1 files changed, 81 insertions, 0 deletions

diff --git a/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php
new file mode 100644
index 00000000..a99b5444
--- /dev/null
+++ b/vendor/symfony/form/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/DefaultCsrfProviderTest.php
@@ -0,0 +1,81 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider;
+
+use Symfony\Component\Form\Extension\Csrf\CsrfProvider\DefaultCsrfProvider;
+
+/**
+ * @runTestsInSeparateProcesses
+ */
+class DefaultCsrfProviderTest extends \PHPUnit_Framework_TestCase
+{
+    protected $provider;
+
+    public static function setUpBeforeClass()
+    {
+        ini_set('session.save_handler', 'files');
+        ini_set('session.save_path', sys_get_temp_dir());
+    }
+
+    protected function setUp()
+    {
+        $this->provider = new DefaultCsrfProvider('SECRET');
+    }
+
+    protected function tearDown()
+    {
+        $this->provider = null;
+    }
+
+    public function testGenerateCsrfToken()
+    {
+        session_start();
+
+        $token = $this->provider->generateCsrfToken('foo');
+
+        $this->assertEquals(sha1('SECRET'.'foo'.session_id()), $token);
+    }
+
+    public function testGenerateCsrfTokenOnUnstartedSession()
+    {
+        session_id('touti');
+
+        if (!version_compare(PHP_VERSION, '5.4', '>=')) {
+            $this->markTestSkipped('This test requires PHP >= 5.4');
+        }
+
+        $this->assertSame(PHP_SESSION_NONE, session_status());
+
+        $token = $this->provider->generateCsrfToken('foo');
+
+        $this->assertEquals(sha1('SECRET'.'foo'.session_id()), $token);
+        $this->assertSame(PHP_SESSION_ACTIVE, session_status());
+    }
+
+    public function testIsCsrfTokenValidSucceeds()
+    {
+        session_start();
+
+        $token = sha1('SECRET'.'foo'.session_id());
+
+        $this->assertTrue($this->provider->isCsrfTokenValid('foo', $token));
+    }
+
+    public function testIsCsrfTokenValidFails()
+    {
+        session_start();
+
+        $token = sha1('SECRET'.'bar'.session_id());
+
+        $this->assertFalse($this->provider->isCsrfTokenValid('foo', $token));
+    }
+}