/**
* Ensures an exception is thrown if response is missing a X-Server-Authorization-HMAC-SHA256 header.
*
* @expectedException \Acquia\Hmac\Exception\MalformedResponseException
* @expectedExceptionMessage Response is missing required X-Server-Authorization-HMAC-SHA256 header.
*/
public function testMissingServerAuthorizationHeader()
{
$request = new Request('GET', 'http://example.com');
$response = new Response();
$authenticator = new ResponseAuthenticator($request, $this->authKey);
try {
$authenticator->isAuthentic($response);
} catch (MalformedResponseException $e) {
$this->assertSame($response, $e->getResponse());
throw $e;
}
}
/**
* Called when the middleware is handled.
*
* @param callable $handler
*
* @return \Closure
*/
public function __invoke(callable $handler)
{
return function ($request, array $options) use($handler) {
$request = $this->signRequest($request);
$promise = function (ResponseInterface $response) use($request) {
$authenticator = new ResponseAuthenticator($request, $this->key);
if (!$authenticator->isAuthentic($response)) {
throw new MalformedResponseException('Could not verify the authenticity of the response.', null, 0, $response);
}
return $response;
};
return $handler($request, $options)->then($promise);
};
}
