feat: add public method to regenerate CSRF token

Author: kenjis

system/Security/Security.php

@@ -528,9 +528,9 @@ private function restoreHash(): void
     }
 
     /**
-     * Generates (Regenerate) the CSRF Hash.
+     * Generates (Regenerates) the CSRF Hash.
      */
-    protected function generateHash(): string
+    public function generateHash(): string
     {
         $this->hash = bin2hex(random_bytes(static::CSRF_HASH_BYTES));
 

tests/system/Security/SecurityTest.php

@@ -243,6 +243,32 @@ public function testRegenerateWithFalseSecurityRegenerateProperty()
         $this->assertSame($oldHash, $newHash);
     }
 
+    public function testRegenerateWithFalseSecurityRegeneratePropertyManually()
+    {
+        $_SERVER['REQUEST_METHOD']   = 'POST';
+        $_POST['csrf_test_name']     = '8b9218a55906f9dcc1dc263dce7f005a';
+        $_COOKIE['csrf_cookie_name'] = '8b9218a55906f9dcc1dc263dce7f005a';
+
+        $config             = new SecurityConfig();
+        $config->regenerate = false;
+        Factories::injectMock('config', 'Security', $config);
+
+        $security = new MockSecurity(new MockAppConfig());
+        $request  = new IncomingRequest(
+            new MockAppConfig(),
+            new URI('http://badurl.com'),
+            null,
+            new UserAgent()
+        );
+
+        $oldHash = $security->getHash();
+        $security->verify($request);
+        $security->generateHash();
+        $newHash = $security->getHash();
+
+        $this->assertNotSame($oldHash, $newHash);
+    }
+
     public function testRegenerateWithTrueSecurityRegenerateProperty()
     {
         $_SERVER['REQUEST_METHOD']   = 'POST';