]> git.sesse.net Git - www-csrf/blobdiff - t/01_generate.t
projects / www-csrf / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add first round of unit tests.
[www-csrf] / t / 01_generate.t
diff --git a/t/01_generate.t b/t/01_generate.t
new file mode 100644 (file)
index 0000000..44d52aa
--- /dev/null
+++ b/t/01_generate.t
@@ -0,0 +1,26 @@
+use Test::More tests => 5;
+
+use WWW::CSRF qw(generate_csrf_token);
+
+my $random = pack('H*', '112233445566778899aabbccddeeff0011223344');
+
+like(generate_csrf_token("id", "secret"),
+     qr/^[0-9a-f]{40},[0-9a-f]{40},\d+$/,
+     "token has right format");
+
+is(generate_csrf_token("id", "secret", $random, 1234567890),
+   "5df5e9f17c929a45af5d33624ec052903599958f,112233445566778899aabbccddeeff0011223344,1234567890",
+   "generate simple token");
+
+is(generate_csrf_token("id", "s3cret", $random, 1234567890),
+   "0acb0abac254d21ce30c2e805a1bf6762e0b6a17,112233445566778899aabbccddeeff0011223344,1234567890",
+   "different secret changes token");
+
+is(generate_csrf_token("id", "s3cret", $random, 1234567891),
+   "8e5c2d1cd2dc0368ed2fa1facee31660a5ffa12f,112233445566778899aabbccddeeff0011223344,1234567891",
+   "different time changes token");
+
+$random = pack('H*', '112233445566778899aabbccddeeff0011223340');
+is(generate_csrf_token("id", "secret", $random, 1234567890),
+   "5df5e9f17c929a45af5d33624ec052903599958b,112233445566778899aabbccddeeff0011223340,1234567890",
+   "bitflip in mask flips corresponding bit in token");
WWW::CSRF, a Perl module to help protect against CSRF attacks.