Session - Code Metrics - Inspection of "Daily Inspection: registration: Support config set..." - wikimedia/mediawiki - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Branch — master (9ffc40)

unknown

created 2016-07-24 17:19 UTC

Session D

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	634
Duplicated Lines	4.89 %

Coupling/Cohesion

Components	1
Dependencies	6

Importance

Changes

Metric	Value
dl	31
loc	634
rs	4.734
c	0
b	0
f	0
wmc	88
lcom	1
cbo	6

48 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	5	1
A	__destruct()	0	3	1
A	getId()	0	3	1
A	getSessionId()	0	3	1
A	resetId()	0	3	1
A	getProvider()	0	3	1
A	isPersistent()	0	3	1
A	persist()	0	3	1
A	unpersist()	0	3	1
A	shouldRememberUser()	0	3	1
A	setRememberUser()	0	3	1
A	getRequest()	0	3	1
A	getUser()	0	3	1
A	getAllowedUserRights()	0	3	1
A	canSetUser()	0	3	1
A	setUser()	0	3	1
A	suggestLoginUsername()	0	3	1
A	shouldForceHTTPS()	0	3	1
A	setForceHTTPS()	0	3	1
A	getLoggedOutTimestamp()	0	3	1
A	setLoggedOutTimestamp()	0	3	1
A	getProviderMetadata()	0	3	1
A	clear()	0	11	3
A	renew()	0	3	1
A	sessionWithRequest()	0	4	1
A	get()	0	4	2
A	exists()	0	4	1
A	set()	0	7	3
A	remove()	0	7	2
B	getToken()	0	19	5
A	resetToken()	0	7	3
A	resetAllTokens()	0	3	1
A	getSecretKeys()	0	21	4
D	getEncryptionAlgorithm()	16	46	10
B	setSecret()	0	46	6
C	getSecret()	15	69	11
A	delaySave()	0	3	1
A	save()	0	3	1
A	count()	0	4	1
A	current()	0	4	1
A	key()	0	4	1
A	next()	0	4	1
A	rewind()	0	4	1
A	valid()	0	4	1
A	offsetExists()	0	4	1
A	offsetGet()	0	8	2
A	offsetSet()	0	3	1
A	offsetUnset()	0	3	1

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like Session often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use Session, and based on these observations, apply Extract Interface, too.

<?php
/**
 * MediaWiki session
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License along
 * with this program; if not, write to the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 * http://www.gnu.org/copyleft/gpl.html
 *
 * @file
 * @ingroup Session
 */

namespace MediaWiki\Session;

use Psr\Log\LoggerInterface;
use User;
use WebRequest;

/**
 * Manages data for an an authenticated session
 *
 * A Session represents the fact that the current HTTP request is part of a
 * session. There are two broad types of Sessions, based on whether they
 * return true or false from self::canSetUser():
 * * When true (mutable), the Session identifies multiple requests as part of
 *   a session generically, with no tie to a particular user.
 * * When false (immutable), the Session identifies multiple requests as part
 *   of a session by identifying and authenticating the request itself as
 *   belonging to a particular user.
 *
 * The Session object also serves as a replacement for PHP's $_SESSION,
 * managing access to per-session data.
 *
 * @ingroup Session
 * @since 1.27
 */
final class Session implements \Countable, \Iterator, \ArrayAccess {
	/** @var null|string[] Encryption algorithm to use */
	private static $encryptionAlgorithm = null;

	/** @var SessionBackend Session backend */
	private $backend;

	/** @var int Session index */
	private $index;

	/** @var LoggerInterface */
	private $logger;

	/**
	 * @param SessionBackend $backend
	 * @param int $index
	 * @param LoggerInterface $logger
	 */
	public function __construct( SessionBackend $backend, $index, LoggerInterface $logger ) {
		$this->backend = $backend;
		$this->index = $index;
		$this->logger = $logger;
	}

	public function __destruct() {
		$this->backend->deregisterSession( $this->index );
	}

	/**
	 * Returns the session ID
	 * @return string
	 */
	public function getId() {
		return $this->backend->getId();
	}

	/**
	 * Returns the SessionId object
	 * @private For internal use by WebRequest
	 * @return SessionId
	 */
	public function getSessionId() {
		return $this->backend->getSessionId();
	}

	/**
	 * Changes the session ID
	 * @return string New ID (might be the same as the old)
	 */
	public function resetId() {
		return $this->backend->resetId();
	}

	/**
	 * Fetch the SessionProvider for this session
	 * @return SessionProviderInterface
	 */
	public function getProvider() {
		return $this->backend->getProvider();
	}

	/**
	 * Indicate whether this session is persisted across requests
	 *
	 * For example, if cookies are set.
	 *
	 * @return bool
	 */
	public function isPersistent() {
		return $this->backend->isPersistent();
	}

	/**
	 * Make this session persisted across requests
	 *
	 * If the session is already persistent, equivalent to calling
	 * $this->renew().
	 */
	public function persist() {
		$this->backend->persist();
	}

	/**
	 * Make this session not be persisted across requests
	 */
	public function unpersist() {
		$this->backend->unpersist();
	}

	/**
	 * Indicate whether the user should be remembered independently of the
	 * session ID.
	 * @return bool
	 */
	public function shouldRememberUser() {
		return $this->backend->shouldRememberUser();
	}

	/**
	 * Set whether the user should be remembered independently of the session
	 * ID.
	 * @param bool $remember
	 */
	public function setRememberUser( $remember ) {
		$this->backend->setRememberUser( $remember );
	}

