diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.
40acc6ac79
symfony/tests/Symfony/Tests/Component/Form/CsrfProvider/DefaultCsrfProviderTest.php

50 lines
1.2 KiB
PHP
Raw Normal View History

[Form] Refactored CSRF implementation to be reusable and to work correctly with the session service
2011-01-25 08:56:37 +00:00
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien.potencier@symfony-project.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Tests\Component\Form\CsrfProvider;
use Symfony\Component\Form\CsrfProvider\DefaultCsrfProvider;
class DefaultCsrfProviderTest extends \PHPUnit_Framework_TestCase
{
protected $provider;
public static function setUpBeforeClass()
{
@session_start();
}
protected function setUp()
{
$this->provider = new DefaultCsrfProvider('SECRET');
}
public function testGenerateCsrfToken()
{
$token = $this->provider->generateCsrfToken('foo');
$this->assertEquals(sha1('SECRET'.'foo'.session_id()), $token);
}
public function testIsCsrfTokenValidSucceeds()
{
$token = sha1('SECRET'.'foo'.session_id());
$this->assertTrue($this->provider->isCsrfTokenValid('foo', $token));
}
public function testIsCsrfTokenValidFails()
{
$token = sha1('SECRET'.'bar'.session_id());
$this->assertFalse($this->provider->isCsrfTokenValid('foo', $token));
}
}
Reference in New Issue Copy Permalink