/** * Verifies whether the provided token is valid. * * @param CsrfToken $token * @return bool */ public function isTokenValid(CsrfToken $token) { if (!$this->sessionStorage->hasToken()) { return false; } return hash_equals($this->sessionStorage->getToken(), $token->getDecryptedValue()); }
public function testGetTokenWithValidToken() { $this->session->expects($this->once())->method('get')->with('requesttoken')->willReturn('MyFancyCsrfToken'); $this->assertSame('MyFancyCsrfToken', $this->sessionStorage->getToken()); }