/** * Fetch the rights allowed the user when the specified session is active. * @param SessionBackend $backend * @return null|string[] Allowed user rights, or null to allow all. */ public function getAllowedUserRights(SessionBackend $backend) { if ($backend->getProvider() !== $this) { // Not that this should ever happen... throw new \InvalidArgumentException('Backend\'s provider isn\'t $this'); } return null; }
/** * Set the "forceHTTPS" cookie * @param bool $set Whether the cookie should be set or not * @param SessionBackend|null $backend * @param WebRequest $request */ protected function setForceHTTPSCookie($set, SessionBackend $backend = null, WebRequest $request) { $response = $request->response(); if ($set) { $response->setCookie('forceHTTPS', 'true', $backend->shouldRememberUser() ? 0 : null, array('prefix' => '', 'secure' => false) + $this->cookieOptions); } else { $response->clearCookie('forceHTTPS', array('prefix' => '', 'secure' => false) + $this->cookieOptions); } }
/** * Change a SessionBackend's ID * @private For use from \\MediaWiki\\Session\\SessionBackend only * @param SessionBackend $backend */ public function changeBackendId(SessionBackend $backend) { $sessionId = $backend->getSessionId(); $oldId = (string) $sessionId; if (!isset($this->allSessionBackends[$oldId]) || !isset($this->allSessionIds[$oldId]) || $this->allSessionBackends[$oldId] !== $backend || $this->allSessionIds[$oldId] !== $sessionId) { throw new \InvalidArgumentException('Backend was not registered with this SessionManager'); } $newId = $this->generateSessionId(); unset($this->allSessionBackends[$oldId], $this->allSessionIds[$oldId]); $sessionId->setId($newId); $this->allSessionBackends[$newId] = $backend; $this->allSessionIds[$newId] = $sessionId; }
public function testConstructor() { // Set variables $this->getBackend(); $info = new SessionInfo(SessionInfo::MIN_PRIORITY, array('provider' => $this->provider, 'id' => self::SESSIONID, 'persisted' => true, 'userInfo' => UserInfo::newFromName('UTSysop', false), 'idIsSafe' => true)); $id = new SessionId($info->getId()); $logger = new \Psr\Log\NullLogger(); try { new SessionBackend($id, $info, $this->store, $this->store, $logger, 10); $this->fail('Expected exception not thrown'); } catch (\InvalidArgumentException $ex) { $this->assertSame("Refusing to create session for unverified user {$info->getUserInfo()}", $ex->getMessage()); } $info = new SessionInfo(SessionInfo::MIN_PRIORITY, array('id' => self::SESSIONID, 'userInfo' => UserInfo::newFromName('UTSysop', true), 'idIsSafe' => true)); $id = new SessionId($info->getId()); try { new SessionBackend($id, $info, $this->store, $this->store, $logger, 10); $this->fail('Expected exception not thrown'); } catch (\InvalidArgumentException $ex) { $this->assertSame('Cannot create session without a provider', $ex->getMessage()); } $info = new SessionInfo(SessionInfo::MIN_PRIORITY, array('provider' => $this->provider, 'id' => self::SESSIONID, 'persisted' => true, 'userInfo' => UserInfo::newFromName('UTSysop', true), 'idIsSafe' => true)); $id = new SessionId('!' . $info->getId()); try { new SessionBackend($id, $info, $this->store, $this->store, $logger, 10); $this->fail('Expected exception not thrown'); } catch (\InvalidArgumentException $ex) { $this->assertSame('SessionId and SessionInfo don\'t match', $ex->getMessage()); } $info = new SessionInfo(SessionInfo::MIN_PRIORITY, array('provider' => $this->provider, 'id' => self::SESSIONID, 'persisted' => true, 'userInfo' => UserInfo::newFromName('UTSysop', true), 'idIsSafe' => true)); $id = new SessionId($info->getId()); $backend = new SessionBackend($id, $info, $this->store, $this->store, $logger, 10); $this->assertSame(self::SESSIONID, $backend->getId()); $this->assertSame($id, $backend->getSessionId()); $this->assertSame($this->provider, $backend->getProvider()); $this->assertInstanceOf('User', $backend->getUser()); $this->assertSame('UTSysop', $backend->getUser()->getName()); $this->assertSame($info->wasPersisted(), $backend->isPersistent()); $this->assertSame($info->wasRemembered(), $backend->shouldRememberUser()); $this->assertSame($info->forceHTTPS(), $backend->shouldForceHTTPS()); $expire = time() + 100; $this->store->setSessionMeta(self::SESSIONID, array('expires' => $expire), 2); $info = new