silverstripe / silverstripe-hybridsessions

tests/DatabaseStoreTest.php

Indentation +13 added lines, -13 removed lines

@@ -9,20 +9,20 @@
 
 class DatabaseStoreTest extends AbstractTest
 {
-    protected function setUp()
-    {
-        parent::setUp();
+	protected function setUp()
+	{
+		parent::setUp();
 
-        if (!DB::get_conn() instanceof MySQLDatabase) {
-            $this->markTestSkipped('Only MySQL databases are supported');
-        }
-    }
+		if (!DB::get_conn() instanceof MySQLDatabase) {
+			$this->markTestSkipped('Only MySQL databases are supported');
+		}
+	}
 
-    protected function getStore()
-    {
-        $store = Injector::inst()->get(DatabaseStore::class);
-        $store->setKey(uniqid());
+	protected function getStore()
+	{
+		$store = Injector::inst()->get(DatabaseStore::class);
+		$store->setKey(uniqid());
 
-        return $store;
-    }
+		return $store;
+	}
 }

tests/HybridSessionTest.php

Indentation +79 added lines, -79 removed lines

@@ -9,83 +9,83 @@
 
 class HybridSessionTest extends SapphireTest
 {
-    /**
-     * @var BaseStore
-     */
-    protected $handler;
-
-    /**
-     * @var HybridSession
-     */
-    protected $instance;
-
-    protected function setUp()
-    {
-        parent::setUp();
-
-        $this->handler = $this->createMock(TestCookieStore::class);
-
-        $this->instance = new HybridSession();
-    }
-
-    public function testSetHandlersAlsoSetsKeyToEachHandler()
-    {
-        $this->instance->setKey('foobar');
-        $this->handler->expects($this->once())->method('setKey')->with('foobar');
-        $this->instance->setHandlers([$this->handler]);
-    }
-
-    public function testOpenDelegatesToAllHandlers()
-    {
-        $this->handler->expects($this->once())->method('open')->with('foo', 'bar');
-        $this->instance->setHandlers([$this->handler]);
-        $this->assertTrue($this->instance->open('foo', 'bar'), 'Method returns true after delegation');
-    }
-
-    public function testCloseDelegatesToAllHandlers()
-    {
-        $this->handler->expects($this->once())->method('close');
-        $this->instance->setHandlers([$this->handler]);
-        $this->assertTrue($this->instance->close(), 'Method returns true after delegation');
-    }
-
-    public function testReadReturnsEmptyStringWithNoHandlers()
-    {
-        $this->handler->expects($this->once())->method('read')->with('foosession')->willReturn(false);
-        $this->instance->setHandlers([$this->handler]);
-        $this->assertSame('', $this->instance->read('foosession'));
-    }
-
-    public function testReadReturnsHandlerDelegateResult()
-    {
-        $this->handler->expects($this->once())->method('read')->with('foo.session')->willReturn('success!');
-        $this->instance->setHandlers([$this->handler]);
-        $this->assertSame('success!', $this->instance->read('foo.session'));
-    }
-
-    public function testWriteDelegatesToHandlerAndReturnsTrue()
-    {
-        $this->handler->expects($this->once())->method('write')->with('foo', 'bar')->willReturn(true);
-        $this->instance->setHandlers([$this->handler]);
-        $this->assertTrue($this->instance->write('foo', 'bar'));
-    }
-
-    public function testWriteReturnsFalseWithNoHandlers()
-    {
-        $this->assertFalse($this->instance->write('no', 'handlers'));
-    }
-
-    public function testDestroyDelegatesToHandler()
-    {
-        $this->handler->expects($this->once())->method('destroy')->with('sessid1234');
-        $this->instance->setHandlers([$this->handler]);
-        $this->assertTrue($this->instance->destroy('sessid1234'), 'Method returns true after delegation');
-    }
-
-    public function testGcDelegatesToHandlers()
-    {
-        $this->handler->expects($this->once())->method('gc')->with(12345);
-        $this->instance->setHandlers([$this->handler]);
-        $this->instance->gc(12345);
-    }
+	/**
+	 * @var BaseStore
+	 */
+	protected $handler;
+
+	/**
+	 * @var HybridSession
+	 */
+	protected $instance;
+
+	protected function setUp()
+	{
+		parent::setUp();
+
+		$this->handler = $this->createMock(TestCookieStore::class);
+
+		$this->instance = new HybridSession();
+	}
+
+	public function testSetHandlersAlsoSetsKeyToEachHandler()
+	{
+		$this->instance->setKey('foobar');
+		$this->handler->expects($this->once())->method('setKey')->with('foobar');
+		$this->instance->setHandlers([$this->handler]);
+	}
+
+	public function testOpenDelegatesToAllHandlers()
+	{
+		$this->handler->expects($this->once())->method('open')->with('foo', 'bar');
+		$this->instance->setHandlers([$this->handler]);
+		$this->assertTrue($this->instance->open('foo', 'bar'), 'Method returns true after delegation');
+	}
+
+	public function testCloseDelegatesToAllHandlers()
+	{
+		$this->handler->expects($this->once())->method('close');
+		$this->instance->setHandlers([$this->handler]);
+		$this->assertTrue($this->instance->close(), 'Method returns true after delegation');
+	}
+
+	public function testReadReturnsEmptyStringWithNoHandlers()
+	{
+		$this->handler->expects($this->once())->method('read')->with('foosession')->willReturn(false);
+		$this->instance->setHandlers([$this->handler]);
+		$this->assertSame('', $this->instance->read('foosession'));
+	}
+
+	public function testReadReturnsHandlerDelegateResult()
+	{
+		$this->handler->expects($this->once())->method('read')->with('foo.session')->willReturn('success!');
+		$this->instance->setHandlers([$this->handler]);
+		$this->assertSame('success!', $this->instance->read('foo.session'));
+	}
+
+	public function testWriteDelegatesToHandlerAndReturnsTrue()
+	{
+		$this->handler->expects($this->once())->method('write')->with('foo', 'bar')->willReturn(true);
+		$this->instance->setHandlers([$this->handler]);
+		$this->assertTrue($this->instance->write('foo', 'bar'));
+	}
+
+	public function testWriteReturnsFalseWithNoHandlers()
+	{
+		$this->assertFalse($this->instance->write('no', 'handlers'));
+	}
+
+	public function testDestroyDelegatesToHandler()
+	{
+		$this->handler->expects($this->once())->method('destroy')->with('sessid1234');
+		$this->instance->setHandlers([$this->handler]);
+		$this->assertTrue($this->instance->destroy('sessid1234'), 'Method returns true after delegation');
+	}
+
+	public function testGcDelegatesToHandlers()
+	{
+		$this->handler->expects($this->once())->method('gc')->with(12345);
+		$this->instance->setHandlers([$this->handler]);
+		$this->instance->gc(12345);
+	}
 }

