fixup tests

simonLeary42 · simonLeary42 · commit 68c3baae51a0 · 2025-12-12T12:35:37.000-05:00
diff --git a/test/unit/CSRFTokenTest.php b/test/unit/CSRFTokenTest.php
@@ -1,5 +1,4 @@
 <?php
-
 use PHPUnit\Framework\TestCase;
 use UnityWebPortal\lib\CSRFToken;
 
@@ -21,18 +20,14 @@ protected function tearDown(): void
     public function testGenerateCreatesToken(): void
     {
         $token = CSRFToken::generate();
-
         $this->assertIsString($token);
-
         $this->assertEquals(64, strlen($token));
-
         $this->assertMatchesRegularExpression('/^[0-9a-f]{64}$/', $token);
     }
 
     public function testGenerateStoresTokenInSession(): void
     {
         $token = CSRFToken::generate();
-
         $this->assertArrayHasKey("csrf_tokens", $_SESSION);
         $this->assertArrayHasKey($token, $_SESSION["csrf_tokens"]);
         $this->assertFalse($_SESSION["csrf_tokens"][$token]);
@@ -41,22 +36,19 @@ public function testGenerateStoresTokenInSession(): void
     public function testValidateWithValidToken(): void
     {
         $token = CSRFToken::generate();
-
         $this->assertTrue(CSRFToken::validate($token));
         $this->assertTrue($_SESSION["csrf_tokens"][$token]);
     }
 
     public function testValidateWithInvalidToken(): void
     {
         CSRFToken::generate();
-
         $this->assertFalse(CSRFToken::validate("invalid_token"));
     }
 
     public function testValidateWithEmptyToken(): void
     {
         CSRFToken::generate();
-
         $this->assertFalse(CSRFToken::validate(""));
     }
 
@@ -74,44 +66,18 @@ public function testValidateUsesConstantTimeComparison(): void
         $this->assertTrue($_SESSION["csrf_tokens"][$token]);
     }
 
-    public function testGetHiddenInputReturnsHtmlField(): void
-    {
-        $html = CSRFToken::getHiddenInput();
-
-        $this->assertStringContainsString("<input", $html);
-        $this->assertStringContainsString('type=\'hidden\'', $html);
-        $this->assertStringContainsString('name=\'csrf_token\'', $html);
-        $matches = [];
-        $this->assertTrue(preg_match("/value='([a-f0-9]{64})'/", $html, $matches) === 1);
-        $token = $matches[1];
-        $this->assertArrayHasKey("csrf_tokens", $_SESSION);
-        $this->assertArrayHasKey($token, $_SESSION["csrf_tokens"]);
-        $this->assertFalse($_SESSION["csrf_tokens"][$token]);
-    }
-
-    public function testGetHiddenInputEscapesToken(): void
-    {
-        $html = CSRFToken::getHiddenInput();
-
-        $this->assertStringNotContainsString("<script>", $html);
-        $this->assertStringContainsString("&", $html);
-    }
-
     public function testClearRemovesToken(): void
     {
         CSRFToken::generate();
         $this->assertArrayHasKey("csrf_tokens", $_SESSION);
-
         CSRFToken::clear();
-
         $this->assertArrayNotHasKey("csrf_tokens", $_SESSION);
     }
 
     public function testMultipleTokenGenerations(): void
     {
         $token1 = CSRFToken::generate();
         $token2 = CSRFToken::generate();
-
         $this->assertNotEquals($token1, $token2);
     }
 
