dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
session: Add debug message for the used store class
[lhc/web/wiklou.git] / tests / phpunit / includes / session / SessionManagerTest.php
1 <?php
2
3 namespace MediaWiki\Session;
4
5 use MediaWikiTestCase;
6 use Psr\Log\LogLevel;
7 use User;
8 use Wikimedia\TestingAccessWrapper;
9
10 /**
11 * @group Session
12 * @group Database
13 * @covers MediaWiki\Session\SessionManager
14 */
15 class SessionManagerTest extends MediaWikiTestCase {
16
17 /** @var \HashConfig */
18 private $config;
19
20 /** @var \TestLogger */
21 private $logger;
22
23 /** @var TestBagOStuff */
24 private $store;
25
26 protected function getManager() {
27 \ObjectCache::$instances['testSessionStore'] = new TestBagOStuff();
28 $this->config = new \HashConfig( [
29 'LanguageCode' => 'en',
30 'SessionCacheType' => 'testSessionStore',
31 'ObjectCacheSessionExpiry' => 100,
32 'SessionProviders' => [
33 [ 'class' => \DummySessionProvider::class ],
34 ]
35 ] );
36 $this->logger = new \TestLogger( false, function ( $m ) {
37 return ( strpos( $m, 'SessionBackend ' ) === 0
38 || strpos( $m, 'SessionManager using store ' ) === 0
39 ) ? null : $m;
40 } );
41 $this->store = new TestBagOStuff();
42
43 return new SessionManager( [
44 'config' => $this->config,
45 'logger' => $this->logger,
46 'store' => $this->store,
47 ] );
48 }
49
50 protected function objectCacheDef( $object ) {
51 return [ 'factory' => function () use ( $object ) {
52 return $object;
53 } ];
54 }
55
56 public function testSingleton() {
57 $reset = TestUtils::setSessionManagerSingleton( null );
58
59 $singleton = SessionManager::singleton();
60 $this->assertInstanceOf( SessionManager::class, $singleton );
61 $this->assertSame( $singleton, SessionManager::singleton() );
62 }
63
64 public function testGetGlobalSession() {
65 $context = \RequestContext::getMain();
66
67 if ( !PHPSessionHandler::isInstalled() ) {
68 PHPSessionHandler::install( SessionManager::singleton() );
69 }
70 $rProp = new \ReflectionProperty( PHPSessionHandler::class, 'instance' );
71 $rProp->setAccessible( true );
72 $handler = TestingAccessWrapper::newFromObject( $rProp->getValue() );
73 $oldEnable = $handler->enable;
74 $reset[] = new \Wikimedia\ScopedCallback( function () use ( $handler, $oldEnable ) {
75 if ( $handler->enable ) {
76 session_write_close();
77 }
78 $handler->enable = $oldEnable;
79 } );
80 $reset[] = TestUtils::setSessionManagerSingleton( $this->getManager() );
81
82 $handler->enable = true;
83 $request = new \FauxRequest();
84 $context->setRequest( $request );
85 $id = $request->getSession()->getId();
86
87 session_write_close();
88 session_id( '' );
89 $session = SessionManager::getGlobalSession();
90 $this->assertSame( $id, $session->getId() );
91
92 session_id( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' );
93 $session = SessionManager::getGlobalSession();
94 $this->assertSame( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', $session->getId() );
95 $this->assertSame( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx', $request->getSession()->getId() );
96
97 session_write_close();
98 $handler->enable = false;
99 $request = new \FauxRequest();
100 $context->setRequest( $request );
101 $id = $request->getSession()->getId();
102
103 session_id( '' );
104 $session = SessionManager::getGlobalSession();
105 $this->assertSame( $id, $session->getId() );
106
107 session_id( 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' );
108 $session = SessionManager::getGlobalSession();
109 $this->assertSame( $id, $session->getId() );
110 $this->assertSame( $id, $request->getSession()->getId() );
111 }
112
113 public function testConstructor() {
114 $manager = TestingAccessWrapper::newFromObject( $this->getManager() );
115 $this->assertSame( $this->config, $manager->config );
116 $this->assertSame( $this->logger, $manager->logger );
117 $this->assertSame( $this->store, $manager->store );
118
119 $manager = TestingAccessWrapper::newFromObject( new SessionManager() );
120 $this->assertSame( \RequestContext::getMain()->getConfig(), $manager->config );
121
122 $manager = TestingAccessWrapper::newFromObject( new SessionManager( [
123 'config' => $this->config,
124 ] ) );
125 $this->assertSame( \ObjectCache::$instances['testSessionStore'], $manager->store );
126
127 foreach ( [
128 'config' => '$options[\'config\'] must be an instance of Config',
129 'logger' => '$options[\'logger\'] must be an instance of LoggerInterface',
130 'store' => '$options[\'store\'] must be an instance of BagOStuff',
131 ] as $key => $error ) {
132 try {
133 new SessionManager( [ $key => new \stdClass ] );
134 $this->fail( 'Expected exception not thrown' );
135 } catch ( \InvalidArgumentException $ex ) {
136 $this->assertSame( $error, $ex->getMessage() );
137 }
138 }
139 }
140
141 public function testGetSessionForRequest() {
142 $manager = $this->getManager();
143 $request = new \FauxRequest();
144 $request->unpersist1 = false;
145 $request->unpersist2 = false;
146
147 $id1 = '';
148 $id2 = '';
149 $idEmpty = 'empty-session-------------------';
150
151 $providerBuilder = $this->getMockBuilder( \DummySessionProvider::class )
152 ->setMethods(
153 [ 'provideSessionInfo', 'newSessionInfo', '__toString', 'describe', 'unpersistSession' ]
154 );
155
156 $provider1 = $providerBuilder->getMock();
157 $provider1->expects( $this->any() )->method( 'provideSessionInfo' )
158 ->with( $this->identicalTo( $request ) )
159 ->will( $this->returnCallback( function ( $request ) {
160 return $request->info1;
161 } ) );
162 $provider1->expects( $this->any() )->method( 'newSessionInfo' )
163 ->will( $this->returnCallback( function () use ( $idEmpty, $provider1 ) {
164 return new SessionInfo( SessionInfo::MIN_PRIORITY, [
165 'provider' => $provider1,
166 'id' => $idEmpty,
167 'persisted' => true,
168 'idIsSafe' => true,
169 ] );
170 } ) );
171 $provider1->expects( $this->any() )->method( '__toString' )
172 ->will( $this->returnValue( 'Provider1' ) );
173 $provider1->expects( $this->any() )->method( 'describe' )
174 ->will( $this->returnValue( '#1 sessions' ) );
175 $provider1->expects( $this->any() )->method( 'unpersistSession' )
176 ->will( $this->returnCallback( function ( $request ) {
177 $request->unpersist1 = true;
178 } ) );
179
180 $provider2 = $providerBuilder->getMock();
181 $provider2->expects( $this->any() )->method( 'provideSessionInfo' )
182 ->with( $this->identicalTo( $request ) )
