From 9d9aadb80fbccab9ba536ca7c148f627832e6150 Mon Sep 17 00:00:00 2001
From: Rob Winch <rwinch@users.noreply.github.com>
Date: Wed, 12 Apr 2017 15:51:26 -0500
Subject: [PATCH] Fix DefaultSavedRequestMixinTests with Spring 5

Previously DefaultSavedRequestMixinTests
serializeDefaultRequestBuildWithConstructorTest broke in Spring 5
because Spring 5's MockHttpServletRequest.setCookie now automatically adds
the Cookie header.

This commit ensures that the Cookie header is not added by overriding the
class we are writing.

Fixes gh-4272
---
 .../web/jackson2/DefaultSavedRequestMixinTests.java  | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/web/src/test/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixinTests.java b/web/src/test/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixinTests.java
index 373530b4a4..9fcab70220 100644
--- a/web/src/test/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixinTests.java
+++ b/web/src/test/java/org/springframework/security/web/jackson2/DefaultSavedRequestMixinTests.java
@@ -21,6 +21,8 @@ import java.util.Collections;
 import java.util.Locale;
 
 import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
 
 import org.json.JSONException;
 import org.junit.Test;
@@ -92,9 +94,15 @@ public class DefaultSavedRequestMixinTests extends AbstractMixinTests {
 	@Test
 	public void serializeDefaultRequestBuildWithConstructorTest() throws IOException, JSONException {
 		MockHttpServletRequest request = new MockHttpServletRequest();
-		request.setCookies(new Cookie("SESSION", "123456789"));
 		request.addHeader("x-auth-token", "12");
-		String actualString = mapper.writerWithDefaultPrettyPrinter().writeValueAsString(new DefaultSavedRequest(request, new PortResolverImpl()));
+		// Spring 5 MockHttpServletRequest automatically adds a header when the cookies are set. To get consistency we override the request.
+		HttpServletRequest requestToWrite = new HttpServletRequestWrapper(request) {
+			@Override
+			public Cookie[] getCookies() {
+				return new Cookie[] { new Cookie("SESSION", "123456789") };
+			}
+		};
+		String actualString = mapper.writerWithDefaultPrettyPrinter().writeValueAsString(new DefaultSavedRequest(requestToWrite, new PortResolverImpl()));
 		JSONAssert.assertEquals(REQUEST_JSON, actualString, true);
 	}