tests/phpunit/includes/api/ApiLogoutTest.php

   1 <?php
   2
   3 /**
   4  * @group API
   5  * @group Database
   6  * @group medium
   7  *
   8  * @covers ApiLogout
   9  */
  10 class ApiLogoutTest extends ApiTestCase {
  11         public function setUp() {
  12                 parent::setUp();
  13         }
  14
  15         public function testUserLogoutBadToken() {
  16                 try {
  17                         $token = 'invalid token';
  18                         $retLogout = $this->doUserLogout( $token );
  19                 }
  20                 catch ( ApiUsageException $e ) {
  21                         $exceptionMsg = $e->getMessage();
  22                 }
  23
  24                 $this->assertSame( "Invalid CSRF token.", $exceptionMsg );
  25         }
  26
  27         public function testUserLogout() {
  28                 // TODO: there has to be a cleaner way to make User::doLogout happy
  29                 global $wgUser;
  30                 $wgUser = User::newFromId( '127.0.0.1' );
  31
  32                 $token = $this->getUserCsrfTokenFromApi();
  33                 $retLogout = $this->doUserLogout( $token );
  34                 $this->assertFalse( $wgUser->isLoggedIn() );
  35         }
  36
  37         public function getUserCsrfTokenFromApi() {
  38                 $retToken = $this->doApiRequest( [
  39                         'action' => 'query',
  40                         'meta' => 'tokens',
  41                         'type' => 'csrf'
  42                 ] );
  43
  44                 $this->assertArrayNotHasKey( 'warnings', $retToken );
  45
  46                 return $retToken[0]['query']['tokens']['csrftoken'];
  47         }
  48
  49         public function doUserLogout( $logoutToken ) {
  50                 return $this->doApiRequest( [
  51                         'action' => 'logout',
  52                         'token' => $logoutToken
  53                 ] );
  54         }
  55 }