2021-06-13 14:35:07 +01:00
<!DOCTYPE html>
< html lang = "en" >
< head >
< meta charset = "UTF-8" >
< title > Code Coverage for /Users/barnabywalters/Documents/Programming/taproot/indieauth/src/Middleware/DoubleSubmitCookieCsrfMiddleware.php< / title >
< meta name = "viewport" content = "width=device-width, initial-scale=1.0" >
< link href = "../_css/bootstrap.min.css" rel = "stylesheet" type = "text/css" >
< link href = "../_css/octicons.css" rel = "stylesheet" type = "text/css" >
< link href = "../_css/style.css" rel = "stylesheet" type = "text/css" >
< link href = "../_css/custom.css" rel = "stylesheet" type = "text/css" >
< / head >
< body >
< header >
< div class = "container-fluid" >
< div class = "row" >
< div class = "col-md-12" >
< nav aria-label = "breadcrumb" >
< ol class = "breadcrumb" >
< li class = "breadcrumb-item" > < a href = "../index.html" > /Users/barnabywalters/Documents/Programming/taproot/indieauth/src< / a > < / li >
< li class = "breadcrumb-item" > < a href = "index.html" > Middleware< / a > < / li >
< li class = "breadcrumb-item active" > DoubleSubmitCookieCsrfMiddleware.php< / li >
< / ol >
< / nav >
< / div >
< / div >
< / div >
< / header >
< div class = "container-fluid" >
< div class = "table-responsive" >
< table class = "table table-bordered" >
< thead >
< tr >
< td > < / td >
< td colspan = "10" > < div align = "center" > < strong > Code Coverage< / strong > < / div > < / td >
< / tr >
< tr >
< td > < / td >
< td colspan = "3" > < div align = "center" > < strong > Classes and Traits< / strong > < / div > < / td >
< td colspan = "4" > < div align = "center" > < strong > Functions and Methods< / strong > < / div > < / td >
< td colspan = "3" > < div align = "center" > < strong > Lines< / strong > < / div > < / td >
< / tr >
< / thead >
< tbody >
< tr >
< td class = "danger" > Total< / td >
< td class = "danger big" > < div class = "progress" >
< div class = "progress-bar bg-danger" role = "progressbar" aria-valuenow = "0.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 0.00%" >
< span class = "sr-only" > 0.00% covered (danger)< / span >
< / div >
< / div >
< / td >
< td class = "danger small" > < div align = "right" > 0.00%< / div > < / td >
< td class = "danger small" > < div align = "right" > 0 / 1< / div > < / td >
< td class = "warning big" > < div class = "progress" >
< div class = "progress-bar bg-warning" role = "progressbar" aria-valuenow = "75.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 75.00%" >
< span class = "sr-only" > 75.00% covered (warning)< / span >
< / div >
< / div >
< / td >
< td class = "warning small" > < div align = "right" > 75.00%< / div > < / td >
< td class = "warning small" > < div align = "right" > 3 / 4< / div > < / td >
< td class = "warning small" > < abbr title = "Change Risk Anti-Patterns (CRAP) Index" > CRAP< / abbr > < / td >
< td class = "success big" > < div class = "progress" >
< div class = "progress-bar bg-success" role = "progressbar" aria-valuenow = "96.88" aria-valuemin = "0" aria-valuemax = "100" style = "width: 96.88%" >
< span class = "sr-only" > 96.88% covered (success)< / span >
< / div >
< / div >
< / td >
< td class = "success small" > < div align = "right" > 96.88%< / div > < / td >
< td class = "success small" > < div align = "right" > 31 / 32< / div > < / td >
< / tr >
< tr >
< td class = "danger" > < abbr title = "Taproot\IndieAuth\Middleware\DoubleSubmitCookieCsrfMiddleware" > DoubleSubmitCookieCsrfMiddleware< / abbr > < / td >
< td class = "danger big" > < div class = "progress" >
< div class = "progress-bar bg-danger" role = "progressbar" aria-valuenow = "0.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 0.00%" >
< span class = "sr-only" > 0.00% covered (danger)< / span >
< / div >
< / div >
< / td >
< td class = "danger small" > < div align = "right" > 0.00%< / div > < / td >
< td class = "danger small" > < div align = "right" > 0 / 1< / div > < / td >
< td class = "warning big" > < div class = "progress" >
< div class = "progress-bar bg-warning" role = "progressbar" aria-valuenow = "75.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 75.00%" >
< span class = "sr-only" > 75.00% covered (warning)< / span >
< / div >
< / div >
< / td >
< td class = "warning small" > < div align = "right" > 75.00%< / div > < / td >
< td class = "warning small" > < div align = "right" > 3 / 4< / div > < / td >
< td class = "warning small" > 12< / td >
< td class = "success big" > < div class = "progress" >
< div class = "progress-bar bg-success" role = "progressbar" aria-valuenow = "96.88" aria-valuemin = "0" aria-valuemax = "100" style = "width: 96.88%" >
< span class = "sr-only" > 96.88% covered (success)< / span >
< / div >
< / div >
< / td >
< td class = "success small" > < div align = "right" > 96.88%< / div > < / td >
< td class = "success small" > < div align = "right" > 31 / 32< / div > < / td >
< / tr >
< tr >
< td class = "danger" colspan = "4" > < a href = "#65" > < abbr title = "__construct(?string $attribute, ?int $ttl, $errorResponse, $tokenLength, $logger)" > __construct< / abbr > < / a > < / td >
< td class = "danger big" > < div class = "progress" >
< div class = "progress-bar bg-danger" role = "progressbar" aria-valuenow = "0.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 0.00%" >
< span class = "sr-only" > 0.00% covered (danger)< / span >
< / div >
< / div >
< / td >
< td class = "danger small" > < div align = "right" > 0.00%< / div > < / td >
< td class = "danger small" > < div align = "right" > 0 / 1< / div > < / td >
< td class = "danger small" > 5.01< / td >
