index/tests/CSRFPTest.php

<?php
// CSRFPTest.php
// Created: 2021-06-11
// Updated: 2023-07-11

declare(strict_types=1);

use PHPUnit\Framework\TestCase;
use Index\Security\CSRFP;

/**
 * @covers CSRFP
 */
final class CSRFPTest extends TestCase {
    private const SECRET_1 = 'oCtBmR7XS1dLOnGVoVi0wXwTLk7Ursn4';
    private const SECRET_2 = 'v6H37MPa8NHmxVvL4AzNSxrWLVkiTfPHouyTto1LXOfOyoqSU7EaSorjdM4gXlq3';

    private const TIMESTAMP_1 = 1689111761;
    private const TIMESTAMP_2 = 1689025361;

    private const P3M = 3 * 60;
    private const P5M = 5 * 60;
    private const P15M = 15 * 60;
    private const P30M = 30 * 60;
    private const P4M59S = (4 * 60) + 59;
    private const P5M30S = (5 * 60) + 30;
    private const P29M59S = (29 * 60) + 59;

    public function testCSRFP(): void {
        $csrfp1 = new CSRFP(self::SECRET_1, '8.8.8.8!12345');
        $csrfp2 = new CSRFP(self::SECRET_2, '127.0.0.1');

        $token1 = $csrfp1->createToken(self::TIMESTAMP_1);
        $token2 = $csrfp2->createToken(self::TIMESTAMP_1);
        $token3 = $csrfp1->createToken(self::TIMESTAMP_2);
        $token4 = $csrfp2->createToken(self::TIMESTAMP_2);

        $this->assertNotEquals($token1, $token2);
        $this->assertNotEquals($token2, $token3);
        $this->assertNotEquals($token3, $token4);
        $this->assertNotEquals($token4, $token1);

        $this->assertTrue($csrfp1->verifyToken($token1, -1, self::TIMESTAMP_1 + self::P15M));
        $this->assertTrue($csrfp2->verifyToken($token2, -1, self::TIMESTAMP_1 + self::P29M59S));
        $this->assertTrue($csrfp1->verifyToken($token3, -1, self::TIMESTAMP_2 + self::P15M));
        $this->assertTrue($csrfp2->verifyToken($token4, -1, self::TIMESTAMP_2 + self::P29M59S));

        $this->assertFalse($csrfp2->verifyToken($token1, -1, self::TIMESTAMP_1 + self::P15M));
        $this->assertFalse($csrfp1->verifyToken($token2, -1, self::TIMESTAMP_1 + self::P29M59S));
        $this->assertFalse($csrfp2->verifyToken($token3, -1, self::TIMESTAMP_2 + self::P15M));
        $this->assertFalse($csrfp1->verifyToken($token4, -1, self::TIMESTAMP_2 + self::P29M59S));

        $this->assertFalse($csrfp1->verifyToken($token1, -1, self::TIMESTAMP_1 + self::P30M));
        $this->assertFalse($csrfp2->verifyToken($token2, -1, self::TIMESTAMP_1 + self::P30M));
        $this->assertFalse($csrfp1->verifyToken($token3, -1, self::TIMESTAMP_2 + self::P30M));
        $this->assertFalse($csrfp2->verifyToken($token4, -1, self::TIMESTAMP_2 + self::P30M));

        $this->assertTrue($csrfp1->verifyToken($token1, self::P5M, self::TIMESTAMP_1 + self::P3M));
        $this->assertTrue($csrfp2->verifyToken($token2, self::P5M, self::TIMESTAMP_1 + self::P4M59S));
        $this->assertTrue($csrfp1->verifyToken($token3, self::P5M, self::TIMESTAMP_2 + self::P3M));
        $this->assertTrue($csrfp2->verifyToken($token4, self::P5M, self::TIMESTAMP_2 + self::P4M59S));

        $this->assertFalse($csrfp1->verifyToken($token1, self::P5M, self::TIMESTAMP_1 + self::P5M));
        $this->assertFalse($csrfp2->verifyToken($token2, self::P5M, self::TIMESTAMP_1 + self::P5M30S));
        $this->assertFalse($csrfp1->verifyToken($token3, self::P5M, self::TIMESTAMP_2 + self::P5M));
        $this->assertFalse($csrfp2->verifyToken($token4, self::P5M, self::TIMESTAMP_2 + self::P5M30S));
    }
}
Imported into new repository. 2022-09-13 13:13:11 +00:00			`<?php`
			`// CSRFPTest.php`
			`// Created: 2021-06-11`
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`// Updated: 2023-07-11`
Imported into new repository. 2022-09-13 13:13:11 +00:00
			`declare(strict_types=1);`

