public function testCheckPostAuthCode() { $simpleSAML = new \SimpleSAML_Auth_Simple('BeeHub'); $auth = new BeeHub_Auth($simpleSAML); // Empty codes should not be correct! $_POST['POST_auth_code'] = null; $this->assertFalse($auth->checkPostAuthCode(), 'An empty POST authentication code should not be correct'); // A wrong code should not be correct $postAuthCode = $auth->getPostAuthCode(); $_POST['POST_auth_code'] = $postAuthCode . 'wrong code'; $this->assertFalse($auth->checkPostAuthCode(), 'A wrong code should be considered wrong'); // A good code should be correct $_POST['POST_auth_code'] = $postAuthCode; $this->assertTrue($auth->checkPostAuthCode(), 'The correct code should be considered correct'); $newPostAuthCode = $auth->getPostAuthCode(); $this->assertNotSame($postAuthCode, $newPostAuthCode, 'After a successfull check, a new code should be generated'); // And after 5 failed attempts, a new code should be generated for ($counter = 0; $counter < 5; $counter++) { $this->assertFalse($auth->checkPostAuthCode(), "All five attempts with a wrong POST authentication code should fail"); } $this->assertNotSame($newPostAuthCode, $auth->getPostAuthCode(), 'After 5 failed attempts, a new code should be generated'); }