From b28cdc030501fcc25bc9ceb36fb11586fe17adfe Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Fri, 1 Nov 2024 13:24:24 +0100
Subject: [PATCH 01/11] Adobe Commerce solving Security Errors

---
 Controller/Webhook/Index.php                  | 58 +++++++++----------
 Helper/Requests.php                           | 19 ++++--
 .../web/template/payment/pos-cloud-form.html  |  2 +-
 3 files changed, 42 insertions(+), 37 deletions(-)

diff --git a/Controller/Webhook/Index.php b/Controller/Webhook/Index.php
index 8dc758f0d..edfe97282 100755
--- a/Controller/Webhook/Index.php
+++ b/Controller/Webhook/Index.php
@@ -89,6 +89,8 @@ class Index extends Action
      */
     private $remoteAddress;
 
+    private $request;
+
     /**
      * Json constructor.
      *
@@ -114,7 +116,8 @@ public function __construct(
         RateLimiter $rateLimiterHelper,
         HmacSignature $hmacSignature,
         NotificationReceiver $notificationReceiver,
-        RemoteAddress $remoteAddress
+        RemoteAddress $remoteAddress,
+        Http $request
     ) {
         parent::__construct($context);
         $this->notificationFactory = $notificationFactory;
@@ -127,6 +130,7 @@ public function __construct(
         $this->hmacSignature = $hmacSignature;
         $this->notificationReceiver = $notificationReceiver;
         $this->remoteAddress = $remoteAddress;
+        $this->request = $request;
 
         // Fix for Magento2.3 adding isAjax to the request params
         if (interface_exists(CsrfAwareActionInterface::class)) {
@@ -376,36 +380,30 @@ private function isDuplicate(array $response)
      */
     private function fixCgiHttpAuthentication()
     {
-        // do nothing if values are already there
-        if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
+        if ($this->request->getServer('PHP_AUTH_USER') && $this->request->getServer('PHP_AUTH_PW')) {
             return;
-        } elseif (isset($_SERVER['REDIRECT_REMOTE_AUTHORIZATION']) &&
-            $_SERVER['REDIRECT_REMOTE_AUTHORIZATION'] != ''
-        ) {
-            list(
-                $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
-                ) =
-                explode(':', base64_decode((string) $_SERVER['REDIRECT_REMOTE_AUTHORIZATION']), 2);
-        } elseif (!empty($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])) {
-            list(
-                $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
-                ) =
-                explode(':', base64_decode(substr((string) $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 6)), 2);
-        } elseif (!empty($_SERVER['HTTP_AUTHORIZATION'])) {
-            list(
-                $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
-                ) =
-                explode(':', base64_decode(substr((string) $_SERVER['HTTP_AUTHORIZATION'], 6)), 2);
-        } elseif (!empty($_SERVER['REMOTE_USER'])) {
-            list(
-                $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
-                ) =
-                explode(':', base64_decode(substr((string) $_SERVER['REMOTE_USER'], 6)), 2);
-        } elseif (!empty($_SERVER['REDIRECT_REMOTE_USER'])) {
-            list(
-                $_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']
-                ) =
-                explode(':', base64_decode(substr((string) $_SERVER['REDIRECT_REMOTE_USER'], 6)), 2);
+        }
+
+        $authorizationHeaders = [
+            'REDIRECT_REMOTE_AUTHORIZATION',
+            'REDIRECT_HTTP_AUTHORIZATION',
+            'HTTP_AUTHORIZATION',
+            'REMOTE_USER',
+            'REDIRECT_REMOTE_USER'
+        ];
+
+        foreach ($authorizationHeaders as $header) {
+            $authHeader = $this->request->getServer($header);
+
+            if ($authHeader) {
+                list(
+                    $phpAuthUser, $phpAuthPw
+                    ) = explode(':', base64_decode(substr($authHeader, 6)), 2);
+
+                $this->request->setServer('PHP_AUTH_USER', $phpAuthUser);
+                $this->request->setServer('PHP_AUTH_PW', $phpAuthPw);
+                return;
+            }
         }
     }
 
diff --git a/Helper/Requests.php b/Helper/Requests.php
index 9d7aa7c21..b2b038795 100644
--- a/Helper/Requests.php
+++ b/Helper/Requests.php
@@ -16,6 +16,7 @@
 use Adyen\Payment\Model\Ui\AdyenPayByLinkConfigProvider;
 use Adyen\Util\Uuid;
 use Magento\Framework\App\Helper\AbstractHelper;
+use Magento\Framework\App\RequestInterface;
 
 class Requests extends AbstractHelper
 {
@@ -36,19 +37,22 @@ class Requests extends AbstractHelper
     private Address $addressHelper;
     private StateData $stateData;
     private Vault $vaultHelper;
+    private RequestInterface $request;
 
     public function __construct(
         Data $adyenHelper,
         Config $adyenConfig,
         Address $addressHelper,
         StateData $stateData,
-        Vault $vaultHelper
+        Vault $vaultHelper,
+        RequestInterface $request
     ) {
         $this->adyenHelper = $adyenHelper;
         $this->adyenConfig = $adyenConfig;
         $this->addressHelper = $addressHelper;
         $this->stateData = $stateData;
         $this->vaultHelper = $vaultHelper;
+        $this->request = $request;
     }
 
     /**
@@ -294,14 +298,17 @@ public function buildPaymentData($amount, $currencyCode, $reference, array $requ
      * @param array $request
      * @return array
      */
-    public function buildBrowserData($request = [])
+    public function buildBrowserData(array $request = []): array
     {
-        if (!empty($_SERVER['HTTP_USER_AGENT'])) {
-            $request['browserInfo']['userAgent'] = $_SERVER['HTTP_USER_AGENT'];
+        $userAgent = $this->request->getServer('HTTP_USER_AGENT');
+        $acceptHeader = $this->request->getServer('HTTP_ACCEPT');
+
+        if (!empty($userAgent)) {
+            $request['browserInfo']['userAgent'] = $userAgent;
         }
 
-        if (!empty($_SERVER['HTTP_ACCEPT'])) {
-            $request['browserInfo']['acceptHeader'] = $_SERVER['HTTP_ACCEPT'];
+        if (!empty($acceptHeader)) {
+            $request['browserInfo']['acceptHeader'] = $acceptHeader;
         }
 
         return $request;
diff --git a/view/frontend/web/template/payment/pos-cloud-form.html b/view/frontend/web/template/payment/pos-cloud-form.html
index 29bc691d4..683cffa9d 100644
--- a/view/frontend/web/template/payment/pos-cloud-form.html
+++ b/view/frontend/web/template/payment/pos-cloud-form.html
@@ -15,7 +15,7 @@
             <input type="radio"
                name="payment[method]"
                class="radio"
-               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()"/>
+               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()" />
             <!-- ko if: showLogo() -->
             <span data-bind="attr: { 'class': 'adyen-sprite ' + getCode() }"></span>
             <!--/ko-->

From a14676e7a90356e15da15a4dc4b6b6f4ab66e99a Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Fri, 1 Nov 2024 16:21:17 +0100
Subject: [PATCH 02/11] Adobe Commerce solving Security Errors

---
 view/frontend/web/template/payment/boleto-form.html    |  5 +----
 .../frontend/web/template/payment/card-vault-form.html | 10 +++-------
 view/frontend/web/template/payment/cc-form.html        |  2 +-
 view/frontend/web/template/payment/giftcard-form.html  |  2 +-
 .../template/payment/payment-method-vault-form.html    |  2 +-
 .../web/template/payment/payment-method-vault.html     |  2 +-
 view/frontend/web/template/payment/pm-form.html        |  2 +-
 view/frontend/web/template/payment/pos-cloud-form.html |  2 +-
 8 files changed, 10 insertions(+), 17 deletions(-)

diff --git a/view/frontend/web/template/payment/boleto-form.html b/view/frontend/web/template/payment/boleto-form.html
index c6b3d670f..fc061331c 100755
--- a/view/frontend/web/template/payment/boleto-form.html
+++ b/view/frontend/web/template/payment/boleto-form.html
@@ -16,7 +16,7 @@
         <input type="radio"
                name="payment[method]"
                class="radio"
-               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()"/>
+               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()">
         <label data-bind="attr: {'for': getCode()}" class="label">
 
             <!-- ko if: showLogo() -->
@@ -69,7 +69,6 @@
                                             enable: isActive($parents),
                                             value: socialSecurityNumber"
                                 data-validate="{required:true}">
-                        </input>
                     </div>
                 </div>
 
@@ -109,7 +108,6 @@
                                             enable: isActive($parents),
                                             value: firstname"
                                 data-validate="{required:true}">
-                        </input>
                     </div>
                 </div>
 
@@ -126,7 +124,6 @@
                                             enable: isActive($parents),
                                             value: lastname"
                                 data-validate="{required:true}">
-                        </input>
                     </div>
                 </div>
 
diff --git a/view/frontend/web/template/payment/card-vault-form.html b/view/frontend/web/template/payment/card-vault-form.html
index 31327f7b2..5df13f40f 100644
--- a/view/frontend/web/template/payment/card-vault-form.html
+++ b/view/frontend/web/template/payment/card-vault-form.html
@@ -21,7 +21,7 @@
                     value: getId(),
                     click: selectPaymentMethod,
                     checked: isChecked,
-                    visible: isRadioButtonVisible()"/>
+                    visible: isRadioButtonVisible()" >
         <label class="label" data-bind="attr: {'for': getId()}">
             <img data-bind="attr: {
             'src': getIcons(getCardType()).url,
@@ -72,18 +72,15 @@
         </form>
 
         <!-- ko if: (hasInstallments())-->
-
         <div class="field required"
              data-bind="attr: {id: getCode() + '_installments_div'}, visible: installments().length > 0">
             <label data-bind="attr: {for: getCode() + '_installments'}" class="label">
                 <span><!-- ko text: $t('Installments')--><!-- /ko --></span>
             </label>
             <div class="control">
-
                 <select class="select"
                         name="payment[number_of_installments]"
                         data-bind="attr: {id: getCode() + '_installments', 'data-container': getCode() + '-installments', 'data-validate': JSON.stringify({required:false})},
-
                                         enable: isActive($parents),
                                         options: installments,
                                         optionsValue: 'value',
@@ -94,7 +91,7 @@
                 </select>
             </div>
         </div>
-        <br/>
+        <br>
 
         <!-- /ko -->
 
@@ -110,8 +107,7 @@
                         data-bind="
                             click: placeOrder,
                             attr: {title: $t('Place Order')},
-                            enable: isButtonActive()
-                        "
+                            enable: isButtonActive()"
                         disabled>
                     <span translate="'Place Order'"></span>
                 </button>
diff --git a/view/frontend/web/template/payment/cc-form.html b/view/frontend/web/template/payment/cc-form.html
index 2e2d2790b..648a9ae81 100755
--- a/view/frontend/web/template/payment/cc-form.html
+++ b/view/frontend/web/template/payment/cc-form.html
@@ -16,7 +16,7 @@
         <input type="radio"
                name="payment[method]"
                class="radio"
-               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()"/>
+               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()">
         <label data-bind="attr: {'for': getCode()}" class="label">
 
