sessionCookieName = $params['sessionCookieName']; } if ( isset( $params['sessionCookieOptions'] ) ) { if ( !is_array( $params['sessionCookieOptions'] ) ) { throw new \InvalidArgumentException( 'sessionCookieOptions must be an array' ); } $this->sessionCookieOptions = $params['sessionCookieOptions']; } } /** * Get the session ID from the cookie, if any. * * Only call this if $this->sessionCookieName !== null. If * sessionCookieName is null, do some logic (probably involving a call to * $this->hashToSessionId()) to create the single session ID corresponding * to this WebRequest instead of calling this method. * * @param WebRequest $request * @return string|null */ protected function getSessionIdFromCookie( WebRequest $request ) { if ( $this->sessionCookieName === null ) { throw new \BadMethodCallException( __METHOD__ . ' may not be called when $this->sessionCookieName === null' ); } $prefix = isset( $this->sessionCookieOptions['prefix'] ) ? $this->sessionCookieOptions['prefix'] : $this->config->get( 'CookiePrefix' ); $id = $request->getCookie( $this->sessionCookieName, $prefix ); return SessionManager::validateSessionId( $id ) ? $id : null; } public function persistsSessionId() { return $this->sessionCookieName !== null; } public function canChangeUser() { return false; } public function persistSession( SessionBackend $session, WebRequest $request ) { if ( $this->sessionCookieName === null ) { return; } $response = $request->response(); if ( $response->headersSent() ) { // Can't do anything now $this->logger->debug( __METHOD__ . ': Headers already sent' ); return; } $options = $this->sessionCookieOptions; if ( $session->shouldForceHTTPS() || $session->getUser()->requiresHTTPS() ) { $response->setCookie( 'forceHTTPS', 'true', null, [ 'prefix' => '', 'secure' => false ] + $options ); $options['secure'] = true; } $response->setCookie( $this->sessionCookieName, $session->getId(), null, $options ); } public function unpersistSession( WebRequest $request ) { if ( $this->sessionCookieName === null ) { return; } $response = $request->response(); if ( $response->headersSent() ) { // Can't do anything now $this->logger->debug( __METHOD__ . ': Headers already sent' ); return; } $response->clearCookie( $this->sessionCookieName, $this->sessionCookieOptions ); } public function getVaryCookies() { if ( $this->sessionCookieName === null ) { return []; } $prefix = isset( $this->sessionCookieOptions['prefix'] ) ? $this->sessionCookieOptions['prefix'] : $this->config->get( 'CookiePrefix' ); return [ $prefix . $this->sessionCookieName ]; } public function whyNoSession() { return wfMessage( 'sessionprovider-nocookies' ); } }