Fix errors when request data is a string and tokens are enabled.

Refs #11325

src/TestSuite/IntegrationTestCase.php

@@ -587,14 +587,17 @@ abstract class IntegrationTestCase extends TestCase
 
         $props = [
             'url' => $url,
-            'post' => $this->_addTokens($tokenUrl, $data),
-            'cookies' => $this->_cookie,
             'session' => $session,
             'query' => $queryData
         ];
         if (is_string($data)) {
             $props['input'] = $data;
         }
+        if (!isset($props['input'])) {
+            $props['post'] = $this->_addTokens($tokenUrl, $data);
+        }
+        $props['cookies'] = $this->_cookie;
+
         $env = [
             'REQUEST_METHOD' => $method,
             'QUERY_STRING' => $query,

tests/TestCase/TestSuite/IntegrationTestCaseTest.php

@@ -362,6 +362,21 @@ class IntegrationTestCaseTest extends IntegrationTestCase
     }
 
     /**
+     * Test that the PSR7 requests receive encoded data.
+     *
+     * @return void
+     */
+    public function testInputDataSecurityToken()
+    {
+        $this->useHttpServer(true);
+        $this->enableSecurityToken();
+
+        $this->post('/request_action/input_test', '{"hello":"world"}');
+        $this->assertSame('world', '' . $this->_response->getBody());
+        $this->assertHeader('X-Middleware', 'true');
+    }
+
+    /**
      * Test that the PSR7 requests get cookies
      *
      * @return void