* @param string $token The signed token.
* @param string $seed The unique ID of the token.
* @param int $timeout Timout of the token in seconds.
- * @param boolean $unique Can the token be used more than once?
+ * Values below zero represent no timeout.
+ * @param boolean $unique Should validation of the token succeed only once?
*
* @return boolean True if the token was valid.
*/
- public function validate($token, $seed = '', $timeout = 0, $unique = false)
+ public function validate($token, $seed = '', $timeout = -1, $unique = false)
{
$b = Horde_Url::uriB64Decode($token);
$nonce = substr($b, 0, 6);
if ($hash != $this->_hash($nonce . $seed)) {
return false;
}
+ $timestamp = unpack('N', substr($nonce, 0, 4));
+ $timestamp = array_pop($timestamp);
+ if ($timeout >= 0 && $timestamp + $timeout >= time()) {
+ return false;
+ }
+ if ($unique) {
+ return $this->verify($nonce);
+ }
return true;
}
$this->assertFalse($t->validate($t->get('a'), 'b'));
}
+ public function testImmediateTimeout()
+ {
+ $t = new Horde_Token_File(array('secret' => 'abc'));
+ $this->assertFalse($t->validate($t->get('a'), 'a', 1));
+ }
+
+ public function testTimeoutAfterOneSecond()
+ {
+ $t = new Horde_Token_File(array('secret' => 'abc'));
+ sleep(1);
+ $this->assertFalse($t->validate($t->get('a'), 'a', 1));
+ }
+
+ public function testUniqueToken()
+ {
+ $t = new Horde_Token_File(
+ array(
+ 'secret' => 'abc',
+ 'token_dir' => $this->_getTemporaryDirectory()
+ )
+ );
+ $token = $t->get('a');
+ $t->validate($token, 'a', -1, true);
+ $this->assertFalse($t->validate($token, 'a', -1, true));
+ }
+
public function testNonces()
{
$t = new Horde_Token_File(array('secret' => 'abc'));
projects / horde.git / commitdiff