diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.groovy index 8f95a220aa..115b331031 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.groovy @@ -237,6 +237,7 @@ class CsrfConfigurerTests extends BaseSpringSpec { setup: CsrfTokenRepositoryConfig.repo = Mock(CsrfTokenRepository) (1.._) * CsrfTokenRepositoryConfig.repo.loadToken(_) >> csrfToken + (1.._) * CsrfTokenRepositoryConfig.repo.generateToken(_) >> csrfToken loadConfig(CsrfTokenRepositoryConfig) request.method = "POST" request.getSession() @@ -391,6 +392,7 @@ class CsrfConfigurerTests extends BaseSpringSpec { def "csrf disables POST requests from RequestCache"() { setup: CsrfDisablesPostRequestFromRequestCacheConfig.repo = Mock(CsrfTokenRepository) + (1.._) * CsrfDisablesPostRequestFromRequestCacheConfig.repo.generateToken(_) >> csrfToken loadConfig(CsrfDisablesPostRequestFromRequestCacheConfig) request.servletPath = "/some-url" request.requestURI = "/some-url" @@ -417,6 +419,7 @@ class CsrfConfigurerTests extends BaseSpringSpec { def "csrf enables GET requests with RequestCache"() { setup: CsrfDisablesPostRequestFromRequestCacheConfig.repo = Mock(CsrfTokenRepository) + (1.._) * CsrfDisablesPostRequestFromRequestCacheConfig.repo.generateToken(_) >> csrfToken loadConfig(CsrfDisablesPostRequestFromRequestCacheConfig) request.servletPath = "/some-url" request.requestURI = "/some-url" diff --git a/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy index 09902f05b0..6b878517b0 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy @@ -119,6 +119,7 @@ class CsrfConfigTests extends AbstractHttpConfigTests { CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) request.setParameter(token.parameterName,token.token) request.servletPath = "/some-url" request.requestURI = "/some-url" @@ -153,6 +154,7 @@ class CsrfConfigTests extends AbstractHttpConfigTests { CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) request.setParameter(token.parameterName,token.token) request.servletPath = "/some-url" request.requestURI = "/some-url" @@ -252,6 +254,7 @@ class CsrfConfigTests extends AbstractHttpConfigTests { CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) request.setParameter(token.parameterName,token.token) request.method = "POST" request.setParameter("j_username","user")