Skip to content

Commit

Permalink
Merge pull request #543 from psr7-sessions/renovate/all-minor-patch
Browse files Browse the repository at this point in the history
Update all non-major dependencies
  • Loading branch information
Ocramius authored Oct 31, 2022
2 parents c2762a4 + 7b0cb46 commit 32b34ef
Show file tree
Hide file tree
Showing 4 changed files with 59 additions and 29 deletions.
6 changes: 3 additions & 3 deletions composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,9 @@
},
"require-dev": {
"doctrine/coding-standard": "^10.0.0",
"laminas/laminas-diactoros": "^2.19.0",
"laminas/laminas-httphandlerrunner": "^2.3.0",
"phpunit/phpunit": "^9.5.25",
"laminas/laminas-diactoros": "^2.20.0",
"laminas/laminas-httphandlerrunner": "^2.4.0",
"phpunit/phpunit": "^9.5.26",
"psalm/plugin-phpunit": "^0.17.0",
"roave/infection-static-analysis-plugin": "^1.25.0",
"squizlabs/php_codesniffer": "^3.7.1",
Expand Down
46 changes: 23 additions & 23 deletions composer.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 6 additions & 3 deletions src/Storageless/Http/SessionMiddleware.php
Original file line number Diff line number Diff line change
Expand Up @@ -199,7 +199,7 @@ private function appendToken(SessionInterface $sessionContainer, Response $respo
return FigResponseCookies::set($response, $this->getExpirationCookie());
}

if ($sessionContainerChanged || ($this->shouldTokenBeRefreshed($token) && ! $sessionContainer->isEmpty())) {
if ($sessionContainerChanged || $this->shouldTokenBeRefreshed($token)) {
return FigResponseCookies::set($response, $this->getTokenCookie($sessionContainer));
}

Expand All @@ -208,12 +208,15 @@ private function appendToken(SessionInterface $sessionContainer, Response $respo

private function shouldTokenBeRefreshed(Token|null $token): bool
{
if ($token === null) {
return false;
}

$refreshTime = $this->clock->now()->sub(new DateInterval(sprintf('PT%sS', $this->refreshTime)));

assert($refreshTime !== false);

return $token !== null
&& $token->hasBeenIssuedBefore($refreshTime);
return $token->hasBeenIssuedBefore($refreshTime);
}

/** @throws BadMethodCallException */
Expand Down
27 changes: 27 additions & 0 deletions test/StoragelessTest/Http/SessionMiddlewareTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -367,6 +367,33 @@ public function testWillRefreshTokenWithIssuedAtExactlyAtTokenRefreshTimeThresho
self::assertEquals($now, $token->claims()->get(RegisteredClaims::ISSUED_AT), 'Token was refreshed');
}

public function testWillNotRefreshATokenForARequestWithNoGivenTokenAndNoSessionModification(): void
{
$key = self::makeRandomSymmetricKey();
$middleware = new SessionMiddleware(
Configuration::forAsymmetricSigner(
new Sha256(),
$key,
$key,
),
SetCookie::create(SessionMiddleware::DEFAULT_COOKIE),
1000,
new FrozenClock(new DateTimeImmutable()),
100,
);

self::assertNull(
$this
->getCookie($middleware->process(
(new ServerRequest())
->withCookieParams([SessionMiddleware::DEFAULT_COOKIE => 'invalid-token']),
$this->fakeDelegate(static fn (): ResponseInterface => new Response()),
))
->getValue(),
'No session cookie was set, since session data was not changed, and the token was not valid',
);
}

/**
* @param callable(): SessionMiddleware $middlewareFactory
*
Expand Down

0 comments on commit 32b34ef

Please sign in to comment.