Formatting

Core/StoredCsrf.php

@@ -28,14 +28,6 @@ public function abused(): bool {
 		return !$this->solid($token) || !hash_equals($token, $this->twin());
 	}
 
-	/**
-	 * Twin of the generated token
-	 * @return string
-	 */
-	private function twin(): string {
-		return ($this->get + $this->post)[self::NAME] ?? self::INVALID_TOKEN;
-	}
-
 	/**
 	 * Random generated secure token
 	 * @return string
@@ -60,4 +52,12 @@ private function token(): string {
 	private function solid(string $token): bool {
 		return $token && strlen($token) >= self::TOKEN_LENGTH;
 	}
+
+	/**
+	 * Twin of the generated token
+	 * @return string
+	 */
+	private function twin(): string {
+		return ($this->get + $this->post)[self::NAME] ?? self::INVALID_TOKEN;
+	}
 }

Tests/Unit/CsrfInput.phpt

@@ -41,24 +41,28 @@ final class CsrfInput extends Tester\TestCase {
 	}
 
 	public function testProtectionAsValidXml() {
-		Assert::noError(function() {
-			new \SimpleXMLElement(
-				(new Csrf\CsrfInput(
-					new Csrf\FakeCsrf('&@\'<>="')
-				))->protection()
-			);
-		});
+		Assert::noError(
+			function() {
+				new \SimpleXMLElement(
+					(new Csrf\CsrfInput(
+						new Csrf\FakeCsrf('&@\'<>="')
+					))->protection()
+				);
+			}
+		);
 	}
 
 	public function testProtectionAsValidHtml() {
-		Assert::noError(function() {
-			$dom = new \DOMDocument();
-			$dom->loadHTML(
-				(new Csrf\CsrfInput(
-					new Csrf\FakeCsrf('&@\'<>="')
-				))->protection()
-			);
-		});
+		Assert::noError(
+			function() {
+				$dom = new \DOMDocument();
+				$dom->loadHTML(
+					(new Csrf\CsrfInput(
+						new Csrf\FakeCsrf('&@\'<>="')
+					))->protection()
+				);
+			}
+		);
 	}
 
 	public function testProperlyEncodedAccordingToInput() {

Tests/Unit/StoredCsrf.phpt

@@ -75,7 +75,8 @@ final class StoredCsrf extends Tester\TestCase {
 	}
 
 	public function testMatchedValidProtectionInPost() {
-		$this->session[Csrf\Csrf::NAME] = $this->post[Csrf\Csrf::NAME] = str_repeat('a', 21);
+		$this->session[Csrf\Csrf::NAME] = str_repeat('a', 21);
+		$this->post[Csrf\Csrf::NAME] = str_repeat('a', 21);
 		$csrf = new Csrf\StoredCsrf($this->session, $this->post, $this->get);
 		Assert::false($csrf->abused());
 	}
@@ -88,7 +89,8 @@ final class StoredCsrf extends Tester\TestCase {
 	}
 
 	public function testMatchedValidProtectionInGet() {
-		$this->session[Csrf\Csrf::NAME] = $this->get[Csrf\Csrf::NAME] = str_repeat('a', 22);
+		$this->session[Csrf\Csrf::NAME] = str_repeat('a', 21);
+		$this->get[Csrf\Csrf::NAME] = str_repeat('a', 21);
 		$csrf = new Csrf\StoredCsrf($this->session, $this->post, $this->get);
 		Assert::false($csrf->abused());
 	}
@@ -101,7 +103,9 @@ final class StoredCsrf extends Tester\TestCase {
 	}
 
 	public function testMatchedProtectionInPostAndGet() {
-		$this->session[Csrf\Csrf::NAME] = $this->post[Csrf\Csrf::NAME] = $this->get[Csrf\Csrf::NAME] = str_repeat('a', 20);
+		$this->session[Csrf\Csrf::NAME] = str_repeat('a', 20);
+		$this->get[Csrf\Csrf::NAME] = str_repeat('a', 20);
+		$this->post[Csrf\Csrf::NAME] = str_repeat('a', 20);
 		$csrf = new Csrf\StoredCsrf($this->session, $this->post, $this->get);
 		Assert::false($csrf->abused());
 	}
@@ -120,14 +124,16 @@ final class StoredCsrf extends Tester\TestCase {
 	}
 
 	public function testMatchingGetWithPrecedence() {
-		$this->session[Csrf\Csrf::NAME] = $this->get[Csrf\Csrf::NAME] = str_repeat('a', 22);
+		$this->session[Csrf\Csrf::NAME] = str_repeat('a', 22);
+		$this->get[Csrf\Csrf::NAME] = str_repeat('a', 22);
 		$this->post[Csrf\Csrf::NAME] = str_repeat('b', 30);
 		$csrf = new Csrf\StoredCsrf($this->session, $this->post, $this->get);
 		Assert::false($csrf->abused());
 	}
 
 	public function testRestartingSessionAfterProperProtection() {
-		$this->session[Csrf\Csrf::NAME] = $this->get[Csrf\Csrf::NAME] = str_repeat('a', 22);
+		$this->session[Csrf\Csrf::NAME] = str_repeat('a', 22);
+		$this->get[Csrf\Csrf::NAME] = str_repeat('a', 22);
 		$csrf = new Csrf\StoredCsrf($this->session, $this->post, $this->get);
 		Assert::count(1, $this->session);
 		Assert::false($csrf->abused());

composer.json

@@ -16,8 +16,8 @@
   },
   "require-dev": {
 	"nette/tester": "^1.7",
-    "ext-simplexml": "*",
-    "ext-dom": "*"
+	"ext-simplexml": "*",
+	"ext-dom": "*"
   },
   "autoload": {
 	"psr-4": {