return 0;
}
+ my $ref_time = $options->{'Time'} // time;
+
my ($masked_token, $mask, $time) = ($1, $2, $3);
my $max_age = $options->{'MaxAge'};
- if (defined($max_age) && time - $time > $max_age) {
+ if (defined($max_age) && $ref_time - $time > $max_age) {
# Timed out.
return 0;
}
--- /dev/null
+use Test::More tests => 6;
+
+use WWW::CSRF qw(check_csrf_token);
+
+is(check_csrf_token("id", "secret",
+ "5df5e9f17c929a45af5d33624ec052903599958f," .
+ "112233445566778899aabbccddeeff0011223344," .
+ "1234567890"),
+ 1,
+ "check simple token");
+
+isnt(check_csrf_token("id", "secret",
+ "0000000000000000000000000000000000000000," .
+ "112233445566778899aabbccddeeff0011223344," .
+ "1234567890"),
+ 1,
+ "check simple invalid token");
+
+isnt(check_csrf_token("id", "secret",
+ "5df5e9f17c929a45af5d33624ec052903599958f," .
+ "112233445566778899aabbccddeeff0011223344"),
+ 1,
+ "check simple malformed token");
+
+is(check_csrf_token("id", "secret",
+ "5df5e9f17c929a45af5d33624ec052903599958f," .
+ "112233445566778899aabbccddeeff0011223344," .
+ "1234567890", {
+ Time => 1234567895,
+ MaxAge => 10
+ }),
+ 1,
+ "check with maxage");
+
+isnt(check_csrf_token("id", "secret",
+ "5df5e9f17c929a45af5d33624ec052903599958f," .
+ "112233445566778899aabbccddeeff0011223344," .
+ "1234567890", {
+ Time => 1234567895,
+ MaxAge => 3
+ }),
+ 1,
+ "check expired with maxage");
+
+isnt(check_csrf_token("id", "secret",
+ "5df5e9f17c929a45af5d33624ec052903599958f," .
+ "112233445566778899aabbccddeeff0011223344," .
+ "1234567894", {
+ Time => 1234567895,
+ MaxAge => 10
+ }),
+ 1,
+ "check falsified timestamp");