183 ->will( $this->returnCallback( function ( $request ) {
184 return $request->info2;
185 } ) );
186 $provider2->expects( $this->any() )->method( '__toString' )
187 ->will( $this->returnValue( 'Provider2' ) );
188 $provider2->expects( $this->any() )->method( 'describe' )
189 ->will( $this->returnValue( '#2 sessions' ) );
190 $provider2->expects( $this->any() )->method( 'unpersistSession' )
191 ->will( $this->returnCallback( function ( $request ) {
192 $request->unpersist2 = true;
193 } ) );
194
195 $this->config->set( 'SessionProviders', [
196 $this->objectCacheDef( $provider1 ),
197 $this->objectCacheDef( $provider2 ),
198 ] );
199
200 // No provider returns info
201 $request->info1 = null;
202 $request->info2 = null;
203 $session = $manager->getSessionForRequest( $request );
204 $this->assertInstanceOf( Session::class, $session );
205 $this->assertSame( $idEmpty, $session->getId() );
206 $this->assertFalse( $request->unpersist1 );
207 $this->assertFalse( $request->unpersist2 );
208
209 // Both providers return info, picks best one
210 $request->info1 = new SessionInfo( SessionInfo::MIN_PRIORITY + 1, [
211 'provider' => $provider1,
212 'id' => ( $id1 = $manager->generateSessionId() ),
213 'persisted' => true,
214 'idIsSafe' => true,
215 ] );
216 $request->info2 = new SessionInfo( SessionInfo::MIN_PRIORITY + 2, [
217 'provider' => $provider2,
218 'id' => ( $id2 = $manager->generateSessionId() ),
219 'persisted' => true,
220 'idIsSafe' => true,
221 ] );
222 $session = $manager->getSessionForRequest( $request );
223 $this->assertInstanceOf( Session::class, $session );
224 $this->assertSame( $id2, $session->getId() );
225 $this->assertFalse( $request->unpersist1 );
226 $this->assertFalse( $request->unpersist2 );
227
228 $request->info1 = new SessionInfo( SessionInfo::MIN_PRIORITY + 2, [
229 'provider' => $provider1,
230 'id' => ( $id1 = $manager->generateSessionId() ),
231 'persisted' => true,
232 'idIsSafe' => true,
233 ] );
234 $request->info2 = new SessionInfo( SessionInfo::MIN_PRIORITY + 1, [
235 'provider' => $provider2,
236 'id' => ( $id2 = $manager->generateSessionId() ),
237 'persisted' => true,
238 'idIsSafe' => true,
239 ] );
240 $session = $manager->getSessionForRequest( $request );
241 $this->assertInstanceOf( Session::class, $session );
242 $this->assertSame( $id1, $session->getId() );
243 $this->assertFalse( $request->unpersist1 );
244 $this->assertFalse( $request->unpersist2 );
245
246 // Tied priorities
247 $request->info1 = new SessionInfo( SessionInfo::MAX_PRIORITY, [
248 'provider' => $provider1,
249 'id' => ( $id1 = $manager->generateSessionId() ),
250 'persisted' => true,
251 'userInfo' => UserInfo::newAnonymous(),
252 'idIsSafe' => true,
253 ] );
254 $request->info2 = new SessionInfo( SessionInfo::MAX_PRIORITY, [
255 'provider' => $provider2,
256 'id' => ( $id2 = $manager->generateSessionId() ),
257 'persisted' => true,
258 'userInfo' => UserInfo::newAnonymous(),
259 'idIsSafe' => true,
260 ] );
261 try {
262 $manager->getSessionForRequest( $request );
263 $this->fail( 'Expcected exception not thrown' );
264 } catch ( SessionOverflowException $ex ) {
265 $this->assertStringStartsWith(
266 'Multiple sessions for this request tied for top priority: ',
267 $ex->getMessage()
268 );
269 $this->assertCount( 2, $ex->getSessionInfos() );
270 $this->assertContains( $request->info1, $ex->getSessionInfos() );
271 $this->assertContains( $request->info2, $ex->getSessionInfos() );
272 }
273 $this->assertFalse( $request->unpersist1 );
274 $this->assertFalse( $request->unpersist2 );
275
276 // Bad provider
277 $request->info1 = new SessionInfo( SessionInfo::MAX_PRIORITY, [
278 'provider' => $provider2,
279 'id' => ( $id1 = $manager->generateSessionId() ),
280 'persisted' => true,
281 'idIsSafe' => true,
282 ] );
283 $request->info2 = null;
284 try {
285 $manager->getSessionForRequest( $request );
286 $this->fail( 'Expcected exception not thrown' );
287 } catch ( \UnexpectedValueException $ex ) {
288 $this->assertSame(
289 'Provider1 returned session info for a different provider: ' . $request->info1,
290 $ex->getMessage()
291 );
292 }
293 $this->assertFalse( $request->unpersist1 );
294 $this->assertFalse( $request->unpersist2 );
295
296 // Unusable session info
297 $this->logger->setCollect( true );
298 $request->info1 = new SessionInfo( SessionInfo::MAX_PRIORITY, [
299 'provider' => $provider1,
300 'id' => ( $id1 = $manager->generateSessionId() ),
301 'persisted' => true,
302 'userInfo' => UserInfo::newFromName( 'UTSysop', false ),
303 'idIsSafe' => true,
304 ] );
305 $request->info2 = new SessionInfo( SessionInfo::MIN_PRIORITY, [
306 'provider' => $provider2,
307 'id' => ( $id2 = $manager->generateSessionId() ),
308 'persisted' => true,
309 'idIsSafe' => true,
310 ] );
311 $session = $manager->getSessionForRequest( $request );
312 $this->assertInstanceOf( Session::class, $session );
313 $this->assertSame( $id2, $session->getId() );
314 $this->logger->setCollect( false );
315 $this->assertTrue( $request->unpersist1 );
316 $this->assertFalse( $request->unpersist2 );
317 $request->unpersist1 = false;
318
319 $this->logger->setCollect( true );
320 $request->info1 = new SessionInfo( SessionInfo::MAX_PRIORITY, [
321 'provider' => $provider1,
322 'id' => ( $id1 = $manager->generateSessionId() ),
323 'persisted' => true,
324 'idIsSafe' => true,
325 ] );
326 $request->info2 = new SessionInfo( SessionInfo::MAX_PRIORITY, [
327 'provider' => $provider2,
328 'id' => ( $id2 = $manager->generateSessionId() ),
329 'persisted' => true,
330 'userInfo' => UserInfo::newFromName( 'UTSysop', false ),
331 'idIsSafe' => true,
332 ] );
333 $session = $manager->getSessionForRequest( $request );
334 $this->assertInstanceOf( Session::class, $session );
335 $this->assertSame( $id1, $session->getId() );
336 $this->logger->setCollect( false );
337 $this->assertFalse( $request->unpersist1 );
338 $this->assertTrue( $request->unpersist2 );
339 $request->unpersist2 = false;
340
341 // Unpersisted session ID
342 $request->info1 = new SessionInfo( SessionInfo::MAX_PRIORITY, [
343 'provider' => $provider1,
344 'id' => ( $id1 = $manager->generateSessionId() ),
345 'persisted' => false,
346 'userInfo' => UserInfo::newFromName( 'UTSysop', true ),
347 'idIsSafe' => true,
348 ] );
349 $request->info2 = null;
350 $session = $manager->getSessionForRequest( $request );
351 $this->assertInstanceOf( Session::class, $session );
352 $this->assertSame( $id1, $session->getId() );
