diff options
Diffstat (limited to 'vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php')
-rw-r--r-- | vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php new file mode 100644 index 00000000..a99b5444 --- /dev/null +++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php | |||
@@ -0,0 +1,81 @@ | |||
1 | <?php | ||
2 | |||
3 | /* | ||
4 | * This file is part of the Symfony package. | ||
5 | * | ||
6 | * (c) Fabien Potencier <fabien@symfony.com> | ||
7 | * | ||
8 | * For the full copyright and license information, please view the LICENSE | ||
9 | * file that was distributed with this source code. | ||
10 | */ | ||
11 | |||
12 | namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider; | ||
13 | |||
14 | use Symfony\Component\Form\Extension\Csrf\CsrfProvider\DefaultCsrfProvider; | ||
15 | |||
16 | /** | ||
17 | * @runTestsInSeparateProcesses | ||
18 | */ | ||
19 | class DefaultCsrfProviderTest extends \PHPUnit_Framework_TestCase | ||
20 | { | ||
21 | protected $provider; | ||
22 | |||
23 | public static function setUpBeforeClass() | ||
24 | { | ||
25 | ini_set('session.save_handler', 'files'); | ||
26 | ini_set('session.save_path', sys_get_temp_dir()); | ||
27 | } | ||
28 | |||
29 | protected function setUp() | ||
30 | { | ||
31 | $this->provider = new DefaultCsrfProvider('SECRET'); | ||
32 | } | ||
33 | |||
34 | protected function tearDown() | ||
35 | { | ||
36 | $this->provider = null; | ||
37 | } | ||
38 | |||
39 | public function testGenerateCsrfToken() | ||
40 | { | ||
41 | session_start(); | ||
42 | |||
43 | $token = $this->provider->generateCsrfToken('foo'); | ||
44 | |||
45 | $this->assertEquals(sha1('SECRET'.'foo'.session_id()), $token); | ||
46 | } | ||
47 | |||
48 | public function testGenerateCsrfTokenOnUnstartedSession() | ||
49 | { | ||
50 | session_id('touti'); | ||
51 | |||
52 | if (!version_compare(PHP_VERSION, '5.4', '>=')) { | ||
53 | $this->markTestSkipped('This test requires PHP >= 5.4'); | ||
54 | } | ||
55 | |||
56 | $this->assertSame(PHP_SESSION_NONE, session_status()); | ||
57 | |||
58 | $token = $this->provider->generateCsrfToken('foo'); | ||
59 | |||
60 | $this->assertEquals(sha1('SECRET'.'foo'.session_id()), $token); | ||
61 | $this->assertSame(PHP_SESSION_ACTIVE, session_status()); | ||
62 | } | ||
63 | |||
64 | public function testIsCsrfTokenValidSucceeds() | ||
65 | { | ||
66 | session_start(); | ||
67 | |||
68 | $token = sha1('SECRET'.'foo'.session_id()); | ||
69 | |||
70 | $this->assertTrue($this->provider->isCsrfTokenValid('foo', $token)); | ||
71 | } | ||
72 | |||
73 | public function testIsCsrfTokenValidFails() | ||
74 | { | ||
75 | session_start(); | ||
76 | |||
77 | $token = sha1('SECRET'.'bar'.session_id()); | ||
78 | |||
79 | $this->assertFalse($this->provider->isCsrfTokenValid('foo', $token)); | ||
80 | } | ||
81 | } | ||