	/**
	 * Returns the request associated with this session
	 * @return WebRequest
	 */
	public function getRequest() {
		return $this->backend->getRequest( $this->index );
	}

	/**
	 * Returns the authenticated user for this session
	 * @return User
	 */
	public function getUser() {
		return $this->backend->getUser();
	}

	/**
	 * Fetch the rights allowed the user when this session is active.
	 * @return null|string[] Allowed user rights, or null to allow all.
	 */
	public function getAllowedUserRights() {
		return $this->backend->getAllowedUserRights();
	}

	/**
	 * Indicate whether the session user info can be changed
	 * @return bool
	 */
	public function canSetUser() {
		return $this->backend->canSetUser();
	}

	/**
	 * Set a new user for this session
	 * @note This should only be called when the user has been authenticated
	 * @param User $user User to set on the session.
	 *   This may become a "UserValue" in the future, or User may be refactored
	 *   into such.
	 */
	public function setUser( $user ) {
		$this->backend->setUser( $user );
	}

	/**
	 * Get a suggested username for the login form
	 * @return string|null
	 */
	public function suggestLoginUsername() {
		return $this->backend->suggestLoginUsername( $this->index );
	}

	/**
	 * Whether HTTPS should be forced
	 * @return bool
	 */
	public function shouldForceHTTPS() {
		return $this->backend->shouldForceHTTPS();
	}

	/**
	 * Set whether HTTPS should be forced
	 * @param bool $force
	 */
	public function setForceHTTPS( $force ) {
		$this->backend->setForceHTTPS( $force );
	}

	/**
	 * Fetch the "logged out" timestamp
	 * @return int
	 */
	public function getLoggedOutTimestamp() {
		return $this->backend->getLoggedOutTimestamp();
	}

	/**
	 * Set the "logged out" timestamp
	 * @param int $ts
	 */
	public function setLoggedOutTimestamp( $ts ) {
		$this->backend->setLoggedOutTimestamp( $ts );
	}

	/**
	 * Fetch provider metadata
	 * @protected For use by SessionProvider subclasses only
	 * @return mixed
	 */
	public function getProviderMetadata() {
		return $this->backend->getProviderMetadata();
	}

	/**
	 * Delete all session data and clear the user (if possible)
	 */
	public function clear() {
		$data = &$this->backend->getData();
		if ( $data ) {
			$data = [];
			$this->backend->dirty();
		}
		if ( $this->backend->canSetUser() ) {
			$this->backend->setUser( new User );
		}
		$this->backend->save();
	}

	/**
	 * Renew the session
	 *
	 * Resets the TTL in the backend store if the session is near expiring, and
	 * re-persists the session to any active WebRequests if persistent.
	 */
	public function renew() {
		$this->backend->renew();
	}

	/**
	 * Fetch a copy of this session attached to an alternative WebRequest
	 *
	 * Actions on the copy will affect this session too, and vice versa.
	 *
	 * @param WebRequest $request Any existing session associated with this
	 *  WebRequest object will be overwritten.
	 * @return Session
	 */
	public function sessionWithRequest( WebRequest $request ) {
		$request->setSessionId( $this->backend->getSessionId() );
		return $this->backend->getSession( $request );
	}

	/**
	 * Fetch a value from the session
	 * @param string|int $key
	 * @param mixed $default Returned if $this->exists( $key ) would be false
	 * @return mixed
	 */
	public function get( $key, $default = null ) {
		$data = &$this->backend->getData();
		return array_key_exists( $key, $data ) ? $data[$key] : $default;
	}

	/**
	 * Test if a value exists in the session
	 * @note Unlike isset(), null values are considered to exist.
	 * @param string|int $key
	 * @return bool
	 */
	public function exists( $key ) {
		$data = &$this->backend->getData();
		return array_key_exists( $key, $data );
	}

	/**
	 * Set a value in the session
	 * @param string|int $key
	 * @param mixed $value
	 */
	public function set( $key, $value ) {
		$data = &$this->backend->getData();
		if ( !array_key_exists( $key, $data ) || $data[$key] !== $value ) {
			$data[$key] = $value;
			$this->backend->dirty();
		}
	}

	/**
	 * Remove a value from the session
	 * @param string|int $key
	 */
	public function remove( $key ) {
		$data = &$this->backend->getData();
		if ( array_key_exists( $key, $data ) ) {
			unset( $data[$key] );
			$this->backend->dirty();
		}
	}

	/**
	 * Fetch a CSRF token from the session
	 *
	 * Note that this does not persist the session, which you'll probably want
	 * to do if you want the token to actually be useful.
	 *
	 * @param string|string[] $salt Token salt
	 * @param string $key Token key
	 * @return Token
	 */
	public function getToken( $salt = '', $key = 'default' ) {
		$new = false;
		$secrets = $this->get( 'wsTokenSecrets' );
		if ( !is_array( $secrets ) ) {
			$secrets = [];
		}
		if ( isset( $secrets[$key] ) && is_string( $secrets[$key] ) ) {
			$secret = $secrets[$key];
		} else {
			$secret = \MWCryptRand::generateHex( 32 );
			$secrets[$key] = $secret;
			$this->set( 'wsTokenSecrets', $secrets );
			$new = true;
		}
		if ( is_array( $salt ) ) {
			$salt = implode( '|', $salt );
		}
		return new Token( $secret, (string)$salt, $new );
	}

