def test_token_expiry(self): # This can be any value. orig_time = 100.0 current_time = orig_time def mock_get_current_time(unused_cls): return current_time with self.swap( base.CsrfTokenManager, '_get_current_time', types.MethodType(mock_get_current_time, base.CsrfTokenManager)): # Create a token and check that it expires correctly. token = base.CsrfTokenManager().create_csrf_token('uid') self.assertTrue( base.CsrfTokenManager.is_csrf_token_valid('uid', token)) current_time = orig_time + 1 self.assertTrue( base.CsrfTokenManager.is_csrf_token_valid('uid', token)) current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS - PADDING self.assertTrue( base.CsrfTokenManager.is_csrf_token_valid('uid', token)) current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS + PADDING self.assertFalse( base.CsrfTokenManager.is_csrf_token_valid('uid', token))
def test_token_expiry(self): # This can be any value. orig_time = 100.0 current_time = orig_time def _get_current_time(unused_cls): return current_time with self.swap( base.CsrfTokenManager, '_get_current_time', types.MethodType(_get_current_time, base.CsrfTokenManager)): # Create a token and check that it expires correctly. token = base.CsrfTokenManager().create_csrf_token('uid', 'page') self.assertTrue( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page', token)) current_time = orig_time + 1 self.assertTrue( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page', token)) current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS - PADDING self.assertTrue( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page', token)) current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS + PADDING self.assertFalse( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page', token)) # Check that the expiry of one token does not cause the other to # expire. current_time = orig_time token1 = base.CsrfTokenManager.create_csrf_token('uid', 'page1') self.assertTrue( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page1', token1)) current_time = orig_time + 100 token2 = base.CsrfTokenManager.create_csrf_token('uid', 'page2') self.assertTrue( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page2', token2)) current_time = orig_time + FORTY_EIGHT_HOURS_IN_SECS + PADDING self.assertFalse( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page1', token1)) self.assertTrue( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page2', token2)) current_time = (orig_time + 100 + FORTY_EIGHT_HOURS_IN_SECS + PADDING) self.assertFalse( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page1', token1)) self.assertFalse( base.CsrfTokenManager.is_csrf_token_valid( 'uid', 'page2', token2))