< td class = "success big" > < div class = "progress" >
< div class = "progress-bar bg-success" role = "progressbar" aria-valuenow = "92.86" aria-valuemin = "0" aria-valuemax = "100" style = "width: 92.86%" >
< span class = "sr-only" > 92.86% covered (success)< / span >
< / div >
< / div >
< / td >
< td class = "success small" > < div align = "right" > 92.86%< / div > < / td >
< td class = "success small" > < div align = "right" > 13 / 14< / div > < / td >
< / tr >
< tr >
< td class = "success" colspan = "4" > < a href = "#87" > < abbr title = "setLogger(Psr\Log\LoggerInterface $logger)" > setLogger< / abbr > < / a > < / td >
< td class = "success big" > < div class = "progress" >
< div class = "progress-bar bg-success" role = "progressbar" aria-valuenow = "100.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 100.00%" >
< span class = "sr-only" > 100.00% covered (success)< / span >
< / div >
< / div >
< / td >
< td class = "success small" > < div align = "right" > 100.00%< / div > < / td >
< td class = "success small" > < div align = "right" > 1 / 1< / div > < / td >
< td class = "success small" > 1< / td >
< td class = "success big" > < div class = "progress" >
< div class = "progress-bar bg-success" role = "progressbar" aria-valuenow = "100.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 100.00%" >
< span class = "sr-only" > 100.00% covered (success)< / span >
< / div >
< / div >
< / td >
< td class = "success small" > < div align = "right" > 100.00%< / div > < / td >
< td class = "success small" > < div align = "right" > 2 / 2< / div > < / td >
< / tr >
< tr >
< td class = "success" colspan = "4" > < a href = "#91" > < abbr title = "process(Psr\Http\Message\ServerRequestInterface $request, Psr\Http\Server\RequestHandlerInterface $handler): Psr\Http\Message\ResponseInterface" > process< / abbr > < / a > < / td >
< td class = "success big" > < div class = "progress" >
< div class = "progress-bar bg-success" role = "progressbar" aria-valuenow = "100.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 100.00%" >
< span class = "sr-only" > 100.00% covered (success)< / span >
< / div >
< / div >
< / td >
< td class = "success small" > < div align = "right" > 100.00%< / div > < / td >
< td class = "success small" > < div align = "right" > 1 / 1< / div > < / td >
< td class = "success small" > 3< / td >
< td class = "success big" > < div class = "progress" >
< div class = "progress-bar bg-success" role = "progressbar" aria-valuenow = "100.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 100.00%" >
< span class = "sr-only" > 100.00% covered (success)< / span >
< / div >
< / div >
< / td >
< td class = "success small" > < div align = "right" > 100.00%< / div > < / td >
< td class = "success small" > < div align = "right" > 12 / 12< / div > < / td >
< / tr >
< tr >
< td class = "success" colspan = "4" > < a href = "#114" > < abbr title = "isValid(Psr\Http\Message\ServerRequestInterface $request)" > isValid< / abbr > < / a > < / td >
< td class = "success big" > < div class = "progress" >
< div class = "progress-bar bg-success" role = "progressbar" aria-valuenow = "100.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 100.00%" >
< span class = "sr-only" > 100.00% covered (success)< / span >
< / div >
< / div >
< / td >
< td class = "success small" > < div align = "right" > 100.00%< / div > < / td >
< td class = "success small" > < div align = "right" > 1 / 1< / div > < / td >
< td class = "success small" > 3< / td >
< td class = "success big" > < div class = "progress" >
< div class = "progress-bar bg-success" role = "progressbar" aria-valuenow = "100.00" aria-valuemin = "0" aria-valuemax = "100" style = "width: 100.00%" >
< span class = "sr-only" > 100.00% covered (success)< / span >
< / div >
< / div >
< / td >
< td class = "success small" > < div align = "right" > 100.00%< / div > < / td >
< td class = "success small" > < div align = "right" > 4 / 4< / div > < / td >
< / tr >
< / tbody >
< / table >
< / div >
< table id = "code" class = "table table-borderless table-condensed" >
< tbody >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "1" href = "#1" > 1< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < ?php < / span > < span class = "keyword" > declare< / span > < span class = "keyword" > (< / span > < span class = "default" > strict_types< / span > < span class = "keyword" > =< / span > < span class = "default" > 1< / span > < span class = "keyword" > )< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "2" href = "#2" > 2< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "3" href = "#3" > 3< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > namespace< / span > < span class = "default" > < / span > < span class = "default" > Taproot< / span > < span class = "default" > \< / span > < span class = "default" > IndieAuth< / span > < span class = "default" > \< / span > < span class = "default" > Middleware< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "4" href = "#4" > 4< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "5" href = "#5" > 5< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "default" > Nyholm< / span > < span class = "default" > \< / span > < span class = "default" > Psr7< / span > < span class = "default" > \< / span > < span class = "default" > Response< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "6" href = "#6" > 6< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "default" > Psr< / span > < span class = "default" > \< / span > < span class = "default" > Http< / span > < span class = "default" > \< / span > < span class = "default" > Message< / span > < span class = "default" > \< / span > < span class = "default" > ServerRequestInterface< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "7" href = "#7" > 7< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "default" > Psr< / span > < span class = "default" > \< / span > < span class = "default" > Http< / span > < span class = "default" > \< / span > < span class = "default" > Message< / span > < span class = "default" > \< / span > < span class = "default" > ResponseInterface< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "8" href = "#8" > 8< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "default" > Psr< / span > < span class = "default" > \< / span > < span class = "default" > Http< / span > < span class = "default" > \< / span > < span class = "default" > Server< / span > < span class = "default" > \< / span > < span class = "default" > MiddlewareInterface< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "9" href = "#9" > 9< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "default" > Psr< / span > < span class = "default" > \< / span > < span class = "default" > Http< / span > < span class = "default" > \< / span > < span class = "default" > Server< / span > < span class = "default" > \< / span > < span class = "default" > RequestHandlerInterface< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "10" href = "#10" > 10< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "default" > Dflydev< / span > < span class = "default" > \< / span > < span class = "default" > FigCookies< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "11" href = "#11" > 11< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "default" > Psr< / span > < span class = "default" > \< / span > < span class = "default" > Log< / span > < span class = "default" > \< / span > < span class = "default" > LoggerAwareInterface< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "12" href = "#12" > 12< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "default" > Psr< / span > < span class = "default" > \< / span > < span class = "default" > Log< / span > < span class = "default" > \< / span > < span class = "default" > LoggerInterface< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "13" href = "#13" > 13< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "default" > Psr< / span > < span class = "default" > \< / span > < span class = "default" > Log< / span > < span class = "default" > \< / span > < span class = "default" > NullLogger< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "14" href = "#14" > 14< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "15" href = "#15" > 15< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > use< / span > < span class = "default" > < / span > < span class = "keyword" > function< / span > < span class = "default" > < / span > < span class = "default" > Taproot< / span > < span class = "default" > \< / span > < span class = "default" > IndieAuth< / span > < span class = "default" > \< / span > < span class = "default" > generateRandomPrintableAsciiString< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "16" href = "#16" > 16< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "17" href = "#17" > 17< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > /**< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "18" href = "#18" > 18< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * Double-Submit Cookie CSRF Middleware< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "19" href = "#19" > 19< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * < / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "20" href = "#20" > 20< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * A PSR-15-compatible Middleware for stateless Double-Submit-Cookie-based CSRF protection.< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "21" href = "#21" > 21< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * < / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "22" href = "#22" > 22< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * The `$attribute` property and first constructor argument sets the key by which the CSRF token< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "23" href = "#23" > 23< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * is referred to in all parameter sets (request attributes, request body parameters, cookies).< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "24" href = "#24" > 24< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * < / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "25" href = "#25" > 25< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * Generates a random token of length `$tokenLength` (default 128), and stores it as an attribute< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "26" href = "#26" > 26< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * on the `ServerRequestInterface`. It’ s also added to the response as a cookie.< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "27" href = "#27" > 27< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * < / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "28" href = "#28" > 28< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * On requests which may modify state (methods other than HEAD, GET or OPTIONS), the request body< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "29" href = "#29" > 29< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * and request cookies are checked for matching CSRF tokens. If they match, the request is passed on< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "30" href = "#30" > 30< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * to the handler. If they do not match, further processing is halted and an error response generated< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "31" href = "#31" > 31< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * from the `$errorResponse` callback is returned. Refer to the constructor argument for information< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "32" href = "#32" > 32< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * about customising the error response.< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "33" href = "#33" > 33< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * < / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "34" href = "#34" > 34< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * @link https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "35" href = "#35" > 35< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * @link https://github.com/zakirullin/csrf-middleware/blob/master/src/CSRF.php< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "36" href = "#36" > 36< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > */< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "37" href = "#37" > 37< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > class< / span > < span class = "default" > < / span > < span class = "default" > DoubleSubmitCookieCsrfMiddleware< / span > < span class = "default" > < / span > < span class = "keyword" > implements< / span > < span class = "default" > < / span > < span class = "default" > MiddlewareInterface< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > LoggerAwareInterface< / span > < span class = "default" > < / span > < span class = "keyword" > {< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "38" href = "#38" > 38< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > const< / span > < span class = "default" > < / span > < span class = "default" > READ_METHODS< / span > < span class = "default" > < / span > < span class = "keyword" > =< / span > < span class = "default" > < / span > < span class = "keyword" > [< / span > < span class = "default" > 'HEAD'< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > 'GET'< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > 'OPTIONS'< / span > < span class = "keyword" > ]< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "39" href = "#39" > 39< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > const< / span > < span class = "default" > < / span > < span class = "default" > TTL< / span > < span class = "default" > < / span > < span class = "keyword" > =< / span > < span class = "default" > < / span > < span class = "default" > 60< / span > < span class = "default" > < / span > < span class = "keyword" > *< / span > < span class = "default" > < / span > < span class = "default" > 20< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "40" href = "#40" > 40< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > const< / span > < span class = "default" > < / span > < span class = "default" > ATTRIBUTE< / span > < span class = "default" > < / span > < span class = "keyword" > =< / span > < span class = "default" > < / span > < span class = "default" > 'csrf'< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "41" href = "#41" > 41< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > const< / span > < span class = "default" > < / span > < span class = "default" > DEFAULT_ERROR_RESPONSE_STRING< / span > < span class = "default" > < / span > < span class = "keyword" > =< / span > < span class = "default" > < / span > < span class = "default" > 'Invalid or missing CSRF token!'< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "42" href = "#42" > 42< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > const< / span > < span class = "default" > < / span > < span class = "default" > CSRF_TOKEN_LENGTH< / span > < span class = "default" > < / span > < span class = "keyword" > =< / span > < span class = "default" > < / span > < span class = "default" > 128< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "43" href = "#43" > 43< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "44" href = "#44" > 44< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > public< / span > < span class = "default" > < / span > < span class = "default" > string< / span > < span class = "default" > < / span > < span class = "default" > $attribute< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "45" href = "#45" > 45< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "46" href = "#46" > 46< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > public< / span > < span class = "default" > < / span > < span class = "default" > int< / span > < span class = "default" > < / span > < span class = "default" > $ttl< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "47" href = "#47" > 47< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "48" href = "#48" > 48< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > public< / span > < span class = "default" > < / span > < span class = "default" > $errorResponse< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "49" href = "#49" > 49< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "50" href = "#50" > 50< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > public< / span > < span class = "default" > < / span > < span class = "default" > int< / span > < span class = "default" > < / span > < span class = "default" > $tokenLength< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "51" href = "#51" > 51< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "52" href = "#52" > 52< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > public< / span > < span class = "default" > < / span > < span class = "default" > LoggerInterface< / span > < span class = "default" > < / span > < span class = "default" > $logger< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "53" href = "#53" > 53< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "54" href = "#54" > 54< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "comment" > /**< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "55" href = "#55" > 55< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * Constructor< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "56" href = "#56" > 56< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * < / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "57" href = "#57" > 57< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * The `$errorResponse` parameter can be used to customse the error response returned when a< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "58" href = "#58" > 58< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * write request has invalid CSRF parameters. It can take the following forms:< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "59" href = "#59" > 59< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * < / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "60" href = "#60" > 60< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * * A `string`, which will be returned as-is with a 400 Status Code and `Content-type: text/plain` header< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "61" href = "#61" > 61< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * * An instance of `ResponseInterface`, which will be returned as-is< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "62" href = "#62" > 62< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * * A callable with the signature `function (ServerRequestInterface $request): ResponseInterface`,< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "63" href = "#63" > 63< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > * the return value of which will be returned as-is.< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "64" href = "#64" > 64< / a > < / td > < td class = "col-11 codeLine" > < span class = "comment" > */< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "65" href = "#65" > 65< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > public< / span > < span class = "default" > < / span > < span class = "keyword" > function< / span > < span class = "default" > < / span > < span class = "default" > __construct< / span > < span class = "keyword" > (< / span > < span class = "keyword" > ?< / span > < span class = "default" > string< / span > < span class = "default" > < / span > < span class = "default" > $attribute< / span > < span class = "keyword" > =< / span > < span class = "default" > self< / span > < span class = "default" > ::< / span > < span class = "default" > ATTRIBUTE< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "keyword" > ?< / span > < span class = "default" > int< / span > < span class = "default" > < / span > < span class = "default" > $ttl< / span > < span class = "keyword" > =< / span > < span class = "default" > self< / span > < span class = "default" > ::< / span > < span class = "default" > TTL< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > $errorResponse< / span > < span class = "keyword" > =< / span > < span class = "default" > self< / span > < span class = "default" > ::< / span > < span class = "default" > DEFAULT_ERROR_RESPONSE_STRING< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > $tokenLength< / span > < span class = "keyword" > =< / span > < span class = "default" > self< / span > < span class = "default" > ::< / span > < span class = "default" > CSRF_TOKEN_LENGTH< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > $logger< / span > < span class = "keyword" > =< / span > < span class = "default" > null< / span > < span class = "keyword" > )< / span > < span class = "default" > < / span > < span class = "keyword" > {< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 66" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 67" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 68" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "69" href = "#69" > 69< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 70" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 71" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 72" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = "danger d-flex" > < td class = "col-1 text-right" > < a id = "73" href = "#73" > 73< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "default" > $errorResponse< / span > < span class = "default" > < / span > < span class = "keyword" > =< / span > < span class = "default" > < / span > < span class = "default" > self< / span > < span class = "default" > ::< / span > < span class = "default" > DEFAULT_ERROR_RESPONSE_STRING< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "74" href = "#74" > 74< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 75" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "76" href = "#76" > 76< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 77" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "78" href = "#78" > 78< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 79" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "80" href = "#80" > 80< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 81" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 82" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "83" href = "#83" > 83< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 84" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "32 tests cover line 85" data-content = "<ul><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class = "covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li&g