tests/Store/TestCookieStore.php

Indentation +15 added lines, -15 removed lines

@@ -7,21 +7,21 @@
 
 class TestCookieStore extends CookieStore implements TestOnly
 {
-    /**
-     * Override value of 'headers_sent' but only if running tests.
-     *
-     * Set to true or false, or null to not override
-     *
-     * @var string
-     */
-    public static $override_headers_sent = null;
+	/**
+	 * Override value of 'headers_sent' but only if running tests.
+	 *
+	 * Set to true or false, or null to not override
+	 *
+	 * @var string
+	 */
+	public static $override_headers_sent = null;
 
-    protected function canWrite()
-    {
-        if (self::$override_headers_sent !== null) {
-            return !self::$override_headers_sent;
-        }
+	protected function canWrite()
+	{
+		if (self::$override_headers_sent !== null) {
+			return !self::$override_headers_sent;
+		}
 
-        parent::canWrite();
-    }
+		parent::canWrite();
+	}
 }

src/HybridSession.php

Indentation +148 added lines, -148 removed lines

@@ -9,152 +9,152 @@
 class HybridSession extends BaseStore
 {
 
-    /**
-     * List of session handlers
-     *
-     * @var array
-     */
-    protected $handlers = [];
-
-    /**
-     * True if this session store has been initialised
-     *
-     * @var bool
-     */
-    protected static $enabled = false;
-
-    /**
-     * @param SessionHandlerInterface[]
-     *
-     * @return $this
-     */
-    public function setHandlers($handlers)
-    {
-        $this->handlers = $handlers;
-        $this->setKey($this->getKey());
-
-        return $this;
-    }
-
-    /**
-     * @param string
-     *
-     * @return $this
-     */
-    public function setKey($key)
-    {
-        parent::setKey($key);
-
-        foreach ($this->getHandlers() as $handler) {
-            $handler->setKey($key);
-        }
-
-        return $this;
-    }
-
-    /**
-     * @return SessionHandlerInterface[]
-     */
-    public function getHandlers()
-    {
-        return $this->handlers ?: [];
-    }
-
-    /**
-     * @param string $save_path
-     * @param string $name
-     *
-     * @return bool
-     */
-    public function open($save_path, $name)
-    {
-        foreach ($this->getHandlers() as $handler) {
-            $handler->open($save_path, $name);
-        }
-
-        return true;
-    }
-
-    /**
-     * @return bool
-     */
-    public function close()
-    {
-        foreach ($this->getHandlers() as $handler) {
-            $handler->close();
-        }
-
-        return true;
-    }
-
-    /**
-     * @param string $session_id
-     *
-     * @return string
-     */
-    public function read($session_id)
-    {
-        foreach ($this->getHandlers() as $handler) {
-            if ($data = $handler->read($session_id)) {
-                return $data;
-            }
-        }
-
-        return '';
-    }
-
-    public function write($session_id, $session_data)
-    {
-        foreach ($this->getHandlers() as $handler) {
-            if ($handler->write($session_id, $session_data)) {
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    public function destroy($session_id)
-    {
-        foreach ($this->getHandlers() as $handler) {
-            $handler->destroy($session_id);
-        }
-
-        return true;
-    }
-
-    public function gc($maxlifetime)
