Merge caaae6f into 0353885

slimphp · Jan 4, 2021 · 003e960 · 003e960
2 parents 0353885 + caaae6f
commit 003e960
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 34 deletions.
diff --git a/src/Guard.php b/src/Guard.php
@@ -415,14 +415,13 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
                 $value = $body[$this->getTokenValueKey()] ?? null;
             }
 
-            if ($name === null
-                || $value === null
-                || !$this->validateToken((string) $name, (string) $value)
-            ) {
-                if (!$this->persistentTokenMode && is_string($name)) {
-                    $this->removeTokenFromStorage($name);
-                }
+            $isValid = $this->validateToken((string) $name, (string) $value);
+            if ($isValid && !$this->persistentTokenMode) {
+                // successfully validated token, so delete it if not in persistentTokenMode
+                $this->removeTokenFromStorage($name);
+            }
 
+            if ($name === null || $value === null || !$isValid) {
                 $request = $this->appendNewTokenToRequest($request);
                 return $this->handleFailure($request, $handler);
             }

diff --git a/tests/GuardTest.php b/tests/GuardTest.php
@@ -279,43 +279,35 @@ public function testEnforceStorageLimitWithIterator()
 
     public function testTokenIsRemovedFromStorageWhenPersistentModeIsOff()
     {
-        $self = $this;
-
         $storage = [
             'test_name' => 'test_value123',
         ];
-        $responseFactoryProphecy = $this->prophesize(ResponseFactoryInterface::class);
-        $handler = function () use ($self, &$called) {
-            $responseProphecy = $self->prophesize(ResponseInterface::class);
-            return $responseProphecy->reveal();
-        };
-        $mw = new Guard($responseFactoryProphecy->reveal(), 'test', $storage, $handler);
 
-        $requestProphecy = $this->prophesize(ServerRequestInterface::class);
-        $requestProphecy
-            ->getMethod()
-            ->willReturn('POST')
-            ->shouldBeCalledOnce();
+        $response = $this->createMock(ResponseInterface::class);
+        $requestHandler = $this->createMock(RequestHandlerInterface::class);
+        $requestHandler->method('handle')->willReturn($response);
 
-        $requestProphecy
-            ->withAttribute(Argument::type('string'), Argument::type('string'))
-            ->willReturn($requestProphecy->reveal())
-            ->shouldBeCalledTimes(2);
+        $responseFactory = $this->createMock(ResponseFactoryInterface::class);
 
-        $requestProphecy
-            ->getParsedBody()
-            ->willReturn([
-                'test_name' => 'test_name123',
-                'test_value' => 'invalid_value',
-            ])
-            ->shouldBeCalledOnce();
+        $handler = function () use ($response) {
+            return $response;
+        };
 
-        $requestHandlerProphecy = $this->prophesize(RequestHandlerInterface::class);
+        $mw = new Guard($responseFactory, 'test', $storage, $handler);
 
-        $mw->process($requestProphecy->reveal(), $requestHandlerProphecy->reveal());
-        $this->assertArrayNotHasKey('test_name123', $storage);
+        $request = $this->createMock(ServerRequestInterface::class);
+        $request->expects(self::once())->method('getMethod')->willReturn('POST');
+        $request->expects(self::exactly(2))->method('withAttribute')->willReturn($request);
+        $request->expects(self::once())->method('getParsedBody')->willReturn([
+           'test_name' => 'test_name',
+           'test_value' => 'test_value123',
+        ]);
+
+        $mw->process($request, $requestHandler);
+        self::assertArrayNotHasKey('test_name', $storage);
     }
 
+
     public function testProcessAppendsNewTokensWhenPersistentTokenModeIsOff()
     {
         $storage = [];