public function testHandleWithMissingAuthorization() { $generator = new KeyPairGenerator(); $hasher = new HmacHasher(); $pair = $generator->generateHmac(); $content = json_encode(['doge' => 'much secret']); $brokenRequest = Request::create('/auth/something/important/dont/hax/pls', 'POST', [], [], [], [], $content); $brokenRequest->headers->set('Content-Hash', $hasher->hash($content, $pair->getSecretKey())); $finder = m::mock(KeyPairFinderInterface::class); $finder->shouldReceive('byPublicId')->with($pair->getPublicId(), KeyPairTypes::TYPE_HMAC)->once()->andReturn($pair); $instance = new HmacMiddleware($finder); $response = $instance->handle($brokenRequest, function () { // }); $body = Std::jsonDecode($response->getContent()); $this->assertEqualsMatrix([['One or more fields are invalid. Please check your input.', $body['messages'][0]], [['authorization'], $body['missing']]]); }