	/**
	 * Remove a CSRF token from the session
	 *
	 * The next call to self::getToken() with $key will generate a new secret.
	 *
	 * @param string $key Token key
	 */
	public function resetToken( $key = 'default' ) {
		$secrets = $this->get( 'wsTokenSecrets' );
		if ( is_array( $secrets ) && isset( $secrets[$key] ) ) {
			unset( $secrets[$key] );
			$this->set( 'wsTokenSecrets', $secrets );
		}
	}

	/**
	 * Remove all CSRF tokens from the session
	 */
	public function resetAllTokens() {
		$this->remove( 'wsTokenSecrets' );
	}

	/**
	 * Fetch the secret keys for self::setSecret() and self::getSecret().
	 * @return string[] Encryption key, HMAC key
	 */
	private function getSecretKeys() {
		global $wgSessionSecret, $wgSecretKey, $wgSessionPbkdf2Iterations;

		$wikiSecret = $wgSessionSecret ?: $wgSecretKey;
		$userSecret = $this->get( 'wsSessionSecret', null );
		if ( $userSecret === null ) {
			$userSecret = \MWCryptRand::generateHex( 32 );
			$this->set( 'wsSessionSecret', $userSecret );
		}
		$iterations = $this->get( 'wsSessionPbkdf2Iterations', null );
		if ( $iterations === null ) {
			$iterations = $wgSessionPbkdf2Iterations;
			$this->set( 'wsSessionPbkdf2Iterations', $iterations );
		}

		$keymats = hash_pbkdf2( 'sha256', $wikiSecret, $userSecret, $iterations, 64, true );
		return [
			substr( $keymats, 0, 32 ),
			substr( $keymats, 32, 32 ),
		];
	}

	/**
	 * Decide what type of encryption to use, based on system capabilities.
	 * @return array
	 */
	private static function getEncryptionAlgorithm() {
		global $wgSessionInsecureSecrets;

		if ( self::$encryptionAlgorithm === null ) {
			if ( function_exists( 'openssl_encrypt' ) ) {
				$methods = openssl_get_cipher_methods();
				if ( in_array( 'aes-256-ctr', $methods, true ) ) {
					self::$encryptionAlgorithm = [ 'openssl', 'aes-256-ctr' ];
					return self::$encryptionAlgorithm;
				}
				if ( in_array( 'aes-256-cbc', $methods, true ) ) {
					self::$encryptionAlgorithm = [ 'openssl', 'aes-256-cbc' ];
					return self::$encryptionAlgorithm;
				}
			}

			if ( function_exists( 'mcrypt_encrypt' )
				&& in_array( 'rijndael-128', mcrypt_list_algorithms(), true )
			) {
				$modes = mcrypt_list_modes();
				if ( in_array( 'ctr', $modes, true ) ) {
					self::$encryptionAlgorithm = [ 'mcrypt', 'rijndael-128', 'ctr' ];
					return self::$encryptionAlgorithm;
				}
				if ( in_array( 'cbc', $modes, true ) ) {
					self::$encryptionAlgorithm = [ 'mcrypt', 'rijndael-128', 'cbc' ];
					return self::$encryptionAlgorithm;
				}
			}

			if ( $wgSessionInsecureSecrets ) {
				// @todo: import a pure-PHP library for AES instead of this
				self::$encryptionAlgorithm = [ 'insecure' ];
				return self::$encryptionAlgorithm;
			}

			throw new \BadMethodCallException(
				'Encryption is not available. You really should install the PHP OpenSSL extension, ' .
				'or failing that the mcrypt extension. But if you really can\'t and you\'re willing ' .
				'to accept insecure storage of sensitive session data, set ' .
				'$wgSessionInsecureSecrets = true in LocalSettings.php to make this exception go away.'
			);
		}

		return self::$encryptionAlgorithm;
	}

	/**
	 * Set a value in the session, encrypted
	 *
	 * This relies on the secrecy of $wgSecretKey (by default), or $wgSessionSecret.
	 *
	 * @param string|int $key
	 * @param mixed $value
	 */
	public function setSecret( $key, $value ) {
		list( $encKey, $hmacKey ) = $this->getSecretKeys();
		$serialized = serialize( $value );

		// The code for encryption (with OpenSSL) and sealing is taken from
		// Chris Steipp's OATHAuthUtils class in Extension::OATHAuth.

		// Encrypt
		// @todo: import a pure-PHP library for AES instead of doing $wgSessionInsecureSecrets
		$iv = \MWCryptRand::generate( 16, true );
		$algorithm = self::getEncryptionAlgorithm();
		switch ( $algorithm[0] ) {
			case 'openssl':
				$ciphertext = openssl_encrypt( $serialized, $algorithm[1], $encKey, OPENSSL_RAW_DATA, $iv );
				if ( $ciphertext === false ) {
					throw new \UnexpectedValueException( 'Encryption failed: ' . openssl_error_string() );
				}
				break;
			case 'mcrypt':
				// PKCS7 padding
				$blocksize = mcrypt_get_block_size( $algorithm[1], $algorithm[2] );
				$pad = $blocksize - ( strlen( $serialized ) % $blocksize );
				$serialized .= str_repeat( chr( $pad ), $pad );

				$ciphertext = mcrypt_encrypt( $algorithm[1], $encKey, $serialized, $algorithm[2], $iv );
				if ( $ciphertext === false ) {
					throw new \UnexpectedValueException( 'Encryption failed' );
				}
				break;
			case 'insecure':
				$ex = new \Exception( 'No encryption is available, storing data as plain text' );
				$this->logger->warning( $ex->getMessage(), [ 'exception' => $ex ] );
				$ciphertext = $serialized;
				break;
			default:
				throw new \LogicException( 'invalid algorithm' );
		}