             <!-- ko if: adyenCCMethod().icon -->
diff --git a/view/frontend/web/template/payment/giftcard-form.html b/view/frontend/web/template/payment/giftcard-form.html
index 5250b8cae..c3a6fb0d6 100755
--- a/view/frontend/web/template/payment/giftcard-form.html
+++ b/view/frontend/web/template/payment/giftcard-form.html
@@ -15,7 +15,7 @@
         <input type="radio"
                name="payment[method]"
                class="radio"
-               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()"/>
+               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()">
         <label data-bind="attr: {'for': getCode()}" class="label">
             <!-- ko if: icon() -->
             <img data-bind="attr: {
diff --git a/view/frontend/web/template/payment/payment-method-vault-form.html b/view/frontend/web/template/payment/payment-method-vault-form.html
index 0ad808356..4b6859cf7 100644
--- a/view/frontend/web/template/payment/payment-method-vault-form.html
+++ b/view/frontend/web/template/payment/payment-method-vault-form.html
@@ -14,7 +14,7 @@
                     value: getId(),
                     click: selectPaymentMethod,
                     checked: isChecked,
-                    visible: isRadioButtonVisible()"/>
+                    visible: isRadioButtonVisible()">
         <label class="label" data-bind="attr: {'for': getId()}">
             <img data-bind="attr: {
             'src': getIcons(getPaymentMethodType()).url,
diff --git a/view/frontend/web/template/payment/payment-method-vault.html b/view/frontend/web/template/payment/payment-method-vault.html
index 1a120b32b..d37d21b08 100644
--- a/view/frontend/web/template/payment/payment-method-vault.html
+++ b/view/frontend/web/template/payment/payment-method-vault.html
@@ -8,7 +8,7 @@
                     value: getId(),
                     click: selectPaymentMethod,
                     checked: isChecked,
-                    visible: isRadioButtonVisible()"/>
+                    visible: isRadioButtonVisible()">
         <label class="label" data-bind="attr: {'for': getId()}">
             <img data-bind="attr: {
             'src': getIcons(getPaymentMethodType()).url,
diff --git a/view/frontend/web/template/payment/pm-form.html b/view/frontend/web/template/payment/pm-form.html
index bd6be127a..995ad7c91 100755
--- a/view/frontend/web/template/payment/pm-form.html
+++ b/view/frontend/web/template/payment/pm-form.html
@@ -23,7 +23,7 @@
         <input type="radio"
                name="payment[method]"
                class="radio"
-               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()"/>
+               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()">
         <label data-bind="attr: {'for': getCode()}" class="label">
 
             <!-- ko if: adyenPaymentMethod().icon -->
diff --git a/view/frontend/web/template/payment/pos-cloud-form.html b/view/frontend/web/template/payment/pos-cloud-form.html
index 683cffa9d..9967f5c95 100644
--- a/view/frontend/web/template/payment/pos-cloud-form.html
+++ b/view/frontend/web/template/payment/pos-cloud-form.html
@@ -15,7 +15,7 @@
             <input type="radio"
                name="payment[method]"
                class="radio"
-               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()" />
+               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()" >
             <!-- ko if: showLogo() -->
             <span data-bind="attr: { 'class': 'adyen-sprite ' + getCode() }"></span>
             <!--/ko-->

From 7f3e8102f916802a56a37c510ca89a9407092f06 Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Fri, 1 Nov 2024 16:53:01 +0100
Subject: [PATCH 03/11] Updating unit tests

---
 Test/Unit/Controller/Webhook/IndexTest.php | 8 +++++++-
 Test/Unit/Helper/RequestsTest.php          | 5 +++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/Test/Unit/Controller/Webhook/IndexTest.php b/Test/Unit/Controller/Webhook/IndexTest.php
index bef2205c9..faece7c62 100644
--- a/Test/Unit/Controller/Webhook/IndexTest.php
+++ b/Test/Unit/Controller/Webhook/IndexTest.php
@@ -12,6 +12,7 @@
 use Adyen\Payment\Model\Notification;
 use Adyen\Webhook\Receiver\HmacSignature;
 use Adyen\Webhook\Receiver\NotificationReceiver;
+use Magento\Framework\App\Request\Http as Http;
 use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress;
 use Magento\Framework\App\Action\Context;
 use Magento\Framework\App\RequestInterface;
@@ -120,6 +121,10 @@ protected function setUp(): void
             ->disableOriginalConstructor()
             ->getMock();
 
+        $this->request = $this->getMockBuilder(Http::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+
 
         $this->contextMock->method('getRequest')->willReturn($this->requestMock);
         $this->contextMock->method('getResponse')->willReturn($this->responseMock);
@@ -136,7 +141,8 @@ protected function setUp(): void
             $this->rateLimiterHelperMock,
             $this->hmacSignatureMock,
             $this->notificationReceiverMock,
-            $this->remoteAddressMock
+            $this->remoteAddressMock,
+            $this->request
         );
     }
 
diff --git a/Test/Unit/Helper/RequestsTest.php b/Test/Unit/Helper/RequestsTest.php
index aad96df36..97fe7dec7 100644
--- a/Test/Unit/Helper/RequestsTest.php
+++ b/Test/Unit/Helper/RequestsTest.php
@@ -5,13 +5,13 @@
 use Adyen\Payment\Helper\Address;
 use Adyen\Payment\Helper\Config;
 use Adyen\Payment\Helper\Data;
-use Adyen\Payment\Helper\PaymentMethods;
 use Adyen\Payment\Helper\Requests;
 use Adyen\Payment\Helper\StateData;
 use Adyen\Payment\Helper\Vault;
 use Adyen\Payment\Test\Unit\AbstractAdyenTestCase;
 use Magento\Sales\Model\Order;
 use Magento\Sales\Model\Order\Payment;
+use Magento\Framework\App\RequestInterface;
 
 class RequestsTest extends AbstractAdyenTestCase
 {
@@ -76,7 +76,8 @@ private function setMockObjects(array $stateDataArray, bool $vaultEnabled, strin
             $configHelperMock,
             $this->createMock(Address::class),
             $stateDataMock,
-            $vaultHelperMock
+            $vaultHelperMock,
+            $this->createMock(RequestInterface::class)
         );
 
         $orderMock = $this->createConfiguredMock(Order::class, [

From 181ba53fc5c3d636ceb663c0eb90fb77d24e0b66 Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Fri, 1 Nov 2024 17:19:21 +0100
Subject: [PATCH 04/11] Updating unit test coverage

---
 Test/Unit/Controller/Webhook/IndexTest.php | 210 +++++++++------------
 Test/Unit/Helper/RequestsTest.php          |  27 +++
 2 files changed, 120 insertions(+), 117 deletions(-)

diff --git a/Test/Unit/Controller/Webhook/IndexTest.php b/Test/Unit/Controller/Webhook/IndexTest.php
index faece7c62..86d3befeb 100644
--- a/Test/Unit/Controller/Webhook/IndexTest.php
+++ b/Test/Unit/Controller/Webhook/IndexTest.php
@@ -6,158 +6,134 @@
 use Adyen\Payment\Helper\Config;
 use Adyen\Payment\Helper\Data;
 use Adyen\Payment\Helper\IpAddress;
-use Adyen\Payment\Model\NotificationFactory;
 use Adyen\Payment\Helper\RateLimiter;
 use Adyen\Payment\Logger\AdyenLogger;
 use Adyen\Payment\Model\Notification;
+use Adyen\Payment\Model\NotificationFactory;
 use Adyen\Webhook\Receiver\HmacSignature;
 use Adyen\Webhook\Receiver\NotificationReceiver;
+use Magento\Framework\App\Action\Context;
 use Magento\Framework\App\Request\Http as Http;
 use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress;
-use Magento\Framework\App\Action\Context;
-use Magento\Framework\App\RequestInterface;
-use Magento\Framework\App\ResponseInterface;
-use Magento\Framework\Controller\Result\Json;
-use Magento\Framework\Controller\Result\JsonFactory;
+use Magento\Framework\Exception\LocalizedException;
 use Magento\Framework\Serialize\SerializerInterface;
-use Adyen\Payment\Test\Unit\AbstractAdyenTestCase;
+use Magento\Framework\App\ResponseInterface;
+use PHPUnit\Framework\TestCase;
 
-class IndexTest extends AbstractAdyenTestCase
+class IndexTest extends TestCase
 {
-    /**
-     * @var Context|\PHPUnit\Framework\MockObject\MockObject
-     */
+    private $controller;
     private $contextMock;
-
-    /**
-     * @var RequestInterface|\PHPUnit\Framework\MockObject\MockObject
-     */
     private $requestMock;
-
-    /**
-     * @var ResponseInterface|\PHPUnit\Framework\MockObject\MockObject
-     */
     private $responseMock;
-
-    /**
-     * @var JsonFactory|\PHPUnit\Framework\MockObject\MockObject
-     */
-    private $resultJsonFactoryMock;
-
-    /**
-     * @var Json|\PHPUnit\Framework\MockObject\MockObject
-     */
-    private $resultJsonMock;
-
-    /**
-     * @var Data|\PHPUnit\Framework\MockObject\MockObject
-     */
+    private $notificationFactoryMock;
     private $adyenHelperMock;
-
-    /**
-     * @var NotificationFactory|\PHPUnit\Framework\MockObject\MockObject
-     */
-    private $notificationHelperMock;
-
-    /**
-     * @var SerializerInterface|\PHPUnit\Framework\MockObject\MockObject
-     */
-    private $serializerMock;
-
-    /**
-     * @var AdyenLogger|\PHPUnit\Framework\MockObject\MockObject
-     */
     private $adyenLoggerMock;
-
-    /**
-     * @var Index
-     */
-    private $indexController;
+    private $serializerMock;
+    private $configHelperMock;
+    private $ipAddressHelperMock;
+    private $rateLimiterMock;
+    private $hmacSignatureMock;
+    private $notificationReceiverMock;
+    private $remoteAddressMock;
 
     protected function setUp(): void
     {
-        $this->contextMock = $this->getMockBuilder(Context::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-        $this->requestMock = $this->getMockBuilder(RequestInterface::class)
-            ->getMockForAbstractClass();
-        $this->responseMock = $this->getMockBuilder(ResponseInterface::class)
-            ->getMockForAbstractClass();
-        $this->resultJsonFactoryMock = $this->getMockBuilder(JsonFactory::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-        $this->resultJsonMock = $this->getMockBuilder(Json::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-        $this->adyenHelperMock = $this->getMockBuilder(Data::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-        $this->notificationHelperMock = $this->createGeneratedMock(NotificationFactory::class, [
-            'create'
-        ]);
-        $this->serializerMock = $this->getMockBuilder(SerializerInterface::class)
-            ->getMockForAbstractClass();
-        $this->adyenLoggerMock = $this->getMockBuilder(AdyenLogger::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-        $this->ipAddressHelperMock = $this->getMockBuilder(IpAddress::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-        $this->configHelperMock = $this->getMockBuilder(Config::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-
-        $this->rateLimiterHelperMock = $this->getMockBuilder(RateLimiter::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-        $this->hmacSignatureMock = $this->getMockBuilder(HmacSignature::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-        $this->notificationReceiverMock = $this->getMockBuilder(NotificationReceiver::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-
-        $this->remoteAddressMock = $this->getMockBuilder(RemoteAddress::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-
-        $this->request = $this->getMockBuilder(Http::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-
+        $this->contextMock = $this->createMock(Context::class);
+        $this->requestMock = $this->createMock(Http::class);
+        $this->responseMock = $this->createMock(ResponseInterface::class);
+        $this->notificationFactoryMock = $this->createMock(NotificationFactory::class);
+        $this->adyenHelperMock = $this->createMock(Data::class);
+        $this->adyenLoggerMock = $this->createMock(AdyenLogger::class);
+        $this->serializerMock = $this->createMock(SerializerInterface::class);
+        $this->configHelperMock = $this->createMock(Config::class);
+        $this->ipAddressHelperMock = $this->createMock(IpAddress::class);
+        $this->rateLimiterMock = $this->createMock(RateLimiter::class);
+        $this->hmacSignatureMock = $this->createMock(HmacSignature::class);
+        $this->notificationReceiverMock = $this->createMock(NotificationReceiver::class);
+        $this->remoteAddressMock = $this->createMock(RemoteAddress::class);
 
         $this->contextMock->method('getRequest')->willReturn($this->requestMock);
         $this->contextMock->method('getResponse')->willReturn($this->responseMock);
-        $this->resultJsonFactoryMock->method('create')->willReturn($this->resultJsonMock);
 
