Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SEC-2832: Add Tests

This commit is contained in:
Rob Winch 2015-02-24 17:29:07 -06:00
parent 310e5bb285
commit 98ae03fc40
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
web/src/test/java/org/springframework/security/web/csrf/CsrfAuthenticationStrategyTests.java
View File

@ -73,8 +73,15 @@ public class CsrfAuthenticationStrategyTests {
strategy.onAuthentication(new TestingAuthenticationToken("user", "password", "ROLE_USER"), request, response); strategy.onAuthentication(new TestingAuthenticationToken("user", "password", "ROLE_USER"), request, response);
verify(csrfTokenRepository).saveToken(null, request, response); verify(csrfTokenRepository).saveToken(null, request, response);
// SEC-2404
verify(csrfTokenRepository).saveToken(eq(generatedToken), eq(request), eq(response)); verify(csrfTokenRepository).saveToken(eq(generatedToken), eq(request), eq(response));
// SEC-2404, SEC-2832
CsrfToken tokenInRequest = (CsrfToken) request.getAttribute(CsrfToken.class.getName());
assertThat(tokenInRequest.getToken()).isSameAs(generatedToken.getToken());
assertThat(tokenInRequest.getHeaderName()).isSameAs(generatedToken.getHeaderName());
assertThat(tokenInRequest.getParameterName()).isSameAs(generatedToken.getParameterName());
assertThat(request.getAttribute(generatedToken.getParameterName())).isSameAs(tokenInRequest);
}
} }
@Test @Test