Fix CsrfWebFilter error message when expected CSRF not found

Closes gh-9337

web/src/main/java/org/springframework/security/web/server/csrf/CsrfWebFilter.java

@@ -133,7 +133,7 @@ public class CsrfWebFilter implements WebFilter {
 
 	private Mono<Void> validateToken(ServerWebExchange exchange) {
 		return this.csrfTokenRepository.loadToken(exchange)
-			.switchIfEmpty(Mono.defer(() -> Mono.error(new CsrfException("CSRF Token has been associated to this client"))))
+			.switchIfEmpty(Mono.defer(() -> Mono.error(new CsrfException("An expected CSRF token cannot be found"))))
 			.filterWhen(expected -> containsValidCsrfToken(exchange, expected))
 			.switchIfEmpty(Mono.defer(() -> Mono.error(new CsrfException("Invalid CSRF Token"))))
 			.then();

web/src/test/java/org/springframework/security/web/server/csrf/CsrfWebFilterTests.java

@@ -65,8 +65,7 @@ public class CsrfWebFilterTests {
 	private MockServerWebExchange get = from(
 		MockServerHttpRequest.get("/"));
 
-	private ServerWebExchange post = from(
+	private MockServerWebExchange post = MockServerWebExchange.from(MockServerHttpRequest.post("/"));
-		MockServerHttpRequest.post("/"));
 
 	@Test
 	public void filterWhenGetThenSessionNotCreatedAndChainContinues() {
@@ -110,6 +109,8 @@ public class CsrfWebFilterTests {
 			.verifyComplete();
 
 		assertThat(this.post.getResponse().getStatusCode()).isEqualTo(HttpStatus.FORBIDDEN);
+		StepVerifier.create(this.post.getResponse().getBodyAsString())
+				.assertNext(b -> assertThat(b).contains("An expected CSRF token cannot be found"));
 	}
 
 	@Test