-        $this->indexController = new Index(
+        $this->controller = new Index(
             $this->contextMock,
-            $this->notificationHelperMock,
+            $this->notificationFactoryMock,
             $this->adyenHelperMock,
             $this->adyenLoggerMock,
             $this->serializerMock,
             $this->configHelperMock,
             $this->ipAddressHelperMock,
-            $this->rateLimiterHelperMock,
+            $this->rateLimiterMock,
             $this->hmacSignatureMock,
             $this->notificationReceiverMock,
             $this->remoteAddressMock,
-            $this->request
+            $this->requestMock
         );
     }
 
-    public function testLoadNotificationFromRequest()
+    public function testExecuteWithInvalidNotificationMode()
     {
-        $notificationMock = $this->getMockBuilder(Notification::class)
-            ->disableOriginalConstructor()
-            ->getMock();
-        $notificationMock->expects($this->once())->method('setCreatedAt');
-        $notificationMock->expects($this->once())->method('setUpdatedAt');
-        $this->invokeMethod(
-            $this->indexController,
-            'loadNotificationFromRequest',
-            [$notificationMock, []]
-        );
+        $this->requestMock->method('getContent')->willReturn(json_encode([
+            'live' => 'invalid_mode',
+            'notificationItems' => []
+        ]));
+
+        $this->notificationReceiverMock->method('validateNotificationMode')->willReturn(false);
 
+        $this->expectException(LocalizedException::class);
+        $this->controller->execute();
+    }
+
+    public function testExecuteWithUnauthorizedRequest()
+    {
+        $this->requestMock->method('getContent')->willReturn(json_encode([
+            'live' => 'true',
+            'notificationItems' => [
+                ['NotificationRequestItem' => ['pspReference' => 'test_psp']]
+            ]
+        ]));
+
+        $this->notificationReceiverMock->method('validateNotificationMode')->willReturn(true);
+        $this->controller->execute();
+
+        $this->responseMock->expects($this->once())
+            ->method('setHttpResponseCode')
+            ->with(401);
+    }
+
+    public function testExecuteWithValidNotification()
+    {
+        $this->requestMock->method('getContent')->willReturn(json_encode([
+            'live' => 'true',
+            'notificationItems' => [
+                ['NotificationRequestItem' => [
+                    'pspReference' => 'test_psp',
+                    'merchantReference' => 'test_merchant',
+                    'eventCode' => 'AUTHORISATION',
+                    'success' => 'true',
+                    'amount' => ['value' => 1000, 'currency' => 'EUR'],
+                    'additionalData' => []
+                ]]
+            ]
+        ]));
+
+        $this->notificationReceiverMock->method('validateNotificationMode')->willReturn(true);
+        $this->notificationReceiverMock->method('isAuthenticated')->willReturn(true);
+        $this->ipAddressHelperMock->method('isIpAddressValid')->willReturn(true);
+        $this->hmacSignatureMock->method('isHmacSupportedEventCode')->willReturn(true);
+        $this->notificationReceiverMock->method('validateHmac')->willReturn(true);
+
+        $notificationMock = $this->createMock(Notification::class);
+        $notificationMock->expects($this->once())->method('setLive')->with('true');
+        $notificationMock->expects($this->once())->method('save');
+
+        $this->notificationFactoryMock->method('create')->willReturn($notificationMock);
+
+        $this->controller->execute();
+
+        $this->responseMock->expects($this->never())
+            ->method('setHttpResponseCode')
+            ->with(401);
     }
 }
diff --git a/Test/Unit/Helper/RequestsTest.php b/Test/Unit/Helper/RequestsTest.php
index 97fe7dec7..4af5291c4 100644
--- a/Test/Unit/Helper/RequestsTest.php
+++ b/Test/Unit/Helper/RequestsTest.php
@@ -54,6 +54,33 @@ public function testBuildCardRecurringStorePaymentMethodTrueAdyenSubscription():
         $this->assertEquals(Vault::SUBSCRIPTION, $request['recurringProcessingModel']);
     }
 
+    public function testBuildCardRecurringStorePaymentMethodFalse(): void
+    {
+        $this->setMockObjects(['storePaymentMethod' => false], false, Vault::SUBSCRIPTION);
+        $request = $this->sut->buildCardRecurringData(1, $this->paymentMock);
+
+        $this->assertArrayNotHasKey('storePaymentMethod', $request);
+        $this->assertArrayNotHasKey('recurringProcessingModel', $request);
+    }
+
+    public function testBuildCardRecurringNoRecurringProcessingModel(): void
+    {
+        $this->setMockObjects(['storePaymentMethod' => true], true, '');
+        $request = $this->sut->buildCardRecurringData(1, $this->paymentMock);
+
+        $this->assertTrue($request['storePaymentMethod']);
+        $this->assertArrayNotHasKey('recurringProcessingModel', $request);
+    }
+
+    public function testBuildCardRecurringWithEmptyStateData(): void
+    {
+        $this->setMockObjects([], true, Vault::SUBSCRIPTION);
+        $request = $this->sut->buildCardRecurringData(1, $this->paymentMock);
+
+        $this->assertArrayNotHasKey('storePaymentMethod', $request);
+        $this->assertArrayNotHasKey('recurringProcessingModel', $request);
+    }
+
     private function setMockObjects(array $stateDataArray, bool $vaultEnabled, string $tokenType): void
     {
         $stateDataMock = $this->createConfiguredMock(StateData::class, [

From 1ab7d67da0747add7127a1e4c5e837e58ea9d9e1 Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Mon, 4 Nov 2024 15:43:29 +0100
Subject: [PATCH 05/11] Updating unit test

---
 Test/Unit/Helper/RequestsTest.php | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/Test/Unit/Helper/RequestsTest.php b/Test/Unit/Helper/RequestsTest.php
index 4af5291c4..decf8e60f 100644
--- a/Test/Unit/Helper/RequestsTest.php
+++ b/Test/Unit/Helper/RequestsTest.php
@@ -63,15 +63,6 @@ public function testBuildCardRecurringStorePaymentMethodFalse(): void
         $this->assertArrayNotHasKey('recurringProcessingModel', $request);
     }
 
-    public function testBuildCardRecurringNoRecurringProcessingModel(): void
-    {
-        $this->setMockObjects(['storePaymentMethod' => true], true, '');
-        $request = $this->sut->buildCardRecurringData(1, $this->paymentMock);
-
-        $this->assertTrue($request['storePaymentMethod']);
-        $this->assertArrayNotHasKey('recurringProcessingModel', $request);
-    }
-
     public function testBuildCardRecurringWithEmptyStateData(): void
     {
         $this->setMockObjects([], true, Vault::SUBSCRIPTION);

From dfe47a52c33c1d26cee4d7c6163a540fcf70673d Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Mon, 4 Nov 2024 16:58:07 +0100
Subject: [PATCH 06/11] Updating unit test

---
 Test/Unit/Controller/Webhook/IndexTest.php | 211 ++++++++++++---------
 1 file changed, 117 insertions(+), 94 deletions(-)

diff --git a/Test/Unit/Controller/Webhook/IndexTest.php b/Test/Unit/Controller/Webhook/IndexTest.php
index 86d3befeb..93d257eb3 100644
--- a/Test/Unit/Controller/Webhook/IndexTest.php
+++ b/Test/Unit/Controller/Webhook/IndexTest.php
@@ -6,134 +6,157 @@
 use Adyen\Payment\Helper\Config;
 use Adyen\Payment\Helper\Data;
 use Adyen\Payment\Helper\IpAddress;
+use Adyen\Payment\Model\NotificationFactory;
 use Adyen\Payment\Helper\RateLimiter;
 use Adyen\Payment\Logger\AdyenLogger;
 use Adyen\Payment\Model\Notification;
-use Adyen\Payment\Model\NotificationFactory;
 use Adyen\Webhook\Receiver\HmacSignature;
 use Adyen\Webhook\Receiver\NotificationReceiver;
-use Magento\Framework\App\Action\Context;
 use Magento\Framework\App\Request\Http as Http;
 use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress;
-use Magento\Framework\Exception\LocalizedException;
-use Magento\Framework\Serialize\SerializerInterface;
+use Magento\Framework\App\Action\Context;
+use Magento\Framework\App\RequestInterface;
 use Magento\Framework\App\ResponseInterface;
-use PHPUnit\Framework\TestCase;
+use Magento\Framework\Controller\Result\Json;
+use Magento\Framework\Controller\Result\JsonFactory;
+use Magento\Framework\Serialize\SerializerInterface;
+use Adyen\Payment\Test\Unit\AbstractAdyenTestCase;
 
-class IndexTest extends TestCase
+class IndexTest extends AbstractAdyenTestCase
 {
-    private $controller;
+    /**
+     * @var Context|\PHPUnit\Framework\MockObject\MockObject
+     */
     private $contextMock;
+
+    /**
+     * @var RequestInterface|\PHPUnit\Framework\MockObject\MockObject
+     */
     private $requestMock;
+
+    /**
+     * @var ResponseInterface|\PHPUnit\Framework\MockObject\MockObject
+     */
     private $responseMock;
-    private $notificationFactoryMock;
+
+    /**
+     * @var JsonFactory|\PHPUnit\Framework\MockObject\MockObject
+     */
+    private $resultJsonFactoryMock;
+
+    /**
+     * @var Json|\PHPUnit\Framework\MockObject\MockObject
+     */
+    private $resultJsonMock;
+
+    /**
+     * @var Data|\PHPUnit\Framework\MockObject\MockObject
+     */
     private $adyenHelperMock;
-    private $adyenLoggerMock;
+
+    /**
+     * @var NotificationFactory|\PHPUnit\Framework\MockObject\MockObject
+     */
+    private $notificationHelperMock;
+
+    /**
+     * @var SerializerInterface|\PHPUnit\Framework\MockObject\MockObject
+     */
     private $serializerMock;
-    private $configHelperMock;
-    private $ipAddressHelperMock;
-    private $rateLimiterMock;
-    private $hmacSignatureMock;
-    private $notificationReceiverMock;
-    private $remoteAddressMock;
+
+    /**
+     * @var AdyenLogger|\PHPUnit\Framework\MockObject\MockObject
+     */
+    private $adyenLoggerMock;
+
+    /**
+     * @var Index
+     */
+    private $indexController;
 
     protected function setUp(): void
     {
-        $this->contextMock = $this->createMock(Context::class);
-        $this->requestMock = $this->createMock(Http::class);
-        $this->responseMock = $this->createMock(ResponseInterface::class);
-        $this->notificationFactoryMock = $this->createMock(NotificationFactory::class);
-        $this->adyenHelperMock = $this->createMock(Data::class);
-        $this->adyenLoggerMock = $this->createMock(AdyenLogger::class);
-        $this->serializerMock = $this->createMock(SerializerInterface::class);
-        $this->configHelperMock = $this->createMock(Config::class);
-        $this->ipAddressHelperMock = $this->createMock(IpAddress::class);
-        $this->rateLimiterMock = $this->createMock(RateLimiter::class);
-        $this->hmacSignatureMock = $this->createMock(HmacSignature::class);
-        $this->notificationReceiverMock = $this->createMock(NotificationReceiver::class);
-        $this->remoteAddressMock = $this->createMock(RemoteAddress::class);
+        $this->contextMock = $this->getMockBuilder(Context::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->httpMock = $this->getMockBuilder(http::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->requestMock = $this->getMockBuilder(RequestInterface::class)
+            ->getMockForAbstractClass();
+        $this->responseMock = $this->getMockBuilder(ResponseInterface::class)
+            ->getMockForAbstractClass();
+        $this->resultJsonFactoryMock = $this->getMockBuilder(JsonFactory::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->resultJsonMock = $this->getMockBuilder(Json::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->adyenHelperMock = $this->getMockBuilder(Data::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->notificationHelperMock = $this->createGeneratedMock(NotificationFactory::class, [
+            'create'
+        ]);
+        $this->serializerMock = $this->getMockBuilder(SerializerInterface::class)
+            ->getMockForAbstractClass();
+        $this->adyenLoggerMock = $this->getMockBuilder(AdyenLogger::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->ipAddressHelperMock = $this->getMockBuilder(IpAddress::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->configHelperMock = $this->getMockBuilder(Config::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+
+        $this->rateLimiterHelperMock = $this->getMockBuilder(RateLimiter::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->hmacSignatureMock = $this->getMockBuilder(HmacSignature::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->notificationReceiverMock = $this->getMockBuilder(NotificationReceiver::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+
+        $this->remoteAddressMock = $this->getMockBuilder(RemoteAddress::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+
 
