def test_token_expiry(self):
# This can be any value.
orig_time = 100.0
current_time = orig_time
def mock_get_current_time(unused_cls):
return current_time
with self.swap(
base.CsrfTokenManager, '_get_current_time',
types.MethodType(mock_get_current_time,
base.CsrfTokenManager)):
# Create a token and check that it expires correctly.
token = base.CsrfTokenManager().create_csrf_token('uid')
self.assertTrue(
base.CsrfTokenManager.is_csrf_token_valid('uid', token))
current_time = orig_time + 1
self.assertTrue(
base.CsrfTokenManager.is_csrf_token_valid('uid', token))
current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS - PADDING
self.assertTrue(
base.CsrfTokenManager.is_csrf_token_valid('uid', token))
current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS + PADDING
self.assertFalse(
base.CsrfTokenManager.is_csrf_token_valid('uid', token))
def test_token_expiry(self):
# This can be any value.
orig_time = 100.0
current_time = orig_time
def _get_current_time(unused_cls):
return current_time
with self.swap(
base.CsrfTokenManager, '_get_current_time',
types.MethodType(_get_current_time, base.CsrfTokenManager)):
# Create a token and check that it expires correctly.
token = base.CsrfTokenManager().create_csrf_token('uid', 'page')
self.assertTrue(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page', token))
current_time = orig_time + 1
self.assertTrue(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page', token))
current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS - PADDING
self.assertTrue(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page', token))
current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS + PADDING
self.assertFalse(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page', token))
# Check that the expiry of one token does not cause the other to
# expire.
current_time = orig_time
token1 = base.CsrfTokenManager.create_csrf_token('uid', 'page1')
self.assertTrue(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page1', token1))
current_time = orig_time + 100
token2 = base.CsrfTokenManager.create_csrf_token('uid', 'page2')
self.assertTrue(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page2', token2))
current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS + PADDING
self.assertFalse(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page1', token1))
self.assertTrue(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page2', token2))
current_time = (orig_time + 100 + FORTY_EIGHT_HOURS_IN_SECS +
PADDING)
self.assertFalse(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page1', token1))
self.assertFalse(
base.CsrfTokenManager.is_csrf_token_valid(
'uid', 'page2', token2))
