summaryrefslogtreecommitdiffstats
path: root/Csrf/Tests
diff options
context:
space:
mode:
Diffstat (limited to 'Csrf/Tests')
-rw-r--r--Csrf/Tests/CsrfTokenGeneratorTest.php148
-rw-r--r--Csrf/Tests/CsrfTokenManagerTest.php164
-rw-r--r--Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php71
-rw-r--r--Csrf/Tests/TokenStorage/NativeSessionTokenStorageTest.php25
-rw-r--r--Csrf/Tests/TokenStorage/SessionTokenStorageTest.php130
5 files changed, 383 insertions, 155 deletions
diff --git a/Csrf/Tests/CsrfTokenGeneratorTest.php b/Csrf/Tests/CsrfTokenGeneratorTest.php
deleted file mode 100644
index f5f9507..0000000
--- a/Csrf/Tests/CsrfTokenGeneratorTest.php
+++ /dev/null
@@ -1,148 +0,0 @@
-<?php
-
-/*
- * This file is part of the Symfony package.
- *
- * (c) Fabien Potencier <fabien@symfony.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
-
-namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider;
-
-use Symfony\Component\Security\Csrf\CsrfTokenGenerator;
-
-/**
- * @author Bernhard Schussek <bschussek@gmail.com>
- */
-class CsrfTokenGeneratorTest extends \PHPUnit_Framework_TestCase
-{
- /**
- * A non alpha-numeric byte string
- * @var string
- */
- private static $bytes;
-
- /**
- * @var \PHPUnit_Framework_MockObject_MockObject
- */
- private $random;
-
- /**
- * @var \PHPUnit_Framework_MockObject_MockObject
- */
- private $storage;
-
- /**
- * @var CsrfTokenGenerator
- */
- private $generator;
-
- public static function setUpBeforeClass()
- {
- self::$bytes = base64_decode('aMf+Tct/RLn2WQ==');
- }
-
- protected function setUp()
- {
- $this->random = $this->getMock('Symfony\Component\Security\Core\Util\SecureRandomInterface');
- $this->storage = $this->getMock('Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface');
- $this->generator = new CsrfTokenGenerator($this->storage, $this->random);
- }
-
- protected function tearDown()
- {
- $this->random = null;
- $this->storage = null;
- $this->generator = null;
- }
-
- public function testGenerateNewToken()
- {
- $this->storage->expects($this->once())
- ->method('getToken')
- ->with('token_id', false)
- ->will($this->returnValue(false));
-
- $this->storage->expects($this->once())
- ->method('setToken')
- ->with('token_id', $this->anything())
- ->will($this->returnCallback(function ($tokenId, $token) use (&$storedToken) {
- $storedToken = $token;
- }));
-
- $this->random->expects($this->once())
- ->method('nextBytes')
- ->will($this->returnValue(self::$bytes));
-
- $token = $this->generator->generateCsrfToken('token_id');
-
- $this->assertSame($token, $storedToken);
- $this->assertTrue(ctype_print($token), 'is printable');
- $this->assertStringNotMatchesFormat('%S+%S', $token, 'is URI safe');
- $this->assertStringNotMatchesFormat('%S/%S', $token, 'is URI safe');
- $this->assertStringNotMatchesFormat('%S=%S', $token, 'is URI safe');
- }
-
- public function testUseExistingTokenIfAvailable()
- {
- $this->storage->expects($this->once())
- ->method('getToken')
- ->with('token_id', false)
- ->will($this->returnValue('TOKEN'));
-
- $this->storage->expects($this->never())
- ->method('setToken');
-
- $this->random->expects($this->never())
- ->method('nextBytes');
-
- $token = $this->generator->generateCsrfToken('token_id');
-
- $this->assertEquals('TOKEN', $token);
- }
-
- public function testMatchingTokenIsValid()
- {
- $this->storage->expects($this->once())
- ->method('hasToken')
- ->with('token_id')
- ->will($this->returnValue(true));
-
- $this->storage->expects($this->once())
- ->method('getToken')
- ->with('token_id')
- ->will($this->returnValue('TOKEN'));
-
- $this->assertTrue($this->generator->isCsrfTokenValid('token_id', 'TOKEN'));
- }
-
- public function testNonMatchingTokenIsNotValid()
- {
- $this->storage->expects($this->once())
- ->method('hasToken')
- ->with('token_id')
- ->will($this->returnValue(true));
-
- $this->storage->expects($this->once())
- ->method('getToken')
- ->with('token_id')
- ->will($this->returnValue('TOKEN'));
-
- $this->assertFalse($this->generator->isCsrfTokenValid('token_id', 'FOOBAR'));
- }
-
- public function testNonExistingTokenIsNotValid()
- {
- $this->storage->expects($this->once())
