From f5f7736177c37858df9fede60c6ac2da9f81acef Mon Sep 17 00:00:00 2001
From: John Blackbourn <johnbillion@git.wordpress.org>
Date: Fri, 10 Mar 2017 14:32:31 +0000
Subject: [PATCH] Build/Test tools: Don't override the `wp_set_auth_cookie()`
 and `wp_clear_auth_cookie()` functions.

Overriding pluggable functions in the test suite is asking for trouble in the future. In addition, it means the test suite can't be guaranteed to behave the same as core.

This instead introduces a `send_auth_cookies` filter which can be hooked in during the test suite to prevent these functions from attempting to send cookie headers to the client.

Fixes #39367


git-svn-id: https://develop.svn.wordpress.org/trunk@40263 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-includes/pluggable.php        | 22 ++++++++++++++++++++++
 tests/phpunit/includes/functions.php | 19 +------------------
 2 files changed, 23 insertions(+), 18 deletions(-)

diff --git a/src/wp-includes/pluggable.php b/src/wp-includes/pluggable.php
index 0de6b0cc78..61b809c542 100644
--- a/src/wp-includes/pluggable.php
+++ b/src/wp-includes/pluggable.php
@@ -900,6 +900,17 @@ function wp_set_auth_cookie( $user_id, $remember = false, $secure = '', $token =
 	 */
 	do_action( 'set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in' );
 
+	/**
+	 * Allows preventing auth cookies from actually being sent to the client.
+	 *
+	 * @since 4.7.4
+	 *
+	 * @param bool $send Whether to send auth cookies to the client.
+	 */
+	if ( ! apply_filters( 'send_auth_cookies', true ) ) {
+		return;
+	}
+
 	setcookie($auth_cookie_name, $auth_cookie, $expire, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
 	setcookie($auth_cookie_name, $auth_cookie, $expire, ADMIN_COOKIE_PATH, COOKIE_DOMAIN, $secure, true);
 	setcookie(LOGGED_IN_COOKIE, $logged_in_cookie, $expire, COOKIEPATH, COOKIE_DOMAIN, $secure_logged_in_cookie, true);
@@ -922,6 +933,17 @@ function wp_clear_auth_cookie() {
 	 */
 	do_action( 'clear_auth_cookie' );
 
+	/**
+	 * Allows preventing auth cookies from actually being sent to the client.
+	 *
+	 * @since 4.7.4
+	 *
+	 * @param bool $send Whether to send auth cookies to the client.
+	 */
+	if ( ! apply_filters( 'send_auth_cookies', true ) ) {
+		return;
+	}
+
 	setcookie( AUTH_COOKIE,        ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH,   COOKIE_DOMAIN );
 	setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH,   COOKIE_DOMAIN );
 	setcookie( AUTH_COOKIE,        ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN );
diff --git a/tests/phpunit/includes/functions.php b/tests/phpunit/includes/functions.php
index 3a7c9bd98e..d9872fb541 100644
--- a/tests/phpunit/includes/functions.php
+++ b/tests/phpunit/includes/functions.php
@@ -164,21 +164,4 @@ function _upload_dir_https( $uploads ) {
 
 // Skip `setcookie` calls in auth_cookie functions due to warning:
 // Cannot modify header information - headers already sent by ...
-
-function wp_set_auth_cookie( $user_id, $remember = false, $secure = '', $token = '' ) {
-	$auth_cookie = null;
-	$expire = null;
-	$expiration = null;
-	$user_id = null;
-	$scheme = null;
-	/** This action is documented in wp-inclues/pluggable.php */
-	do_action( 'set_auth_cookie', $auth_cookie, $expire, $expiration, $user_id, $scheme );
-	$logged_in_cookie = null;
-	/** This action is documented in wp-inclues/pluggable.php */
-	do_action( 'set_logged_in_cookie', $logged_in_cookie, $expire, $expiration, $user_id, 'logged_in' );
-}
-
-function wp_clear_auth_cookie() {
-	/** This action is documented in wp-inclues/pluggable.php */
-	do_action( 'clear_auth_cookie' );
-}
+tests_add_filter( 'send_auth_cookies', '__return_false' );