get(LoggerInterface::class); $this->tokenManager = new TokenManager('secret', $logger); } public static function setUpBefore(): void {} public function testGenerate(): void { $tokenManager = $this->tokenManager; $user = new User()->setUsernameCanonical('test'); $expiration = new \DateTimeImmutable('tomorrow'); $tokens = $tokenManager->generate($user, $expiration); $this->assertIsArray($tokens); $this->assertArrayHasKey('h', $tokens); $this->assertArrayHasKey('t', $tokens); $this->assertNotEmpty($tokens['h']); $this->assertNotEmpty($tokens['t']); $this->assertEquals($user->getUsernameCanonical(), $tokens['u']); } public function testGenerateEmptyUsernameCanonical(): void { $this->expectException(\UnexpectedValueException::class); $tokenManager = $this->tokenManager; // set a username, but not a username canonical $user = new User()->setUsername('test'); $expiration = new \DateTimeImmutable('tomorrow'); $tokenManager->generate($user, $expiration); } public function testVerify(): void { $tokenManager = $this->tokenManager; $user = new User()->setUsernameCanonical('test'); $expiration = new \DateTimeImmutable('tomorrow'); $tokens = $tokenManager->generate($user, $expiration); $hash = $tokens[TokenManager::HASH]; $token = $tokens[TokenManager::TOKEN]; $timestamp = $tokens[TokenManager::TIMESTAMP]; $verification = $tokenManager->verify($hash, $token, $user, $timestamp); $this->assertTrue($verification); // test with altering token $this->assertFalse($tokenManager->verify($hash.'5', $token, $user, $timestamp)); $this->assertFalse($tokenManager->verify($hash, $token.'25', $user, $timestamp)); $this->assertFalse($tokenManager->verify($hash, $token, $user->setUsernameCanonical('test2'), $timestamp)); $this->assertFalse($tokenManager->verify($hash, $token, $user, (string) ($timestamp + 1))); } public function testVerifyExpiredFails(): void { $tokenManager = $this->tokenManager; $user = new User()->setUsernameCanonical('test'); $expiration = new \DateTimeImmutable('now')->sub(new \DateInterval('PT1S')); $tokens = $tokenManager->generate($user, $expiration); $hash = $tokens[TokenManager::HASH]; $token = $tokens[TokenManager::TOKEN]; $timestamp = $tokens[TokenManager::TIMESTAMP]; $verification = $tokenManager->verify($hash, $token, $user, $timestamp); $this->assertFalse($verification); } }