68 lines
3.2 KiB
PHP
68 lines
3.2 KiB
PHP
<?php
|
|
// CSRFPTest.php
|
|
// Created: 2021-06-11
|
|
// Updated: 2023-07-11
|
|
|
|
declare(strict_types=1);
|
|
|
|
use PHPUnit\Framework\TestCase;
|
|
use Index\Security\CSRFP;
|
|
|
|
/**
|
|
* @covers CSRFP
|
|
*/
|
|
final class CSRFPTest extends TestCase {
|
|
private const SECRET_1 = 'oCtBmR7XS1dLOnGVoVi0wXwTLk7Ursn4';
|
|
private const SECRET_2 = 'v6H37MPa8NHmxVvL4AzNSxrWLVkiTfPHouyTto1LXOfOyoqSU7EaSorjdM4gXlq3';
|
|
|
|
private const TIMESTAMP_1 = 1689111761;
|
|
private const TIMESTAMP_2 = 1689025361;
|
|
|
|
private const P3M = 3 * 60;
|
|
private const P5M = 5 * 60;
|
|
private const P15M = 15 * 60;
|
|
private const P30M = 30 * 60;
|
|
private const P4M59S = (4 * 60) + 59;
|
|
private const P5M30S = (5 * 60) + 30;
|
|
private const P29M59S = (29 * 60) + 59;
|
|
|
|
public function testCSRFP(): void {
|
|
$csrfp1 = new CSRFP(self::SECRET_1, '8.8.8.8!12345');
|
|
$csrfp2 = new CSRFP(self::SECRET_2, '127.0.0.1');
|
|
|
|
$token1 = $csrfp1->createToken(self::TIMESTAMP_1);
|
|
$token2 = $csrfp2->createToken(self::TIMESTAMP_1);
|
|
$token3 = $csrfp1->createToken(self::TIMESTAMP_2);
|
|
$token4 = $csrfp2->createToken(self::TIMESTAMP_2);
|
|
|
|
$this->assertNotEquals($token1, $token2);
|
|
$this->assertNotEquals($token2, $token3);
|
|
$this->assertNotEquals($token3, $token4);
|
|
$this->assertNotEquals($token4, $token1);
|
|
|
|
$this->assertTrue($csrfp1->verifyToken($token1, -1, self::TIMESTAMP_1 + self::P15M));
|
|
$this->assertTrue($csrfp2->verifyToken($token2, -1, self::TIMESTAMP_1 + self::P29M59S));
|
|
$this->assertTrue($csrfp1->verifyToken($token3, -1, self::TIMESTAMP_2 + self::P15M));
|
|
$this->assertTrue($csrfp2->verifyToken($token4, -1, self::TIMESTAMP_2 + self::P29M59S));
|
|
|
|
$this->assertFalse($csrfp2->verifyToken($token1, -1, self::TIMESTAMP_1 + self::P15M));
|
|
$this->assertFalse($csrfp1->verifyToken($token2, -1, self::TIMESTAMP_1 + self::P29M59S));
|
|
$this->assertFalse($csrfp2->verifyToken($token3, -1, self::TIMESTAMP_2 + self::P15M));
|
|
$this->assertFalse($csrfp1->verifyToken($token4, -1, self::TIMESTAMP_2 + self::P29M59S));
|
|
|
|
$this->assertFalse($csrfp1->verifyToken($token1, -1, self::TIMESTAMP_1 + self::P30M));
|
|
$this->assertFalse($csrfp2->verifyToken($token2, -1, self::TIMESTAMP_1 + self::P30M));
|
|
$this->assertFalse($csrfp1->verifyToken($token3, -1, self::TIMESTAMP_2 + self::P30M));
|
|
$this->assertFalse($csrfp2->verifyToken($token4, -1, self::TIMESTAMP_2 + self::P30M));
|
|
|
|
$this->assertTrue($csrfp1->verifyToken($token1, self::P5M, self::TIMESTAMP_1 + self::P3M));
|
|
$this->assertTrue($csrfp2->verifyToken($token2, self::P5M, self::TIMESTAMP_1 + self::P4M59S));
|
|
$this->assertTrue($csrfp1->verifyToken($token3, self::P5M, self::TIMESTAMP_2 + self::P3M));
|
|
$this->assertTrue($csrfp2->verifyToken($token4, self::P5M, self::TIMESTAMP_2 + self::P4M59S));
|
|
|
|
$this->assertFalse($csrfp1->verifyToken($token1, self::P5M, self::TIMESTAMP_1 + self::P5M));
|
|
$this->assertFalse($csrfp2->verifyToken($token2, self::P5M, self::TIMESTAMP_1 + self::P5M30S));
|
|
$this->assertFalse($csrfp1->verifyToken($token3, self::P5M, self::TIMESTAMP_2 + self::P5M));
|
|
$this->assertFalse($csrfp2->verifyToken($token4, self::P5M, self::TIMESTAMP_2 + self::P5M30S));
|
|
}
|
|
}
|