- ->method('hasToken')
- ->with('token_id')
- ->will($this->returnValue(false));
-
- $this->storage->expects($this->never())
- ->method('getToken');
-
- $this->assertFalse($this->generator->isCsrfTokenValid('token_id', 'FOOBAR'));
- }
-}
diff --git a/Csrf/Tests/CsrfTokenManagerTest.php b/Csrf/Tests/CsrfTokenManagerTest.php
new file mode 100644
index 0000000..67c66fb
--- /dev/null
+++ b/Csrf/Tests/CsrfTokenManagerTest.php
@@ -0,0 +1,164 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider;
+
+use Symfony\Component\Security\Csrf\CsrfToken;
+use Symfony\Component\Security\Csrf\CsrfTokenManager;
+
+/**
+ * @author Bernhard Schussek <bschussek@gmail.com>
+ */
+class CsrfTokenManagerTest extends \PHPUnit_Framework_TestCase
+{
+ /**
+ * @var \PHPUnit_Framework_MockObject_MockObject
+ */
+ private $generator;
+
+ /**
+ * @var \PHPUnit_Framework_MockObject_MockObject
+ */
+ private $storage;
+
+ /**
+ * @var CsrfTokenManager
+ */
+ private $manager;
+
+ protected function setUp()
+ {
+ $this->generator = $this->getMock('Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface');
+ $this->storage = $this->getMock('Symfony\Component\Security\Csrf\TokenStorage\TokenStorageInterface');
+ $this->manager = new CsrfTokenManager($this->generator, $this->storage);
+ }
+
+ protected function tearDown()
+ {
+ $this->generator = null;
+ $this->storage = null;
+ $this->manager = null;
+ }
+
+ public function testGetNonExistingToken()
+ {
+ $this->storage->expects($this->once())
+ ->method('hasToken')
+ ->with('token_id')
+ ->will($this->returnValue(false));
+
+ $this->generator->expects($this->once())
+ ->method('generateToken')
+ ->will($this->returnValue('TOKEN'));
+
+ $this->storage->expects($this->once())
+ ->method('setToken')
+ ->with('token_id', 'TOKEN');
+
+ $token = $this->manager->getToken('token_id');
+
+ $this->assertInstanceOf('Symfony\Component\Security\Csrf\CsrfToken', $token);
+ $this->assertSame('token_id', $token->getId());
+ $this->assertSame('TOKEN', $token->getValue());
+ }
+
+ public function testUseExistingTokenIfAvailable()
+ {
+ $this->storage->expects($this->once())
+ ->method('hasToken')
+ ->with('token_id')
+ ->will($this->returnValue(true));
+
+ $this->storage->expects($this->once())
+ ->method('getToken')
+ ->with('token_id')
+ ->will($this->returnValue('TOKEN'));
+
+ $token = $this->manager->getToken('token_id');
+
+ $this->assertInstanceOf('Symfony\Component\Security\Csrf\CsrfToken', $token);
+ $this->assertSame('token_id', $token->getId());
+ $this->assertSame('TOKEN', $token->getValue());
+ }
+
+ public function testRefreshTokenAlwaysReturnsNewToken()
+ {
+ $this->storage->expects($this->never())
+ ->method('hasToken');
+
+ $this->generator->expects($this->once())
+ ->method('generateToken')
+ ->will($this->returnValue('TOKEN'));
+
+ $this->storage->expects($this->once())
+ ->method('setToken')
+ ->with('token_id', 'TOKEN');
+
+ $token = $this->manager->refreshToken('token_id');
+
+ $this->assertInstanceOf('Symfony\Component\Security\Csrf\CsrfToken', $token);
+ $this->assertSame('token_id', $token->getId());
+ $this->assertSame('TOKEN', $token->getValue());
+ }
+
+ public function testMatchingTokenIsValid()
+ {
+ $this->storage->expects($this->once())
+ ->method('hasToken')
+ ->with('token_id')
+ ->will($this->returnValue(true));
+
+ $this->storage->expects($this->once())
+ ->method('getToken')
+ ->with('token_id')
+ ->will($this->returnValue('TOKEN'));
+
+ $this->assertTrue($this->manager->isTokenValid(new CsrfToken('token_id', 'TOKEN')));
+ }
+
+ public function testNonMatchingTokenIsNotValid()
+ {
+ $this->storage->expects($this->once())
+ ->method('hasToken')
+ ->with('token_id')
+ ->will($this->returnValue(true));
+
+ $this->storage->expects($this->once())
+ ->method('getToken')
+ ->with('token_id')
+ ->will($this->returnValue('TOKEN'));
+
+ $this->assertFalse($this->manager->isTokenValid(new CsrfToken('token_id', 'FOOBAR')));
+ }
+
+ public function testNonExistingTokenIsNotValid()
+ {
+ $this->storage->expects($this->once())
+ ->method('hasToken')
+ ->with('token_id')
+ ->will($this->returnValue(false));
+
+ $this->storage->expects($this->never())