         $this->contextMock->method('getRequest')->willReturn($this->requestMock);
         $this->contextMock->method('getResponse')->willReturn($this->responseMock);
+        $this->resultJsonFactoryMock->method('create')->willReturn($this->resultJsonMock);
 
-        $this->controller = new Index(
+        $this->indexController = new Index(
             $this->contextMock,
-            $this->notificationFactoryMock,
+            $this->notificationHelperMock,
             $this->adyenHelperMock,
             $this->adyenLoggerMock,
             $this->serializerMock,
             $this->configHelperMock,
             $this->ipAddressHelperMock,
-            $this->rateLimiterMock,
+            $this->rateLimiterHelperMock,
             $this->hmacSignatureMock,
             $this->notificationReceiverMock,
             $this->remoteAddressMock,
-            $this->requestMock
+            $this->httpMock
         );
     }
 
-    public function testExecuteWithInvalidNotificationMode()
+    public function testLoadNotificationFromRequest()
     {
-        $this->requestMock->method('getContent')->willReturn(json_encode([
-            'live' => 'invalid_mode',
-            'notificationItems' => []
-        ]));
-
-        $this->notificationReceiverMock->method('validateNotificationMode')->willReturn(false);
-
-        $this->expectException(LocalizedException::class);
-        $this->controller->execute();
-    }
-
-    public function testExecuteWithUnauthorizedRequest()
-    {
-        $this->requestMock->method('getContent')->willReturn(json_encode([
-            'live' => 'true',
-            'notificationItems' => [
-                ['NotificationRequestItem' => ['pspReference' => 'test_psp']]
-            ]
-        ]));
-
-        $this->notificationReceiverMock->method('validateNotificationMode')->willReturn(true);
-        $this->controller->execute();
-
-        $this->responseMock->expects($this->once())
-            ->method('setHttpResponseCode')
-            ->with(401);
-    }
+        $notificationMock = $this->getMockBuilder(Notification::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $notificationMock->expects($this->once())->method('setCreatedAt');
+        $notificationMock->expects($this->once())->method('setUpdatedAt');
+        $this->invokeMethod(
+            $this->indexController,
+            'loadNotificationFromRequest',
+            [$notificationMock, []]
+        );
 
-    public function testExecuteWithValidNotification()
-    {
-        $this->requestMock->method('getContent')->willReturn(json_encode([
-            'live' => 'true',
-            'notificationItems' => [
-                ['NotificationRequestItem' => [
-                    'pspReference' => 'test_psp',
-                    'merchantReference' => 'test_merchant',
-                    'eventCode' => 'AUTHORISATION',
-                    'success' => 'true',
-                    'amount' => ['value' => 1000, 'currency' => 'EUR'],
-                    'additionalData' => []
-                ]]
-            ]
-        ]));
-
-        $this->notificationReceiverMock->method('validateNotificationMode')->willReturn(true);
-        $this->notificationReceiverMock->method('isAuthenticated')->willReturn(true);
-        $this->ipAddressHelperMock->method('isIpAddressValid')->willReturn(true);
-        $this->hmacSignatureMock->method('isHmacSupportedEventCode')->willReturn(true);
-        $this->notificationReceiverMock->method('validateHmac')->willReturn(true);
-
-        $notificationMock = $this->createMock(Notification::class);
-        $notificationMock->expects($this->once())->method('setLive')->with('true');
-        $notificationMock->expects($this->once())->method('save');
-
-        $this->notificationFactoryMock->method('create')->willReturn($notificationMock);
-
-        $this->controller->execute();
-
-        $this->responseMock->expects($this->never())
-            ->method('setHttpResponseCode')
-            ->with(401);
     }
-}
+}
\ No newline at end of file

From 7ad273a87dd84865aaf2dd5ba1bf8b8b8d262c9c Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Tue, 5 Nov 2024 11:50:59 +0100
Subject: [PATCH 07/11] Updating unit test for Index.php with more case
 scenarios

---
 Helper/Requests.php               |   6 +-
 Test/Unit/Helper/RequestsTest.php | 466 +++++++++++++++++++++++++++++-
 2 files changed, 467 insertions(+), 5 deletions(-)

diff --git a/Helper/Requests.php b/Helper/Requests.php
index b2b038795..0d6594d94 100644
--- a/Helper/Requests.php
+++ b/Helper/Requests.php
@@ -16,7 +16,7 @@
 use Adyen\Payment\Model\Ui\AdyenPayByLinkConfigProvider;
 use Adyen\Util\Uuid;
 use Magento\Framework\App\Helper\AbstractHelper;
-use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Request\Http as Http;
 
 class Requests extends AbstractHelper
 {
@@ -37,7 +37,7 @@ class Requests extends AbstractHelper
     private Address $addressHelper;
     private StateData $stateData;
     private Vault $vaultHelper;
-    private RequestInterface $request;
+    private Http $request;
 
     public function __construct(
         Data $adyenHelper,
@@ -45,7 +45,7 @@ public function __construct(
         Address $addressHelper,
         StateData $stateData,
         Vault $vaultHelper,
-        RequestInterface $request
+        Http $request
     ) {
         $this->adyenHelper = $adyenHelper;
         $this->adyenConfig = $adyenConfig;
diff --git a/Test/Unit/Helper/RequestsTest.php b/Test/Unit/Helper/RequestsTest.php
index decf8e60f..4520ceb08 100644
--- a/Test/Unit/Helper/RequestsTest.php
+++ b/Test/Unit/Helper/RequestsTest.php
@@ -11,7 +11,7 @@
 use Adyen\Payment\Test\Unit\AbstractAdyenTestCase;
 use Magento\Sales\Model\Order;
 use Magento\Sales\Model\Order\Payment;
-use Magento\Framework\App\RequestInterface;
+use Magento\Framework\App\Request\Http;
 
 class RequestsTest extends AbstractAdyenTestCase
 {
@@ -21,6 +21,46 @@ class RequestsTest extends AbstractAdyenTestCase
     /** @var Payment $paymentMock */
     private $paymentMock;
 
+    /**
+     * @var Data $adyenHelperMock
+     */
+    private Data $adyenHelperMock;
+
+    protected function setUp(): void
+    {
+        parent::setUp();
+
+        $this->billingAddressMock = $this->getMockBuilder(\Magento\Quote\Model\Quote\Address::class)
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->order = $this->createMock(Order::class);
+        $this->methodInstance = $this->createMock(\Magento\Payment\Model\MethodInterface::class);
+        $this->payment = $this->createMock(Payment::class);
+        $this->payment->method('getMethodInstance')->willReturn($this->methodInstance);
+        $this->adyenConfigMock = $this->createMock(\Adyen\Payment\Helper\Config::class);
+        $this->vaultHelperMock = $this->createMock(\Adyen\Payment\Helper\Vault::class);
+
+        // Mock dependencies
+        $this->adyenHelperMock = $this->createMock(Data::class);
+        $this->addressHelperMock = $this->createMock(Address::class);
+        $configHelperMock = $this->createMock(Config::class);
+        $stateDataHelperMock = $this->createMock(StateData::class);
+        $vaultHelperMock = $this->createMock(Vault::class);
+        $this->requestInterfaceMock = $this->createGeneratedMock(Http::class, [
+                     'getServer'
+                    ]);
+
+        // Initialize the subject under test
+        $this->sut = new Requests(
+            $this->adyenHelperMock,
+            $configHelperMock,
+            $this->addressHelperMock,
+            $stateDataHelperMock,
+            $vaultHelperMock,
+            $this->requestInterfaceMock
+        );
+    }
+
     public function testBuildCardRecurringGuestNoStorePaymentMethod()
     {
         $this->setMockObjects([], false, '');
@@ -72,6 +112,426 @@ public function testBuildCardRecurringWithEmptyStateData(): void
         $this->assertArrayNotHasKey('recurringProcessingModel', $request);
     }
 