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "86" href = "#86" > 86< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "87" href = "#87" > 87< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > public< / span > < span class = "default" > < / span > < span class = "keyword" > function< / span > < span class = "default" > < / span > < span class = "default" > setLogger< / span > < span class = "keyword" > (< / span > < span class = "default" > LoggerInterface< / span > < span class = "default" > < / span > < span class = "default" > $logger< / span > < span class = "keyword" > )< / span > < span class = "default" > < / span > < span class = "keyword" > {< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "26 tests cover line 88" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placeme
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "26 tests cover line 89" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidConfigRaisesException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorsIfParametersAreMissing</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testExchangeFlowsReturnErrorOnInvalidParameters</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeFailsForTokensWithInvalidScope</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthEndpointTokenExchangeReturnsCorrectResponseForValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorOnNonIndieauthRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsErrorIfAccessCodeGrantsNoScopes</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testTokenEndpointReturnsAccessTokenOnValidRequest</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placeme
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "90" href = "#90" > 90< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "91" href = "#91" > 91< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > public< / span > < span class = "default" > < / span > < span class = "keyword" > function< / span > < span class = "default" > < / span > < span class = "default" > process< / span > < span class = "keyword" > (< / span > < span class = "default" > ServerRequestInterface< / span > < span class = "default" > < / span > < span class = "default" > $request< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > RequestHandlerInterface< / span > < span class = "default" > < / span > < span class = "default" > $handler< / span > < span class = "keyword" > )< / span > < span class = "keyword" > :< / span > < span class = "default" > < / span > < span class = "default" > ResponseInterface< / span > < span class = "default" > < / span > < span class = "keyword" > {< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "92" href = "#92" > 92< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "comment" > // Generate a new CSRF token, add it to the request attributes, and as a cookie on the response.< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 93" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "93" href = "#93" > 93< / a > < / td > < td class = "co
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 94" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "94" href = "#94" > 94< / a > < / td > < td class = "co
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "95" href = "#95" > 95< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 96" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "96" href = "#96" > 96< / a > < / td > < td class = "co
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "97" href = "#97" > 97< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "comment" > // This request is a write method with invalid CSRF parameters.< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "4 tests cover line 98" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "98" href = "#98" > 98< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "default" > $response< / span > < span class = "default" > < / span > < span class = "keyword" > =< / span > < span class = "default" > < / span > < span class = "default" > call_user_func< / span > < span class = "keyword" > (< / span > < span class = "default" > $this< / span > < span class = "default" > -> < / span > < span class = "default" > errorResponse< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > $request< / span > < span class = "keyword" > )< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "99" href = "#99" > 99< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < span class = "default" > < / span > < span class = "keyword" > else< / span > < span class = "default" > < / span > < span class = "keyword" > {< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "20 tests cover line 100" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "100" href = "#100" > 100< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "default" > $response< / span > < span class = "default" > < / span > < span class = "keyword" > =< / span > < span class = "default" > < / span > < span class = "default" > $handler< / span > < span class = "default" > -> < / span > < span class = "default" > handle< / span > < span class = "keyword" > (< / span > < span class = "default" > $request< / span > < span class = "keyword" > )< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "101" href = "#101" > 101< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "102" href = "#102" > 102< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "103" href = "#103" > 103< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "comment" > // Add the new CSRF cookie, restricting its scope to match the current request.< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 104" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "104" href = "#104" > 104< / a > < / td > < td class
