/**
  * @expectedException Hyperframework\Web\ForbiddenException
  */
 public function testInvalidToken()
 {
     $engine2 = $this->getMock('Hyperframework\\Web\\ResponseEngine');
     $engine2->expects($this->once())->method('setCookie');
     Response::setEngine($engine2);
     $engine = new CsrfProtectionEngine();
     $_SERVER['REQUEST_METHOD'] = 'POST';
     Request::setBody(['_csrf_token' => 'invalid']);
     $_COOKIE['_csrf_token'] = 'token';
     $engine->run();
 }
 /**
  * @return string
  */
 public function getToken()
 {
     if ($this->token === null) {
         $name = $this->getTokenName();
         $token = Request::getCookieParam($name);
         if ($token !== null) {
             $this->token = $token;
         } else {
             throw new InvalidOperationException('Csrf protection is not initialized correctly.');
         }
     }
     return $this->token;
 }
 private function resetRouter()
 {
     $this->router = $this->getMockForAbstractClass('Hyperframework\\Web\\Router', [new \stdclass()], '', false);
     Request::setEngine(null);
     //tmp fix
 }
 private function mockEngineMethod($method)
 {
     $engine = $this->getMock('Hyperframework\\Web\\RequestEngine');
     Request::setEngine($engine);
     return $engine->expects($this->once())->method($method);
 }
 /**
  * @return array
  */
 public function getCookieParams()
 {
     return Request::getCookieParams();
 }
 /**
  * @param array $options
  * @return bool
  */
 private function checkMethod($options)
 {
     if (isset($options['methods'])) {
         if (is_array($options['methods']) === false) {
             throw new RoutingException("Option 'methods' must be an array, " . gettype($options['methods']) . " given.");
         }
         $isMethodAllowed = false;
         $requestMethod = Request::getMethod();
         foreach ($options['methods'] as $method) {
             if (strtoupper($method) === $requestMethod) {
                 $isMethodAllowed = true;
                 break;
             }
         }
         if ($isMethodAllowed === false) {
             $this->setMatchStatus(self::MATCH_STATUS_METHOD_NOT_MATCHED);
             $this->addAllowedMethods($options['methods']);
             return false;
         }
     }
     return true;
 }