aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/Security/CSRF
diff options
context:
space:
mode:
Diffstat (limited to 'tests/lib/Security/CSRF')
-rw-r--r--tests/lib/Security/CSRF/CsrfTokenManagerTest.php16
-rw-r--r--tests/lib/Security/CSRF/CsrfTokenTest.php7
2 files changed, 23 insertions, 0 deletions
diff --git a/tests/lib/Security/CSRF/CsrfTokenManagerTest.php b/tests/lib/Security/CSRF/CsrfTokenManagerTest.php
index ab19a43e91e..6f7842fdfd9 100644
--- a/tests/lib/Security/CSRF/CsrfTokenManagerTest.php
+++ b/tests/lib/Security/CSRF/CsrfTokenManagerTest.php
@@ -56,6 +56,22 @@ class CsrfTokenManagerTest extends \Test\TestCase {
$this->assertEquals($expected, $this->csrfTokenManager->getToken());
}
+ public function testGetTokenWithExistingTokenKeepsOnSecondRequest() {
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('hasToken')
+ ->willReturn(true);
+ $this->storageInterface
+ ->expects($this->once())
+ ->method('getToken')
+ ->willReturn('MyExistingToken');
+
+ $expected = new \OC\Security\CSRF\CsrfToken('MyExistingToken');
+ $token = $this->csrfTokenManager->getToken();
+ $this->assertSame($token, $this->csrfTokenManager->getToken());
+ $this->assertSame($token, $this->csrfTokenManager->getToken());
+ }
+
public function testGetTokenWithoutExistingToken() {
$this->storageInterface
->expects($this->once())
diff --git a/tests/lib/Security/CSRF/CsrfTokenTest.php b/tests/lib/Security/CSRF/CsrfTokenTest.php
index da640ce5052..d19d1de916c 100644
--- a/tests/lib/Security/CSRF/CsrfTokenTest.php
+++ b/tests/lib/Security/CSRF/CsrfTokenTest.php
@@ -28,6 +28,13 @@ class CsrfTokenTest extends \Test\TestCase {
$this->assertSame(':', $csrfToken->getEncryptedValue()[16]);
}
+ public function testGetEncryptedValueStaysSameOnSecondRequest() {
+ $csrfToken = new \OC\Security\CSRF\CsrfToken('MyCsrfToken');
+ $tokenValue = $csrfToken->getEncryptedValue();
+ $this->assertSame($tokenValue, $csrfToken->getEncryptedValue());
+ $this->assertSame($tokenValue, $csrfToken->getEncryptedValue());
+ }
+
public function testGetDecryptedValue() {
$csrfToken = new \OC\Security\CSRF\CsrfToken('XlQhHjgWCgBXAEI0Khl+IQEiCXN2LUcDHAQTQAc1HQs=:qgkUlg8l3m8WnkOG4XM9Az33pAt1vSVMx4hcJFsxdqc=');
$this->assertSame('/3JKTq2ldmzcDr1f5zDJ7Wt0lEgqqfKF', $csrfToken->getDecryptedValue());
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-31 00:56:18 +0000