diff --git a/src/TokenStore.php b/src/TokenStore.php
index 3e38932..3ab8c76 100644
--- a/src/TokenStore.php
+++ b/src/TokenStore.php
@@ -78,8 +78,8 @@ public function generateNewToken():string {
 	public function processAndVerify($postData):void {
 // Expect the token to be present on ALL post requests.
 		if(!is_array($postData)
-		&& method_exists($postData, "toArray")) {
-			$postData = $postData->toArray();
+		&& is_callable($postData->toArray)) {
+			$postData = call_user_func($postData->toArray);
 		}
 
 		if(!empty($postData)) {
diff --git a/test/unit/TokenStoreTest.php b/test/unit/TokenStoreTest.php
index 4d94825..3eeefd2 100644
--- a/test/unit/TokenStoreTest.php
+++ b/test/unit/TokenStoreTest.php
@@ -3,6 +3,7 @@
 
 use Gt\Csrf\Exception\CsrfException;
 use PHPUnit\Framework\TestCase;
+use stdClass;
 
 class TokenStoreTest extends TestCase {
 	const ONE_FORM
@@ -95,6 +96,34 @@ public function testValidToken() {
 		self::assertNull($exception);
 	}
 
+	public function testValidTokenObj() {
+		$tokenStore = new ArrayTokenStore();
+		$token = $tokenStore->generateNewToken();
+		$tokenStore->saveToken($token);
+
+		$post = new StdClass();
+		$post->toArray = function() use($post) {
+			$array = [];
+
+			foreach($post as $key => $value) {
+				$array[$key] = $value;
+			}
+
+			return $array;
+		};
+		$post->doink = "binky";
+		$post->{HTMLDocumentProtector::$TOKEN_NAME} = $token;
+
+		$exception = null;
+
+		try {
+			$tokenStore->processAndVerify($post);
+		}
+		catch(CsrfException $exception) {}
+
+		self::assertNull($exception);
+	}
+
 	// check that repeated calls to the token generator result in unique tokens
 	public function testCodesAreUnique() {
 		$sut = new ArrayTokenStore();