vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/SessionCsrfProviderTest.php

   1 <?php
   2
   3 /*
   4  * This file is part of the Symfony package.
   5  *
   6  * (c) Fabien Potencier <fabien@symfony.com>
   7  *
   8  * For the full copyright and license information, please view the LICENSE
   9  * file that was distributed with this source code.
  10  */
  11
  12 namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider;
  13
  14 use Symfony\Component\Form\Extension\Csrf\CsrfProvider\SessionCsrfProvider;
  15
  16 class SessionCsrfProviderTest extends \PHPUnit_Framework_TestCase
  17 {
  18     protected $provider;
  19     protected $session;
  20
  21     protected function setUp()
  22     {
  23         if (!class_exists('Symfony\Component\HttpFoundation\Session\Session')) {
  24             $this->markTestSkipped('The "HttpFoundation" component is not available');
  25         }
  26
  27         $this->session = $this->getMock(
  28             'Symfony\Component\HttpFoundation\Session\Session',
  29             array(),
  30             array(),
  31             '',
  32             false // don't call constructor
  33         );
  34         $this->provider = new SessionCsrfProvider($this->session, 'SECRET');
  35     }
  36
  37     protected function tearDown()
  38     {
  39         $this->provider = null;
  40         $this->session = null;
  41     }
  42
  43     public function testGenerateCsrfToken()
  44     {
  45         $this->session->expects($this->once())
  46                 ->method('getId')
  47                 ->will($this->returnValue('ABCDEF'));
  48
  49         $token = $this->provider->generateCsrfToken('foo');
  50
  51         $this->assertEquals(sha1('SECRET'.'foo'.'ABCDEF'), $token);
  52     }
  53
  54     public function testIsCsrfTokenValidSucceeds()
  55     {
  56         $this->session->expects($this->once())
  57                 ->method('getId')
  58                 ->will($this->returnValue('ABCDEF'));
  59
  60         $token = sha1('SECRET'.'foo'.'ABCDEF');
  61
  62         $this->assertTrue($this->provider->isCsrfTokenValid('foo', $token));
  63     }
  64
  65     public function testIsCsrfTokenValidFails()
  66     {
  67         $this->session->expects($this->once())
  68                 ->method('getId')
  69                 ->will($this->returnValue('ABCDEF'));
  70
  71         $token = sha1('SECRET'.'bar'.'ABCDEF');
  72
  73         $this->assertFalse($this->provider->isCsrfTokenValid('foo', $token));
  74     }
  75 }