353 $this->assertTrue( $request->unpersist1 ); // The saving of the session does it
354 $this->assertFalse( $request->unpersist2 );
355 $session->persist();
356 $this->assertTrue( $session->isPersistent(), 'sanity check' );
357 }
358
359 public function testGetSessionById() {
360 $manager = $this->getManager();
361 try {
362 $manager->getSessionById( 'bad' );
363 $this->fail( 'Expected exception not thrown' );
364 } catch ( \InvalidArgumentException $ex ) {
365 $this->assertSame( 'Invalid session ID', $ex->getMessage() );
366 }
367
368 // Unknown session ID
369 $id = $manager->generateSessionId();
370 $session = $manager->getSessionById( $id, true );
371 $this->assertInstanceOf( Session::class, $session );
372 $this->assertSame( $id, $session->getId() );
373
374 $id = $manager->generateSessionId();
375 $this->assertNull( $manager->getSessionById( $id, false ) );
376
377 // Known but unloadable session ID
378 $this->logger->setCollect( true );
379 $id = $manager->generateSessionId();
380 $this->store->setSession( $id, [ 'metadata' => [
381 'userId' => User::idFromName( 'UTSysop' ),
382 'userToken' => 'bad',
383 ] ] );
384
385 $this->assertNull( $manager->getSessionById( $id, true ) );
386 $this->assertNull( $manager->getSessionById( $id, false ) );
387 $this->logger->setCollect( false );
388
389 // Known session ID
390 $this->store->setSession( $id, [] );
391 $session = $manager->getSessionById( $id, false );
392 $this->assertInstanceOf( Session::class, $session );
393 $this->assertSame( $id, $session->getId() );
394
395 // Store isn't checked if the session is already loaded
396 $this->store->setSession( $id, [ 'metadata' => [
397 'userId' => User::idFromName( 'UTSysop' ),
398 'userToken' => 'bad',
399 ] ] );
400 $session2 = $manager->getSessionById( $id, false );
401 $this->assertInstanceOf( Session::class, $session2 );
402 $this->assertSame( $id, $session2->getId() );
403 unset( $session, $session2 );
404 $this->logger->setCollect( true );
405 $this->assertNull( $manager->getSessionById( $id, true ) );
406 $this->logger->setCollect( false );
407
408 // Failure to create an empty session
409 $manager = $this->getManager();
410 $provider = $this->getMockBuilder( \DummySessionProvider::class )
411 ->setMethods( [ 'provideSessionInfo', 'newSessionInfo', '__toString' ] )
412 ->getMock();
413 $provider->expects( $this->any() )->method( 'provideSessionInfo' )
414 ->will( $this->returnValue( null ) );
415 $provider->expects( $this->any() )->method( 'newSessionInfo' )
416 ->will( $this->returnValue( null ) );
417 $provider->expects( $this->any() )->method( '__toString' )
418 ->will( $this->returnValue( 'MockProvider' ) );
419 $this->config->set( 'SessionProviders', [
420 $this->objectCacheDef( $provider ),
421 ] );
422 $this->logger->setCollect( true );
423 $this->assertNull( $manager->getSessionById( $id, true ) );
424 $this->logger->setCollect( false );
425 $this->assertSame( [
426 [ LogLevel::ERROR, 'Failed to create empty session: {exception}' ]
427 ], $this->logger->getBuffer() );
428 }
429
430 public function testGetEmptySession() {
431 $manager = $this->getManager();
432 $pmanager = TestingAccessWrapper::newFromObject( $manager );
433 $request = new \FauxRequest();
434
435 $providerBuilder = $this->getMockBuilder( \DummySessionProvider::class )
436 ->setMethods( [ 'provideSessionInfo', 'newSessionInfo', '__toString' ] );
437
438 $expectId = null;
439 $info1 = null;
440 $info2 = null;
441
442 $provider1 = $providerBuilder->getMock();
443 $provider1->expects( $this->any() )->method( 'provideSessionInfo' )
444 ->will( $this->returnValue( null ) );
445 $provider1->expects( $this->any() )->method( 'newSessionInfo' )
446 ->with( $this->callback( function ( $id ) use ( &$expectId ) {
447 return $id === $expectId;
448 } ) )
449 ->will( $this->returnCallback( function () use ( &$info1 ) {
450 return $info1;
451 } ) );
452 $provider1->expects( $this->any() )->method( '__toString' )
453 ->will( $this->returnValue( 'MockProvider1' ) );
454
455 $provider2 = $providerBuilder->getMock();
456 $provider2->expects( $this->any() )->method( 'provideSessionInfo' )
457 ->will( $this->returnValue( null ) );
458 $provider2->expects( $this->any() )->method( 'newSessionInfo' )
459 ->with( $this->callback( function ( $id ) use ( &$expectId ) {
460 return $id === $expectId;
461 } ) )
462 ->will( $this->returnCallback( function () use ( &$info2 ) {
463 return $info2;
464 } ) );
465 $provider1->expects( $this->any() )->method( '__toString' )
466 ->will( $this->returnValue( 'MockProvider2' ) );
467
468 $this->config->set( 'SessionProviders', [
469 $this->objectCacheDef( $provider1 ),
470 $this->objectCacheDef( $provider2 ),
471 ] );
472
473 // No info
474 $expectId = null;
475 $info1 = null;
476 $info2 = null;
477 try {
478 $manager->getEmptySession();
479 $this->fail( 'Expected exception not thrown' );
480 } catch ( \UnexpectedValueException $ex ) {
481 $this->assertSame(
482 'No provider could provide an empty session!',
483 $ex->getMessage()
484 );
485 }
486
487 // Info
488 $expectId = null;
489 $info1 = new SessionInfo( SessionInfo::MIN_PRIORITY, [
490 'provider' => $provider1,
491 'id' => 'empty---------------------------',
492 'persisted' => true,
493 'idIsSafe' => true,
494 ] );
495 $info2 = null;
496 $session = $manager->getEmptySession();
497 $this->assertInstanceOf( Session::class, $session );
498 $this->assertSame( 'empty---------------------------', $session->getId() );
499
500 // Info, explicitly
501 $expectId = 'expected------------------------';
502 $info1 = new SessionInfo( SessionInfo::MIN_PRIORITY, [
503 'provider' => $provider1,
504 'id' => $expectId,
505 'persisted' => true,
506 'idIsSafe' => true,
507 ] );
508 $info2 = null;
509 $session = $pmanager->getEmptySessionInternal( null, $expectId );
510 $this->assertInstanceOf( Session::class, $session );
511 $this->assertSame( $expectId, $session->getId() );
512
513 // Wrong ID
514 $expectId = 'expected-----------------------2';
515 $info1 = new SessionInfo( SessionInfo::MIN_PRIORITY, [
516 'provider' => $provider1,
517 'id' => "un$expectId",
518 'persisted' => true,
519 'idIsSafe' => true,
520 ] );
521 $info2 = null;
522 try {
523 $pmanager->getEmptySessionInternal( null, $expectId );
524 $this->fail( 'Expected exception not thrown' );
525 } catch ( \UnexpectedValueException $ex ) {
526 $this->assertSame(
527 'MockProvider1 returned empty session info with a wrong id: ' .
