/**
* @param int $priority Session priority
* @param array $data
* - provider: (SessionProvider|null) If not given, the provider will be
* determined from the saved session data.
* - id: (string|null) Session ID
* - userInfo: (UserInfo|null) User known from the request. If
* $provider->canChangeUser() is false, a verified user
* must be provided.
* - persisted: (bool) Whether this session was persisted
* - remembered: (bool) Whether the verified user was remembered.
* Defaults to true.
* - forceHTTPS: (bool) Whether to force HTTPS for this session
* - metadata: (array) Provider metadata, to be returned by
* Session::getProviderMetadata(). See SessionProvider::mergeMetadata()
* and SessionProvider::refreshSessionInfo().
* - idIsSafe: (bool) Set true if the 'id' did not come from the user.
* Generally you'll use this from SessionProvider::newEmptySession(),
* and not from any other method.
* - forceUse: (bool) Set true if the 'id' is from
* SessionProvider::hashToSessionId() to delete conflicting session
* store data instead of discarding this SessionInfo. Ignored unless
* both 'provider' and 'id' are given.
* - copyFrom: (SessionInfo) SessionInfo to copy other data items from.
*/
public function __construct($priority, array $data)
{
if ($priority < self::MIN_PRIORITY || $priority > self::MAX_PRIORITY) {
throw new \InvalidArgumentException('Invalid priority');
}
if (isset($data['copyFrom'])) {
$from = $data['copyFrom'];
if (!$from instanceof SessionInfo) {
throw new \InvalidArgumentException('Invalid copyFrom');
}
$data += ['provider' => $from->provider, 'id' => $from->id, 'userInfo' => $from->userInfo, 'persisted' => $from->persisted, 'remembered' => $from->remembered, 'forceHTTPS' => $from->forceHTTPS, 'metadata' => $from->providerMetadata, 'idIsSafe' => $from->idIsSafe, 'forceUse' => $from->forceUse];
// @codeCoverageIgnoreEnd
} else {
$data += ['provider' => null, 'id' => null, 'userInfo' => null, 'persisted' => false, 'remembered' => true, 'forceHTTPS' => false, 'metadata' => null, 'idIsSafe' => false, 'forceUse' => false];
// @codeCoverageIgnoreEnd
}
if ($data['id'] !== null && !SessionManager::validateSessionId($data['id'])) {
throw new \InvalidArgumentException('Invalid session ID');
}
if ($data['userInfo'] !== null && !$data['userInfo'] instanceof UserInfo) {
throw new \InvalidArgumentException('Invalid userInfo');
}
if (!$data['provider'] && $data['id'] === null) {
throw new \InvalidArgumentException('Must supply an ID when no provider is given');
}
if ($data['metadata'] !== null && !is_array($data['metadata'])) {
throw new \InvalidArgumentException('Invalid metadata');
}
$this->provider = $data['provider'];
if ($data['id'] !== null) {
$this->id = $data['id'];
$this->idIsSafe = $data['idIsSafe'];
$this->forceUse = $data['forceUse'] && $this->provider;
} else {
$this->id = $this->provider->getManager()->generateSessionId();
$this->idIsSafe = true;
$this->forceUse = false;
}
$this->priority = (int) $priority;
$this->userInfo = $data['userInfo'];
$this->persisted = (bool) $data['persisted'];
if ($data['provider'] !== null) {
if ($this->userInfo !== null && !$this->userInfo->isAnon() && $this->userInfo->isVerified()) {
$this->remembered = (bool) $data['remembered'];
}
$this->providerMetadata = $data['metadata'];
}
$this->forceHTTPS = (bool) $data['forceHTTPS'];
}