		// Seal
		$sealed = base64_encode( $iv ) . '.' . base64_encode( $ciphertext );
		$hmac = hash_hmac( 'sha256', $sealed, $hmacKey, true );
		$encrypted = base64_encode( $hmac ) . '.' . $sealed;

		// Store
		$this->set( $key, $encrypted );
	}

	/**
	 * Fetch a value from the session that was set with self::setSecret()
	 * @param string|int $key
	 * @param mixed $default Returned if $this->exists( $key ) would be false or decryption fails
	 * @return mixed
	 */
	public function getSecret( $key, $default = null ) {
		// Fetch
		$encrypted = $this->get( $key, null );
		if ( $encrypted === null ) {
			return $default;
		}

		// The code for unsealing, checking, and decrypting (with OpenSSL) is
		// taken from Chris Steipp's OATHAuthUtils class in
		// Extension::OATHAuth.

		// Unseal and check
		$pieces = explode( '.', $encrypted );
		if ( count( $pieces ) !== 3 ) {
			$ex = new \Exception( 'Invalid sealed-secret format' );
			$this->logger->warning( $ex->getMessage(), [ 'exception' => $ex ] );
			return $default;
		}
		list( $hmac, $iv, $ciphertext ) = $pieces;
		list( $encKey, $hmacKey ) = $this->getSecretKeys();
		$integCalc = hash_hmac( 'sha256', $iv . '.' . $ciphertext, $hmacKey, true );
		if ( !hash_equals( $integCalc, base64_decode( $hmac ) ) ) {
			$ex = new \Exception( 'Sealed secret has been tampered with, aborting.' );
			$this->logger->warning( $ex->getMessage(), [ 'exception' => $ex ] );
			return $default;
		}

		// Decrypt
		$algorithm = self::getEncryptionAlgorithm();
		switch ( $algorithm[0] ) {
			case 'openssl':
				$serialized = openssl_decrypt( base64_decode( $ciphertext ), $algorithm[1], $encKey,
					OPENSSL_RAW_DATA, base64_decode( $iv ) );
				if ( $serialized === false ) {
					$ex = new \Exception( 'Decyption failed: ' . openssl_error_string() );
					$this->logger->debug( $ex->getMessage(), [ 'exception' => $ex ] );
					return $default;
				}
				break;
			case 'mcrypt':
				$serialized = mcrypt_decrypt( $algorithm[1], $encKey, base64_decode( $ciphertext ),
					$algorithm[2], base64_decode( $iv ) );
				if ( $serialized === false ) {
					$ex = new \Exception( 'Decyption failed' );
					$this->logger->debug( $ex->getMessage(), [ 'exception' => $ex ] );
					return $default;
				}

				// Remove PKCS7 padding
				$pad = ord( substr( $serialized, -1 ) );
				$serialized = substr( $serialized, 0, -$pad );
				break;
			case 'insecure':
				$ex = new \Exception(
					'No encryption is available, retrieving data that was stored as plain text'
				);
				$this->logger->warning( $ex->getMessage(), [ 'exception' => $ex ] );
				$serialized = base64_decode( $ciphertext );
				break;
			default:
				throw new \LogicException( 'invalid algorithm' );
		}

		$value = unserialize( $serialized );
		if ( $value === false && $serialized !== serialize( false ) ) {
			$value = $default;
		}
		return $value;
	}

	/**
	 * Delay automatic saving while multiple updates are being made
	 *
	 * Calls to save() or clear() will not be delayed.
	 *
	 * @return \ScopedCallback When this goes out of scope, a save will be triggered
	 */
	public function delaySave() {
		return $this->backend->delaySave();
	}

	/**
	 * Save the session
	 */
	public function save() {
		$this->backend->save();
	}

	/**
	 * @name Interface methods
	 * @{
	 */

	public function count() {
		$data = &$this->backend->getData();
		return count( $data );
	}

	public function current() {
		$data = &$this->backend->getData();
		return current( $data );
	}

	public function key() {
		$data = &$this->backend->getData();
		return key( $data );
	}

	public function next() {
		$data = &$this->backend->getData();
		next( $data );
	}

	public function rewind() {
		$data = &$this->backend->getData();
		reset( $data );
	}

	public function valid() {
		$data = &$this->backend->getData();
		return key( $data ) !== null;
	}

	/**
	 * @note Despite the name, this seems to be intended to implement isset()
	 *  rather than array_key_exists(). So do that.
	 */
	public function offsetExists( $offset ) {
		$data = &$this->backend->getData();
		return isset( $data[$offset] );
	}

	/**
	 * @note This supports indirect modifications but can't mark the session
	 *  dirty when those happen. SessionBackend::save() checks the hash of the
	 *  data to detect such changes.
	 * @note Accessing a nonexistent key via this mechanism causes that key to
	 *  be created with a null value, and does not raise a PHP warning.
	 */
	public function &offsetGet( $offset ) {
		$data = &$this->backend->getData();
		if ( !array_key_exists( $offset, $data ) ) {
			$ex = new \Exception( "Undefined index (auto-adds to session with a null value): $offset" );
			$this->logger->debug( $ex->getMessage(), [ 'exception' => $ex ] );
		}
		return $data[$offset];
	}

	public function offsetSet( $offset, $value ) {
		$this->set( $offset, $value );
	}