528 "un$expectId != $expectId",
529 $ex->getMessage()
530 );
531 }
532
533 // Unsafe ID
534 $expectId = 'expected-----------------------2';
535 $info1 = new SessionInfo( SessionInfo::MIN_PRIORITY, [
536 'provider' => $provider1,
537 'id' => $expectId,
538 'persisted' => true,
539 ] );
540 $info2 = null;
541 try {
542 $pmanager->getEmptySessionInternal( null, $expectId );
543 $this->fail( 'Expected exception not thrown' );
544 } catch ( \UnexpectedValueException $ex ) {
545 $this->assertSame(
546 'MockProvider1 returned empty session info with id flagged unsafe',
547 $ex->getMessage()
548 );
549 }
550
551 // Wrong provider
552 $expectId = null;
553 $info1 = new SessionInfo( SessionInfo::MIN_PRIORITY, [
554 'provider' => $provider2,
555 'id' => 'empty---------------------------',
556 'persisted' => true,
557 'idIsSafe' => true,
558 ] );
559 $info2 = null;
560 try {
561 $manager->getEmptySession();
562 $this->fail( 'Expected exception not thrown' );
563 } catch ( \UnexpectedValueException $ex ) {
564 $this->assertSame(
565 'MockProvider1 returned an empty session info for a different provider: ' . $info1,
566 $ex->getMessage()
567 );
568 }
569
570 // Highest priority wins
571 $expectId = null;
572 $info1 = new SessionInfo( SessionInfo::MIN_PRIORITY + 1, [
573 'provider' => $provider1,
574 'id' => 'empty1--------------------------',
575 'persisted' => true,
576 'idIsSafe' => true,
577 ] );
578 $info2 = new SessionInfo( SessionInfo::MIN_PRIORITY, [
579 'provider' => $provider2,
580 'id' => 'empty2--------------------------',
581 'persisted' => true,
582 'idIsSafe' => true,
583 ] );
584 $session = $manager->getEmptySession();
585 $this->assertInstanceOf( Session::class, $session );
586 $this->assertSame( 'empty1--------------------------', $session->getId() );
587
588 $expectId = null;
589 $info1 = new SessionInfo( SessionInfo::MIN_PRIORITY + 1, [
590 'provider' => $provider1,
591 'id' => 'empty1--------------------------',
592 'persisted' => true,
593 'idIsSafe' => true,
594 ] );
595 $info2 = new SessionInfo( SessionInfo::MIN_PRIORITY + 2, [
596 'provider' => $provider2,
597 'id' => 'empty2--------------------------',
598 'persisted' => true,
599 'idIsSafe' => true,
600 ] );
601 $session = $manager->getEmptySession();
602 $this->assertInstanceOf( Session::class, $session );
603 $this->assertSame( 'empty2--------------------------', $session->getId() );
604
605 // Tied priorities throw an exception
606 $expectId = null;
607 $info1 = new SessionInfo( SessionInfo::MIN_PRIORITY, [
608 'provider' => $provider1,
609 'id' => 'empty1--------------------------',
610 'persisted' => true,
611 'userInfo' => UserInfo::newAnonymous(),
612 'idIsSafe' => true,
613 ] );
614 $info2 = new SessionInfo( SessionInfo::MIN_PRIORITY, [
615 'provider' => $provider2,
616 'id' => 'empty2--------------------------',
617 'persisted' => true,
618 'userInfo' => UserInfo::newAnonymous(),
619 'idIsSafe' => true,
620 ] );
621 try {
622 $manager->getEmptySession();
623 $this->fail( 'Expected exception not thrown' );
624 } catch ( \UnexpectedValueException $ex ) {
625 $this->assertStringStartsWith(
626 'Multiple empty sessions tied for top priority: ',
627 $ex->getMessage()
628 );
629 }
630
631 // Bad id
632 try {
633 $pmanager->getEmptySessionInternal( null, 'bad' );
634 $this->fail( 'Expected exception not thrown' );
635 } catch ( \InvalidArgumentException $ex ) {
636 $this->assertSame( 'Invalid session ID', $ex->getMessage() );
637 }
638
639 // Session already exists
640 $expectId = 'expected-----------------------3';
641 $this->store->setSessionMeta( $expectId, [
642 'provider' => 'MockProvider2',
643 'userId' => 0,
644 'userName' => null,
645 'userToken' => null,
646 ] );
647 try {
648 $pmanager->getEmptySessionInternal( null, $expectId );
649 $this->fail( 'Expected exception not thrown' );
650 } catch ( \InvalidArgumentException $ex ) {
651 $this->assertSame( 'Session ID already exists', $ex->getMessage() );
652 }
653 }
654
655 public function testInvalidateSessionsForUser() {
656 $user = User::newFromName( 'UTSysop' );
657 $manager = $this->getManager();
658
659 $providerBuilder = $this->getMockBuilder( \DummySessionProvider::class )
660 ->setMethods( [ 'invalidateSessionsForUser', '__toString' ] );
661
662 $provider1 = $providerBuilder->getMock();
663 $provider1->expects( $this->once() )->method( 'invalidateSessionsForUser' )
664 ->with( $this->identicalTo( $user ) );
665 $provider1->expects( $this->any() )->method( '__toString' )
666 ->will( $this->returnValue( 'MockProvider1' ) );
667
668 $provider2 = $providerBuilder->getMock();
669 $provider2->expects( $this->once() )->method( 'invalidateSessionsForUser' )
670 ->with( $this->identicalTo( $user ) );
671 $provider2->expects( $this->any() )->method( '__toString' )
672 ->will( $this->returnValue( 'MockProvider2' ) );
673
674 $this->config->set( 'SessionProviders', [
675 $this->objectCacheDef( $provider1 ),
676 $this->objectCacheDef( $provider2 ),
677 ] );
678
679 $oldToken = $user->getToken( true );
680 $manager->invalidateSessionsForUser( $user );
681 $this->assertNotEquals( $oldToken, $user->getToken() );
682 }
683
684 public function testGetVaryHeaders() {
685 $manager = $this->getManager();
686
687 $providerBuilder = $this->getMockBuilder( \DummySessionProvider::class )
688 ->setMethods( [ 'getVaryHeaders', '__toString' ] );
689
690 $provider1 = $providerBuilder->getMock();
691 $provider1->expects( $this->once() )->method( 'getVaryHeaders' )
692 ->will( $this->returnValue( [
693 'Foo' => null,
694 'Bar' => [ 'X', 'Bar1' ],
695 'Quux' => null,
696 ] ) );
697 $provider1->expects( $this->any() )->method( '__toString' )
698 ->will( $this->returnValue( 'MockProvider1' ) );
699
700 $provider2 = $providerBuilder->getMock();
701 $provider2->expects( $this->once() )->method( 'getVaryHeaders' )
702 ->will( $this->returnValue( [
703 'Baz' => null,
704 'Bar' => [ 'X', 'Bar2' ],
705 'Quux' => [ 'Quux' ],
706 ] ) );
707 $provider2->expects( $this->any() )->method( '__toString' )
708 ->will( $this->returnValue( 'MockProvider2' ) );
709
710 $this->config->set( 'SessionProviders', [
711 $this->objectCacheDef( $provider1 ),
712 $this->objectCacheDef( $provider2 ),
713 ] );
714
715 $expect = [
716 'Foo' => null,
717 'Bar' => null,
718 'Quux' => null,
719 'Baz' => null,
720 ];
721
722 $this->assertEquals( $expect, $manager->getVaryHeaders() );
723
724 // Again, to ensure it's cached
725 $this->assertEquals( $expect, $manager->getVaryHeaders() );
726 }
727
728 public function testGetVaryCookies() {
729 $manager = $this->getManager();
730
731 $providerBuilder = $this->getMockBuilder( \DummySessionProvider::class )