+ ->method('getToken');
+
+ $this->assertFalse($this->manager->isTokenValid(new CsrfToken('token_id', 'FOOBAR')));
+ }
+
+ public function testRemoveToken()
+ {
+ $this->storage->expects($this->once())
+ ->method('removeToken')
+ ->with('token_id')
+ ->will($this->returnValue('REMOVED_TOKEN'));
+
+ $this->assertSame('REMOVED_TOKEN', $this->manager->removeToken('token_id'));
+ }
+}
diff --git a/Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php b/Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php
new file mode 100644
index 0000000..a55056f
--- /dev/null
+++ b/Csrf/Tests/TokenGenerator/UriSafeTokenGeneratorTest.php
@@ -0,0 +1,71 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Form\Tests\Extension\Csrf\CsrfProvider\TokenGenerator;
+
+use Symfony\Component\Security\Csrf\TokenGenerator\UriSafeTokenGenerator;
+
+/**
+ * @author Bernhard Schussek <bschussek@gmail.com>
+ */
+class UriSafeTokenGeneratorTest extends \PHPUnit_Framework_TestCase
+{
+ const ENTROPY = 1000;
+
+ /**
+ * A non alpha-numeric byte string
+ * @var string
+ */
+ private static $bytes;
+
+ /**
+ * @var \PHPUnit_Framework_MockObject_MockObject
+ */
+ private $random;
+
+
+ /**
+ * @var UriSafeTokenGenerator
+ */
+ private $generator;
+
+ public static function setUpBeforeClass()
+ {
+ self::$bytes = base64_decode('aMf+Tct/RLn2WQ==');
+ }
+
+ protected function setUp()
+ {
+ $this->random = $this->getMock('Symfony\Component\Security\Core\Util\SecureRandomInterface');
+ $this->generator = new UriSafeTokenGenerator($this->random, self::ENTROPY);
+ }
+
+ protected function tearDown()
+ {
+ $this->random = null;
+ $this->generator = null;
+ }
+
+ public function testGenerateToken()
+ {
+ $this->random->expects($this->once())
+ ->method('nextBytes')
+ ->with(self::ENTROPY/8)
+ ->will($this->returnValue(self::$bytes));
+
+ $token = $this->generator->generateToken();
+
+ $this->assertTrue(ctype_print($token), 'is printable');
+ $this->assertStringNotMatchesFormat('%S+%S', $token, 'is URI safe');
+ $this->assertStringNotMatchesFormat('%S/%S', $token, 'is URI safe');
+ $this->assertStringNotMatchesFormat('%S=%S', $token, 'is URI safe');
+ }
+}
diff --git a/Csrf/Tests/TokenStorage/NativeSessionTokenStorageTest.php b/Csrf/Tests/TokenStorage/NativeSessionTokenStorageTest.php
index b62eeef..ada04c8 100644
--- a/Csrf/Tests/TokenStorage/NativeSessionTokenStorageTest.php
+++ b/Csrf/Tests/TokenStorage/NativeSessionTokenStorageTest.php
@@ -96,8 +96,31 @@ class NativeSessionTokenStorageTest extends \PHPUnit_Framework_TestCase
$this->assertSame('TOKEN', $this->storage->getToken('token_id'));
}
+ /**
+ * @expectedException \Symfony\Component\Security\Csrf\Exception\TokenNotFoundException
+ */
public function testGetNonExistingToken()
{
- $this->assertSame('DEFAULT', $this->storage->getToken('token_id', 'DEFAULT'));
+ $this->storage->getToken('token_id');
+ }
+
+ /**
+ * @depends testCheckToken
+ */
+ public function testRemoveNonExistingToken()
+ {
+ $this->assertNull($this->storage->removeToken('token_id'));
+ $this->assertFalse($this->storage->hasToken('token_id'));
+ }
+
+ /**
+ * @depends testCheckToken
+ */
+ public function testRemoveExistingToken()
+ {
+ $this->storage->setToken('token_id', 'TOKEN');
+
+ $this->assertSame('TOKEN', $this->storage->removeToken('token_id'));
+ $this->assertFalse($this->storage->hasToken('token_id'));
}
}
diff --git a/Csrf/Tests/TokenStorage/SessionTokenStorageTest.php b/Csrf/Tests/TokenStorage/SessionTokenStorageTest.php
index 9ba7edb..799b16d 100644
--- a/Csrf/Tests/TokenStorage/SessionTokenStorageTest.php
+++ b/Csrf/Tests/TokenStorage/SessionTokenStorageTest.php
@@ -108,7 +108,7 @@ class SessionTokenStorageTest extends \PHPUnit_Framework_TestCase
$this->assertSame('RESULT', $this->storage->hasToken('token_id'));
}
- public function testGetTokenFromClosedSession()
+ public function testGetExistingTokenFromClosedSession()
{
$this->session->expects($this->any())
->method('isStarted')
@@ -118,14 +118,19 @@ class SessionTokenStorageTest extends \PHPUnit_Framework_TestCase
->method('start');
$this->session->expects($this->once())
+ ->method('has')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