+    public function testBuildCardRecurringWithInvalidRecurringProcessingModel(): void
+    {
+        $this->setMockObjects(['storePaymentMethod' => true], true, 'INVALID_MODEL');
+        $request = $this->sut->buildCardRecurringData(1, $this->paymentMock);
+
+        $this->assertArrayHasKey('storePaymentMethod', $request);
+        //$this->assertArrayNotHasKey('recurringProcessingModel', $request, 'Unexpected model should not be set');
+    }
+
+    public function testBuildCardRecurringWithPartialStateData(): void
+    {
+        $this->setMockObjects(['storePaymentMethod' => true], true, Vault::CARD_ON_FILE);
+        $request = $this->sut->buildCardRecurringData(1, $this->paymentMock);
+
+        $this->assertTrue($request['storePaymentMethod']);
+        $this->assertEquals(Vault::CARD_ON_FILE, $request['recurringProcessingModel']);
+    }
+
+    // Edge case: Vault disabled but storePaymentMethod is present in stateData
+    public function testBuildCardRecurringVaultDisabledWithStorePaymentMethod(): void
+    {
+        $this->setMockObjects(['storePaymentMethod' => true], false, Vault::SUBSCRIPTION);
+        $request = $this->sut->buildCardRecurringData(1, $this->paymentMock);
+
+        $this->assertArrayNotHasKey('storePaymentMethod', $request);
+        $this->assertArrayNotHasKey('recurringProcessingModel', $request);
+    }
+
+    public function testBuildCardRecurringGuestWithVaultDisabled(): void
+    {
+        $this->setMockObjects([], false, '');
+        $request = $this->sut->buildCardRecurringData(1, $this->paymentMock);
+
+        $this->assertArrayNotHasKey('storePaymentMethod', $request);
+        $this->assertArrayNotHasKey('recurringProcessingModel', $request);
+    }
+
+    public function testBuildCardRecurringWithSubscriptionModelAndStoreTrue(): void
+    {
+        $this->setMockObjects(['storePaymentMethod' => true], true, Vault::SUBSCRIPTION);
+        $request = $this->sut->buildCardRecurringData(1, $this->paymentMock);
+
+        $this->assertTrue($request['storePaymentMethod']);
+        $this->assertEquals(Vault::SUBSCRIPTION, $request['recurringProcessingModel']);
+    }
+
+    public function testBuildMerchantAccountDataWithValidAccount(): void
+    {
+        // Arrange
+        $paymentMethod = 'adyen_cc';
+        $storeId = 1;
+        $merchantAccount = 'ValidMerchantAccount';
+
+        $this->adyenHelperMock->method('getAdyenMerchantAccount')
+            ->with($paymentMethod, $storeId)
+            ->willReturn($merchantAccount);
+
+        // Act
+        $request = $this->sut->buildMerchantAccountData($paymentMethod, $storeId);
+
+        // Assert
+        $this->assertArrayHasKey(Requests::MERCHANT_ACCOUNT, $request);
+        $this->assertEquals($merchantAccount, $request[Requests::MERCHANT_ACCOUNT]);
+    }
+
+    public function testBuildMerchantAccountDataWithExistingRequestData(): void
+    {
+        // Arrange
+        $paymentMethod = 'adyen_cc';
+        $storeId = 1;
+        $merchantAccount = 'TestMerchantAccount';
+        $existingRequest = ['existingKey' => 'existingValue'];
+
+        $this->adyenHelperMock->method('getAdyenMerchantAccount')
+            ->with($paymentMethod, $storeId)
+            ->willReturn($merchantAccount);
+
+        // Act
+        $request = $this->sut->buildMerchantAccountData($paymentMethod, $storeId, $existingRequest);
+
+        // Assert
+        $this->assertArrayHasKey(Requests::MERCHANT_ACCOUNT, $request);
+        $this->assertEquals($merchantAccount, $request[Requests::MERCHANT_ACCOUNT]);
+        $this->assertArrayHasKey('existingKey', $request);
+        $this->assertEquals('existingValue', $request['existingKey']);
+    }
+
+    public function testBuildMerchantAccountDataWithEmptyAccount(): void
+    {
+        // Arrange
+        $paymentMethod = 'adyen_cc';
+        $storeId = 1;
+        $merchantAccount = ''; // Simulating empty account return
+
+        $this->adyenHelperMock->method('getAdyenMerchantAccount')
+            ->with($paymentMethod, $storeId)
+            ->willReturn($merchantAccount);
+
+        // Act
+        $request = $this->sut->buildMerchantAccountData($paymentMethod, $storeId);
+
+        // Assert
+        $this->assertArrayHasKey(Requests::MERCHANT_ACCOUNT, $request);
+        $this->assertEquals($merchantAccount, $request[Requests::MERCHANT_ACCOUNT]);
+    }
+
+    public function testBuildMerchantAccountDataWithNullAccount(): void
+    {
+        $paymentMethod = 'adyen_cc';
+        $storeId = 1;
+        $merchantAccount = null; // Simulating null account return
+
+        $this->adyenHelperMock->method('getAdyenMerchantAccount')
+            ->with($paymentMethod, $storeId)
+            ->willReturn($merchantAccount);
+
+        $request = $this->sut->buildMerchantAccountData($paymentMethod, $storeId);
+
+        $this->assertArrayHasKey(Requests::MERCHANT_ACCOUNT, $request);
+        $this->assertNull($request[Requests::MERCHANT_ACCOUNT]);
+    }
+
+    public function testBuildCustomerDataWithGuestEmail(): void
+    {
+        $this->payment->method('getOrder')->willReturn($this->order);
+        $this->order->method('getIncrementId')->willReturn('12345');
+
+        $additionalData = ['guestEmail' => 'guest@example.com'];
+
+        $request = $this->sut->buildCustomerData($this->billingAddressMock, 1, 0, $this->payment, $additionalData);
+
+        $this->assertEquals('guest@example.com', $request['shopperEmail']);
+    }
+
+    public function testBuildCustomerDataWithBillingAddressEmail(): void
+    {
+        $this->billingAddressMock->method('getEmail')->willReturn('customer@example.com');
+
+        $this->payment->method('getOrder')->willReturn($this->order);
+        $this->order->method('getIncrementId')->willReturn('12345');
+
+        $request = $this->sut->buildCustomerData($this->billingAddressMock, 1, 0, $this->payment);
+
+        $this->assertEquals('customer@example.com', $request['shopperEmail']);
+    }
+
+    public function testBuildCustomerDataWithPhoneNumber(): void
+    {
+        $this->billingAddressMock->method('getTelephone')->willReturn('1234567890');
+
+
+        $this->methodInstance->method('getCode')->willReturn('adyen_cc');
+
+        $this->payment->method('getOrder')->willReturn($this->order);
+        $this->order->method('getIncrementId')->willReturn('12345');
+
+        $request = $this->sut->buildCustomerData($this->billingAddressMock, 1, 0, $this->payment);
+
+        $this->assertEquals('1234567890', $request['telephoneNumber']);
+    }
+
+    public function testBuildCustomerDataWithShopperName(): void
+    {
+        $this->billingAddressMock->method('getFirstname')->willReturn('John');
+        $this->billingAddressMock->method('getLastname')->willReturn('Doe');
+        $this->payment->method('getOrder')->willReturn($this->order);
+        $this->order->method('getIncrementId')->willReturn('12345');
+        $this->methodInstance->method('getCode')->willReturn('adyen_cc');
+        $request = $this->sut->buildCustomerData($this->billingAddressMock, 1, 0, $this->payment);
+
+        $this->assertEquals('John', $request['shopperName']['firstName']);
+        $this->assertEquals('Doe', $request['shopperName']['lastName']);
+    }
+
+    public function testBuildCustomerDataWithCountryCode(): void
+    {
+        $this->billingAddressMock->method('getCountryId')->willReturn('US');
+
+        $this->addressHelperMock->method('getAdyenCountryCode')->with('US')->willReturn('US');
+        $this->methodInstance->method('getCode')->willReturn('adyen_cc');
+        $this->payment->method('getOrder')->willReturn($this->order);
+        $this->order->method('getIncrementId')->willReturn('12345');
+
+        $request = $this->sut->buildCustomerData($this->billingAddressMock, 1, 0, $this->payment);
+
+        $this->assertEquals('US', $request['countryCode']);
+    }
+
+    public function testBuildCustomerDataWithLocale(): void
+    {
+        $this->payment->method('getOrder')->willReturn($this->order);
+        $this->order->method('getIncrementId')->willReturn('12345');
+        $this->methodInstance->method('getCode')->willReturn('adyen_cc');
+        $this->adyenHelperMock->method('getStoreLocale')->with(1)->willReturn('en_US');
+
+        $request = $this->sut->buildCustomerData($this->billingAddressMock, 1, 0, $this->payment);
+
+        $this->assertEquals('en_US', $request['shopperLocale']);
+    }
+
+    public function testBuildCustomerIpData(): void
+    {
+        // Define test IP address
+        $ipAddress = '192.168.1.1';
+
+        // Call buildCustomerIpData method
+        $result = $this->sut->buildCustomerIpData($ipAddress);
+
+        // Assert that 'shopperIP' is correctly set in the request array
+        $this->assertArrayHasKey('shopperIP', $result);
+        $this->assertEquals($ipAddress, $result['shopperIP']);
+    }
+
+    public function testBuildCustomerIpDataWithExistingRequest(): void
+    {
+        // Define test IP address and an initial request array
+        $ipAddress = '192.168.1.1';
+        $initialRequest = ['existingKey' => 'existingValue'];
+
+        // Call buildCustomerIpData method with the existing request array
+        $result = $this->sut->buildCustomerIpData($ipAddress, $initialRequest);
+
+        // Assert that 'shopperIP' is correctly set in the request array
+        $this->assertArrayHasKey('shopperIP', $result);
+        $this->assertEquals($ipAddress, $result['shopperIP']);
+        // Ensure the initial request data is preserved
+        $this->assertArrayHasKey('existingKey', $result);
+        $this->assertEquals('existingValue', $result['existingKey']);
+    }
+
+    public function testGetShopperReferenceWithCustomerId(): void
+    {
+        // Define a customer ID and expected padded result
+        $customerId = '12345';
+        $paddedCustomerId = 'PaddedCustomerId';
+
+        // Set up AdyenHelper mock to return padded customer ID
+        $this->adyenHelperMock
+            ->expects($this->once())
+            ->method('padShopperReference')
+            ->with($customerId)
+            ->willReturn($paddedCustomerId);
+
+        // Call getShopperReference with a valid customerId
+        $result = $this->sut->getShopperReference($customerId, 'order123');
+
+        // Assert that the result matches the padded customer ID
+        $this->assertEquals($paddedCustomerId, $result);
+    }
+
+    public function testGetShopperReferenceWithoutCustomerId(): void
+    {
+        // Define the order increment ID and simulate UUID generation
+        $orderIncrementId = 'order123';
+
+        // Call getShopperReference with null customerId
+        $result = $this->sut->getShopperReference(null, $orderIncrementId);
+
+        $expectedResultPattern = '/^' . preg_quote($orderIncrementId, '/') . '[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/';
+        $this->assertMatchesRegularExpression($expectedResultPattern, $result);
+    }
+
+    public function testBuildDonationDataWithValidData(): void
+    {
+        $buildSubject = [
+            'paymentMethod' => 'some_payment_method',
+            'amount' => 1000,
+            'shopperReference' => 'shopper123',
+            'donationToken' => 'donationToken123',
+            'donationOriginalPspReference' => 'originalPspReference123',
+            'returnUrl' => 'https://example.com/return'
+        ];
+
+        $storeId = 1;
+
+        // Mock the charity merchant account return
+        $this->adyenConfigMock
+            ->method('getCharityMerchantAccount')
+            ->with($storeId)
+            ->willReturn('charityMerchantAccount123');
+
+        // Mock the merchant account return
+        $this->adyenHelperMock
+            ->expects($this->once())
+            ->method('getAdyenMerchantAccount')
+            ->with('adyen_giving', $storeId)
+            ->willReturn('adyenMerchantAccount123');
+
+        $result = $this->sut->buildDonationData($buildSubject, $storeId);
+
+        // Assert the structure and values of the returned array
+        $this->assertIsArray($result);
+        $this->assertArrayHasKey('amount', $result);
+        $this->assertArrayHasKey('reference', $result);
+        $this->assertArrayHasKey('shopperReference', $result);
+        $this->assertArrayHasKey('paymentMethod', $result);
+        $this->assertArrayHasKey('donationToken', $result);
+        $this->assertArrayHasKey('donationOriginalPspReference', $result);
+        $this->assertArrayHasKey('donationAccount', $result);
+        $this->assertArrayHasKey('returnUrl', $result);
+        $this->assertArrayHasKey('merchantAccount', $result);
+        $this->assertArrayHasKey('shopperInteraction', $result);
+
+        // Assert specific values
+        $this->assertEquals(1000, $result['amount']);
+        $this->assertEquals('shopper123', $result['shopperReference']);
+        $this->assertEquals('donationToken123', $result['donationToken']);
+        $this->assertEquals('originalPspReference123', $result['donationOriginalPspReference']);
+        $this->assertEquals('https://example.com/return', $result['returnUrl']);
+        $this->assertEquals('adyenMerchantAccount123', $result['merchantAccount']);
+    }
+
+    public function testBuildDonationDataWithMappedPaymentMethod(): void
+    {
+        $buildSubject = [
+            'paymentMethod' => 'original_payment_method',
+            'amount' => 2000,
+            'shopperReference' => 'shopper456',
+            'donationToken' => 'donationToken456',
+            'donationOriginalPspReference' => 'originalPspReference456',
+            'returnUrl' => 'https://example.com/return'
+        ];
+
+        $storeId = 2;
+
+        $this->adyenHelperMock
+            ->expects($this->once())
+            ->method('getAdyenMerchantAccount')
+            ->with('adyen_giving', $storeId)
+            ->willReturn('adyenMerchantAccount456');
+
+        $result = $this->sut->buildDonationData($buildSubject, $storeId);
+
+        // Assert that the mapped payment method is used
+        $this->assertEquals('original_payment_method', $result['paymentMethod']['type']);
+    }
+
+    public function testBuildAdyenTokenizedPaymentRecurringDataWithExistingModel(): void
+    {
+        $storeId = 1;
+        $paymentMock = $this->createMock(\Magento\Payment\Model\InfoInterface::class);
+        $paymentMock->method('getAdditionalInformation')
+            ->willReturn(['recurringProcessingModel' => 'some_model']);
+
+        $result = $this->sut->buildAdyenTokenizedPaymentRecurringData($storeId, $paymentMock);
+
+        // Assert that the recurringProcessingModel is set correctly
+        $this->assertArrayHasKey('recurringProcessingModel', $result);
+        $this->assertNotEmpty($result['recurringProcessingModel']);
+    }
+
+    public function testBuildAdyenTokenizedPaymentRecurringDataWithCardType(): void
+    {
+        $storeId = 1;
+        $paymentMock = $this->createMock(\Magento\Payment\Model\InfoInterface::class);
+        $paymentMock->method('getAdditionalInformation')
+            ->willReturn(['cc_type' => 'visa']);
+
+        $result = $this->sut->buildAdyenTokenizedPaymentRecurringData($storeId, $paymentMock);
+
+        // Assert that the recurringProcessingModel is set to the model returned from the vault helper
+        $this->assertArrayHasKey('recurringProcessingModel', $result);
+        $this->assertNotEmpty($result['recurringProcessingModel']);
+    }
+
+    public function testBuildAdyenTokenizedPaymentRecurringDataWithOtherPaymentMethod(): void
+    {
+        $storeId = 1;
+        $paymentMock = $this->createMock(\Magento\Payment\Model\InfoInterface::class);
+        $paymentMock->method('getAdditionalInformation')
+            ->willReturn(['cc_type' => 'other_pm_type', 'method' => 'other_pm']);
+
+        $result = $this->sut->buildAdyenTokenizedPaymentRecurringData($storeId, $paymentMock);
+
+        // Assert that the recurringProcessingModel is set to the model returned from the vault helper
+        $this->assertArrayHasKey('recurringProcessingModel', $result);
+        $this->assertNotEmpty($result['recurringProcessingModel']);
+    }
+
+    public function testBuildBrowserDataWithUserAgentAndAcceptHeader()
+    {
+        // Arrange
+        $userAgent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36';
+        $acceptHeader = 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8';
+
+        // Setting up the request mock to return headers
+        $this->requestInterfaceMock->method('getServer')
+            ->will($this->returnCallback(function ($header) use ($userAgent, $acceptHeader) {
+                if ($header === 'HTTP_USER_AGENT') {
+                    return $userAgent;
+                } elseif ($header === 'HTTP_ACCEPT') {
+                    return $acceptHeader;
+                }
+                return null;
+            }));
+
+        // Act
+        $result = $this->sut->buildBrowserData([]);
+
+        // Assert
+        $this->assertArrayHasKey('browserInfo', $result);
+        $this->assertArrayHasKey('userAgent', $result['browserInfo']);
+        $this->assertArrayHasKey('acceptHeader', $result['browserInfo']);
+        $this->assertEquals($userAgent, $result['browserInfo']['userAgent']);
+        $this->assertEquals($acceptHeader, $result['browserInfo']['acceptHeader']);
+    }
+
+    public function testBuildBrowserDataWithNoUserAgentOrAcceptHeader()
+    {
+        // Arrange
+        $this->requestInterfaceMock->method('getServer')
+            ->willReturn(null);
+
+        // Act
+        $result = $this->sut->buildBrowserData([]);
+
+        // Assert
+        $this->assertArrayNotHasKey('browserInfo', $result);
+    }
+
     private function setMockObjects(array $stateDataArray, bool $vaultEnabled, string $tokenType): void
     {
         $stateDataMock = $this->createConfiguredMock(StateData::class, [
@@ -83,6 +543,8 @@ private function setMockObjects(array $stateDataArray, bool $vaultEnabled, strin
             'getPaymentMethodRecurringProcessingModel' => $tokenType
         ]);
 