732 ->setMethods( [ 'getVaryCookies', '__toString' ] );
733
734 $provider1 = $providerBuilder->getMock();
735 $provider1->expects( $this->once() )->method( 'getVaryCookies' )
736 ->will( $this->returnValue( [ 'Foo', 'Bar' ] ) );
737 $provider1->expects( $this->any() )->method( '__toString' )
738 ->will( $this->returnValue( 'MockProvider1' ) );
739
740 $provider2 = $providerBuilder->getMock();
741 $provider2->expects( $this->once() )->method( 'getVaryCookies' )
742 ->will( $this->returnValue( [ 'Foo', 'Baz' ] ) );
743 $provider2->expects( $this->any() )->method( '__toString' )
744 ->will( $this->returnValue( 'MockProvider2' ) );
745
746 $this->config->set( 'SessionProviders', [
747 $this->objectCacheDef( $provider1 ),
748 $this->objectCacheDef( $provider2 ),
749 ] );
750
751 $expect = [ 'Foo', 'Bar', 'Baz' ];
752
753 $this->assertEquals( $expect, $manager->getVaryCookies() );
754
755 // Again, to ensure it's cached
756 $this->assertEquals( $expect, $manager->getVaryCookies() );
757 }
758
759 public function testGetProviders() {
760 $realManager = $this->getManager();
761 $manager = TestingAccessWrapper::newFromObject( $realManager );
762
763 $this->config->set( 'SessionProviders', [
764 [ 'class' => \DummySessionProvider::class ],
765 ] );
766 $providers = $manager->getProviders();
767 $this->assertArrayHasKey( 'DummySessionProvider', $providers );
768 $provider = TestingAccessWrapper::newFromObject( $providers['DummySessionProvider'] );
769 $this->assertSame( $manager->logger, $provider->logger );
770 $this->assertSame( $manager->config, $provider->config );
771 $this->assertSame( $realManager, $provider->getManager() );
772
773 $this->config->set( 'SessionProviders', [
774 [ 'class' => \DummySessionProvider::class ],
775 [ 'class' => \DummySessionProvider::class ],
776 ] );
777 $manager->sessionProviders = null;
778 try {
779 $manager->getProviders();
780 $this->fail( 'Expected exception not thrown' );
781 } catch ( \UnexpectedValueException $ex ) {
782 $this->assertSame(
783 'Duplicate provider name "DummySessionProvider"',
784 $ex->getMessage()
785 );
786 }
787 }
788
789 public function testShutdown() {
790 $manager = TestingAccessWrapper::newFromObject( $this->getManager() );
791 $manager->setLogger( new \Psr\Log\NullLogger() );
792
793 $mock = $this->getMockBuilder( stdClass::class )
794 ->setMethods( [ 'shutdown' ] )->getMock();
795 $mock->expects( $this->once() )->method( 'shutdown' );
796
797 $manager->allSessionBackends = [ $mock ];
798 $manager->shutdown();
799 }
800
801 public function testGetSessionFromInfo() {
802 $manager = TestingAccessWrapper::newFromObject( $this->getManager() );
803 $request = new \FauxRequest();
804
805 $id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
806
807 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
808 'provider' => $manager->getProvider( 'DummySessionProvider' ),
809 'id' => $id,
810 'persisted' => true,
811 'userInfo' => UserInfo::newFromName( 'UTSysop', true ),
812 'idIsSafe' => true,
813 ] );
814 TestingAccessWrapper::newFromObject( $info )->idIsSafe = true;
815 $session1 = TestingAccessWrapper::newFromObject(
816 $manager->getSessionFromInfo( $info, $request )
817 );
818 $session2 = TestingAccessWrapper::newFromObject(
819 $manager->getSessionFromInfo( $info, $request )
820 );
821
822 $this->assertSame( $session1->backend, $session2->backend );
823 $this->assertNotEquals( $session1->index, $session2->index );
824 $this->assertSame( $session1->getSessionId(), $session2->getSessionId() );
825 $this->assertSame( $id, $session1->getId() );
826
827 TestingAccessWrapper::newFromObject( $info )->idIsSafe = false;
828 $session3 = $manager->getSessionFromInfo( $info, $request );
829 $this->assertNotSame( $id, $session3->getId() );
830 }
831
832 public function testBackendRegistration() {
833 $manager = $this->getManager();
834
835 $session = $manager->getSessionForRequest( new \FauxRequest );
836 $backend = TestingAccessWrapper::newFromObject( $session )->backend;
837 $sessionId = $session->getSessionId();
838 $id = (string)$sessionId;
839
840 $this->assertSame( $sessionId, $manager->getSessionById( $id, true )->getSessionId() );
841
842 $manager->changeBackendId( $backend );
843 $this->assertSame( $sessionId, $session->getSessionId() );
844 $this->assertNotEquals( $id, (string)$sessionId );
845 $id = (string)$sessionId;
846
847 $this->assertSame( $sessionId, $manager->getSessionById( $id, true )->getSessionId() );
848
849 // Destruction of the session here causes the backend to be deregistered
850 $session = null;
851
852 try {
853 $manager->changeBackendId( $backend );
854 $this->fail( 'Expected exception not thrown' );
855 } catch ( \InvalidArgumentException $ex ) {
856 $this->assertSame(
857 'Backend was not registered with this SessionManager', $ex->getMessage()
858 );
859 }
860
861 try {
862 $manager->deregisterSessionBackend( $backend );
863 $this->fail( 'Expected exception not thrown' );
864 } catch ( \InvalidArgumentException $ex ) {
865 $this->assertSame(
866 'Backend was not registered with this SessionManager', $ex->getMessage()
867 );
868 }
869
870 $session = $manager->getSessionById( $id, true );
871 $this->assertSame( $sessionId, $session->getSessionId() );
872 }
873
874 public function testGenerateSessionId() {
875 $manager = $this->getManager();
876
877 $id = $manager->generateSessionId();
878 $this->assertTrue( SessionManager::validateSessionId( $id ), "Generated ID: $id" );
879 }
880
881 public function testPreventSessionsForUser() {
882 $manager = $this->getManager();
883
884 $providerBuilder = $this->getMockBuilder( \DummySessionProvider::class )
885 ->setMethods( [ 'preventSessionsForUser', '__toString' ] );
886
887 $provider1 = $providerBuilder->getMock();
888 $provider1->expects( $this->once() )->method( 'preventSessionsForUser' )
889 ->with( $this->equalTo( 'UTSysop' ) );
890 $provider1->expects( $this->any() )->method( '__toString' )
891 ->will( $this->returnValue( 'MockProvider1' ) );
892
893 $this->config->set( 'SessionProviders', [
894 $this->objectCacheDef( $provider1 ),
895 ] );
896
897 $this->assertFalse( $manager->isUserSessionPrevented( 'UTSysop' ) );
898 $manager->preventSessionsForUser( 'UTSysop' );
899 $this->assertTrue( $manager->isUserSessionPrevented( 'UTSysop' ) );
900 }
901
902 public function testLoadSessionInfoFromStore() {
903 $manager = $this->getManager();
904 $logger = new \TestLogger( true );
905 $manager->setLogger( $logger );
906 $request = new \FauxRequest();
907
908 // TestingAccessWrapper can't handle methods with reference arguments, sigh.
