+
+# Test MaxAge parameter
+my $age = 1; # 1 second
+$result = $tokenizer->check_csrf({
+ session_id => $id, token => $csrftoken, MaxAge => $age,
+});
+is( $result, 1, "CSRF token still valid within one second" );
+usleep $age * 1000000 * 2; # micro (millionth) seconds + 100%
+$result = $tokenizer->check_csrf({
+ session_id => $id, token => $csrftoken, MaxAge => $age,
+});
+isnt( $result, 1, "CSRF token expired after one second" );
+
+subtest 'Same id (cookie CGISESSID) with an other logged in user' => sub {
+ plan tests => 2;
+ $csrftoken = $tokenizer->generate_csrf({ session_id => $id });
+ $result = $tokenizer->check_csrf({
+ session_id => $id, token => $csrftoken,
+ });
+ is( $result, 1, "CSRF token verified" );
+ C4::Context->set_userenv(0,43,0,'firstname','surname', 'CPL', 'Library 1', 0, ', ');
+ $result = $tokenizer->check_csrf({
+ session_id => $id, token => $csrftoken,
+ });
+ is( $result, '', "CSRF token is not verified if another logged in user is using the same id" );
+};
+
+subtest 'Same logged in user with another session (cookie CGISESSID)' => sub {
+ plan tests => 2;
+ C4::Context->set_userenv(0,42,0,'firstname','surname', 'CPL', 'Library 1', 0, ', ');
+ $csrftoken = $tokenizer->generate_csrf({ session_id => $id });
+ $result = $tokenizer->check_csrf({
+ session_id => $id, token => $csrftoken,
+ });
+ is( $result, 1, "CSRF token verified" );
+ # Get another session id
+ $id = $tokenizer->generate({ length => 8 });
+ $result = $tokenizer->check_csrf({
+ session_id => $id, token => $csrftoken,
+ });
+ is( $result, '', "CSRF token is not verified if another session is used" );
+};
+
+subtest 'Pattern parameter' => sub {
+ plan tests => 5;
+ my $id = $tokenizer->generate({ pattern => '\d\d', length => 8 });
+ is( length($id), 2, 'Pattern overrides length' );
+ ok( $id =~ /\d{2}/, 'Two digits found' );
+ $id = $tokenizer->generate({ pattern => '[A-Z]{10}' });
+ is( length($id), 10, 'Check length again' );
+ ok( $id !~ /[^A-Z]/, 'Only uppercase letters' );
+ throws_ok( sub { $tokenizer->generate({ pattern => 'abc{d,e}', }) }, 'Koha::Exceptions::Token::BadPattern', 'Exception should be thrown when wrong pattern is used');
+};