-    {
-        foreach ($this->getHandlers() as $handler) {
-            $handler->gc($maxlifetime);
-        }
-    }
-
-    /**
-     * Register the session handler as the default
-     *
-     * @param string $key Desired session key
-     */
-    public static function init($key = null)
-    {
-        $instance = Injector::inst()->get(__CLASS__);
-
-        if (empty($key)) {
-            user_error(
-                'HybridSession::init() was not given a $key. Disabling cookie-based storage',
-                E_USER_WARNING
-            );
-        } else {
-            $instance->setKey($key);
-        }
-
-        session_set_save_handler($instance, true);
-
-        self::$enabled = true;
-    }
-
-    public static function is_enabled()
-    {
-        return self::$enabled;
-    }
+	/**
+	 * List of session handlers
+	 *
+	 * @var array
+	 */
+	protected $handlers = [];
+
+	/**
+	 * True if this session store has been initialised
+	 *
+	 * @var bool
+	 */
+	protected static $enabled = false;
+
+	/**
+	 * @param SessionHandlerInterface[]
+	 *
+	 * @return $this
+	 */
+	public function setHandlers($handlers)
+	{
+		$this->handlers = $handlers;
+		$this->setKey($this->getKey());
+
+		return $this;
+	}
+
+	/**
+	 * @param string
+	 *
+	 * @return $this
+	 */
+	public function setKey($key)
+	{
+		parent::setKey($key);
+
+		foreach ($this->getHandlers() as $handler) {
+			$handler->setKey($key);
+		}
+
+		return $this;
+	}
+
+	/**
+	 * @return SessionHandlerInterface[]
+	 */
+	public function getHandlers()
+	{
+		return $this->handlers ?: [];
+	}
+
+	/**
+	 * @param string $save_path
+	 * @param string $name
+	 *
+	 * @return bool
+	 */
+	public function open($save_path, $name)
+	{
+		foreach ($this->getHandlers() as $handler) {
+			$handler->open($save_path, $name);
+		}
+
+		return true;
+	}
+
+	/**
+	 * @return bool
+	 */
+	public function close()
+	{
+		foreach ($this->getHandlers() as $handler) {
+			$handler->close();
+		}
+
+		return true;
+	}
+
+	/**
+	 * @param string $session_id
+	 *
+	 * @return string
+	 */
+	public function read($session_id)
+	{
+		foreach ($this->getHandlers() as $handler) {
+			if ($data = $handler->read($session_id)) {
+				return $data;
+			}
+		}
+
+		return '';
+	}
+
+	public function write($session_id, $session_data)
+	{
+		foreach ($this->getHandlers() as $handler) {
+			if ($handler->write($session_id, $session_data)) {
+				return true;
+			}
+		}
+
+		return false;
+	}
+
+	public function destroy($session_id)
+	{
+		foreach ($this->getHandlers() as $handler) {
+			$handler->destroy($session_id);
+		}
+
+		return true;
+	}
+
+	public function gc($maxlifetime)
+	{
+		foreach ($this->getHandlers() as $handler) {
+			$handler->gc($maxlifetime);
+		}
+	}
+
+	/**
+	 * Register the session handler as the default
+	 *
+	 * @param string $key Desired session key
+	 */
+	public static function init($key = null)
+	{
+		$instance = Injector::inst()->get(__CLASS__);
+
+		if (empty($key)) {
+			user_error(
+				'HybridSession::init() was not given a $key. Disabling cookie-based storage',
+				E_USER_WARNING
+			);
+		} else {
+			$instance->setKey($key);
+		}
+
+		session_set_save_handler($instance, true);
+
+		self::$enabled = true;
+	}
+
+	public static function is_enabled()
+	{
+		return self::$enabled;
+	}
 }