	public function offsetUnset( $offset ) {
		$this->remove( $offset );
	}

	/**@}*/

}


1		<?php
2		/**
3		* MediaWiki session
4		*
5		* This program is free software; you can redistribute it and/or modify
6		* it under the terms of the GNU General Public License as published by
7		* the Free Software Foundation; either version 2 of the License, or
8		* (at your option) any later version.
9		*
10		* This program is distributed in the hope that it will be useful,
11		* but WITHOUT ANY WARRANTY; without even the implied warranty of
12		* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13		* GNU General Public License for more details.
14		*
15		* You should have received a copy of the GNU General Public License along
16		* with this program; if not, write to the Free Software Foundation, Inc.,
17		* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18		* http://www.gnu.org/copyleft/gpl.html
19		*
20		* @file
21		* @ingroup Session
22		*/
23
24		namespace MediaWiki\Session;
25
26		use Psr\Log\LoggerInterface;
27		use User;
28		use WebRequest;
29
30		/**
31		* Manages data for an an authenticated session
32		*
33		* A Session represents the fact that the current HTTP request is part of a
34		* session. There are two broad types of Sessions, based on whether they
35		* return true or false from self::canSetUser():
36		* * When true (mutable), the Session identifies multiple requests as part of
37		* a session generically, with no tie to a particular user.
38		* * When false (immutable), the Session identifies multiple requests as part
39		* of a session by identifying and authenticating the request itself as
40		* belonging to a particular user.
41		*
42		* The Session object also serves as a replacement for PHP's $_SESSION,
43		* managing access to per-session data.
44		*
45		* @ingroup Session
46		* @since 1.27
47		*/
48		final class Session implements \Countable, \Iterator, \ArrayAccess {
49		/** @var null\|string[] Encryption algorithm to use */
50		private static $encryptionAlgorithm = null;
51
52		/** @var SessionBackend Session backend */
53		private $backend;
54
55		/** @var int Session index */
56		private $index;
57
58		/** @var LoggerInterface */
59		private $logger;
60
61		/**
62		* @param SessionBackend $backend
63		* @param int $index
64		* @param LoggerInterface $logger
65		*/
66		public function __construct( SessionBackend $backend, $index, LoggerInterface $logger ) {
67		$this->backend = $backend;
68		$this->index = $index;
69		$this->logger = $logger;
70		}
71
72		public function __destruct() {
73		$this->backend->deregisterSession( $this->index );
74		}
75
76		/**
77		* Returns the session ID
78		* @return string
79		*/
80		public function getId() {
81		return $this->backend->getId();
82		}
83
84		/**
85		* Returns the SessionId object
86		* @private For internal use by WebRequest
87		* @return SessionId
88		*/
89		public function getSessionId() {
90		return $this->backend->getSessionId();
91		}
92
93		/**
94		* Changes the session ID
95		* @return string New ID (might be the same as the old)
96		*/
97		public function resetId() {
98		return $this->backend->resetId();
99		}
100
101		/**
102		* Fetch the SessionProvider for this session
103		* @return SessionProviderInterface
104		*/
105		public function getProvider() {
106		return $this->backend->getProvider();
107		}
108
109		/**
110		* Indicate whether this session is persisted across requests
111		*
112		* For example, if cookies are set.
113		*
114		* @return bool
115		*/
116		public function isPersistent() {
117		return $this->backend->isPersistent();
118		}
119
120		/**
121		* Make this session persisted across requests
122		*
123		* If the session is already persistent, equivalent to calling
124		* $this->renew().
125		*/
126		public function persist() {
127		$this->backend->persist();
128		}
129
130		/**
131		* Make this session not be persisted across requests
132		*/
133		public function unpersist() {
134		$this->backend->unpersist();
135		}
136
137		/**
138		* Indicate whether the user should be remembered independently of the
139		* session ID.
140		* @return bool
141		*/
142		public function shouldRememberUser() {
143		return $this->backend->shouldRememberUser();
144		}
145
146		/**
147		* Set whether the user should be remembered independently of the session
148		* ID.
149		* @param bool $remember
150		*/
151		public function setRememberUser( $remember ) {
152		$this->backend->setRememberUser( $remember );
153		}
154
155		/**
156		* Returns the request associated with this session
157		* @return WebRequest
158		*/
159		public function getRequest() {
160		return $this->backend->getRequest( $this->index );
161		}
162
163		/**
164		* Returns the authenticated user for this session
165		* @return User
166		*/
167		public function getUser() {
168		return $this->backend->getUser();
169		}
170
171		/**
172		* Fetch the rights allowed the user when this session is active.
173		* @return null\|string[] Allowed user rights, or null to allow all.
174		*/
175		public function getAllowedUserRights() {
176		return $this->backend->getAllowedUserRights();
177		}
178
179		/**
180		* Indicate whether the session user info can be changed
181		* @return bool
182		*/
183		public function canSetUser() {
