TYPO3 CMS  TYPO3_8-7
InstallToolFormProtectionTest.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
20 class InstallToolFormProtectionTest extends \TYPO3\TestingFramework\Core\Unit\UnitTestCase
21 {
25  protected $subject;
26 
30  protected function setUp()
31  {
32  $this->subject = $this->getAccessibleMock(
33  \TYPO3\CMS\Core\FormProtection\InstallToolFormProtection::class,
34  ['dummy']
35  );
36  }
37 
39  // Tests concerning the reading and saving of the tokens
41 
46  {
47  $sessionToken = '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd';
48  $formName = 'foo';
49  $action = 'edit';
50  $formInstanceName = '42';
51 
52  $tokenId = \TYPO3\CMS\Core\Utility\GeneralUtility::hmac($formName . $action . $formInstanceName . $sessionToken);
53 
54  $_SESSION['installToolFormToken'] = $sessionToken;
55 
56  $this->subject->_call('retrieveSessionToken');
57 
58  $this->assertTrue(
59  $this->subject->validateToken($tokenId, $formName, $action, $formInstanceName)
60  );
61  }
62 
67  {
68  $_SESSION['installToolFormToken'] = 'foo';
69 
70  $this->subject->_set('sessionToken', '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd');
71 
72  $this->subject->persistSessionToken();
73 
74  $this->assertEquals(
75  '881ffea2159ac72182557b79dc0c723f5a8d20136f9fab56cdd4f8b3a1dbcfcd',
76  $_SESSION['installToolFormToken']
77  );
78  }
79 }
static hmac($input, $additionalSecret='')