909 $rClass = new \ReflectionClass( $manager );
910 $rMethod = $rClass->getMethod( 'loadSessionInfoFromStore' );
911 $rMethod->setAccessible( true );
912 $loadSessionInfoFromStore = function ( &$info ) use ( $rMethod, $manager, $request ) {
913 return $rMethod->invokeArgs( $manager, [ &$info, $request ] );
914 };
915
916 $userInfo = UserInfo::newFromName( 'UTSysop', true );
917 $unverifiedUserInfo = UserInfo::newFromName( 'UTSysop', false );
918
919 $id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa';
920 $metadata = [
921 'userId' => $userInfo->getId(),
922 'userName' => $userInfo->getName(),
923 'userToken' => $userInfo->getToken( true ),
924 'provider' => 'Mock',
925 ];
926
927 $builder = $this->getMockBuilder( SessionProvider::class )
928 ->setMethods( [ '__toString', 'mergeMetadata', 'refreshSessionInfo' ] );
929
930 $provider = $builder->getMockForAbstractClass();
931 $provider->setManager( $manager );
932 $provider->expects( $this->any() )->method( 'persistsSessionId' )
933 ->will( $this->returnValue( true ) );
934 $provider->expects( $this->any() )->method( 'canChangeUser' )
935 ->will( $this->returnValue( true ) );
936 $provider->expects( $this->any() )->method( 'refreshSessionInfo' )
937 ->will( $this->returnValue( true ) );
938 $provider->expects( $this->any() )->method( '__toString' )
939 ->will( $this->returnValue( 'Mock' ) );
940 $provider->expects( $this->any() )->method( 'mergeMetadata' )
941 ->will( $this->returnCallback( function ( $a, $b ) {
942 if ( $b === [ 'Throw' ] ) {
943 throw new MetadataMergeException( 'no merge!' );
944 }
945 return [ 'Merged' ];
946 } ) );
947
948 $provider2 = $builder->getMockForAbstractClass();
949 $provider2->setManager( $manager );
950 $provider2->expects( $this->any() )->method( 'persistsSessionId' )
951 ->will( $this->returnValue( false ) );
952 $provider2->expects( $this->any() )->method( 'canChangeUser' )
953 ->will( $this->returnValue( false ) );
954 $provider2->expects( $this->any() )->method( '__toString' )
955 ->will( $this->returnValue( 'Mock2' ) );
956 $provider2->expects( $this->any() )->method( 'refreshSessionInfo' )
957 ->will( $this->returnCallback( function ( $info, $request, &$metadata ) {
958 $metadata['changed'] = true;
959 return true;
960 } ) );
961
962 $provider3 = $builder->getMockForAbstractClass();
963 $provider3->setManager( $manager );
964 $provider3->expects( $this->any() )->method( 'persistsSessionId' )
965 ->will( $this->returnValue( true ) );
966 $provider3->expects( $this->any() )->method( 'canChangeUser' )
967 ->will( $this->returnValue( true ) );
968 $provider3->expects( $this->once() )->method( 'refreshSessionInfo' )
969 ->will( $this->returnValue( false ) );
970 $provider3->expects( $this->any() )->method( '__toString' )
971 ->will( $this->returnValue( 'Mock3' ) );
972
973 TestingAccessWrapper::newFromObject( $manager )->sessionProviders = [
974 (string)$provider => $provider,
975 (string)$provider2 => $provider2,
976 (string)$provider3 => $provider3,
977 ];
978
979 // No metadata, basic usage
980 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
981 'provider' => $provider,
982 'id' => $id,
983 'userInfo' => $userInfo
984 ] );
985 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
986 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
987 $this->assertFalse( $info->isIdSafe() );
988 $this->assertSame( [], $logger->getBuffer() );
989
990 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
991 'provider' => $provider,
992 'userInfo' => $userInfo
993 ] );
994 $this->assertTrue( $info->isIdSafe(), 'sanity check' );
995 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
996 $this->assertTrue( $info->isIdSafe() );
997 $this->assertSame( [], $logger->getBuffer() );
998
999 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1000 'provider' => $provider2,
1001 'id' => $id,
1002 'userInfo' => $userInfo
1003 ] );
1004 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1005 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1006 $this->assertTrue( $info->isIdSafe() );
1007 $this->assertSame( [], $logger->getBuffer() );
1008
1009 // Unverified user, no metadata
1010 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1011 'provider' => $provider,
1012 'id' => $id,
1013 'userInfo' => $unverifiedUserInfo
1014 ] );
1015 $this->assertSame( $unverifiedUserInfo, $info->getUserInfo() );
1016 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1017 $this->assertSame( [
1018 [
1019 LogLevel::INFO,
1020 'Session "{session}": Unverified user provided and no metadata to auth it',
1021 ]
1022 ], $logger->getBuffer() );
1023 $logger->clearBuffer();
1024
1025 // No metadata, missing data
1026 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1027 'id' => $id,
1028 'userInfo' => $userInfo
1029 ] );
1030 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1031 $this->assertSame( [
1032 [ LogLevel::WARNING, 'Session "{session}": Null provider and no metadata' ],
1033 ], $logger->getBuffer() );
1034 $logger->clearBuffer();
1035
1036 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1037 'provider' => $provider,
1038 'id' => $id,
1039 ] );
1040 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1041 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1042 $this->assertInstanceOf( UserInfo::class, $info->getUserInfo() );
1043 $this->assertTrue( $info->getUserInfo()->isVerified() );
1044 $this->assertTrue( $info->getUserInfo()->isAnon() );
1045 $this->assertFalse( $info->isIdSafe() );
1046 $this->assertSame( [], $logger->getBuffer() );
1047
1048 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1049 'provider' => $provider2,
1050 'id' => $id,
1051 ] );
1052 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1053 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1054 $this->assertSame( [
1055 [ LogLevel::INFO, 'Session "{session}": No user provided and provider cannot set user' ]
1056 ], $logger->getBuffer() );
1057 $logger->clearBuffer();
1058
1059 // Incomplete/bad metadata
1060 $this->store->setRawSession( $id, true );
1061 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1062 $this->assertSame( [
1063 [ LogLevel::WARNING, 'Session "{session}": Bad data' ],
1064 ], $logger->getBuffer() );
1065 $logger->clearBuffer();
1066
1067 $this->store->setRawSession( $id, [ 'data' => [] ] );
1068 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1069 $this->assertSame( [
1070 [ LogLevel::WARNING, 'Session "{session}": Bad data structure' ],
1071 ], $logger->getBuffer() );
1072 $logger->clearBuffer();
1073
1074 $this->store->deleteSession( $id );
1075 $this->store->setRawSession( $id, [ 'metadata' => $metadata ] );
1076 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1077 $this->assertSame( [
1078 [ LogLevel::WARNING, 'Session "{session}": Bad data structure' ],
1079 ], $logger->getBuffer() );
1080 $logger->clearBuffer();
1081
1082 $this->store->setRawSession( $id, [ 'metadata' => $metadata, 'data' => true ] );
1083 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1084 $this->assertSame( [
1085 [ LogLevel::WARNING, 'Session "{session}": Bad data structure' ],
1086 ], $logger->getBuffer() );
1087 $logger->clearBuffer();
1088
1089 $this->store->setRawSession( $id, [ 'metadata' => true, 'data' => [] ] );
1090 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1091 $this->assertSame( [
1092 [ LogLevel::WARNING, 'Session "{session}": Bad data structure' ],
1093 ], $logger->getBuffer() );
1094 $logger->clearBuffer();
1095
1096 foreach ( $metadata as $key => $dummy ) {
1097 $tmp = $metadata;
1098 unset( $tmp[$key] );
1099 $this->store->setRawSession( $id, [ 'metadata' => $tmp, 'data' => [] ] );
1100 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1101 $this->assertSame( [
1102 [ LogLevel::WARNING, 'Session "{session}": Bad metadata' ],
1103 ], $logger->getBuffer() );
1104 $logger->clearBuffer();
1105 }
1106
1107 // Basic usage with metadata