184		return $this->backend->canSetUser();
185		}
186
187		/**
188		* Set a new user for this session
189		* @note This should only be called when the user has been authenticated
190		* @param User $user User to set on the session.
191		* This may become a "UserValue" in the future, or User may be refactored
192		* into such.
193		*/
194		public function setUser( $user ) {
195		$this->backend->setUser( $user );
196		}
197
198		/**
199		* Get a suggested username for the login form
200		* @return string\|null
201		*/
202		public function suggestLoginUsername() {
203		return $this->backend->suggestLoginUsername( $this->index );
204		}
205
206		/**
207		* Whether HTTPS should be forced
208		* @return bool
209		*/
210		public function shouldForceHTTPS() {
211		return $this->backend->shouldForceHTTPS();
212		}
213
214		/**
215		* Set whether HTTPS should be forced
216		* @param bool $force
217		*/
218		public function setForceHTTPS( $force ) {
219		$this->backend->setForceHTTPS( $force );
220		}
221
222		/**
223		* Fetch the "logged out" timestamp
224		* @return int
225		*/
226		public function getLoggedOutTimestamp() {
227		return $this->backend->getLoggedOutTimestamp();
228		}
229
230		/**
231		* Set the "logged out" timestamp
232		* @param int $ts
233		*/
234		public function setLoggedOutTimestamp( $ts ) {
235		$this->backend->setLoggedOutTimestamp( $ts );
236		}
237
238		/**
239		* Fetch provider metadata
240		* @protected For use by SessionProvider subclasses only
241		* @return mixed
242		*/
243		public function getProviderMetadata() {
244		return $this->backend->getProviderMetadata();
245		}
246
247		/**
248		* Delete all session data and clear the user (if possible)
249		*/
250		public function clear() {
251		$data = &$this->backend->getData();
252		if ( $data ) {
253		$data = [];
254		$this->backend->dirty();
255		}
256		if ( $this->backend->canSetUser() ) {
257		$this->backend->setUser( new User );
258		}
259		$this->backend->save();
260		}
261
262		/**
263		* Renew the session
264		*
265		* Resets the TTL in the backend store if the session is near expiring, and
266		* re-persists the session to any active WebRequests if persistent.
267		*/
268		public function renew() {
269		$this->backend->renew();
270		}
271
272		/**
273		* Fetch a copy of this session attached to an alternative WebRequest
274		*
275		* Actions on the copy will affect this session too, and vice versa.
276		*
277		* @param WebRequest $request Any existing session associated with this
278		* WebRequest object will be overwritten.
279		* @return Session
280		*/
281		public function sessionWithRequest( WebRequest $request ) {
282		$request->setSessionId( $this->backend->getSessionId() );
283		return $this->backend->getSession( $request );
284		}
285
286		/**
287		* Fetch a value from the session
288		* @param string\|int $key
289		* @param mixed $default Returned if $this->exists( $key ) would be false
290		* @return mixed
291		*/
292		public function get( $key, $default = null ) {
293		$data = &$this->backend->getData();
294		return array_key_exists( $key, $data ) ? $data[$key] : $default;
295		}
296
297		/**
298		* Test if a value exists in the session
299		* @note Unlike isset(), null values are considered to exist.
300		* @param string\|int $key
301		* @return bool
302		*/
303		public function exists( $key ) {
304		$data = &$this->backend->getData();
305		return array_key_exists( $key, $data );
306		}
307
308		/**
309		* Set a value in the session
310		* @param string\|int $key
311		* @param mixed $value
312		*/
313		public function set( $key, $value ) {
314		$data = &$this->backend->getData();
315		if ( !array_key_exists( $key, $data ) \|\| $data[$key] !== $value ) {
316		$data[$key] = $value;
317		$this->backend->dirty();
318		}
319		}
320
321		/**
322		* Remove a value from the session
323		* @param string\|int $key
324		*/
325		public function remove( $key ) {
326		$data = &$this->backend->getData();
327		if ( array_key_exists( $key, $data ) ) {
328		unset( $data[$key] );
329		$this->backend->dirty();
330		}
331		}
332
333		/**
334		* Fetch a CSRF token from the session
335		*
336		* Note that this does not persist the session, which you'll probably want
337		* to do if you want the token to actually be useful.
338		*
339		* @param string\|string[] $salt Token salt
340		* @param string $key Token key
341		* @return Token
342		*/
343		public function getToken( $salt = '', $key = 'default' ) {
344		$new = false;
345		$secrets = $this->get( 'wsTokenSecrets' );
346		if ( !is_array( $secrets ) ) {
347		$secrets = [];
348		}
349		if ( isset( $secrets[$key] ) && is_string( $secrets[$key] ) ) {
350		$secret = $secrets[$key];
351		} else {
352		$secret = \MWCryptRand::generateHex( 32 );
353		$secrets[$key] = $secret;
354		$this->set( 'wsTokenSecrets', $secrets );
355		$new = true;
356		}
357		if ( is_array( $salt ) ) {
358		$salt = implode( '\|', $salt );
359		}
360		return new Token( $secret, (string)$salt, $new );
361		}
362
363		/**
364		* Remove a CSRF token from the session
365		*
366		* The next call to self::getToken() with $key will generate a new secret.
367		*
368		* @param string $key Token key
369		*/
370		public function resetToken( $key = 'default' ) {
