From 21117bb330fca248209518e065169cf56d03c4e6 Mon Sep 17 00:00:00 2001 From: Gunnar Wrobel Date: Tue, 30 Nov 2010 08:29:38 +0100 Subject: [PATCH] Test the token_lifetime parameter. --- framework/Token/lib/Horde/Token/Base.php | 13 +++++++-- framework/Token/test/Horde/Token/Unit/FileTest.php | 31 +++++++++++++++++++--- 2 files changed, 39 insertions(+), 5 deletions(-) diff --git a/framework/Token/lib/Horde/Token/Base.php b/framework/Token/lib/Horde/Token/Base.php index 865ecff0c..bc770440f 100644 --- a/framework/Token/lib/Horde/Token/Base.php +++ b/framework/Token/lib/Horde/Token/Base.php @@ -35,6 +35,9 @@ abstract class Horde_Token_Base * @param array $params Required parameters: * 
      * 'secret' - (string) The secret string used for signing tokens.
+     * 'token_lifetime' - (int) The number of seconds after which tokens time out.
+     *                          Negative numbers represent "no timeout".
+     *                          The default is "-1".
      *
* Optional parameters: * 
@@ -46,6 +49,9 @@ abstract class Horde_Token_Base
         if (!isset($params['secret'])) {
             throw new Horde_Token_Exception('Missing secret parameter.');
         }
+        if (!isset($params['token_lifetime'])) {
+            $params['token_lifetime'] = -1;
+        }
         if (isset($params['logger'])) {
             $this->_logger = $params['logger'];
             unset($params['logger']);
@@ -129,7 +135,7 @@ abstract class Horde_Token_Base
      *
      * @return boolean True if the token was valid.
      */
-    public function validate($token, $seed = '', $timeout = -1, $unique = false)
+    public function validate($token, $seed = '', $timeout = null, $unique = false)
     {
         $b = Horde_Url::uriB64Decode($token);
         $nonce = substr($b, 0, 6);
@@ -139,7 +145,10 @@ abstract class Horde_Token_Base
         }
         $timestamp = unpack('N', substr($nonce, 0, 4));
         $timestamp = array_pop($timestamp);
-        if ($timeout >= 0 && $timestamp + $timeout >= time()) {
+        if ($timeout === null) {
+            $timeout = $this->_params['token_lifetime'];
+        }
+        if ($timeout >= 0 && ($timestamp + $timeout - time()) <= 0) {
             return false;
         }
         if ($unique) {
diff --git a/framework/Token/test/Horde/Token/Unit/FileTest.php b/framework/Token/test/Horde/Token/Unit/FileTest.php
index b7a9d4e04..81929f3e6 100644
--- a/framework/Token/test/Horde/Token/Unit/FileTest.php
+++ b/framework/Token/test/Horde/Token/Unit/FileTest.php
@@ -75,17 +75,42 @@ class Horde_Token_Unit_FileTest extends PHPUnit_Framework_TestCase
         $this->assertFalse($t->validate($t->get('a'), 'b'));
     }
 
+    public function testActiveToken()
+    {
+        $t = new Horde_Token_File(array('secret' => 'abc'));
+        $this->assertTrue($t->validate($t->get('a'), 'a', 10));
+    }
+
     public function testImmediateTimeout()
     {
         $t = new Horde_Token_File(array('secret' => 'abc'));
-        $this->assertFalse($t->validate($t->get('a'), 'a', 1));
+        $this->assertFalse($t->validate($t->get('a'), 'a', 0));
     }
 
     public function testTimeoutAfterOneSecond()
     {
-        $t = new Horde_Token_File(array('secret' => 'abc'));
+        $t = new Horde_Token_File(
+            array(
+                'secret' => 'abc',
+                'token_lifetime' => 1
+            )
+        );
+        $token = $t->get('a');
         sleep(1);
-        $this->assertFalse($t->validate($t->get('a'), 'a', 1));
+        $this->assertFalse($t->validate($token, 'a', 1));
+        // Pack two assertions in this test to avoid sleeping twice
+        $this->assertFalse($t->validate($token, 'a'));
+    }
+
+    public function testTokenLifetimeParameter()
+    {
+        $t = new Horde_Token_File(
+            array(
+                'secret' => 'abc',
+                'token_lifetime' => -1
+            )
+        );
+        $this->assertTrue($t->validate($t->get()));
     }
 
     public function testUniqueToken()
-- 
2.11.0