SessionInfo(SessionInfo::MIN_PRIORITY, array('provider' => $this->provider, 'id' => self::SESSIONID, 'persisted' => true, 'forceHTTPS' => true, 'metadata' => array('foo'), 'idIsSafe' => true)); $id = new SessionId($info->getId()); $backend = new SessionBackend($id, $info, $this->store, $this->store, $logger, 10); $this->assertSame(self::SESSIONID, $backend->getId()); $this->assertSame($id, $backend->getSessionId()); $this->assertSame($this->provider, $backend->getProvider()); $this->assertInstanceOf('User', $backend->getUser()); $this->assertTrue($backend->getUser()->isAnon()); $this->assertSame($info->wasPersisted(), $backend->isPersistent()); $this->assertSame($info->wasRemembered(), $backend->shouldRememberUser()); $this->assertSame($info->forceHTTPS(), $backend->shouldForceHTTPS()); $this->assertSame($expire, \TestingAccessWrapper::newFromObject($backend)->expires); $this->assertSame(array('foo'), $backend->getProviderMetadata()); }
public function getAllowedUserRights(SessionBackend $backend) { if ($backend->getProvider() !== $this) { throw new \InvalidArgumentException('Backend\'s provider isn\'t $this'); } $data = $backend->getProviderMetadata(); if ($data && isset($data['rights']) && is_array($data['rights'])) { return $data['rights']; } // Should never happen $this->logger->debug(__METHOD__ . ': No provider metadata, returning no rights allowed'); return []; }
public function persistSession(SessionBackend $session, WebRequest $request) { if ($this->sessionCookieName === null) { return; } $response = $request->response(); if ($response->headersSent()) { // Can't do anything now $this->logger->debug(__METHOD__ . ': Headers already sent'); return; } $options = $this->sessionCookieOptions; if ($session->shouldForceHTTPS() || $session->getUser()->requiresHTTPS()) { $response->setCookie('forceHTTPS', 'true', $session->shouldRememberUser() ? 0 : null, array('prefix' => '', 'secure' => false) + $options); $options['secure'] = true; } $response->setCookie($this->sessionCookieName, $session->getId(), null, $options); }
/** * Set the "forceHTTPS" cookie * @param bool $set Whether the cookie should be set or not * @param SessionBackend|null $backend * @param WebRequest $request */ protected function setForceHTTPSCookie($set, SessionBackend $backend = null, WebRequest $request) { $response = $request->response(); if ($set) { if ($backend->shouldRememberUser()) { $expirationDuration = $this->getLoginCookieExpiration('forceHTTPS', true); $expiration = $expirationDuration ? $expirationDuration + time() : null; } else { $expiration = null; } $response->setCookie('forceHTTPS', 'true', $expiration, ['prefix' => '', 'secure' => false] + $this->cookieOptions); } else { $response->clearCookie('forceHTTPS', ['prefix' => '', 'secure' => false] + $this->cookieOptions); } }
public function persistSession(SessionBackend $session, WebRequest $request) { $response = $request->response(); if ($response->headersSent()) { // Can't do anything now $this->logger->debug(__METHOD__ . ': Headers already sent'); return; } $user = $session->getUser(); $cookies = $this->cookieDataToExport($user, $session->shouldRememberUser()); $sessionData = $this->sessionDataToExport($user); // Legacy hook if ($this->params['callUserSetCookiesHook'] && !$user->isAnon()) { \Hooks::run('UserSetCookies', array($user, &$sessionData, &$cookies)); } $options = $this->cookieOptions; if ($session->shouldForceHTTPS() || $user->requiresHTTPS()) { $response->setCookie('forceHTTPS', 'true', $session->shouldRememberUser() ? 0 : null, array('prefix' => '', 'secure' => false) + $options); $options['secure'] = true; } $response->setCookie($this->params['sessionName'], $session->getId(), null, array('prefix' => '') + $options); $extendedCookies = $this->config->get('ExtendedLoginCookies'); $extendedExpiry = $this->config->get('ExtendedLoginCookieExpiration'); foreach ($cookies as $key => $value) { if ($value === false) { $response->clearCookie($key, $options); } else { if ($extendedExpiry !== null && in_array($key, $extendedCookies)) { $expiry = time() + (int) $extendedExpiry; } else { $expiry = 0; // Default cookie expiration } $response->setCookie($key, (string) $value, $expiry, $options); } } $this->setLoggedOutCookie($session->getLoggedOutTimestamp(), $request); if ($sessionData) { $session->addData($sessionData); } }