371		$secrets = $this->get( 'wsTokenSecrets' );
372		if ( is_array( $secrets ) && isset( $secrets[$key] ) ) {
373		unset( $secrets[$key] );
374		$this->set( 'wsTokenSecrets', $secrets );
375		}
376		}
377
378		/**
379		* Remove all CSRF tokens from the session
380		*/
381		public function resetAllTokens() {
382		$this->remove( 'wsTokenSecrets' );
383		}
384
385		/**
386		* Fetch the secret keys for self::setSecret() and self::getSecret().
387		* @return string[] Encryption key, HMAC key
388		*/
389		private function getSecretKeys() {
390		global $wgSessionSecret, $wgSecretKey, $wgSessionPbkdf2Iterations;
391
392		$wikiSecret = $wgSessionSecret ?: $wgSecretKey;
393		$userSecret = $this->get( 'wsSessionSecret', null );
394		if ( $userSecret === null ) {
395		$userSecret = \MWCryptRand::generateHex( 32 );
396		$this->set( 'wsSessionSecret', $userSecret );
397		}
398		$iterations = $this->get( 'wsSessionPbkdf2Iterations', null );
399		if ( $iterations === null ) {
400		$iterations = $wgSessionPbkdf2Iterations;
401		$this->set( 'wsSessionPbkdf2Iterations', $iterations );
402		}
403
404		$keymats = hash_pbkdf2( 'sha256', $wikiSecret, $userSecret, $iterations, 64, true );
405		return [
406		substr( $keymats, 0, 32 ),
407		substr( $keymats, 32, 32 ),
408		];
409		}
410
411		/**
412		* Decide what type of encryption to use, based on system capabilities.
413		* @return array
414		*/
415		private static function getEncryptionAlgorithm() {
416		global $wgSessionInsecureSecrets;
417
418		if ( self::$encryptionAlgorithm === null ) {
419		if ( function_exists( 'openssl_encrypt' ) ) {
420		$methods = openssl_get_cipher_methods();
421	View Code Duplication	if ( in_array( 'aes-256-ctr', $methods, true ) ) {
422		self::$encryptionAlgorithm = [ 'openssl', 'aes-256-ctr' ];
423		return self::$encryptionAlgorithm;
424		}
425	View Code Duplication	if ( in_array( 'aes-256-cbc', $methods, true ) ) {
426		self::$encryptionAlgorithm = [ 'openssl', 'aes-256-cbc' ];
427		return self::$encryptionAlgorithm;
428		}
429		}
430
431		if ( function_exists( 'mcrypt_encrypt' )
432		&& in_array( 'rijndael-128', mcrypt_list_algorithms(), true )
433		) {
434		$modes = mcrypt_list_modes();
435	View Code Duplication	if ( in_array( 'ctr', $modes, true ) ) {
436		self::$encryptionAlgorithm = [ 'mcrypt', 'rijndael-128', 'ctr' ];
437		return self::$encryptionAlgorithm;
438		}
439	View Code Duplication	if ( in_array( 'cbc', $modes, true ) ) {
440		self::$encryptionAlgorithm = [ 'mcrypt', 'rijndael-128', 'cbc' ];
441		return self::$encryptionAlgorithm;
442		}
443		}
444
445		if ( $wgSessionInsecureSecrets ) {
446		// @todo: import a pure-PHP library for AES instead of this
447		self::$encryptionAlgorithm = [ 'insecure' ];
448		return self::$encryptionAlgorithm;
449		}
450
451		throw new \BadMethodCallException(
452		'Encryption is not available. You really should install the PHP OpenSSL extension, ' .
453		'or failing that the mcrypt extension. But if you really can\'t and you\'re willing ' .
454		'to accept insecure storage of sensitive session data, set ' .
455		'$wgSessionInsecureSecrets = true in LocalSettings.php to make this exception go away.'
456		);
457		}
458
459		return self::$encryptionAlgorithm;
460		}
461
462		/**
463		* Set a value in the session, encrypted
464		*
465		* This relies on the secrecy of $wgSecretKey (by default), or $wgSessionSecret.
466		*
467		* @param string\|int $key
468		* @param mixed $value
469		*/
470		public function setSecret( $key, $value ) {
471		list( $encKey, $hmacKey ) = $this->getSecretKeys();
472		$serialized = serialize( $value );
473
474		// The code for encryption (with OpenSSL) and sealing is taken from
475		// Chris Steipp's OATHAuthUtils class in Extension::OATHAuth.
476
477		// Encrypt
478		// @todo: import a pure-PHP library for AES instead of doing $wgSessionInsecureSecrets
479		$iv = \MWCryptRand::generate( 16, true );
480		$algorithm = self::getEncryptionAlgorithm();
481		switch ( $algorithm[0] ) {
482		case 'openssl':
483		$ciphertext = openssl_encrypt( $serialized, $algorithm[1], $encKey, OPENSSL_RAW_DATA, $iv );
484		if ( $ciphertext === false ) {
485		throw new \UnexpectedValueException( 'Encryption failed: ' . openssl_error_string() );
486		}
487		break;
488		case 'mcrypt':
489		// PKCS7 padding
490		$blocksize = mcrypt_get_block_size( $algorithm[1], $algorithm[2] );
491		$pad = $blocksize - ( strlen( $serialized ) % $blocksize );
492		$serialized .= str_repeat( chr( $pad ), $pad );
493
494		$ciphertext = mcrypt_encrypt( $algorithm[1], $encKey, $serialized, $algorithm[2], $iv );
495		if ( $ciphertext === false ) {
496		throw new \UnexpectedValueException( 'Encryption failed' );
497		}
498		break;
499		case 'insecure':
500		$ex = new \Exception( 'No encryption is available, storing data as plain text' );
501		$this->logger->warning( $ex->getMessage(), [ 'exception' => $ex ] );
502		$ciphertext = $serialized;
503		break;
504		default:
505		throw new \LogicException( 'invalid algorithm' );
506		}
507
508		// Seal
509		$sealed = base64_encode( $iv ) . '.' . base64_encode( $ciphertext );
510		$hmac = hash_hmac( 'sha256', $sealed, $hmacKey, true );
511		$encrypted = base64_encode( $hmac ) . '.' . $sealed;
512
513		// Store
514		$this->set( $key, $encrypted );