src/Store/CookieStore.php

Indentation +168 added lines, -168 removed lines

@@ -22,172 +22,172 @@
 class CookieStore extends BaseStore
 {
 
-    /**
-     * Maximum length of a cookie value in characters
-     *
-     * @var int
-     * @config
-     */
-    private static $max_length = 1024;
-
-    /**
-     * Encryption service
-     *
-     * @var HybridSessionStore_Crypto
-     */
-    protected $crypto;
-
-    /**
-     * Name of cookie
-     *
-     * @var string
-     */
-    protected $cookie;
-
-    /**
-     * Known unmodified value of this cookie. If the cookie backend has been read into the application,
-     * then the backend is unable to verify the modification state of this value internally within the
-     * system, so this will be left null unless written back.
-     *
-     * If the content exceeds max_length then the backend can also not maintain this cookie, also
-     * setting this variable to null.
-     *
-     * @var string
-     */
-    protected $currentCookieData;
-
-    public function open($save_path, $name)
-    {
-        $this->cookie = $name.'_2';
-
-        // Read the incoming value, then clear the cookie - we might not be able
-        // to do so later if write() is called after headers are sent
-        // This is intended to force a failover to the database store if the
-        // modified session cannot be emitted.
-        $this->currentCookieData = Cookie::get($this->cookie);
-
-        if ($this->currentCookieData) {
-            Cookie::set($this->cookie, '');
-        }
-    }
-
-    public function close()
-    {
-    }
-
-    /**
-     * Get the cryptography store for the specified session
-     *
-     * @param string $session_id
-     * @return HybridSessionStore_Crypto
-     */
-    protected function getCrypto($session_id)
-    {
-        $key = $this->getKey();
-
-        if (!$key) {
-            return null;
-        }
-
-        if (!$this->crypto || $this->crypto->getSalt() != $session_id) {
-            $this->crypto = Injector::inst()->create(CryptoHandler::class, $key, $session_id);
-        }
-
-        return $this->crypto;
-    }
-
-    public function read($session_id)
-    {
-        // Check ability to safely decrypt content
-        if (!$this->currentCookieData
-            || !($crypto = $this->getCrypto($session_id))
-        ) {
-            return;
-        }
-
-        // Decrypt and invalidate old data
-        $cookieData = $crypto->decrypt($this->currentCookieData);
-        $this->currentCookieData = null;
-
-        // Verify expiration
-        if ($cookieData) {
-            $expiry = (int)substr($cookieData, 0, 10);
-            $data = substr($cookieData, 10);
-
-            if ($expiry > $this->getNow()) {
-                return $data;
-            }
-        }
-    }
-
-    /**
-     * Determine if the session could be verifably written to cookie storage
-     *
-     * @return bool
-     */
-    protected function canWrite()
-    {
-        return !headers_sent();
-    }
-
-    public function write($session_id, $session_data)
-    {
-        // Check ability to safely encrypt and write content
-        if (!$this->canWrite()
-            || (strlen($session_data) > static::config()->get('max_length'))
-            || !($crypto = $this->getCrypto($session_id))
-        ) {
-            if (strlen($session_data) > static::config()->get('max_length')) {
-                unset($this->currentCookieData);
-            }
-
-            return false;
-        }
-
-        // Prepare content for write
-        $params = session_get_cookie_params();
-        // Total max lifetime, stored internally
-        $lifetime = $this->getLifetime();
-        $expiry = $this->getNow() + $lifetime;
-
-        // Restore the known good cookie value
-        $this->currentCookieData = $this->crypto->encrypt(
-            sprintf('%010u', $expiry) . $session_data
-        );
-
-        // Respect auto-expire on browser close for the session cookie (in case the cookie lifetime is zero)
-        $cookieLifetime = min((int)$params['lifetime'], $lifetime);
-
-        Cookie::set(
-            $this->cookie,
-            $this->currentCookieData,
-            $cookieLifetime / 86400,
-            $params['path'],
-            $params['domain'],
-            $params['secure'],
-            $params['httponly']
-        );
-
