public function testSetCookieCanAppendOtherHeadersInWhenCreatingString()
{
$setCookieHeader = new SetCookie();
$setCookieHeader->setName('myname');
$setCookieHeader->setValue('myvalue');
$setCookieHeader->setExpires('Wed, 13-Jan-2021 22:23:01 GMT');
$setCookieHeader->setDomain('docs.foo.com');
$setCookieHeader->setPath('/accounts');
$setCookieHeader->setSecure(true);
$setCookieHeader->setHttponly(true);
$appendCookie = new SetCookie('othername', 'othervalue');
$headerLine = $setCookieHeader->toStringMultipleHeaders(array($appendCookie));
$target = 'Set-Cookie: myname=myvalue; Expires=Wed, 13-Jan-2021 22:23:01 GMT;' . ' Domain=docs.foo.com; Path=/accounts;' . ' Secure; HttpOnly, othername=othervalue';
$this->assertEquals($target, $headerLine);
}
/**
* Set user's language
*
* @param string $language
* @return void
*/
protected function setUserLanguage($language)
{
if (!$this->userIdentity['language'] || $this->userIdentity['language'] != $language) {
// save language
if ($this->userIdentity['role'] != AclBaseModel::DEFAULT_ROLE_GUEST) {
$this->serviceLocator->get('Application\\Model\\ModelManager')->getInstance('User\\Model\\UserBase')->setUserLanguage($this->userIdentity['user_id'], $language);
}
// set language cookie
$header = new SetCookie();
$header->setName(self::LOCALIZATION_COOKIE)->setValue($language)->setPath('/')->setExpires(time() + (int) SettingService::getSetting('application_localization_cookie_time'));
$this->serviceLocator->get('Response')->getHeaders()->addHeader($header);
$this->userIdentity['language'] = $language;
// change globally user's identity
UserIdentityService::setCurrentUserIdentity($this->userIdentity);
UserIdentityService::getAuthService()->getStorage()->write($this->userIdentity);
}
}
public function destroy($sessionId)
{
$header = new HeaderSetCookie();
$header->setName(ini_get('session.name') . '_' . $sessionId);
$header->setValue('');
$header->setExpires(time() - 1000000);
$header->setPath('/');
$header->setHttponly(true);
$this->getResponse()->getHeaders()->addHeader($header);
return true;
}
/**
* Save layout
*
* @param integer $layoutId
* @return void
*/
public static function saveLayout($layoutId)
{
$header = new SetCookie();
$header->setName(LayoutModule::LAYOUT_COOKIE)->setValue($layoutId)->setPath('/')->setExpires(time() + (int) SettingService::getSetting('layout_select_cookie_time'));
ServiceLocatorService::getServiceLocator()->get('Response')->getHeaders()->addHeader($header);
}
public function setCookie($key = "", $value = "", $time = 86400)
{
$header = new \Zend\Http\Header\SetCookie();
$header->setName($key);
$header->setValue($value);
$header->setDomain($_SERVER['HTTP_HOST']);
$header->setPath('/');
$header->setExpires(time() + $time);
$this->getResponse()->getHeaders()->addHeader($header);
}
public function testSessionTheftWithRememberMe()
{
$authenticationService = $this->getApplicationServiceLocator()->get('Zend\\Authentication\\AuthenticationService');
//do inital login
$authenticationService->login('toby', 'password1', true);
//get the remember me object
$rememberMeObject = $this->documentManager->getRepository('Zoop\\GatewayModule\\DataModel\\RememberMe')->findOneBy(['username' => 'toby']);
//clear the authentication storage
$authenticationService->getOptions()->getPerSessionStorage()->clear();
//create the remember me request cookie
$series = $rememberMeObject->getSeries();
$token = 'wrong token';
$requestCookie = new SetCookie();
$requestCookie->setName('rememberMe');
$requestCookie->setValue("{$series}\n{$token}\ntoby");
$requestCookie->setExpires(time() + 3600);
$accept = new Accept();
$accept->addMediaType('application/json');
$this->getRequest()->setMethod(Request::METHOD_GET)->getHeaders()->addHeaders([$accept, $requestCookie]);
$this->dispatch('/rest/authenticatedUser');
$response = $this->getResponse();
$result = json_decode($response->getContent(), true);
$this->assertResponseStatusCode(204);
$this->assertFalse(isset($result));
$responseCookie = $response->getHeaders()->get('SetCookie')[0];
$this->assertEquals('rememberMe', $responseCookie->getName());
$this->assertEquals('', $responseCookie->getValue());
}
/**
* Save a shopping cart cookie
*
* @param string $value
* @return void
*/
private function _saveShoppingCartCookie($value)
{
$header = new SetCookie();
$header->setName(self::SHOPPING_CART_COOKIE)->setValue($value)->setPath('/')->setHttpOnly(true)->setExpires(time() + (int) SettingService::getSetting('payment_shopping_cart_session_time'));
$this->serviceLocator->get('Response')->getHeaders()->addHeader($header);
}
public function testSetCookieFieldValueIsEmptyStringWhenNameIsUnset()
{
$setCookieHeader = new SetCookie();
$this->assertSame('', $setCookieHeader->getFieldValue());
// empty
$setCookieHeader->setName('myname');
$setCookieHeader->setValue('myvalue');
$setCookieHeader->setExpires('Wed, 13-Jan-2021 22:23:01 GMT');
$setCookieHeader->setDomain('docs.foo.com');
$setCookieHeader->setPath('/accounts');
$setCookieHeader->setSecure(true);
$setCookieHeader->setHttponly(true);
$target = 'myname=myvalue; Expires=Wed, 13-Jan-2021 22:23:01 GMT;' . ' Domain=docs.foo.com; Path=/accounts;' . ' Secure; HttpOnly';
$this->assertSame($target, $setCookieHeader->getFieldValue());
// not empty
$setCookieHeader->setName(null);
$this->assertSame('', $setCookieHeader->getFieldValue());
// empty again
$this->assertNull($setCookieHeader->getName());
}
