public function testClear()
{
$session = TestUtils::getDummySession();
$priv = \TestingAccessWrapper::newFromObject($session);
$backend = $this->getMock('MediaWiki\\Session\\DummySessionBackend', array('canSetUser', 'setUser', 'save'));
$backend->expects($this->once())->method('canSetUser')->will($this->returnValue(true));
$backend->expects($this->once())->method('setUser')->with($this->callback(function ($user) {
return $user instanceof User && $user->isAnon();
}));
$backend->expects($this->once())->method('save');
$priv->backend = $backend;
$session->clear();
$this->assertSame(array(), $backend->data);
$this->assertTrue($backend->dirty);
$backend = $this->getMock('MediaWiki\\Session\\DummySessionBackend', array('canSetUser', 'setUser', 'save'));
$backend->data = array();
$backend->expects($this->once())->method('canSetUser')->will($this->returnValue(true));
$backend->expects($this->once())->method('setUser')->with($this->callback(function ($user) {
return $user instanceof User && $user->isAnon();
}));
$backend->expects($this->once())->method('save');
$priv->backend = $backend;
$session->clear();
$this->assertFalse($backend->dirty);
$backend = $this->getMock('MediaWiki\\Session\\DummySessionBackend', array('canSetUser', 'setUser', 'save'));
$backend->expects($this->once())->method('canSetUser')->will($this->returnValue(false));
$backend->expects($this->never())->method('setUser');
$backend->expects($this->once())->method('save');
$priv->backend = $backend;
$session->clear();
$this->assertSame(array(), $backend->data);
$this->assertTrue($backend->dirty);
}
public function testSecrets()
{
$logger = new \TestLogger();
$session = TestUtils::getDummySession(null, -1, $logger);
// Simple defaulting
$this->assertEquals('defaulted', $session->getSecret('test', 'defaulted'));
// Bad encrypted data
$session->set('test', 'foobar');
$logger->setCollect(true);
$this->assertEquals('defaulted', $session->getSecret('test', 'defaulted'));
$logger->setCollect(false);
$this->assertSame([[LogLevel::WARNING, 'Invalid sealed-secret format']], $logger->getBuffer());
$logger->clearBuffer();
// Tampered data
$session->setSecret('test', 'foobar');
$encrypted = $session->get('test');
$session->set('test', $encrypted . 'x');
$logger->setCollect(true);
$this->assertEquals('defaulted', $session->getSecret('test', 'defaulted'));
$logger->setCollect(false);
$this->assertSame([[LogLevel::WARNING, 'Sealed secret has been tampered with, aborting.']], $logger->getBuffer());
$logger->clearBuffer();
// Unserializable data
$iv = \MWCryptRand::generate(16, true);
list($encKey, $hmacKey) = \TestingAccessWrapper::newFromObject($session)->getSecretKeys();
$ciphertext = openssl_encrypt('foobar', 'aes-256-ctr', $encKey, OPENSSL_RAW_DATA, $iv);
$sealed = base64_encode($iv) . '.' . base64_encode($ciphertext);
$hmac = hash_hmac('sha256', $sealed, $hmacKey, true);
$encrypted = base64_encode($hmac) . '.' . $sealed;
$session->set('test', $encrypted);
\MediaWiki\suppressWarnings();
$this->assertEquals('defaulted', $session->getSecret('test', 'defaulted'));
\MediaWiki\restoreWarnings();
}