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 105" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "105" href = "#105" > 105< / a > < / td > < td class
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 106" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "106" href = "#106" > 106< / a > < / td > < td class
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 107" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "107" href = "#107" > 107< / a > < / td > < td class
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 108" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "108" href = "#108" > 108< / a > < / td > < td class
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 109" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "109" href = "#109" > 109< / a > < / td > < td class
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "110" href = "#110" > 110< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "24 tests cover line 111" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesThroughNonWriteRequestsAddingAttribute</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testAuthorizationRequestWithInvalidClientIdOrRedirectUriShowsErrorToUser</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testInvalidStateCodeChallengeOrScopeReturnErrorRedirects</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testHandlesValidAndInvalidMeUrlsCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testUnauthenticatedRequestReturnsAuthenticationResponse</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsServerErrorIfAuthenticationResultHasNoMeKey</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnErrorIfFetchingClientIdThrowsException</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdWithNoParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfRedirectUriDoesntMatchClientIdOrParsedRedirectUris</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdSufficientlyMatchesRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkHeaderRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsAuthorizationFormIfClientIdExactlyMatchesParsedLinkElementRedirectUri</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testFindsFirstHAppExactlyMatchingClientId</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testNonIndieAuthRequestWithDefaultHandlerReturnsError</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testResponseReturnedFromNonIndieAuthRequestHandler</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "111" href = "#111" > 111< / a > < / td > < td class
< tr class = "warning d-flex" > < td class = "col-1 text-right" > < a id = "112" href = "#112" > 112< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "113" href = "#113" > 113< / a > < / td > < td class = "col-11 codeLine" > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "114" href = "#114" > 114< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > protected< / span > < span class = "default" > < / span > < span class = "keyword" > function< / span > < span class = "default" > < / span > < span class = "default" > isValid< / span > < span class = "keyword" > (< / span > < span class = "default" > ServerRequestInterface< / span > < span class = "default" > < / span > < span class = "default" > $request< / span > < span class = "keyword" > )< / span > < span class = "default" > < / span > < span class = "keyword" > {< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "9 tests cover line 115" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "115" href = "#115" > 115< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > if< / span > < span class = "default" > < / span > < span class = "keyword" > (< / span > < span class = "default" > array_key_exists< / span > < span class = "keyword" > (< / span > < span class = "default" > $this< / span > < span class = "default" > -> < / span > < span class = "default" > attribute< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > $request< / span > < span class = "default" > -> < / span > < span class = "default" > getParsedBody< / span > < span class = "keyword" > (< / span > < span class = "keyword" > )< / span > < span class = "default" > < / span > < span class = "default" > ??< / span > < span class = "default" > < / span > < span class = "keyword" > [< / span > < span class = "keyword" > ]< / span > < span class = "keyword" > )< / span > < span class = "keyword" > )< / span > < span class = "default" > < / span > < span class = "keyword" > {< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "7 tests cover line 116" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "116" href = "#116" > 116< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > if< / span > < span class = "default" > < / span > < span class = "keyword" > (< / span > < span class = "default" > array_key_exists< / span > < span class = "keyword" > (< / span > < span class = "default" > $this< / span > < span class = "default" > -> < / span > < span class = "default" > attribute< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > $request< / span > < span class = "default" > -> < / span > < span class = "default" > getCookieParams< / span > < span class = "keyword" > (< / span > < span class = "keyword" > )< / span > < span class = "default" > < / span > < span class = "default" > ??