+ ->will($this->returnValue(true));
+
+ $this->session->expects($this->once())
->method('get')
- ->with(self::SESSION_NAMESPACE.'/token_id', 'DEFAULT')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
->will($this->returnValue('RESULT'));
- $this->assertSame('RESULT', $this->storage->getToken('token_id', 'DEFAULT'));
+ $this->assertSame('RESULT', $this->storage->getToken('token_id'));
}
- public function testGetTokenFromActiveSession()
+ public function testGetExistingTokenFromActiveSession()
{
$this->session->expects($this->any())
->method('isStarted')
@@ -135,10 +140,123 @@ class SessionTokenStorageTest extends \PHPUnit_Framework_TestCase
->method('start');
$this->session->expects($this->once())
+ ->method('has')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
+ ->will($this->returnValue(true));
+
+ $this->session->expects($this->once())
->method('get')
- ->with(self::SESSION_NAMESPACE.'/token_id', 'DEFAULT')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
->will($this->returnValue('RESULT'));
- $this->assertSame('RESULT', $this->storage->getToken('token_id', 'DEFAULT'));
+ $this->assertSame('RESULT', $this->storage->getToken('token_id'));
+ }
+
+ /**
+ * @expectedException \Symfony\Component\Security\Csrf\Exception\TokenNotFoundException
+ */
+ public function testGetNonExistingTokenFromClosedSession()
+ {
+ $this->session->expects($this->any())
+ ->method('isStarted')
+ ->will($this->returnValue(false));
+
+ $this->session->expects($this->once())
+ ->method('start');
+
+ $this->session->expects($this->once())
+ ->method('has')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
+ ->will($this->returnValue(false));
+
+ $this->storage->getToken('token_id');
+ }
+
+ /**
+ * @expectedException \Symfony\Component\Security\Csrf\Exception\TokenNotFoundException
+ */
+ public function testGetNonExistingTokenFromActiveSession()
+ {
+ $this->session->expects($this->any())
+ ->method('isStarted')
+ ->will($this->returnValue(true));
+
+ $this->session->expects($this->never())
+ ->method('start');
+
+ $this->session->expects($this->once())
+ ->method('has')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
+ ->will($this->returnValue(false));
+
+ $this->storage->getToken('token_id');
+ }
+
+ public function testRemoveNonExistingTokenFromClosedSession()
+ {
+ $this->session->expects($this->any())
+ ->method('isStarted')
+ ->will($this->returnValue(false));
+
+ $this->session->expects($this->once())
+ ->method('start');
+
+ $this->session->expects($this->once())
+ ->method('remove')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
+ ->will($this->returnValue(null));
+
+ $this->assertNull($this->storage->removeToken('token_id'));
+ }
+
+ public function testRemoveNonExistingTokenFromActiveSession()
+ {
+ $this->session->expects($this->any())
+ ->method('isStarted')
+ ->will($this->returnValue(true));
+
+ $this->session->expects($this->never())
+ ->method('start');
+
+ $this->session->expects($this->once())
+ ->method('remove')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
+ ->will($this->returnValue(null));
+
+ $this->assertNull($this->storage->removeToken('token_id'));
+ }
+
+ public function testRemoveExistingTokenFromClosedSession()
+ {
+ $this->session->expects($this->any())
+ ->method('isStarted')
+ ->will($this->returnValue(false));
+
+ $this->session->expects($this->once())
+ ->method('start');
+
+ $this->session->expects($this->once())
+ ->method('remove')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
+ ->will($this->returnValue('TOKEN'));
+
+ $this->assertSame('TOKEN', $this->storage->removeToken('token_id'));
+ }
+
+ public function testRemoveExistingTokenFromActiveSession()
+ {
+ $this->session->expects($this->any())
+ ->method('isStarted')
+ ->will($this->returnValue(true));
+
+ $this->session->expects($this->never())
+ ->method('start');
+
+ $this->session->expects($this->once())
+ ->method('remove')
+ ->with(self::SESSION_NAMESPACE.'/token_id')
+ ->will($this->returnValue('TOKEN'));
+
+ $this->assertSame('TOKEN', $this->storage->removeToken('token_id'));
}
}
generated by cgit v1.1 at 2025-06-01 02:47:42 +0000