From 548dc4496c8193059bb6d85fea1dc8b07c4edbda Mon Sep 17 00:00:00 2001 From: Denis Washington Date: Tue, 15 Jan 2019 13:56:21 +0100 Subject: [PATCH] Save query parameters in WebSessionServerRequestCache Previously, URL query parameters were lost when saving a request in WebSessionServerRequestCache. Now it is properly saved and restored. Fixes: gh-6421 --- .../savedrequest/WebSessionServerRequestCache.java | 4 +++- .../WebSessionServerRequestCacheTests.java | 10 ++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/web/src/main/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCache.java b/web/src/main/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCache.java index dd74c7112d..bcf73b90d4 100644 --- a/web/src/main/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCache.java +++ b/web/src/main/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCache.java @@ -90,7 +90,9 @@ public class WebSessionServerRequestCache implements ServerRequestCache { } private static String pathInApplication(ServerHttpRequest request) { - return request.getPath().pathWithinApplication().value(); + String path = request.getPath().pathWithinApplication().value(); + String query = request.getURI().getRawQuery(); + return path + (query != null ? "?" + query : ""); } private static ServerWebExchangeMatcher createDefaultRequestMacher() { diff --git a/web/src/test/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCacheTests.java b/web/src/test/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCacheTests.java index 4142f940fe..93c3d84fc0 100644 --- a/web/src/test/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCacheTests.java +++ b/web/src/test/java/org/springframework/security/web/server/savedrequest/WebSessionServerRequestCacheTests.java @@ -44,6 +44,16 @@ public class WebSessionServerRequestCacheTests { assertThat(saved).isEqualTo(exchange.getRequest().getURI()); } + @Test + public void saveRequestGetRequestWithQueryParamsWhenGetThenFound() { + MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/secured/").queryParam("key", "value").accept(MediaType.TEXT_HTML)); + this.cache.saveRequest(exchange).block(); + + URI saved = this.cache.getRedirectUri(exchange).block(); + + assertThat(saved).isEqualTo(exchange.getRequest().getURI()); + } + @Test public void saveRequestGetRequestWhenFaviconThenNotFound() { MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/favicon.png").accept(MediaType.TEXT_HTML));