public function testIsTokenValidWithValidToken() { $this->storageInterface->expects($this->once())->method('hasToken')->willReturn(true); $token = new \OC\Security\CSRF\CsrfToken('XlQhHjgWCgBXAEI0Khl+IQEiCXN2LUcDHAQTQAc1HQs=:qgkUlg8l3m8WnkOG4XM9Az33pAt1vSVMx4hcJFsxdqc='); $this->storageInterface->expects($this->once())->method('getToken')->willReturn('/3JKTq2ldmzcDr1f5zDJ7Wt0lEgqqfKF'); $this->assertSame(true, $this->csrfTokenManager->isTokenValid($token)); }
/** * Verifies whether the provided token is valid. * * @param CsrfToken $token * @return bool */ public function isTokenValid(CsrfToken $token) { if (!$this->sessionStorage->hasToken()) { return false; } return hash_equals($this->sessionStorage->getToken(), $token->getDecryptedValue()); }
public function testHasTokenWithoutExistingToken() { $this->session->expects($this->once())->method('exists')->with('requesttoken')->willReturn(false); $this->assertSame(false, $this->sessionStorage->hasToken()); }