/**
  * Tests that a new token seed is generated upon first use.
  *
  * @covers ::get
  */
 public function testGenerateSeedOnGet()
 {
     $key = Crypt::randomBytesBase64();
     $this->privateKey->expects($this->any())->method('get')->will($this->returnValue($key));
     $this->sessionMetadata->expects($this->once())->method('getCsrfTokenSeed')->will($this->returnValue(NULL));
     $this->sessionMetadata->expects($this->once())->method('setCsrfTokenSeed')->with($this->isType('string'));
     $this->assertInternalType('string', $this->generator->get());
 }
Beispiel #2
0
 /**
  * Validates a token based on $value, the user session, and the private key.
  *
  * @param string $token
  *   The token to be validated.
  * @param string $value
  *   (optional) An additional value to base the token on.
  *
  * @return bool
  *   TRUE for a valid token, FALSE for an invalid token.
  */
 public function validate($token, $value = '')
 {
     $seed = $this->sessionMetadata->getCsrfTokenSeed();
     if (empty($seed)) {
         return FALSE;
     }
     return $token === $this->computeToken($seed, $value);
 }