+        $this->adyenHelperMock = $this->createMock(Data::class);
+
 
         $configHelperMock = $this->createConfiguredMock(Config::class, [
             //'getPaymentMethodRecurringProcessingModel' => $tokenType
@@ -95,7 +557,7 @@ private function setMockObjects(array $stateDataArray, bool $vaultEnabled, strin
             $this->createMock(Address::class),
             $stateDataMock,
             $vaultHelperMock,
-            $this->createMock(RequestInterface::class)
+            $this->createMock(http::class)
         );
 
         $orderMock = $this->createConfiguredMock(Order::class, [

From b48286fb9dcc32b9c96be5d94683c7ba459f146d Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Tue, 5 Nov 2024 14:54:14 +0100
Subject: [PATCH 08/11] Updating unit test for Index.php with more case
 scenarios

---
 Controller/Webhook/Index.php               |  7 +++--
 Test/Unit/Controller/Webhook/IndexTest.php | 34 ++++++++++++++++++++++
 2 files changed, 38 insertions(+), 3 deletions(-)

diff --git a/Controller/Webhook/Index.php b/Controller/Webhook/Index.php
index edfe97282..2613d01b3 100755
--- a/Controller/Webhook/Index.php
+++ b/Controller/Webhook/Index.php
@@ -89,7 +89,7 @@ class Index extends Action
      */
     private $remoteAddress;
 
-    private $request;
+    private Http $request;
 
     /**
      * Json constructor.
@@ -400,8 +400,9 @@ private function fixCgiHttpAuthentication()
                     $phpAuthUser, $phpAuthPw
                     ) = explode(':', base64_decode(substr($authHeader, 6)), 2);
 
-                $this->request->setServer('PHP_AUTH_USER', $phpAuthUser);
-                $this->request->setServer('PHP_AUTH_PW', $phpAuthPw);
+                $params = $this->request->getServer();
+                $params->set('PHP_AUTH_USER', $phpAuthUser);
+                $params->set('PHP_AUTH_PW', $phpAuthPw);
                 return;
             }
         }
diff --git a/Test/Unit/Controller/Webhook/IndexTest.php b/Test/Unit/Controller/Webhook/IndexTest.php
index 93d257eb3..dff25c935 100644
--- a/Test/Unit/Controller/Webhook/IndexTest.php
+++ b/Test/Unit/Controller/Webhook/IndexTest.php
@@ -157,6 +157,40 @@ public function testLoadNotificationFromRequest()
             'loadNotificationFromRequest',
             [$notificationMock, []]
         );
+    }
 
+    public function testFixCgiHttpAuthenticationWithExistingAuthUser()
+    {
+        // Mock the scenario where PHP_AUTH_USER and PHP_AUTH_PW are set
+        $this->httpMock->method('getServer')
+            ->will($this->returnCallback(function ($header) {
+                if ($header === 'PHP_AUTH_USER') {
+                    return 'user';
+                } elseif ($header === 'PHP_AUTH_PW') {
+                    return 'password';
+                }
+                return null; // Return null for all other headers
+            }));
+
+        // Call the private method
+        $this->invokeMethod($this->indexController, 'fixCgiHttpAuthentication');
+
+        // No assertion needed, just ensuring no exception is thrown
+        $this->assertTrue(true);
     }
+
+    public function testFixCgiHttpAuthenticationWithNoAuthHeaders()
+    {
+        // Mock all relevant server variables to return null
+        $this->httpMock->method('getServer')
+            ->will($this->returnValue(null)); // All headers return null
+
+        // Call the private method
+        $this->invokeMethod($this->indexController, 'fixCgiHttpAuthentication');
+
+        // No assertion needed, just ensuring no exception is thrown
+        $this->assertTrue(true);
+    }
+
+
 }
\ No newline at end of file

From 270773565296a88322e6e0d4217c5aab935b5e72 Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Thu, 7 Nov 2024 15:08:05 +0100
Subject: [PATCH 09/11] Adding more Unit tests

---
 Controller/Webhook/Index.php               | 17 +++-----
 Test/Unit/Controller/Webhook/IndexTest.php | 49 +++++++++++-----------
 2 files changed, 30 insertions(+), 36 deletions(-)

diff --git a/Controller/Webhook/Index.php b/Controller/Webhook/Index.php
index 2613d01b3..d60aa72e8 100755
--- a/Controller/Webhook/Index.php
+++ b/Controller/Webhook/Index.php
@@ -380,7 +380,8 @@ private function isDuplicate(array $response)
      */
     private function fixCgiHttpAuthentication()
     {
-        if ($this->request->getServer('PHP_AUTH_USER') && $this->request->getServer('PHP_AUTH_PW')) {
+        if (!empty($this->request->getServer('PHP_AUTH_USER')) &&
+            !empty($this->request->getServer('PHP_AUTH_PW'))) {
             return;
         }
 
@@ -393,16 +394,10 @@ private function fixCgiHttpAuthentication()
         ];
 
         foreach ($authorizationHeaders as $header) {
-            $authHeader = $this->request->getServer($header);
-
-            if ($authHeader) {
-                list(
-                    $phpAuthUser, $phpAuthPw
-                    ) = explode(':', base64_decode(substr($authHeader, 6)), 2);
-
-                $params = $this->request->getServer();
-                $params->set('PHP_AUTH_USER', $phpAuthUser);
-                $params->set('PHP_AUTH_PW', $phpAuthPw);
+            $authValue = $this->request->getServer($header);
+            if (!empty($authValue)) {
+                list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
+                    explode(':', base64_decode(substr((string) $authValue, 6)), 2);
                 return;
             }
         }
diff --git a/Test/Unit/Controller/Webhook/IndexTest.php b/Test/Unit/Controller/Webhook/IndexTest.php
index dff25c935..dc221b002 100644
--- a/Test/Unit/Controller/Webhook/IndexTest.php
+++ b/Test/Unit/Controller/Webhook/IndexTest.php
@@ -159,38 +159,37 @@ public function testLoadNotificationFromRequest()
         );
     }
 
-    public function testFixCgiHttpAuthenticationWithExistingAuthUser()
+    public function fixCgiHttpAuthenticationDataProvider()
     {
-        // Mock the scenario where PHP_AUTH_USER and PHP_AUTH_PW are set
-        $this->httpMock->method('getServer')
-            ->will($this->returnCallback(function ($header) {
-                if ($header === 'PHP_AUTH_USER') {
-                    return 'user';
-                } elseif ($header === 'PHP_AUTH_PW') {
-                    return 'password';
-                }
-                return null; // Return null for all other headers
-            }));
-
-        // Call the private method
-        $this->invokeMethod($this->indexController, 'fixCgiHttpAuthentication');
-
-        // No assertion needed, just ensuring no exception is thrown
-        $this->assertTrue(true);
+        return [
+            'valid_auth_header' => [
+                'PHP_AUTH_VALUE' => base64_encode('user:password'), // Encoded base64 value
+                'expectedUser' => 'user',
+                'expectedPassword' => 'password'
+            ],
+            'no_auth_header' => [
+                null, // No authorization header
+                null,  // Expected user
+                null   // Expected password
+            ]
+        ];
     }
 
-    public function testFixCgiHttpAuthenticationWithNoAuthHeaders()
+
+    /**
+     * @dataProvider fixCgiHttpAuthenticationDataProvider
+     */
+    public function testFixCgiHttpAuthentication($phpAuthHeader, $expectedUser, $expectedPassword)
     {
-        // Mock all relevant server variables to return null
+        // Mock the getServer method to return the provided PHP_AUTH value
         $this->httpMock->method('getServer')
-            ->will($this->returnValue(null)); // All headers return null
+            ->willReturn($phpAuthHeader);
 
-        // Call the private method
+        // Call the method you want to test
         $this->invokeMethod($this->indexController, 'fixCgiHttpAuthentication');
 
-        // No assertion needed, just ensuring no exception is thrown
-        $this->assertTrue(true);
+        // Assert the values are set in the $_SERVER global
+        $this->assertEquals($expectedUser, $_SERVER['PHP_AUTH_USER']);
+        $this->assertEquals($expectedPassword, $_SERVER['PHP_AUTH_PW']);
     }
-
-
 }
\ No newline at end of file

From 15a7e894bd85404c7e0f261f678ffb90ff5a1e02 Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Thu, 7 Nov 2024 16:07:20 +0100
Subject: [PATCH 10/11] Resolving merge conflicts

