/** * @test */ public function it_gets_and_updates_cookie_value_on_request() { // // Example of naive cookie decryption middleware. // // Shows how to access and manipulate cookies using PSR-7 Request // instances from outside the Request object itself. // // Simulate a request coming in with several cookies. $request = (new FigCookieTestingRequest())->withHeader(Cookies::COOKIE_HEADER, 'theme=light; sessionToken=RAPELCGRQ; hello=world'); // Get our cookies from the request. $cookies = Cookies::fromRequest($request); // Ask for the encrypted session token. $encryptedSessionToken = $cookies->get('sessionToken'); // Get the encrypted value from the cookie and decrypt it. $encryptedValue = $encryptedSessionToken->getValue(); $decryptedValue = str_rot13($encryptedValue); // Create a new cookie with the decrypted value. $decryptedSessionToken = $encryptedSessionToken->withValue($decryptedValue); // Include our decrypted session token with the rest of our cookies. $cookies = $cookies->with($decryptedSessionToken); // Render our cookies, along with the newly decrypted session token, into a request. $request = $cookies->renderIntoCookieHeader($request); // From this point on, any request based on this one can get the plaintext version // of the session token. $this->assertEquals('theme=light; sessionToken=ENCRYPTED; hello=world', $request->getHeaderLine(Cookies::COOKIE_HEADER)); }