( $info->isIdSafe() );
1035 $this->assertSame( [], $logger->getBuffer() );
1037 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1038 'provider' => $provider2,
1041 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1042 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1043 $this->assertSame( [
1044 [ LogLevel
::INFO
, 'Session "{session}": No user provided and provider cannot set user' ]
1045 ], $logger->getBuffer() );
1046 $logger->clearBuffer();
1048 // Incomplete/bad metadata
1049 $this->store
->setRawSession( $id, true );
1050 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1051 $this->assertSame( [
1052 [ LogLevel
::WARNING
, 'Session "{session}": Bad data' ],
1053 ], $logger->getBuffer() );
1054 $logger->clearBuffer();
1056 $this->store
->setRawSession( $id, [ 'data' => [] ] );
1057 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1058 $this->assertSame( [
1059 [ LogLevel
::WARNING
, 'Session "{session}": Bad data structure' ],
1060 ], $logger->getBuffer() );
1061 $logger->clearBuffer();
1063 $this->store
->deleteSession( $id );
1064 $this->store
->setRawSession( $id, [ 'metadata' => $metadata ] );
1065 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1066 $this->assertSame( [
1067 [ LogLevel
::WARNING
, 'Session "{session}": Bad data structure' ],
1068 ], $logger->getBuffer() );
1069 $logger->clearBuffer();
1071 $this->store
->setRawSession( $id, [ 'metadata' => $metadata, 'data' => true ] );
1072 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1073 $this->assertSame( [
1074 [ LogLevel
::WARNING
, 'Session "{session}": Bad data structure' ],
1075 ], $logger->getBuffer() );
1076 $logger->clearBuffer();
1078 $this->store
->setRawSession( $id, [ 'metadata' => true, 'data' => [] ] );
1079 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1080 $this->assertSame( [
1081 [ LogLevel
::WARNING
, 'Session "{session}": Bad data structure' ],
1082 ], $logger->getBuffer() );
1083 $logger->clearBuffer();
1085 foreach ( $metadata as $key => $dummy ) {
1087 unset( $tmp[$key] );
1088 $this->store
->setRawSession( $id, [ 'metadata' => $tmp, 'data' => [] ] );
1089 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1090 $this->assertSame( [
1091 [ LogLevel
::WARNING
, 'Session "{session}": Bad metadata' ],
1092 ], $logger->getBuffer() );
1093 $logger->clearBuffer();
1096 // Basic usage with metadata
1097 $this->store
->setRawSession( $id, [ 'metadata' => $metadata, 'data' => [] ] );
1098 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1099 'provider' => $provider,
1101 'userInfo' => $userInfo
1103 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1104 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1105 $this->assertTrue( $info->isIdSafe() );
1106 $this->assertSame( [], $logger->getBuffer() );
1108 // Mismatched provider
1109 $this->store
->setSessionMeta( $id, [ 'provider' => 'Bad' ] +
$metadata );
1110 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1111 'provider' => $provider,
1113 'userInfo' => $userInfo
1115 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1116 $this->assertSame( [
1117 [ LogLevel
::WARNING
, 'Session "{session}": Wrong provider Bad !== Mock' ],
1118 ], $logger->getBuffer() );
1119 $logger->clearBuffer();
1122 $this->store
->setSessionMeta( $id, [ 'provider' => 'Bad' ] +
$metadata );
1123 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1125 'userInfo' => $userInfo
1127 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1128 $this->assertSame( [
1129 [ LogLevel
::WARNING
, 'Session "{session}": Unknown provider Bad' ],
1130 ], $logger->getBuffer() );
1131 $logger->clearBuffer();
1134 $this->store
->setSessionMeta( $id, $metadata );
1135 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1137 'userInfo' => $userInfo
1139 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1140 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1141 $this->assertTrue( $info->isIdSafe() );
1142 $this->assertSame( [], $logger->getBuffer() );
1144 // Bad user metadata
1145 $this->store
->setSessionMeta( $id, [ 'userId' => -1, 'userToken' => null ] +
$metadata );
1146 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1147 'provider' => $provider,
