Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create the CSRF token on the bounded elactic scheduler 

The CSRF token is generated by UUID.randomUUID() which is I/O blocking operation.
This commit changes the subscriber thread to the bounded elactic scheduler.

Closes gh-9018
This commit is contained in:
Tomoki Tsubaki 2020-09-16 21:52:26 +09:00 committed by Josh Cummings
parent 57c5ec26e7
commit 2c297fbd63
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
web/src/main/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepository.java
View File

@ -19,6 +19,7 @@ package org.springframework.security.web.server.csrf;
import java.util.UUID;
import reactor.core.publisher.Mono;
import reactor.core.scheduler.Schedulers;
import org.springframework.http.HttpCookie;
import org.springframework.http.ResponseCookie;
@ -67,7 +68,7 @@ public final class CookieServerCsrfTokenRepository implements ServerCsrfTokenRep
@Override
public Mono<CsrfToken> generateToken(ServerWebExchange exchange) {
return Mono.fromCallable(this::createCsrfToken);
return Mono.fromCallable(this::createCsrfToken).subscribeOn(Schedulers.boundedElastic());
}
@Override