1108 $this->store->setRawSession( $id, [ 'metadata' => $metadata, 'data' => [] ] );
1109 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1110 'provider' => $provider,
1111 'id' => $id,
1112 'userInfo' => $userInfo
1113 ] );
1114 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1115 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1116 $this->assertTrue( $info->isIdSafe() );
1117 $this->assertSame( [], $logger->getBuffer() );
1118
1119 // Mismatched provider
1120 $this->store->setSessionMeta( $id, [ 'provider' => 'Bad' ] + $metadata );
1121 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1122 'provider' => $provider,
1123 'id' => $id,
1124 'userInfo' => $userInfo
1125 ] );
1126 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1127 $this->assertSame( [
1128 [ LogLevel::WARNING, 'Session "{session}": Wrong provider Bad !== Mock' ],
1129 ], $logger->getBuffer() );
1130 $logger->clearBuffer();
1131
1132 // Unknown provider
1133 $this->store->setSessionMeta( $id, [ 'provider' => 'Bad' ] + $metadata );
1134 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1135 'id' => $id,
1136 'userInfo' => $userInfo
1137 ] );
1138 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1139 $this->assertSame( [
1140 [ LogLevel::WARNING, 'Session "{session}": Unknown provider Bad' ],
1141 ], $logger->getBuffer() );
1142 $logger->clearBuffer();
1143
1144 // Fill in provider
1145 $this->store->setSessionMeta( $id, $metadata );
1146 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1147 'id' => $id,
1148 'userInfo' => $userInfo
1149 ] );
1150 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1151 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1152 $this->assertTrue( $info->isIdSafe() );
1153 $this->assertSame( [], $logger->getBuffer() );
1154
1155 // Bad user metadata
1156 $this->store->setSessionMeta( $id, [ 'userId' => -1, 'userToken' => null ] + $metadata );
1157 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1158 'provider' => $provider,
1159 'id' => $id,
1160 ] );
1161 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1162 $this->assertSame( [
1163 [ LogLevel::ERROR, 'Session "{session}": {exception}' ],
1164 ], $logger->getBuffer() );
1165 $logger->clearBuffer();
1166
1167 $this->store->setSessionMeta(
1168 $id, [ 'userId' => 0, 'userName' => '<X>', 'userToken' => null ] + $metadata
1169 );
1170 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1171 'provider' => $provider,
1172 'id' => $id,
1173 ] );
1174 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1175 $this->assertSame( [
1176 [ LogLevel::ERROR, 'Session "{session}": {exception}', ],
1177 ], $logger->getBuffer() );
1178 $logger->clearBuffer();
1179
1180 // Mismatched user by ID
1181 $this->store->setSessionMeta(
1182 $id, [ 'userId' => $userInfo->getId() + 1, 'userToken' => null ] + $metadata
1183 );
1184 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1185 'provider' => $provider,
1186 'id' => $id,
1187 'userInfo' => $userInfo
1188 ] );
1189 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1190 $this->assertSame( [
1191 [ LogLevel::WARNING, 'Session "{session}": User ID mismatch, {uid_a} !== {uid_b}' ],
1192 ], $logger->getBuffer() );
1193 $logger->clearBuffer();
1194
1195 // Mismatched user by name
1196 $this->store->setSessionMeta(
1197 $id, [ 'userId' => 0, 'userName' => 'X', 'userToken' => null ] + $metadata
1198 );
1199 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1200 'provider' => $provider,
1201 'id' => $id,
1202 'userInfo' => $userInfo
1203 ] );
1204 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1205 $this->assertSame( [
1206 [ LogLevel::WARNING, 'Session "{session}": User name mismatch, {uname_a} !== {uname_b}' ],
1207 ], $logger->getBuffer() );
1208 $logger->clearBuffer();
1209
1210 // ID matches, name doesn't
1211 $this->store->setSessionMeta(
1212 $id, [ 'userId' => $userInfo->getId(), 'userName' => 'X', 'userToken' => null ] + $metadata
1213 );
1214 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1215 'provider' => $provider,
1216 'id' => $id,
1217 'userInfo' => $userInfo
1218 ] );
1219 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1220 $this->assertSame( [
1221 [
1222 LogLevel::WARNING,
1223 'Session "{session}": User ID matched but name didn\'t (rename?), {uname_a} !== {uname_b}'
1224 ],
1225 ], $logger->getBuffer() );
1226 $logger->clearBuffer();
1227
1228 // Mismatched anon user
1229 $this->store->setSessionMeta(
1230 $id, [ 'userId' => 0, 'userName' => null, 'userToken' => null ] + $metadata
1231 );
1232 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1233 'provider' => $provider,
1234 'id' => $id,
1235 'userInfo' => $userInfo
1236 ] );
1237 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1238 $this->assertSame( [
1239 [
1240 LogLevel::WARNING,
1241 'Session "{session}": Metadata has an anonymous user, ' .
1242 'but a non-anon user was provided',
1243 ],
1244 ], $logger->getBuffer() );
1245 $logger->clearBuffer();
1246
1247 // Lookup user by ID
1248 $this->store->setSessionMeta( $id, [ 'userToken' => null ] + $metadata );
1249 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1250 'provider' => $provider,
1251 'id' => $id,
1252 ] );
1253 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1254 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1255 $this->assertSame( $userInfo->getId(), $info->getUserInfo()->getId() );
1256 $this->assertTrue( $info->isIdSafe() );
1257 $this->assertSame( [], $logger->getBuffer() );
1258
1259 // Lookup user by name
1260 $this->store->setSessionMeta(
1261 $id, [ 'userId' => 0, 'userName' => 'UTSysop', 'userToken' => null ] + $metadata
1262 );
1263 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1264 'provider' => $provider,
1265 'id' => $id,
1266 ] );
1267 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1268 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1269 $this->assertSame( $userInfo->getId(), $info->getUserInfo()->getId() );
1270 $this->assertTrue( $info->isIdSafe() );
1271 $this->assertSame( [], $logger->getBuffer() );
1272
1273 // Lookup anonymous user
1274 $this->store->setSessionMeta(
1275 $id, [ 'userId' => 0, 'userName' => null, 'userToken' => null ] + $metadata
1276 );
1277 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1278 'provider' => $provider,
1279 'id' => $id,
1280 ] );
1281 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1282 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1283 $this->assertTrue( $info->getUserInfo()->isAnon() );
1284 $this->assertTrue( $info->isIdSafe() );
1285 $this->assertSame( [], $logger->getBuffer() );
1286
1287 // Unverified user with metadata
1288 $this->store->setSessionMeta( $id, $metadata );
1289 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1290 'provider' => $provider,
1291 'id' => $id,
1292 'userInfo' => $unverifiedUserInfo
1293 ] );
1294 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1295 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1296 $this->assertTrue( $info->getUserInfo()->isVerified() );
1297 $this->assertSame( $unverifiedUserInfo->getId(), $info->getUserInfo()->getId() );
1298 $this->assertSame( $unverifiedUserInfo->getName(), $info->getUserInfo()->getName() );
1299 $this->assertTrue( $info->isIdSafe() );
1300 $this->assertSame( [], $logger->getBuffer() );
1301
1302 // Unverified user with metadata
1303 $this->store->setSessionMeta( $id, $metadata );
1304 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1305 'provider' => $provider,
1306 'id' => $id,
1307 'userInfo' => $unverifiedUserInfo
1308 ] );
1309 $this->assertFalse( $info->isIdSafe(), 'sanity check' );
1310 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1311 $this->assertTrue( $info->getUserInfo()->isVerified() );
1312 $this->assertSame( $unverifiedUserInfo->getId(), $info->getUserInfo()->getId() );
1313 $this->assertSame( $unverifiedUserInfo->getName(), $info->getUserInfo()->getName() );