< / span > < span class = "default" > < / span > < span class = "keyword" > [< / span > < span class = "keyword" > ]< / span > < span class = "keyword" > )< / span > < span class = "keyword" > )< / span > < span class = "default" > < / span > < span class = "keyword" > {< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "117" href = "#117" > 117< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "comment" > // TODO: make sure CSRF token isn’ t the empty string, possibly also check that it’ s the same length< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "118" href = "#118" > 118< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "comment" > // as defined in $this-> tokenLength.< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "6 tests cover line 119" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithMismatchedTokens</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testPassesResponseThroughOnWriteRequestWithValidToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasNoHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsErrorIfApprovalRequestHasInvalidHash</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testValidApprovalRequestIsHandledCorrectly</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\ServerTest::testReturnsInternalServerErrorIfAuthCodeCannotBeStored</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "119" href = "#119" > 119< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > return< / span > < span class = "default" > < / span > < span class = "default" > hash_equals< / span > < span class = "keyword" > (< / span > < span class = "default" > $request< / span > < span class = "default" > -> < / span > < span class = "default" > getParsedBody< / span > < span class = "keyword" > (< / span > < span class = "keyword" > )< / span > < span class = "keyword" > [< / span > < span class = "default" > $this< / span > < span class = "default" > -> < / span > < span class = "default" > attribute< / span > < span class = "keyword" > ]< / span > < span class = "keyword" > ,< / span > < span class = "default" > < / span > < span class = "default" > $request< / span > < span class = "default" > -> < / span > < span class = "default" > getCookieParams< / span > < span class = "keyword" > (< / span > < span class = "keyword" > )< / span > < span class = "keyword" > [< / span > < span class = "default" > $this< / span > < span class = "default" > -> < / span > < span class = "default" > attribute< / span > < span class = "keyword" > ]< / span > < span class = "keyword" > )< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "120" href = "#120" > 120< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "121" href = "#121" > 121< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < / td > < / tr >
< tr class = "covered-by-large-tests popin d-flex" > < td data-title = "3 tests cover line 122" data-content = "<ul><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestsWithoutToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyCookieToken</li><li class="covered-by-large-tests">Taproot\IndieAuth\Test\DoubleSubmitCookieCsrfMiddlewareTest::testReturnsDefaultErrorResponseOnWriteRequestWithOnlyBodyToken</li></ul>" data-placement = "top" data-html = "true" class = "col-1 text-right" > < a id = "122" href = "#122" > 122< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > return< / span > < span class = "default" > < / span > < span class = "default" > false< / span > < span class = "keyword" > ;< / span > < / td > < / tr >
< tr class = "warning d-flex" > < td class = "col-1 text-right" > < a id = "123" href = "#123" > 123< / a > < / td > < td class = "col-11 codeLine" > < span class = "default" > < / span > < span class = "keyword" > }< / span > < / td > < / tr >
< tr class = " d-flex" > < td class = "col-1 text-right" > < a id = "124" href = "#124" > 124< / a > < / td > < td class = "col-11 codeLine" > < span class = "keyword" > }< / span > < / td > < / tr >
< / tbody >
< / table >
< footer >
< hr / >
< h4 > Legend< / h4 >
< p > < span class = "success" > < strong > Executed< / strong > < / span > < span class = "danger" > < strong > Not Executed< / strong > < / span > < span class = "warning" > < strong > Dead Code< / strong > < / span > < / p >
< p >
2021-06-13 14:37:41 +01:00
< small > Generated by < a href = "https://github.com/sebastianbergmann/php-code-coverage" target = "_top" > php-code-coverage 9.2.6< / a > using < a href = "https://secure.php.net/" target = "_top" > PHP 7.4.19< / a > with < a href = "https://xdebug.org/" > Xdebug 3.0.4< / a > and < a href = "https://phpunit.de/" > PHPUnit 9.5.5< / a > at Sun Jun 13 13:37:29 UTC 2021.< / small >
2021-06-13 14:35:07 +01:00
< / p >
< a title = "Back to the top" id = "toplink" href = "#" >
< svg xmlns = "http://www.w3.org/2000/svg" width = "12" height = "16" viewBox = "0 0 12 16" > < path fill-rule = "evenodd" d = "M12 11L6 5l-6 6h12z" / > < / svg >
< / a >
< / footer >
< / div >
< script src = "../_js/jquery.min.js" type = "text/javascript" > < / script >
< script src = "../_js/popper.min.js" type = "text/javascript" > < / script >
< script src = "../_js/bootstrap.min.js" type = "text/javascript" > < / script >
< script src = "../_js/file.js" type = "text/javascript" > < / script >
< / body >
< / html >