ApiLogout: Follow up Icb674095
This implements getWebUITokenSalt(), as mentioned in T25227#2008199 and
implemented in F3328897. Somehow it didn't make it into Icb674095.
This also fixes some issues in the unit test:
- Properly link the user to the request's Session so User::doLogout() won't log a warning. This also gives use to the otherwise-unneeded implementation of setUp(), and lets us get rid of the broken call to User::newFromId() that was passing an IP address rather than a user ID.
- Privatize some internal methods.
- Use setExpectedApiException() instead of manually catching and hard-coding the English exception message.
- Also assert that the bad token error didn't result in a logout.
Bug: T25227
Change-Id: I2aecfba821cca3c367c5e7e8d188a88197fb82d2