1314 $this->assertTrue( $info->isIdSafe() );
1315 $this->assertSame( [], $logger->getBuffer() );
1316
1317 // Wrong token
1318 $this->store->setSessionMeta( $id, [ 'userToken' => 'Bad' ] + $metadata );
1319 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1320 'provider' => $provider,
1321 'id' => $id,
1322 'userInfo' => $userInfo
1323 ] );
1324 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1325 $this->assertSame( [
1326 [ LogLevel::WARNING, 'Session "{session}": User token mismatch' ],
1327 ], $logger->getBuffer() );
1328 $logger->clearBuffer();
1329
1330 // Provider metadata
1331 $this->store->setSessionMeta( $id, [ 'provider' => 'Mock2' ] + $metadata );
1332 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1333 'provider' => $provider2,
1334 'id' => $id,
1335 'userInfo' => $userInfo,
1336 'metadata' => [ 'Info' ],
1337 ] );
1338 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1339 $this->assertSame( [ 'Info', 'changed' => true ], $info->getProviderMetadata() );
1340 $this->assertSame( [], $logger->getBuffer() );
1341
1342 $this->store->setSessionMeta( $id, [ 'providerMetadata' => [ 'Saved' ] ] + $metadata );
1343 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1344 'provider' => $provider,
1345 'id' => $id,
1346 'userInfo' => $userInfo,
1347 ] );
1348 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1349 $this->assertSame( [ 'Saved' ], $info->getProviderMetadata() );
1350 $this->assertSame( [], $logger->getBuffer() );
1351
1352 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1353 'provider' => $provider,
1354 'id' => $id,
1355 'userInfo' => $userInfo,
1356 'metadata' => [ 'Info' ],
1357 ] );
1358 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1359 $this->assertSame( [ 'Merged' ], $info->getProviderMetadata() );
1360 $this->assertSame( [], $logger->getBuffer() );
1361
1362 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1363 'provider' => $provider,
1364 'id' => $id,
1365 'userInfo' => $userInfo,
1366 'metadata' => [ 'Throw' ],
1367 ] );
1368 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1369 $this->assertSame( [
1370 [
1371 LogLevel::WARNING,
1372 'Session "{session}": Metadata merge failed: {exception}',
1373 ],
1374 ], $logger->getBuffer() );
1375 $logger->clearBuffer();
1376
1377 // Remember from session
1378 $this->store->setSessionMeta( $id, $metadata );
1379 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1380 'provider' => $provider,
1381 'id' => $id,
1382 ] );
1383 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1384 $this->assertFalse( $info->wasRemembered() );
1385 $this->assertSame( [], $logger->getBuffer() );
1386
1387 $this->store->setSessionMeta( $id, [ 'remember' => true ] + $metadata );
1388 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1389 'provider' => $provider,
1390 'id' => $id,
1391 ] );
1392 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1393 $this->assertTrue( $info->wasRemembered() );
1394 $this->assertSame( [], $logger->getBuffer() );
1395
1396 $this->store->setSessionMeta( $id, [ 'remember' => false ] + $metadata );
1397 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1398 'provider' => $provider,
1399 'id' => $id,
1400 'userInfo' => $userInfo
1401 ] );
1402 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1403 $this->assertTrue( $info->wasRemembered() );
1404 $this->assertSame( [], $logger->getBuffer() );
1405
1406 // forceHTTPS from session
1407 $this->store->setSessionMeta( $id, $metadata );
1408 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1409 'provider' => $provider,
1410 'id' => $id,
1411 'userInfo' => $userInfo
1412 ] );
1413 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1414 $this->assertFalse( $info->forceHTTPS() );
1415 $this->assertSame( [], $logger->getBuffer() );
1416
1417 $this->store->setSessionMeta( $id, [ 'forceHTTPS' => true ] + $metadata );
1418 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1419 'provider' => $provider,
1420 'id' => $id,
1421 'userInfo' => $userInfo
1422 ] );
1423 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1424 $this->assertTrue( $info->forceHTTPS() );
1425 $this->assertSame( [], $logger->getBuffer() );
1426
1427 $this->store->setSessionMeta( $id, [ 'forceHTTPS' => false ] + $metadata );
1428 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1429 'provider' => $provider,
1430 'id' => $id,
1431 'userInfo' => $userInfo,
1432 'forceHTTPS' => true
1433 ] );
1434 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1435 $this->assertTrue( $info->forceHTTPS() );
1436 $this->assertSame( [], $logger->getBuffer() );
1437
1438 // "Persist" flag from session
1439 $this->store->setSessionMeta( $id, $metadata );
1440 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1441 'provider' => $provider,
1442 'id' => $id,
1443 'userInfo' => $userInfo
1444 ] );
1445 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1446 $this->assertFalse( $info->wasPersisted() );
1447 $this->assertSame( [], $logger->getBuffer() );
1448
1449 $this->store->setSessionMeta( $id, [ 'persisted' => true ] + $metadata );
1450 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1451 'provider' => $provider,
1452 'id' => $id,
1453 'userInfo' => $userInfo
1454 ] );
1455 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1456 $this->assertTrue( $info->wasPersisted() );
1457 $this->assertSame( [], $logger->getBuffer() );
1458
1459 $this->store->setSessionMeta( $id, [ 'persisted' => false ] + $metadata );
1460 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1461 'provider' => $provider,
1462 'id' => $id,
1463 'userInfo' => $userInfo,
1464 'persisted' => true
1465 ] );
1466 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1467 $this->assertTrue( $info->wasPersisted() );
1468 $this->assertSame( [], $logger->getBuffer() );
1469
1470 // Provider refreshSessionInfo() returning false
1471 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1472 'provider' => $provider3,
1473 ] );
1474 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1475 $this->assertSame( [], $logger->getBuffer() );
1476
1477 // Hook
1478 $called = false;
1479 $data = [ 'foo' => 1 ];
1480 $this->store->setSession( $id, [ 'metadata' => $metadata, 'data' => $data ] );
1481 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1482 'provider' => $provider,
1483 'id' => $id,
1484 'userInfo' => $userInfo
1485 ] );
1486 $this->mergeMwGlobalArrayValue( 'wgHooks', [
1487 'SessionCheckInfo' => [ function ( &$reason, $i, $r, $m, $d ) use (
1488 $info, $metadata, $data, $request, &$called
1489 ) {
1490 $this->assertSame( $info->getId(), $i->getId() );
1491 $this->assertSame( $info->getProvider(), $i->getProvider() );
1492 $this->assertSame( $info->getUserInfo(), $i->getUserInfo() );
1493 $this->assertSame( $request, $r );
1494 $this->assertEquals( $metadata, $m );
1495 $this->assertEquals( $data, $d );
1496 $called = true;
1497 return false;
1498 } ]
1499 ] );
1500 $this->assertFalse( $loadSessionInfoFromStore( $info ) );
1501 $this->assertTrue( $called );
1502 $this->assertSame( [
1503 [ LogLevel::WARNING, 'Session "{session}": Hook aborted' ],
1504 ], $logger->getBuffer() );
1505 $logger->clearBuffer();
1506 $this->mergeMwGlobalArrayValue( 'wgHooks', [ 'SessionCheckInfo' => [] ] );
1507
1508 // forceUse deletes bad backend data
1509 $this->store->setSessionMeta( $id, [ 'userToken' => 'Bad' ] + $metadata );
1510 $info = new SessionInfo( SessionInfo::MIN_PRIORITY, [
1511 'provider' => $provider,
1512 'id' => $id,
1513 'userInfo' => $userInfo,
1514 'forceUse' => true,
1515 ] );
1516 $this->assertTrue( $loadSessionInfoFromStore( $info ) );
1517 $this->assertFalse( $this->store->getSession( $id ) );
1518 $this->assertSame( [
1519 [ LogLevel::WARNING, 'Session "{session}": User token mismatch' ],
1520 ], $logger->getBuffer() );
1521 $logger->clearBuffer();
1522 }
1523 }
Wiklou, le Wiki du Wiklou