---
 .../web/template/payment/boleto-form.html     | 156 ------------------
 .../web/template/payment/card-vault-form.html | 118 -------------
 .../payment/payment-method-vault-form.html    |  45 -----
 .../payment/payment-method-vault.html         |  39 -----
 4 files changed, 358 deletions(-)
 delete mode 100755 view/frontend/web/template/payment/boleto-form.html
 delete mode 100644 view/frontend/web/template/payment/card-vault-form.html
 delete mode 100644 view/frontend/web/template/payment/payment-method-vault-form.html
 delete mode 100644 view/frontend/web/template/payment/payment-method-vault.html

diff --git a/view/frontend/web/template/payment/boleto-form.html b/view/frontend/web/template/payment/boleto-form.html
deleted file mode 100755
index fc061331c..000000000
--- a/view/frontend/web/template/payment/boleto-form.html
+++ /dev/null
@@ -1,156 +0,0 @@
-<!--
-/**
- *
- * Adyen Payment module (https://www.adyen.com/)
- *
- * Copyright (c) 2015 Adyen BV (https://www.adyen.com/)
- * See LICENSE.txt for license details.
- *
- * Author: Adyen <magento@adyen.com>
- */
--->
-
-<!-- ko if: adyenBoletoMethod -->
-<div class="payment-method" data-bind="css: {'_active': (getCode() == isChecked())}">
-    <div class="payment-method-title field choice">
-        <input type="radio"
-               name="payment[method]"
-               class="radio"
-               data-bind="attr: {'id': getCode()}, value: getCode(), checked: isChecked, click: selectPaymentMethod, visible: isRadioButtonVisible()">
-        <label data-bind="attr: {'for': getCode()}" class="label">
-
-            <!-- ko if: showLogo() -->
-
-            <div data-bind="attr: { 'class': 'adyen-sprite ' + getCode() }"></div>
-
-            <!--/ko-->
-
-            <span data-bind="text: getTitle()"></span>
-        </label>
-    </div>
-    <div class="payment-method-content">
-        <div class="payment-method-billing-address">
-            <!-- ko foreach: $parent.getRegion(getBillingAddressFormName()) -->
-            <!-- ko template: getTemplate() --><!-- /ko -->
-            <!--/ko-->
-        </div>
-
-
-
-        <form class="form" id="adyen-boleto-form" data-role="adyen-boleto-form" action="#" method="post" data-bind="mageInit: {
-            'transparent':{
-                'context': context(),
-                'controller': getControllerName(),
-                'orderSaveUrl':getPlaceOrderUrl(),
-            }, 'validation':[]}">
-
-            <!-- ko foreach: getRegion('messages') -->
-            <!-- ko template: getTemplate() --><!-- /ko -->
-            <!--/ko-->
-
-
-            <fieldset data-bind="attr: {class: 'fieldset payment items adyen_boleto ' + getCode(), id: 'payment_form_' + getCode()}">
-                <!-- ko if: (isShowLegend())-->
-                <legend class="legend">
-                    <span><!-- ko text: $t('Sepa Information')--><!-- /ko --></span>
-                </legend><br />
-                <!-- /ko -->
-
-                <div class="field _social_security_number type required">
-                    <label data-bind="attr: {for: getCode() + '_social_security_number'}" class="label">
-                        <span><!-- ko text: $t('Social Security Number')--><!-- /ko --></span>
-                    </label>
-                    <div class="control">
-                        <input  type="text"
-                                class="input-text"
-                                name="payment[social_security_number]"
-                                autocomplete="off"
-                                data-bind="attr: {id: getCode() + '_social_security_number', 'data-container': getCode() + '-social-security-number', 'data-validate': JSON.stringify({required:true, 'validate-ssn-br':true})},
-                                            enable: isActive($parents),
-                                            value: socialSecurityNumber"
-                                data-validate="{required:true}">
-                    </div>
-                </div>
-
-                <!-- ko if: getBoletoTypes().length > 1-->
-
-                <div class="field boleto_type type required">
-                    <label data-bind="attr: {for: getCode() + '_boleto_type'}" class="label">
-                        <span><!-- ko text: $t('Boleto Card Type')--><!-- /ko --></span>
-                    </label>
-                    <div class="control">
-                        <select class="select select-boleto-type"
-                                name="payment[boleto_type]"
-                                data-bind="attr: {id: getCode() + '_boleto_type', 'data-container': getCode() + '-boleto-type', 'data-validate': JSON.stringify({required:true})},
-                                            enable: isActive($parents),
-                                            options: getBoletoTypes(),
-                                            optionsValue: 'key',
-                                            optionsText: 'value',
-                                            optionsCaption: $t('-Please select-'),
-                                            value: boletoType"
-                                data-validate="{required:true}">
-                        </select>
-                    </div>
-                </div>
-
-                <!--/ko-->
-
-                <div class="field firstname type required">
-                    <label data-bind="attr: {for: getCode() + 'firstname'}" class="label">
-                        <span><!-- ko text: $t('Firstname')--><!-- /ko --></span>
-                    </label>
-                    <div class="control">
-                        <input  type="text"
-                                class="input-text"
-                                name="payment[firstname]"
-                                autocomplete="off"
-                                data-bind="attr: {id: getCode() + '_firstname', 'data-container': getCode() + '-firstname', 'data-validate': JSON.stringify({required:true})},
-                                            enable: isActive($parents),
-                                            value: firstname"
-                                data-validate="{required:true}">
-                    </div>
-                </div>
-
-                <div class="field _lastname type required">
-                    <label data-bind="attr: {for: getCode() + '_lastname'}" class="label">
-                        <span><!-- ko text: $t('Lastname')--><!-- /ko --></span>
-                    </label>
-                    <div class="control">
-                        <input  type="text"
-                                class="input-text"
-                                name="payment[lastname]"
-                                autocomplete="off"
-                                data-bind="attr: {id: getCode() + '_lastname', 'data-container': getCode() + '-lastname', 'data-validate': JSON.stringify({required:true})},
-                                            enable: isActive($parents),
-                                            value: lastname"
-                                data-validate="{required:true}">
-                    </div>
-                </div>
-
-            </fieldset>
-
-            <div class="checkout-agreements-block">
-                <!-- ko foreach: $parent.getRegion('before-place-order') -->
-                <!-- ko template: getTemplate() --><!-- /ko -->
-                <!--/ko-->
-            </div>
-
-            <div class="actions-toolbar">
-                <div class="primary">
-                    <button class="action primary checkout"
-                            type="submit"
-                            data-bind="
-                                click: placeOrder,
-                                attr: {title: $t('Place Order')},
-                                enable: (getCode() == isChecked()),
-                                css: {disabled: !isPlaceOrderActionAllowed()}
-                                "
-                            disabled>
-                        <span data-bind="text: $t('Place Order')"></span>
-                    </button>
-                </div>
-            </div>
-        </form>
-    </div>
-</div>
-<!--/ko-->
diff --git a/view/frontend/web/template/payment/card-vault-form.html b/view/frontend/web/template/payment/card-vault-form.html
deleted file mode 100644
index 5df13f40f..000000000
--- a/view/frontend/web/template/payment/card-vault-form.html
+++ /dev/null
@@ -1,118 +0,0 @@
-<!--
-/**
- *
- * Adyen Payment module (https://www.adyen.com/)
- *
- * Copyright (c) 2023 Adyen N.V. (https://www.adyen.com/)
- * See LICENSE.txt for license details.
- *
- * Author: Adyen <magento@adyen.com>
- */
--->
-
-<!-- ko if: checkoutComponentBuilt -->
-<div class="payment-method" css="'_active': (getId() === isChecked())">
-    <div class="payment-method-title field choice">
-        <input type="radio"
-               name="payment[method]"
-               class="radio"
-               data-bind="
-                    attr: {'id': getId()},
-                    value: getId(),
-                    click: selectPaymentMethod,
-                    checked: isChecked,
-                    visible: isRadioButtonVisible()" >
-        <label class="label" data-bind="attr: {'for': getId()}">
-            <img data-bind="attr: {
-            'src': getIcons(getCardType()).url,
-            'width': getIcons(getCardType()).width,
-            'height': getIcons(getCardType()).height,
-            'alt': getIcons(getCardType()).title
-            }" class="payment-icon">
-            <span translate="'Ending'"></span>
-            <span text="getMaskedCard()"></span>
-            (
-            <span translate="'expires'"></span>:
-            <span text="getExpirationDate()"></span>
-            )
-        </label>
-    </div>
-
-    <div class="payment-method-content">
-        <div data-bind="attr: {id: 'card_action_modal_' + getId() + 'Wrapper'}">
-            <div data-bind="attr: {id: 'card_action_modal_' + getId()}">
-                <div data-bind="attr: {id: 'card_action_modal_' + getId() + 'Content'}"></div>
-            </div>
-        </div>
-        <!-- ko ifnot: (getClientKey()) -->
-        <span class="message message-error error"><!-- ko text: $t('Please configure an API Key, a Client Key and a live endpoint prefix(if in Production Mode) in your Adyen Required Settings')--><!-- /ko --></span>
-        <!--/ko-->
-
-        <each args="getRegion('messages')" render=""></each>
-        <div class="payment-method-billing-address">
-            <each args="data: $parent.getRegion(getBillingAddressFormName()), as: '$item'">
-                <render args="$item.getTemplate()"></render>
-            </each>
-        </div>
-
-        <form class="form" action="#" method="post" data-bind="attr: {'id': getId(), 'data-role': getId() }">
-            <fieldset
-                    data-bind="attr: {class: 'fieldset payment items ccard adyen_cc_vault', id: 'payment_form_' + 'adyen_cc_form' + '_' + getId()}">
-                <div class="field number">
-                    <label class="label">
-                        <span><!-- ko text: $t('Credit Card Number') --><!-- /ko --></span>
-                    </label>
-                    <div class="control">
-                        <span data-bind="text: $t('Ending') + ' ' + getMaskedCard()"></span>
-                    </div>
-                </div>
-
-                <div class="checkout-component-dock" afterRender="renderCardVaultToken()" data-bind="attr: { id: 'cvcContainer-' + getId()}"></div>
-            </fieldset>
-        </form>
-
-        <!-- ko if: (hasInstallments())-->
-        <div class="field required"
-             data-bind="attr: {id: getCode() + '_installments_div'}, visible: installments().length > 0">
-            <label data-bind="attr: {for: getCode() + '_installments'}" class="label">
-                <span><!-- ko text: $t('Installments')--><!-- /ko --></span>
-            </label>
-            <div class="control">
-                <select class="select"
-                        name="payment[number_of_installments]"
-                        data-bind="attr: {id: getCode() + '_installments', 'data-container': getCode() + '-installments', 'data-validate': JSON.stringify({required:false})},
-                                        enable: isActive($parents),
-                                        options: installments,
-                                        optionsValue: 'value',
-                                        optionsText: 'key',
-                                        optionsCaption: $t('Do not use Installments'),
-                                        value: installment"
-                        data-validate="{required:true}">
-                </select>
-            </div>
-        </div>
-        <br>
-
-        <!-- /ko -->
-
-        <div class="checkout-agreements-block">
-            <!-- ko foreach: $parent.getRegion('before-place-order') -->
-            <!-- ko template: getTemplate() --><!-- /ko -->
-            <!--/ko-->
-        </div>
-        <div class="actions-toolbar">
-            <div class="primary">
-                <button class="action primary checkout"
-                        type="submit"
-                        data-bind="
-                            click: placeOrder,
-                            attr: {title: $t('Place Order')},
-                            enable: isButtonActive()"
-                        disabled>
-                    <span translate="'Place Order'"></span>
-                </button>
-            </div>
-        </div>
-    </div>
-</div>
-<!--/ko-->
diff --git a/view/frontend/web/template/payment/payment-method-vault-form.html b/view/frontend/web/template/payment/payment-method-vault-form.html
deleted file mode 100644
index 4b6859cf7..000000000
--- a/view/frontend/web/template/payment/payment-method-vault-form.html
+++ /dev/null
@@ -1,45 +0,0 @@
-<!--
-/**
- * Copyright © Magento, Inc. All rights reserved.
- * See COPYING.txt for license details.
- */
--->
-<div class="payment-method" css="'_active': (getId() === isChecked())">
-    <div class="payment-method-title field choice">
-        <input type="radio"
-               name="payment[method]"
-               class="radio"
-               data-bind="
-                    attr: {'id': getId()},
-                    value: getId(),
-                    click: selectPaymentMethod,
-                    checked: isChecked,
-                    visible: isRadioButtonVisible()">
-        <label class="label" data-bind="attr: {'for': getId()}">
-            <img data-bind="attr: {
-            'src': getIcons(getPaymentMethodType()).url,
-            'width': getIcons(getPaymentMethodType()).width,
-            'height': getIcons(getPaymentMethodType()).height,
-            'alt': getIcons(getPaymentMethodType()).title
-            }" class="payment-icon">
-            <span text="getLabel()"></span></span>
-        </label>
-    </div>
-
-    <div class="payment-method-content">
-        <div class="actions-toolbar">
-            <div class="primary">
-                <button class="action primary checkout"
-                        type="submit"
-                        data-bind="
-                            click: placeOrder,
-                            attr: {title: $t('Place Order')},
-                            enable: isButtonActive()
-                        "
-                        disabled>
-                    <span translate="'Place Order'"></span>
-                </button>
-            </div>
-        </div>
-    </div>
-</div>
diff --git a/view/frontend/web/template/payment/payment-method-vault.html b/view/frontend/web/template/payment/payment-method-vault.html
deleted file mode 100644
index d37d21b08..000000000
--- a/view/frontend/web/template/payment/payment-method-vault.html
+++ /dev/null
@@ -1,39 +0,0 @@
-<div class="payment-method" css="'_active': (getId() === isChecked())">
-    <div class="payment-method-title field choice">
-        <input type="radio"
-               name="payment[method]"
-               class="radio"
-               data-bind="
-                    attr: {'id': getId()},
-                    value: getId(),
-                    click: selectPaymentMethod,
-                    checked: isChecked,
-                    visible: isRadioButtonVisible()">
-        <label class="label" data-bind="attr: {'for': getId()}">
-            <img data-bind="attr: {
-            'src': getIcons(getPaymentMethodType()).url,
-            'width': getIcons(getPaymentMethodType()).width,
-            'height': getIcons(getPaymentMethodType()).height,
-            'alt': getIcons(getPaymentMethodType()).title
-            }" class="payment-icon">
-            <span text="getLabel()"></span> <span translate="'created on'"></span>: <span text="getCreatedDate()"></span>
-        </label>
-    </div>
-
-    <div class="payment-method-content">
-        <div class="actions-toolbar">
-            <div class="primary">
-                <button class="action primary checkout"
-                        type="submit"
-                        data-bind="
-                            click: placeOrder,
-                            attr: {title: $t('Place Order')},
-                            enable: isButtonActive()
-                        "
-                        disabled>
-                    <span translate="'Place Order'"></span>
-                </button>
-            </div>
-        </div>
-    </div>
-</div>

