Skip to content

Commit 6109224

Browse files
NinerianNinerian
committed
NFS-616: adds destroy session function and test
1 parent 446fcb4 commit 6109224

2 files changed

Lines changed: 58 additions & 0 deletions

File tree

src/PluginSession.php

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -284,4 +284,24 @@ public function isUserView() {
284284
return $this->userView;
285285
}
286286

287+
/**
288+
* Destroy the session with the given id
289+
*
290+
* @param String $sessionId
291+
* @return bool true on success or false on failure.
292+
*/
293+
public function destroySession(String $sessionId) {
294+
$currentId = session_id();
295+
session_write_close();
296+
297+
session_id($this->createCompatibleSessionId($sessionId));
298+
session_start();
299+
$result = session_destroy();
300+
301+
session_id($currentId);
302+
session_start();
303+
304+
return $result;
305+
}
306+
287307
}

test/PluginSessionTest.php

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
use ReflectionClass;
1717
use phpseclib\Crypt\RSA;
1818
use PHPUnit\Framework\TestCase;
19+
use SessionHandlerInterface;
1920
use Staffbase\plugins\sdk\Exceptions\SSOAuthenticationException;
2021
use Staffbase\plugins\sdk\Exceptions\SSOException;
2122
use Staffbase\plugins\sdk\PluginSession;
@@ -469,4 +470,41 @@ public function testSessionIdCheck() {
469470
$this->assertEquals($sessionId, session_id());
470471
}
471472

473+
public function testDestroyOtherSession() {
474+
475+
$sessionHash = 'HOjLTR6+D5YIY0/waqJQp3Bg=';
476+
$sessionId = 'HOjLTR6-D5YIY0-waqJQp3Bg-';
477+
478+
$tokenData = $this->tokenData;
479+
$tokenData[PluginSession::CLAIM_SESSION_ID] = $sessionHash;
480+
$token = SSOTokenTest::createSignedTokenFromData($this->privateKey, $tokenData);
481+
482+
// successfull remote call handler mock
483+
$handler = $this->getMockBuilder(SessionHandlerInterface::class)
484+
->setMethodsExcept()
485+
->getMock();
486+
487+
$handler->method('close')->willReturn(true);
488+
$handler->method('destroy')->willReturn(true);
489+
$handler->method('open')->willReturn(true);
490+
$handler->method('write')->willReturn(true);
491+
$handler->method('read')->willReturn($sessionId);
492+
493+
$this->setupEnvironment(null, $token, true);
494+
495+
/** @var SessionHandlerInterface $handler */
496+
new PluginSession($this->pluginId, $this->publicKey);
497+
498+
$this->setupEnvironment(null, $this->token, false);
499+
500+
/** @var PluginSession $session */
501+
$session = new PluginSession($this->pluginId, $this->publicKey, $handler);
502+
503+
$handler->expects($this->once())
504+
->method('destroy')
505+
->with($sessionId);
506+
507+
$session->destroySession($sessionHash);
508+
}
509+
472510
}

0 commit comments

Comments
 (0)