Test the token_lifetime parameter.

diff --git a/framework/Token/lib/Horde/Token/Base.php b/framework/Token/lib/Horde/Token/Base.php
index 865ecff..bc77044 100644 (file)
--- a/framework/Token/lib/Horde/Token/Base.php
+++ b/framework/Token/lib/Horde/Token/Base.php
@@ -35,6 +35,9 @@ abstract class Horde_Token_Base
      * @param array $params  Required parameters:
      * <pre>
      * 'secret' - (string) The secret string used for signing tokens.
+     * 'token_lifetime' - (int) The number of seconds after which tokens time out.
+     *                          Negative numbers represent "no timeout".
+     *                          The default is "-1".
      * </pre>
      * Optional parameters:
      * <pre>
@@ -46,6 +49,9 @@ abstract class Horde_Token_Base
         if (!isset($params['secret'])) {
             throw new Horde_Token_Exception('Missing secret parameter.');
         }
+        if (!isset($params['token_lifetime'])) {
+            $params['token_lifetime'] = -1;
+        }
         if (isset($params['logger'])) {
             $this->_logger = $params['logger'];
             unset($params['logger']);
@@ -129,7 +135,7 @@ abstract class Horde_Token_Base
      *
      * @return boolean True if the token was valid.
      */
-    public function validate($token, $seed = '', $timeout = -1, $unique = false)
+    public function validate($token, $seed = '', $timeout = null, $unique = false)
     {
         $b = Horde_Url::uriB64Decode($token);
         $nonce = substr($b, 0, 6);
@@ -139,7 +145,10 @@ abstract class Horde_Token_Base
         }
         $timestamp = unpack('N', substr($nonce, 0, 4));
         $timestamp = array_pop($timestamp);
-        if ($timeout >= 0 && $timestamp + $timeout >= time()) {
+        if ($timeout === null) {
+            $timeout = $this->_params['token_lifetime'];
+        }
+        if ($timeout >= 0 && ($timestamp + $timeout - time()) <= 0) {
             return false;
         }
         if ($unique) {

diff --git a/framework/Token/test/Horde/Token/Unit/FileTest.php b/framework/Token/test/Horde/Token/Unit/FileTest.php
index b7a9d4e..81929f3 100644 (file)
--- a/framework/Token/test/Horde/Token/Unit/FileTest.php
+++ b/framework/Token/test/Horde/Token/Unit/FileTest.php
@@ -75,17 +75,42 @@ class Horde_Token_Unit_FileTest extends PHPUnit_Framework_TestCase
         $this->assertFalse($t->validate($t->get('a'), 'b'));
     }
 
+    public function testActiveToken()
+    {
+        $t = new Horde_Token_File(array('secret' => 'abc'));
+        $this->assertTrue($t->validate($t->get('a'), 'a', 10));
+    }
+
     public function testImmediateTimeout()
     {
         $t = new Horde_Token_File(array('secret' => 'abc'));
-        $this->assertFalse($t->validate($t->get('a'), 'a', 1));
+        $this->assertFalse($t->validate($t->get('a'), 'a', 0));
     }
 
     public function testTimeoutAfterOneSecond()
     {
-        $t = new Horde_Token_File(array('secret' => 'abc'));
+        $t = new Horde_Token_File(
+            array(
+                'secret' => 'abc',
+                'token_lifetime' => 1
+            )
+        );
+        $token = $t->get('a');
         sleep(1);
-        $this->assertFalse($t->validate($t->get('a'), 'a', 1));
+        $this->assertFalse($t->validate($token, 'a', 1));
+        // Pack two assertions in this test to avoid sleeping twice
+        $this->assertFalse($t->validate($token, 'a'));
+    }
+
+    public function testTokenLifetimeParameter()
+    {
+        $t = new Horde_Token_File(
+            array(
+                'secret' => 'abc',
+                'token_lifetime' => -1
+            )
+        );
+        $this->assertTrue($t->validate($t->get()));
     }
 
     public function testUniqueToken()