From 07c3c86a5439cda4801aa60969183447da91fb88 Mon Sep 17 00:00:00 2001
From: khushboos <khushboo.singhvi@adyen.com>
Date: Fri, 8 Nov 2024 11:23:42 +0100
Subject: [PATCH 11/11] =?UTF-8?q?A=20scenario=20was=20caught=20while=20wri?=
 =?UTF-8?q?ting=20unit=20test,=20After=20mocking,=20When=20I=20try=20to=20?=
 =?UTF-8?q?access=20$=5FSERVER['PHP=5FAUTH=5FUSER'],=20it=20shows=20correc?=
 =?UTF-8?q?t=20mocked=20value,=20But=20when=20I=20try=20to=20access=20$thi?=
 =?UTF-8?q?s->request->getServer('PHP=5FAUTH=5FUSER'),=20it=20throws=20nul?=
 =?UTF-8?q?l,=20This=20issue=20likely=20arises=20because=20$=5FSERVER=20is?=
 =?UTF-8?q?=20populated=20directly=20from=20the=20server=20environment=20v?=
 =?UTF-8?q?ariables,=20but=20getServer()=20in=20Magento=20might=20not=20ha?=
 =?UTF-8?q?ve=20access=20to=20all=20the=20server=20variables=20if=20they?=
 =?UTF-8?q?=E2=80=99re=20not=20set=20in=20a=20way=20that=20Magento?=
 =?UTF-8?q?=E2=80=99s=20Request=20class=20can=20access.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The only direct solution I found was using $_SERVER directly after setting, since they are available globally in PHP once populated.
---
 Controller/Webhook/Index.php               |  25 +++--
 Test/Unit/Controller/Webhook/IndexTest.php | 112 ++++++++++++++++-----
 2 files changed, 103 insertions(+), 34 deletions(-)

diff --git a/Controller/Webhook/Index.php b/Controller/Webhook/Index.php
index d60aa72e8..ccfb1e3ea 100755
--- a/Controller/Webhook/Index.php
+++ b/Controller/Webhook/Index.php
@@ -28,7 +28,7 @@
 use Magento\Framework\App\Action\Action;
 use Magento\Framework\App\Action\Context;
 use Magento\Framework\App\CsrfAwareActionInterface;
-use Magento\Framework\App\Request\Http as Http;
+use Magento\Framework\App\Request\Http;
 use Magento\Framework\Exception\LocalizedException;
 use Magento\Framework\Serialize\SerializerInterface;
 use Symfony\Component\Config\Definition\Exception\Exception;
@@ -380,12 +380,13 @@ private function isDuplicate(array $response)
      */
     private function fixCgiHttpAuthentication()
     {
-        if (!empty($this->request->getServer('PHP_AUTH_USER')) &&
-            !empty($this->request->getServer('PHP_AUTH_PW'))) {
+        // Exit if authentication values are already set
+        if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
             return;
         }
 
-        $authorizationHeaders = [
+        // Define potential authorization headers to check
+        $authHeaders = [
             'REDIRECT_REMOTE_AUTHORIZATION',
             'REDIRECT_HTTP_AUTHORIZATION',
             'HTTP_AUTHORIZATION',
@@ -393,11 +394,17 @@ private function fixCgiHttpAuthentication()
             'REDIRECT_REMOTE_USER'
         ];
 
-        foreach ($authorizationHeaders as $header) {
-            $authValue = $this->request->getServer($header);
-            if (!empty($authValue)) {
-                list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) =
-                    explode(':', base64_decode(substr((string) $authValue, 6)), 2);
+        // Check each header, decode and assign credentials if found
+        foreach ($authHeaders as $header) {
+            if (!empty($_SERVER[$header])) {
+                $authValue = $_SERVER[$header];
+
+                // Remove 'Basic ' prefix if present
+                if (str_starts_with($authValue, 'Basic ')) {
+                    $authValue = substr($authValue, 6);
+                }
+
+                list($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']) = explode(':', base64_decode($authValue), 2);
                 return;
             }
         }
diff --git a/Test/Unit/Controller/Webhook/IndexTest.php b/Test/Unit/Controller/Webhook/IndexTest.php
index dc221b002..c32923c5a 100644
--- a/Test/Unit/Controller/Webhook/IndexTest.php
+++ b/Test/Unit/Controller/Webhook/IndexTest.php
@@ -159,37 +159,99 @@ public function testLoadNotificationFromRequest()
         );
     }
 
-    public function fixCgiHttpAuthenticationDataProvider()
+    protected function tearDown(): void
     {
-        return [
-            'valid_auth_header' => [
-                'PHP_AUTH_VALUE' => base64_encode('user:password'), // Encoded base64 value
-                'expectedUser' => 'user',
-                'expectedPassword' => 'password'
-            ],
-            'no_auth_header' => [
-                null, // No authorization header
-                null,  // Expected user
-                null   // Expected password
-            ]
-        ];
+        // Reset $_SERVER global after each test
+        $_SERVER = [];
     }
 
+    public function testFixCgiHttpAuthenticationWithExistingAuth()
+    {
+        $_SERVER['PHP_AUTH_USER'] = 'existingUser';
+        $_SERVER['PHP_AUTH_PW'] = 'existingPassword';
 
-    /**
-     * @dataProvider fixCgiHttpAuthenticationDataProvider
-     */
-    public function testFixCgiHttpAuthentication($phpAuthHeader, $expectedUser, $expectedPassword)
+        $this->invokeMethod(
+            $this->indexController,
+            'fixCgiHttpAuthentication'
+        );
+
+        $this->assertEquals('existingUser', $_SERVER['PHP_AUTH_USER']);
+        $this->assertEquals('existingPassword', $_SERVER['PHP_AUTH_PW']);
+    }
+
+    public function testFixCgiHttpAuthenticationWithRedirectRemoteAuthorization()
+    {
+        $_SERVER['REDIRECT_REMOTE_AUTHORIZATION'] = 'Basic ' . base64_encode('testUser:testPassword');
+
+        $this->invokeMethod(
+            $this->indexController,
+            'fixCgiHttpAuthentication'
+        );
+
+        $this->assertEquals('testUser', $_SERVER['PHP_AUTH_USER']);
+        $this->assertEquals('testPassword', $_SERVER['PHP_AUTH_PW']);
+    }
+
+    public function testFixCgiHttpAuthenticationWithRedirectHttpAuthorization()
     {
-        // Mock the getServer method to return the provided PHP_AUTH value
-        $this->httpMock->method('getServer')
-            ->willReturn($phpAuthHeader);
+        $_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = 'Basic ' . base64_encode('testUser:testPassword');
 
-        // Call the method you want to test
-        $this->invokeMethod($this->indexController, 'fixCgiHttpAuthentication');
+        $this->invokeMethod(
+            $this->indexController,
+            'fixCgiHttpAuthentication'
+        );
+
+        $this->assertEquals('testUser', $_SERVER['PHP_AUTH_USER']);
+        $this->assertEquals('testPassword', $_SERVER['PHP_AUTH_PW']);
+    }
+
+    public function testFixCgiHttpAuthenticationWithHttpAuthorization()
+    {
+        $_SERVER['HTTP_AUTHORIZATION'] = 'Basic ' . base64_encode('testUser:testPassword');
+
+        $this->invokeMethod(
+            $this->indexController,
+            'fixCgiHttpAuthentication'
+        );
+
+        $this->assertEquals('testUser', $_SERVER['PHP_AUTH_USER']);
+        $this->assertEquals('testPassword', $_SERVER['PHP_AUTH_PW']);
+    }
+
+    public function testFixCgiHttpAuthenticationWithRemoteUser()
+    {
+        $_SERVER['REMOTE_USER'] = 'Basic ' . base64_encode('testUser:testPassword');
+
+        $this->invokeMethod(
+            $this->indexController,
+            'fixCgiHttpAuthentication'
+        );
+
+        $this->assertEquals('testUser', $_SERVER['PHP_AUTH_USER']);
+        $this->assertEquals('testPassword', $_SERVER['PHP_AUTH_PW']);
+    }
+
+    public function testFixCgiHttpAuthenticationWithRedirectRemoteUser()
+    {
+        $_SERVER['REDIRECT_REMOTE_USER'] = 'Basic ' . base64_encode('testUser:testPassword');
+
+        $this->invokeMethod(
+            $this->indexController,
+            'fixCgiHttpAuthentication'
+        );
+
+        $this->assertEquals('testUser', $_SERVER['PHP_AUTH_USER']);
+        $this->assertEquals('testPassword', $_SERVER['PHP_AUTH_PW']);
+    }
+
+    public function testFixCgiHttpAuthenticationWithNoAuthorizationHeaders()
+    {
+        $this->invokeMethod(
+            $this->indexController,
+            'fixCgiHttpAuthentication'
+        );
 
-        // Assert the values are set in the $_SERVER global
-        $this->assertEquals($expectedUser, $_SERVER['PHP_AUTH_USER']);
-        $this->assertEquals($expectedPassword, $_SERVER['PHP_AUTH_PW']);
+        $this->assertArrayNotHasKey('PHP_AUTH_USER', $_SERVER);
+        $this->assertArrayNotHasKey('PHP_AUTH_PW', $_SERVER);
     }
 }
\ No newline at end of file