search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Localisation updates from https://translatewiki.net.
[mediawiki.git] / tests / phpunit / includes / session / SessionTest.php
bloba503c8747ec1aa800b81f037fe9e201ab91c0210
1 <?php
2
3 namespace MediaWiki\Tests\Session;
4
5 use MediaWiki\User\User;
6 use MediaWikiIntegrationTestCase;
7 use Psr\Log\LogLevel;
8 use TestLogger;
9 use Wikimedia\TestingAccessWrapper;
10
11 /**
12 * @group Session
13 * @covers \MediaWiki\Session\Session
14 */
15 class SessionTest extends MediaWikiIntegrationTestCase {
16
17 public function testClear() {
18 $session = TestUtils::getDummySession();
19 $priv = TestingAccessWrapper::newFromObject( $session );
20
21 $backend = $this->getMockBuilder( DummySessionBackend::class )
22 ->addMethods( [ 'canSetUser', 'setUser', 'save' ] )
23 ->getMock();
24 $backend->expects( $this->once() )->method( 'canSetUser' )
25 ->willReturn( true );
26 $backend->expects( $this->once() )->method( 'setUser' )
27 ->with( $this->callback( static function ( $user ) {
28 return $user instanceof User && $user->isAnon();
29 } ) );
30 $backend->expects( $this->once() )->method( 'save' );
31 $priv->backend = $backend;
32 $session->clear();
33 $this->assertSame( [], $backend->data );
34 $this->assertTrue( $backend->dirty );
35
36 $backend = $this->getMockBuilder( DummySessionBackend::class )
37 ->addMethods( [ 'canSetUser', 'setUser', 'save' ] )
38 ->getMock();
39 $backend->data = [];
40 $backend->expects( $this->once() )->method( 'canSetUser' )
41 ->willReturn( true );
42 $backend->expects( $this->once() )->method( 'setUser' )
43 ->with( $this->callback( static function ( $user ) {
44 return $user instanceof User && $user->isAnon();
45 } ) );
46 $backend->expects( $this->once() )->method( 'save' );
47 $priv->backend = $backend;
48 $session->clear();
49 $this->assertFalse( $backend->dirty );
50
51 $backend = $this->getMockBuilder( DummySessionBackend::class )
52 ->addMethods( [ 'canSetUser', 'setUser', 'save' ] )
53 ->getMock();
54 $backend->expects( $this->once() )->method( 'canSetUser' )
55 ->willReturn( false );
56 $backend->expects( $this->never() )->method( 'setUser' );
57 $backend->expects( $this->once() )->method( 'save' );
58 $priv->backend = $backend;
59 $session->clear();
60 $this->assertSame( [], $backend->data );
61 $this->assertTrue( $backend->dirty );
62 }
63
64 public function testSecrets() {
65 $logger = new TestLogger;
66 $session = TestUtils::getDummySession( null, -1, $logger );
67
68 // Simple defaulting
69 $this->assertEquals( 'defaulted', $session->getSecret( 'test', 'defaulted' ) );
70
71 // Bad encrypted data
72 $session->set( 'test', 'foobar' );
73 $logger->setCollect( true );
74 $this->assertEquals( 'defaulted', $session->getSecret( 'test', 'defaulted' ) );
75 $logger->setCollect( false );
76 $this->assertSame( [
77 [ LogLevel::WARNING, 'Invalid sealed-secret format' ]
78 ], $logger->getBuffer() );
79 $logger->clearBuffer();
80
81 // Tampered data
82 $session->setSecret( 'test', 'foobar' );
83 $encrypted = $session->get( 'test' );
84 $session->set( 'test', $encrypted . 'x' );
85 $logger->setCollect( true );
86 $this->assertEquals( 'defaulted', $session->getSecret( 'test', 'defaulted' ) );
87 $logger->setCollect( false );
88 $this->assertSame( [
89 [ LogLevel::WARNING, 'Sealed secret has been tampered with, aborting.' ]
90 ], $logger->getBuffer() );
91 $logger->clearBuffer();
92
93 // Unserializable data
94 $iv = random_bytes( 16 );
95 [ $encKey, $hmacKey ] = TestingAccessWrapper::newFromObject( $session )->getSecretKeys();
96 $ciphertext = openssl_encrypt( 'foobar', 'aes-256-ctr', $encKey, OPENSSL_RAW_DATA, $iv );
97 $sealed = base64_encode( $iv ) . '.' . base64_encode( $ciphertext );
98 $hmac = hash_hmac( 'sha256', $sealed, $hmacKey, true );
99 $encrypted = base64_encode( $hmac ) . '.' . $sealed;
100 $session->set( 'test', $encrypted );
101 $this->assertEquals( 'defaulted', @$session->getSecret( 'test', 'defaulted' ) );
102 }
103
104 /**
105 * @dataProvider provideSecretsRoundTripping
106 */
107 public function testSecretsRoundTripping( $data ) {
108 $session = TestUtils::getDummySession();
109
110 // Simple round-trip
111 $session->setSecret( 'secret', $data );
112 // Cast to strings because PHPUnit sometimes considers true as equal to a string,
113 // depending on the other of the parameters (T317750)
114 $raw = $session->get( 'secret' );
115 $this->assertIsString( $raw );
116 if ( is_scalar( $data ) ) {
117 $this->assertNotSame( (string)$data, $raw );
118 }
119 $this->assertEquals( $data, $session->getSecret( 'secret', 'defaulted' ) );
120 }
121
122 public static function provideSecretsRoundTripping() {
123 return [
124 [ 'Foobar' ],
125 [ 42 ],
126 [ [ 'foo', 'bar' => 'baz', 'subarray' => [ 1, 2, 3 ] ] ],
127 [ (object)[ 'foo', 'bar' => 'baz', 'subarray' => [ 1, 2, 3 ] ] ],
128 [ true ],
129 [ false ],
130 [ null ],
131 ];
132 }
133
134 }
MediaWiki Core