1150 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1151 $this->assertSame( [
1152 [ LogLevel
::ERROR
, 'Session "{session}": {exception}' ],
1153 ], $logger->getBuffer() );
1154 $logger->clearBuffer();
1156 $this->store
->setSessionMeta(
1157 $id, [ 'userId' => 0, 'userName' => '<X>', 'userToken' => null ] +
$metadata
1159 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1160 'provider' => $provider,
1163 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1164 $this->assertSame( [
1165 [ LogLevel
::ERROR
, 'Session "{session}": {exception}', ],
1166 ], $logger->getBuffer() );
1167 $logger->clearBuffer();
1169 // Mismatched user by ID
1170 $this->store
->setSessionMeta(
1171 $id, [ 'userId' => $userInfo->getId() +
1, 'userToken' => null ] +
$metadata
1173 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1174 'provider' => $provider,
1176 'userInfo' => $userInfo
1178 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1179 $this->assertSame( [
1180 [ LogLevel
::WARNING
, 'Session "{session}": User ID mismatch, {uid_a} !== {uid_b}' ],
1181 ], $logger->getBuffer() );
1182 $logger->clearBuffer();
1184 // Mismatched user by name
1185 $this->store
->setSessionMeta(
1186 $id, [ 'userId' => 0, 'userName' => 'X', 'userToken' => null ] +
$metadata
1188 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1189 'provider' => $provider,
1191 'userInfo' => $userInfo
1193 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1194 $this->assertSame( [
1195 [ LogLevel
::WARNING
, 'Session "{session}": User name mismatch, {uname_a} !== {uname_b}' ],
1196 ], $logger->getBuffer() );
1197 $logger->clearBuffer();
1199 // ID matches, name doesn't
1200 $this->store
->setSessionMeta(
1201 $id, [ 'userId' => $userInfo->getId(), 'userName' => 'X', 'userToken' => null ] +
$metadata
1203 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1204 'provider' => $provider,
1206 'userInfo' => $userInfo
1208 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1209 $this->assertSame( [
1212 'Session "{session}": User ID matched but name didn\'t (rename?), {uname_a} !== {uname_b}'
1214 ], $logger->getBuffer() );
1215 $logger->clearBuffer();
1217 // Mismatched anon user
1218 $this->store
->setSessionMeta(
1219 $id, [ 'userId' => 0, 'userName' => null, 'userToken' => null ] +
$metadata
1221 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1222 'provider' => $provider,
1224 'userInfo' => $userInfo
1226 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1227 $this->assertSame( [
1230 'Session "{session}": Metadata has an anonymous user, ' .
1231 'but a non-anon user was provided',
1233 ], $logger->getBuffer() );
1234 $logger->clearBuffer();
1236 // Lookup user by ID
1237 $this->store
->setSessionMeta( $id, [ 'userToken' => null ] +
$metadata );
1238 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1239 'provider' => $provider,
1242 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1243 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1244 $this->assertSame( $userInfo->getId(), $info->getUserInfo()->getId() );
1245 $this->assertTrue( $info->isIdSafe() );
1246 $this->assertSame( [], $logger->getBuffer() );
1248 // Lookup user by name
1249 $this->store
->setSessionMeta(
1250 $id, [ 'userId' => 0, 'userName' => 'UTSysop', 'userToken' => null ] +
$metadata
1252 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1253 'provider' => $provider,
1256 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1257 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1258 $this->assertSame( $userInfo->getId(), $info->getUserInfo()->getId() );
1259 $this->assertTrue( $info->isIdSafe() );
1260 $this->assertSame( [], $logger->getBuffer() );
1262 // Lookup anonymous user
1263 $this->store
->setSessionMeta(
1264 $id, [ 'userId' => 0, 'userName' => null, 'userToken' => null ] +
$metadata
1266 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1267 'provider' => $provider,
1270 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1271 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1272 $this->assertTrue( $info->getUserInfo()->isAnon() );
1273 $this->assertTrue( $info->isIdSafe() );
