/**
* Tests that a new token seed is generated upon first use.
*
* @covers ::get
*/
public function testGenerateSeedOnGet()
{
$key = Crypt::randomBytesBase64();
$this->privateKey->expects($this->any())->method('get')->will($this->returnValue($key));
$this->sessionMetadata->expects($this->once())->method('getCsrfTokenSeed')->will($this->returnValue(NULL));
$this->sessionMetadata->expects($this->once())->method('setCsrfTokenSeed')->with($this->isType('string'));
$this->assertInternalType('string', $this->generator->get());
}
/**
* Validates a token based on $value, the user session, and the private key.
*
* @param string $token
* The token to be validated.
* @param string $value
* (optional) An additional value to base the token on.
*
* @return bool
* TRUE for a valid token, FALSE for an invalid token.
*/
public function validate($token, $value = '')
{
$seed = $this->sessionMetadata->getCsrfTokenSeed();
if (empty($seed)) {
return FALSE;
}
return $token === $this->computeToken($seed, $value);
}