			`use PHPUnit\Framework\TestCase;`
			`use Index\Security\CSRFP;`

			`/**`
			`* @covers CSRFP`
			`*/`
			`final class CSRFPTest extends TestCase {`
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`private const SECRET_1 = 'oCtBmR7XS1dLOnGVoVi0wXwTLk7Ursn4';`
			`private const SECRET_2 = 'v6H37MPa8NHmxVvL4AzNSxrWLVkiTfPHouyTto1LXOfOyoqSU7EaSorjdM4gXlq3';`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`private const TIMESTAMP_1 = 1689111761;`
			`private const TIMESTAMP_2 = 1689025361;`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`private const P3M = 3 * 60;`
			`private const P5M = 5 * 60;`
			`private const P15M = 15 * 60;`
			`private const P30M = 30 * 60;`
			`private const P4M59S = (4 * 60) + 59;`
			`private const P5M30S = (5 * 60) + 30;`
			`private const P29M59S = (29 * 60) + 59;`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`public function testCSRFP(): void {`
			`$csrfp1 = new CSRFP(self::SECRET_1, '8.8.8.8!12345');`
			`$csrfp2 = new CSRFP(self::SECRET_2, '127.0.0.1');`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`$token1 = $csrfp1->createToken(self::TIMESTAMP_1);`
			`$token2 = $csrfp2->createToken(self::TIMESTAMP_1);`
			`$token3 = $csrfp1->createToken(self::TIMESTAMP_2);`
			`$token4 = $csrfp2->createToken(self::TIMESTAMP_2);`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`$this->assertNotEquals($token1, $token2);`
			`$this->assertNotEquals($token2, $token3);`
			`$this->assertNotEquals($token3, $token4);`
			`$this->assertNotEquals($token4, $token1);`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`$this->assertTrue($csrfp1->verifyToken($token1, -1, self::TIMESTAMP_1 + self::P15M));`
			`$this->assertTrue($csrfp2->verifyToken($token2, -1, self::TIMESTAMP_1 + self::P29M59S));`
			`$this->assertTrue($csrfp1->verifyToken($token3, -1, self::TIMESTAMP_2 + self::P15M));`
			`$this->assertTrue($csrfp2->verifyToken($token4, -1, self::TIMESTAMP_2 + self::P29M59S));`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`$this->assertFalse($csrfp2->verifyToken($token1, -1, self::TIMESTAMP_1 + self::P15M));`
			`$this->assertFalse($csrfp1->verifyToken($token2, -1, self::TIMESTAMP_1 + self::P29M59S));`
			`$this->assertFalse($csrfp2->verifyToken($token3, -1, self::TIMESTAMP_2 + self::P15M));`
			`$this->assertFalse($csrfp1->verifyToken($token4, -1, self::TIMESTAMP_2 + self::P29M59S));`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`$this->assertFalse($csrfp1->verifyToken($token1, -1, self::TIMESTAMP_1 + self::P30M));`
			`$this->assertFalse($csrfp2->verifyToken($token2, -1, self::TIMESTAMP_1 + self::P30M));`
			`$this->assertFalse($csrfp1->verifyToken($token3, -1, self::TIMESTAMP_2 + self::P30M));`
			`$this->assertFalse($csrfp2->verifyToken($token4, -1, self::TIMESTAMP_2 + self::P30M));`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`$this->assertTrue($csrfp1->verifyToken($token1, self::P5M, self::TIMESTAMP_1 + self::P3M));`
			`$this->assertTrue($csrfp2->verifyToken($token2, self::P5M, self::TIMESTAMP_1 + self::P4M59S));`
			`$this->assertTrue($csrfp1->verifyToken($token3, self::P5M, self::TIMESTAMP_2 + self::P3M));`
			`$this->assertTrue($csrfp2->verifyToken($token4, self::P5M, self::TIMESTAMP_2 + self::P4M59S));`
Imported into new repository. 2022-09-13 13:13:11 +00:00
Made the CSRF protection less needlessly complex. 2023-07-11 21:59:09 +00:00			`$this->assertFalse($csrfp1->verifyToken($token1, self::P5M, self::TIMESTAMP_1 + self::P5M));`
			`$this->assertFalse($csrfp2->verifyToken($token2, self::P5M, self::TIMESTAMP_1 + self::P5M30S));`
			`$this->assertFalse($csrfp1->verifyToken($token3, self::P5M, self::TIMESTAMP_2 + self::P5M));`
			`$this->assertFalse($csrfp2->verifyToken($token4, self::P5M, self::TIMESTAMP_2 + self::P5M30S));`
Imported into new repository. 2022-09-13 13:13:11 +00:00			`}`
			`}`