1274 $this->assertSame( [], $logger->getBuffer() );
1276 // Unverified user with metadata
1277 $this->store
->setSessionMeta( $id, $metadata );
1278 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1279 'provider' => $provider,
1281 'userInfo' => $unverifiedUserInfo
1283 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1284 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1285 $this->assertTrue( $info->getUserInfo()->isVerified() );
1286 $this->assertSame( $unverifiedUserInfo->getId(), $info->getUserInfo()->getId() );
1287 $this->assertSame( $unverifiedUserInfo->getName(), $info->getUserInfo()->getName() );
1288 $this->assertTrue( $info->isIdSafe() );
1289 $this->assertSame( [], $logger->getBuffer() );
1291 // Unverified user with metadata
1292 $this->store
->setSessionMeta( $id, $metadata );
1293 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1294 'provider' => $provider,
1296 'userInfo' => $unverifiedUserInfo
1298 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1299 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1300 $this->assertTrue( $info->getUserInfo()->isVerified() );
1301 $this->assertSame( $unverifiedUserInfo->getId(), $info->getUserInfo()->getId() );
1302 $this->assertSame( $unverifiedUserInfo->getName(), $info->getUserInfo()->getName() );
1303 $this->assertTrue( $info->isIdSafe() );
1304 $this->assertSame( [], $logger->getBuffer() );
1307 $this->store
->setSessionMeta( $id, [ 'userToken' => 'Bad' ] +
$metadata );
1308 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1309 'provider' => $provider,
1311 'userInfo' => $userInfo
1313 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1314 $this->assertSame( [
1315 [ LogLevel
::WARNING
, 'Session "{session}": User token mismatch' ],
1316 ], $logger->getBuffer() );
1317 $logger->clearBuffer();
1319 // Provider metadata
1320 $this->store
->setSessionMeta( $id, [ 'provider' => 'Mock2' ] +
$metadata );
1321 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1322 'provider' => $provider2,
1324 'userInfo' => $userInfo,
1325 'metadata' => [ 'Info' ],
1327 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1328 $this->assertSame( [ 'Info', 'changed' => true ], $info->getProviderMetadata() );
1329 $this->assertSame( [], $logger->getBuffer() );
1331 $this->store
->setSessionMeta( $id, [ 'providerMetadata' => [ 'Saved' ] ] +
$metadata );
1332 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1333 'provider' => $provider,
1335 'userInfo' => $userInfo,
1337 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1338 $this->assertSame( [ 'Saved' ], $info->getProviderMetadata() );
1339 $this->assertSame( [], $logger->getBuffer() );
1341 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1342 'provider' => $provider,
1344 'userInfo' => $userInfo,
1345 'metadata' => [ 'Info' ],
1347 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1348 $this->assertSame( [ 'Merged' ], $info->getProviderMetadata() );
1349 $this->assertSame( [], $logger->getBuffer() );
1351 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1352 'provider' => $provider,
1354 'userInfo' => $userInfo,
1355 'metadata' => [ 'Throw' ],
1357 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1358 $this->assertSame( [
1361 'Session "{session}": Metadata merge failed: {exception}',
1363 ], $logger->getBuffer() );
1364 $logger->clearBuffer();
1366 // Remember from session
1367 $this->store
->setSessionMeta( $id, $metadata );
1368 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1369 'provider' => $provider,
1372 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1373 $this->assertFalse( $info->wasRemembered() );
1374 $this->assertSame( [], $logger->getBuffer() );
1376 $this->store
->setSessionMeta( $id, [ 'remember' => true ] +
$metadata );
1377 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1378 'provider' => $provider,
1381 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1382 $this->assertTrue( $info->wasRemembered() );
1383 $this->assertSame( [], $logger->getBuffer() );
1385 $this->store
->setSessionMeta( $id, [ 'remember' => false ] +
$metadata );
1386 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1387 'provider' => $provider,
1389 'userInfo' => $userInfo
