Polish matchesRequireCsrfProtectionWhenNonStandardHTTPMethodIsUsed

Issue gh-8149
2025-06-25 13:32:30 +00:00 · 2020-05-11 16:41:59 -05:00 · 2020-05-11 16:41:59 -05:00 · 4473dca022
commit 4473dca022
parent 0f92415395
1 changed files with 7 additions and 10 deletions
--- a/web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java
@ -27,6 +27,7 @@ import org.springframework.http.MediaType;
 import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
 import org.springframework.mock.web.server.MockServerWebExchange;
 import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
+import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher.MatchResult;
 import org.springframework.test.web.reactive.server.WebTestClient;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@ -42,8 +43,6 @@ import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verifyZeroInteractions;
 import static org.mockito.Mockito.when;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.spy;
 import static org.springframework.mock.web.server.MockServerWebExchange.from;
 import static org.springframework.web.reactive.function.BodyInserters.fromMultipartData;

@ -189,15 +188,13 @@ public class CsrfWebFilterTests {
 	}

 	@Test
-	public void matchesRequireCSRFProtectionWhenNonStandardHTTPMethodIsUsed() {
-		final String NON_STANDARD_HTTP_METHOD = "non-standard-http-method";
-		MockServerWebExchange nonStandardHttpRequest = from(MockServerHttpRequest.method(HttpMethod.resolve(NON_STANDARD_HTTP_METHOD), "/"));
+	// gh-8452
+	public void matchesRequireCsrfProtectionWhenNonStandardHTTPMethodIsUsed() {
+		HttpMethod customHttpMethod = HttpMethod.resolve("non-standard-http-method");
+		MockServerWebExchange nonStandardHttpRequest = from(MockServerHttpRequest.method(customHttpMethod, "/"));

-		ServerWebExchangeMatcher serverWebExchangeMatcher = spy(CsrfWebFilter.DEFAULT_CSRF_MATCHER);
-		serverWebExchangeMatcher.matches(nonStandardHttpRequest);
-
-		verify(serverWebExchangeMatcher).matches(nonStandardHttpRequest);
-		assertThat(serverWebExchangeMatcher.matches(nonStandardHttpRequest).block().isMatch()).isTrue();
+		ServerWebExchangeMatcher serverWebExchangeMatcher = CsrfWebFilter.DEFAULT_CSRF_MATCHER;
+		assertThat(serverWebExchangeMatcher.matches(nonStandardHttpRequest).map(MatchResult::isMatch).block()).isTrue();
 	}

 	@Test