/**
* @expectedException Hyperframework\Web\ForbiddenException
*/
public function testInvalidToken()
{
$engine2 = $this->getMock('Hyperframework\\Web\\ResponseEngine');
$engine2->expects($this->once())->method('setCookie');
Response::setEngine($engine2);
$engine = new CsrfProtectionEngine();
$_SERVER['REQUEST_METHOD'] = 'POST';
Request::setBody(['_csrf_token' => 'invalid']);
$_COOKIE['_csrf_token'] = 'token';
$engine->run();
}
/**
* @return string
*/
public function getToken()
{
if ($this->token === null) {
$name = $this->getTokenName();
$token = Request::getCookieParam($name);
if ($token !== null) {
$this->token = $token;
} else {
throw new InvalidOperationException('Csrf protection is not initialized correctly.');
}
}
return $this->token;
}
private function resetRouter()
{
$this->router = $this->getMockForAbstractClass('Hyperframework\\Web\\Router', [new \stdclass()], '', false);
Request::setEngine(null);
//tmp fix
}
private function mockEngineMethod($method)
{
$engine = $this->getMock('Hyperframework\\Web\\RequestEngine');
Request::setEngine($engine);
return $engine->expects($this->once())->method($method);
}
/**
* @return array
*/
public function getCookieParams()
{
return Request::getCookieParams();
}
/**
* @param array $options
* @return bool
*/
private function checkMethod($options)
{
if (isset($options['methods'])) {
if (is_array($options['methods']) === false) {
throw new RoutingException("Option 'methods' must be an array, " . gettype($options['methods']) . " given.");
}
$isMethodAllowed = false;
$requestMethod = Request::getMethod();
foreach ($options['methods'] as $method) {
if (strtoupper($method) === $requestMethod) {
$isMethodAllowed = true;
break;
}
}
if ($isMethodAllowed === false) {
$this->setMatchStatus(self::MATCH_STATUS_METHOD_NOT_MATCHED);
$this->addAllowedMethods($options['methods']);
return false;
}
}
return true;
}
