public function testSaveToSession()
{
$token1 = RequestToken::fromString("foo");
$token1->saveToSession();
$token2 = RequestToken::fromSession();
$this->assertTrue($token1->matches($token2));
}
/**
* Checks if the session token stored in the request matches the session
* token stored in the session. Just like the other validate methods, this
* method updates the last error. However, for something technical like a
* request token it is impossible to create a user-friendly message, so it's
* better to not display this error.
* @param Request $request The request that stores the session token.
* @return boolean True if they match, false otherwise.
*/
public static function requestToken(Request $request)
{
$sessionToken = RequestToken::fromSession();
$requestToken = RequestToken::fromRequest($request);
if ($sessionToken->matches($requestToken)) {
return true;
}
self::setError("invalid_request_token");
return false;
}