-        return true;
-    }
-
-    public function destroy($session_id)
-    {
-        $this->currentCookieData = null;
-
-        $params = session_get_cookie_params();
-
-        Cookie::force_expiry(
-            $this->cookie,
-            $params['path'],
-            $params['domain'],
-            $params['secure'],
-            $params['httponly']
-        );
-    }
-
-    public function gc($maxlifetime)
-    {
-        // NOP
-    }
+	/**
+	 * Maximum length of a cookie value in characters
+	 *
+	 * @var int
+	 * @config
+	 */
+	private static $max_length = 1024;
+
+	/**
+	 * Encryption service
+	 *
+	 * @var HybridSessionStore_Crypto
+	 */
+	protected $crypto;
+
+	/**
+	 * Name of cookie
+	 *
+	 * @var string
+	 */
+	protected $cookie;
+
+	/**
+	 * Known unmodified value of this cookie. If the cookie backend has been read into the application,
+	 * then the backend is unable to verify the modification state of this value internally within the
+	 * system, so this will be left null unless written back.
+	 *
+	 * If the content exceeds max_length then the backend can also not maintain this cookie, also
+	 * setting this variable to null.
+	 *
+	 * @var string
+	 */
+	protected $currentCookieData;
+
+	public function open($save_path, $name)
+	{
+		$this->cookie = $name.'_2';
+
+		// Read the incoming value, then clear the cookie - we might not be able
+		// to do so later if write() is called after headers are sent
+		// This is intended to force a failover to the database store if the
+		// modified session cannot be emitted.
+		$this->currentCookieData = Cookie::get($this->cookie);
+
+		if ($this->currentCookieData) {
+			Cookie::set($this->cookie, '');
+		}
+	}
+
+	public function close()
+	{
+	}
+
+	/**
+	 * Get the cryptography store for the specified session
+	 *
+	 * @param string $session_id
+	 * @return HybridSessionStore_Crypto
+	 */
+	protected function getCrypto($session_id)
+	{
+		$key = $this->getKey();
+
+		if (!$key) {
+			return null;
+		}
+
+		if (!$this->crypto || $this->crypto->getSalt() != $session_id) {
+			$this->crypto = Injector::inst()->create(CryptoHandler::class, $key, $session_id);
+		}
+
+		return $this->crypto;
+	}
+
+	public function read($session_id)
+	{
+		// Check ability to safely decrypt content
+		if (!$this->currentCookieData
+			|| !($crypto = $this->getCrypto($session_id))
+		) {
+			return;
+		}
+
+		// Decrypt and invalidate old data
+		$cookieData = $crypto->decrypt($this->currentCookieData);
+		$this->currentCookieData = null;
+
+		// Verify expiration
+		if ($cookieData) {
+			$expiry = (int)substr($cookieData, 0, 10);
+			$data = substr($cookieData, 10);
+
+			if ($expiry > $this->getNow()) {
+				return $data;
+			}
+		}
+	}
+
+	/**
+	 * Determine if the session could be verifably written to cookie storage
+	 *
+	 * @return bool
+	 */
+	protected function canWrite()
+	{
+		return !headers_sent();
+	}
+
+	public function write($session_id, $session_data)
+	{
+		// Check ability to safely encrypt and write content
+		if (!$this->canWrite()
+			|| (strlen($session_data) > static::config()->get('max_length'))
+			|| !($crypto = $this->getCrypto($session_id))
+		) {
+			if (strlen($session_data) > static::config()->get('max_length')) {
+				unset($this->currentCookieData);
+			}
+
+			return false;
+		}
+
+		// Prepare content for write
+		$params = session_get_cookie_params();
+		// Total max lifetime, stored internally
+		$lifetime = $this->getLifetime();
+		$expiry = $this->getNow() + $lifetime;
+
+		// Restore the known good cookie value
+		$this->currentCookieData = $this->crypto->encrypt(
+			sprintf('%010u', $expiry) . $session_data
+		);
+
+		// Respect auto-expire on browser close for the session cookie (in case the cookie lifetime is zero)
+		$cookieLifetime = min((int)$params['lifetime'], $lifetime);
+
+		Cookie::set(
+			$this->cookie,
+			$this->currentCookieData,
+			$cookieLifetime / 86400,
+			$params['path'],
+			$params['domain'],
+			$params['secure'],
+			$params['httponly']
+		);
+
+		return true;
+	}
+
+	public function destroy($session_id)
+	{
+		$this->currentCookieData = null;
+
+		$params = session_get_cookie_params();
+
+		Cookie::force_expiry(
+			$this->cookie,
+			$params['path'],
+			$params['domain'],
+			$params['secure'],
+			$params['httponly']
+		);
+	}
+
+	public function gc($maxlifetime)
+	{
+		// NOP
+	}
 }