/** * Test insecure request for a secure route */ public function testInSecureRequestOverSecureRoute() { $this->_serviceMock->expects($this->any())->method(self::SERVICE_METHOD)->will($this->returnValue([])); $this->_routeMock->expects($this->any())->method('isSecure')->will($this->returnValue(true)); $this->_routeMock->expects($this->any())->method('getAclResources')->will($this->returnValue(['1'])); $this->_requestMock->expects($this->any())->method('isSecure')->will($this->returnValue(false)); $this->_authorizationMock->expects($this->once())->method('isAllowed')->will($this->returnValue(true)); // Override default prepareResponse. It should never be called in this case $this->_responseMock->expects($this->never())->method('prepareResponse'); $this->_restController->dispatch($this->_requestMock); $this->assertTrue($this->_responseMock->isException()); $exceptionArray = $this->_responseMock->getException(); $this->assertEquals('Operation allowed only in HTTPS', $exceptionArray[0]->getMessage()); $this->assertEquals(\Magento\Webapi\Exception::HTTP_BAD_REQUEST, $exceptionArray[0]->getHttpCode()); }