public function testTokenLengthChange()
{
$sut = new ArrayTokenStore();
$sut->setTokenLength(6);
$token = $sut->generateNewToken();
$this->assertEquals(6, strlen($token));
// now make sure the shorter token is successfully stored
$sut->saveToken($token);
$this->assertTrue($sut->verifyToken($token));
}
public function testChangeTokenLimit()
{
$tokenLimit = 5;
$sut = new ArrayTokenStore($tokenLimit);
// check that the new limit has stuck
$this->assertEquals($tokenLimit, $sut::$MAX_TOKENS);
$firstToken = $sut->generateNewToken();
$sut->saveToken($firstToken);
$tokens = 1;
$lastToken = null;
while ($tokens++ <= $tokenLimit) {
$lastToken = $sut->generateNewToken();
$sut->saveToken($lastToken);
}
$sut->verifyToken($lastToken);
// now we've hit the max, the original token should no longer be valid
$this->expectException("\\Gt\\Csrf\\exception\\CSRFTokenInvalidException");
$sut->verifyToken($firstToken);
}