From d5d0252d809f5faf0058dc4ed0e4a4c0a3c3f9de Mon Sep 17 00:00:00 2001
From: "Steinar H. Gunderson" <sgunderson@bigfoot.com>
Date: Tue, 12 Nov 2013 21:48:47 +0100
Subject: [PATCH] Change options to use a hashref, for more flexible setting.

---
 lib/WWW/CSRF.pm | 8 +++++---
 t/01_generate.t | 8 ++++----
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/lib/WWW/CSRF.pm b/lib/WWW/CSRF.pm
index 202348b..95c5e8f 100644
--- a/lib/WWW/CSRF.pm
+++ b/lib/WWW/CSRF.pm
@@ -11,9 +11,10 @@ our @EXPORT_OK = qw(generate_csrf_token check_csrf_token);
 our $VERSION = '1.00';
 
 sub generate_csrf_token {
-	my ($id, $secret, $random, $time) = @_;
+	my ($id, $secret, $options) = @_;
 
-	$time //= time;
+	my $time = $options->{'Time'} // time;
+	my $random = $options->{'Random'};
 
 	my $digest = Digest::HMAC_SHA1::hmac_sha1($time . "/" . $id, $secret);
 	my @digest_bytes = _to_byte_array($digest);
@@ -35,7 +36,7 @@ sub generate_csrf_token {
 }
 
 sub check_csrf_token {
-	my ($id, $secret, $csrf_token, $max_age) = @_;
+	my ($id, $secret, $csrf_token, $options) = @_;
 
 	if ($csrf_token !~ /^([0-9a-f]+),([0-9a-f]+),([0-9]+)$/) {
 		# Malformed token.
@@ -43,6 +44,7 @@ sub check_csrf_token {
 	}
 
 	my ($masked_token, $mask, $time) = ($1, $2, $3);
+	my $max_age = $options->{'MaxAge'};
 	if (defined($max_age) && time - $time > $max_age) {
 		# Timed out.
 		return 0;
diff --git a/t/01_generate.t b/t/01_generate.t
index 44d52aa..3e97a6f 100644
--- a/t/01_generate.t
+++ b/t/01_generate.t
@@ -8,19 +8,19 @@ like(generate_csrf_token("id", "secret"),
      qr/^[0-9a-f]{40},[0-9a-f]{40},\d+$/,
      "token has right format");
 
-is(generate_csrf_token("id", "secret", $random, 1234567890),
+is(generate_csrf_token("id", "secret", { Random => $random, Time => 1234567890 }),
    "5df5e9f17c929a45af5d33624ec052903599958f,112233445566778899aabbccddeeff0011223344,1234567890",
    "generate simple token");
 
-is(generate_csrf_token("id", "s3cret", $random, 1234567890),
+is(generate_csrf_token("id", "s3cret", { Random => $random, Time => 1234567890 }),
    "0acb0abac254d21ce30c2e805a1bf6762e0b6a17,112233445566778899aabbccddeeff0011223344,1234567890",
    "different secret changes token");
 
-is(generate_csrf_token("id", "s3cret", $random, 1234567891),
+is(generate_csrf_token("id", "s3cret", { Random => $random, Time => 1234567891 }),
    "8e5c2d1cd2dc0368ed2fa1facee31660a5ffa12f,112233445566778899aabbccddeeff0011223344,1234567891",
    "different time changes token");
 
 $random = pack('H*', '112233445566778899aabbccddeeff0011223340');
-is(generate_csrf_token("id", "secret", $random, 1234567890),
+is(generate_csrf_token("id", "secret", { Random => $random, Time => 1234567890 }),
    "5df5e9f17c929a45af5d33624ec052903599958b,112233445566778899aabbccddeeff0011223340,1234567890",
    "bitflip in mask flips corresponding bit in token");
-- 
2.39.2