1391 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1392 $this->assertTrue( $info->wasRemembered() );
1393 $this->assertSame( [], $logger->getBuffer() );
1395 // forceHTTPS from session
1396 $this->store
->setSessionMeta( $id, $metadata );
1397 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1398 'provider' => $provider,
1400 'userInfo' => $userInfo
1402 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1403 $this->assertFalse( $info->forceHTTPS() );
1404 $this->assertSame( [], $logger->getBuffer() );
1406 $this->store
->setSessionMeta( $id, [ 'forceHTTPS' => true ] +
$metadata );
1407 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1408 'provider' => $provider,
1410 'userInfo' => $userInfo
1412 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1413 $this->assertTrue( $info->forceHTTPS() );
1414 $this->assertSame( [], $logger->getBuffer() );
1416 $this->store
->setSessionMeta( $id, [ 'forceHTTPS' => false ] +
$metadata );
1417 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1418 'provider' => $provider,
1420 'userInfo' => $userInfo,
1421 'forceHTTPS' => true
1423 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1424 $this->assertTrue( $info->forceHTTPS() );
1425 $this->assertSame( [], $logger->getBuffer() );
1427 // "Persist" flag from session
1428 $this->store
->setSessionMeta( $id, $metadata );
1429 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1430 'provider' => $provider,
1432 'userInfo' => $userInfo
1434 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1435 $this->assertFalse( $info->wasPersisted() );
1436 $this->assertSame( [], $logger->getBuffer() );
1438 $this->store
->setSessionMeta( $id, [ 'persisted' => true ] +
$metadata );
1439 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1440 'provider' => $provider,
1442 'userInfo' => $userInfo
1444 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1445 $this->assertTrue( $info->wasPersisted() );
1446 $this->assertSame( [], $logger->getBuffer() );
1448 $this->store
->setSessionMeta( $id, [ 'persisted' => false ] +
$metadata );
1449 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1450 'provider' => $provider,
1452 'userInfo' => $userInfo,
1455 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1456 $this->assertTrue( $info->wasPersisted() );
1457 $this->assertSame( [], $logger->getBuffer() );
1459 // Provider refreshSessionInfo() returning false
1460 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1461 'provider' => $provider3,
1463 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1464 $this->assertSame( [], $logger->getBuffer() );
1468 $data = [ 'foo' => 1 ];
1469 $this->store
->setSession( $id, [ 'metadata' => $metadata, 'data' => $data ] );
1470 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1471 'provider' => $provider,
1473 'userInfo' => $userInfo
1475 $this->mergeMwGlobalArrayValue( 'wgHooks', [
1476 'SessionCheckInfo' => [ function ( &$reason, $i, $r, $m, $d ) use (
1477 $info, $metadata, $data, $request, &$called
1479 $this->assertSame( $info->getId(), $i->getId() );
1480 $this->assertSame( $info->getProvider(), $i->getProvider() );
1481 $this->assertSame( $info->getUserInfo(), $i->getUserInfo() );
1482 $this->assertSame( $request, $r );
1483 $this->assertEquals( $metadata, $m );
1484 $this->assertEquals( $data, $d );
1489 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1490 $this->assertTrue( $called );
1491 $this->assertSame( [
1492 [ LogLevel
::WARNING
, 'Session "{session}": Hook aborted' ],
1493 ], $logger->getBuffer() );
1494 $logger->clearBuffer();
1495 $this->mergeMwGlobalArrayValue( 'wgHooks', [ 'SessionCheckInfo' => [] ] );
1497 // forceUse deletes bad backend data
1498 $this->store
->setSessionMeta( $id, [ 'userToken' => 'Bad' ] +
$metadata );
1499 $info = new SessionInfo( SessionInfo
::MIN_PRIORITY
, [
1500 'provider' => $provider,
1502 'userInfo' => $userInfo,
1505 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1506 $this->assertFalse( $this->store
->getSession( $id ) );
1507 $this->assertSame( [
1508 [ LogLevel
::WARNING
, 'Session "{session}": User token mismatch' ],
1509 ], $logger->getBuffer() );
1510 $logger->clearBuffer();