515		}
516
517		/**
518		* Fetch a value from the session that was set with self::setSecret()
519		* @param string\|int $key
520		* @param mixed $default Returned if $this->exists( $key ) would be false or decryption fails
521		* @return mixed
522		*/
523		public function getSecret( $key, $default = null ) {
524		// Fetch
525		$encrypted = $this->get( $key, null );
526		if ( $encrypted === null ) {
527		return $default;
528		}
529
530		// The code for unsealing, checking, and decrypting (with OpenSSL) is
531		// taken from Chris Steipp's OATHAuthUtils class in
532		// Extension::OATHAuth.
533
534		// Unseal and check
535		$pieces = explode( '.', $encrypted );
536	View Code Duplication	if ( count( $pieces ) !== 3 ) {
537		$ex = new \Exception( 'Invalid sealed-secret format' );
538		$this->logger->warning( $ex->getMessage(), [ 'exception' => $ex ] );
539		return $default;
540		}
541		list( $hmac, $iv, $ciphertext ) = $pieces;
542		list( $encKey, $hmacKey ) = $this->getSecretKeys();
543		$integCalc = hash_hmac( 'sha256', $iv . '.' . $ciphertext, $hmacKey, true );
544		if ( !hash_equals( $integCalc, base64_decode( $hmac ) ) ) {
545		$ex = new \Exception( 'Sealed secret has been tampered with, aborting.' );
546		$this->logger->warning( $ex->getMessage(), [ 'exception' => $ex ] );
547		return $default;
548		}
549
550		// Decrypt
551		$algorithm = self::getEncryptionAlgorithm();
552		switch ( $algorithm[0] ) {
553		case 'openssl':
554		$serialized = openssl_decrypt( base64_decode( $ciphertext ), $algorithm[1], $encKey,
555		OPENSSL_RAW_DATA, base64_decode( $iv ) );
556	View Code Duplication	if ( $serialized === false ) {
557		$ex = new \Exception( 'Decyption failed: ' . openssl_error_string() );
558		$this->logger->debug( $ex->getMessage(), [ 'exception' => $ex ] );
559		return $default;
560		}
561		break;
562		case 'mcrypt':
563		$serialized = mcrypt_decrypt( $algorithm[1], $encKey, base64_decode( $ciphertext ),
564		$algorithm[2], base64_decode( $iv ) );
565	View Code Duplication	if ( $serialized === false ) {
566		$ex = new \Exception( 'Decyption failed' );
567		$this->logger->debug( $ex->getMessage(), [ 'exception' => $ex ] );
568		return $default;
569		}
570
571		// Remove PKCS7 padding
572		$pad = ord( substr( $serialized, -1 ) );
573		$serialized = substr( $serialized, 0, -$pad );
574		break;
575		case 'insecure':
576		$ex = new \Exception(
577		'No encryption is available, retrieving data that was stored as plain text'
578		);
579		$this->logger->warning( $ex->getMessage(), [ 'exception' => $ex ] );
580		$serialized = base64_decode( $ciphertext );
581		break;
582		default:
583		throw new \LogicException( 'invalid algorithm' );
584		}
585
586		$value = unserialize( $serialized );
587		if ( $value === false && $serialized !== serialize( false ) ) {
588		$value = $default;
589		}
590		return $value;
591		}
592
593		/**
594		* Delay automatic saving while multiple updates are being made
595		*
596		* Calls to save() or clear() will not be delayed.
597		*
598		* @return \ScopedCallback When this goes out of scope, a save will be triggered
599		*/
600		public function delaySave() {
601		return $this->backend->delaySave();
602		}
603
604		/**
605		* Save the session
606		*/
607		public function save() {
608		$this->backend->save();
609		}
610
611		/**
612		* @name Interface methods
613		* @{
614		*/
615
616		public function count() {
617		$data = &$this->backend->getData();
618		return count( $data );
619		}
620
621		public function current() {
622		$data = &$this->backend->getData();
623		return current( $data );
624		}
625
626		public function key() {
627		$data = &$this->backend->getData();
628		return key( $data );
629		}
630
631		public function next() {
632		$data = &$this->backend->getData();
633		next( $data );
634		}
635
636		public function rewind() {
637		$data = &$this->backend->getData();
638		reset( $data );
639		}
640
641		public function valid() {
642		$data = &$this->backend->getData();
643		return key( $data ) !== null;
644		}
645
646		/**
647		* @note Despite the name, this seems to be intended to implement isset()
648		* rather than array_key_exists(). So do that.
649		*/
650		public function offsetExists( $offset ) {
651		$data = &$this->backend->getData();
652		return isset( $data[$offset] );
653		}
654
655		/**
656		* @note This supports indirect modifications but can't mark the session
657		* dirty when those happen. SessionBackend::save() checks the hash of the
658		* data to detect such changes.
659		* @note Accessing a nonexistent key via this mechanism causes that key to
660		* be created with a null value, and does not raise a PHP warning.
661		*/
662		public function &offsetGet( $offset ) {
663		$data = &$this->backend->getData();
664		if ( !array_key_exists( $offset, $data ) ) {
665		$ex = new \Exception( "Undefined index (auto-adds to session with a null value): $offset" );
666		$this->logger->debug( $ex->getMessage(), [ 'exception' => $ex ] );
667		}
668		return $data[$offset];
669		}
670
671		public function offsetSet( $offset, $value ) {
672		$this->set( $offset, $value );
673		}
674
675		public function offsetUnset( $offset ) {
676		$this->remove( $offset );
677		}
678
679		/*@}/
680
681		}
682

wikimedia / mediawiki