From d2fd85271165857f85e25aaf67bab9ee50b0380f Mon Sep 17 00:00:00 2001 From: Rob Winch Date: Tue, 24 Feb 2015 17:53:39 -0600 Subject: [PATCH] SEC-2832: Fix config tests --- .../annotation/web/configurers/CsrfConfigurerTests.groovy | 3 +++ .../security/config/http/CsrfConfigTests.groovy | 3 +++ 2 files changed, 6 insertions(+) diff --git a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.groovy b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.groovy index d42b4d20ef..326883e8db 100644 --- a/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.groovy @@ -232,6 +232,7 @@ class CsrfConfigurerTests extends BaseSpringSpec { setup: CsrfTokenRepositoryConfig.repo = Mock(CsrfTokenRepository) (1.._) * CsrfTokenRepositoryConfig.repo.loadToken(_) >> csrfToken + (1.._) * CsrfTokenRepositoryConfig.repo.generateToken(_) >> csrfToken loadConfig(CsrfTokenRepositoryConfig) request.method = "POST" request.getSession() @@ -381,6 +382,7 @@ class CsrfConfigurerTests extends BaseSpringSpec { def "csrf disables POST requests from RequestCache"() { setup: CsrfDisablesPostRequestFromRequestCacheConfig.repo = Mock(CsrfTokenRepository) + (1.._) * CsrfDisablesPostRequestFromRequestCacheConfig.repo.generateToken(_) >> csrfToken loadConfig(CsrfDisablesPostRequestFromRequestCacheConfig) request.servletPath = "/some-url" request.requestURI = "/some-url" @@ -407,6 +409,7 @@ class CsrfConfigurerTests extends BaseSpringSpec { def "csrf enables GET requests with RequestCache"() { setup: CsrfDisablesPostRequestFromRequestCacheConfig.repo = Mock(CsrfTokenRepository) + (1.._) * CsrfDisablesPostRequestFromRequestCacheConfig.repo.generateToken(_) >> csrfToken loadConfig(CsrfDisablesPostRequestFromRequestCacheConfig) request.servletPath = "/some-url" request.requestURI = "/some-url" diff --git a/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy b/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy index c1ec6ca659..9c9b7b8725 100644 --- a/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy +++ b/config/src/test/groovy/org/springframework/security/config/http/CsrfConfigTests.groovy @@ -144,6 +144,7 @@ class CsrfConfigTests extends AbstractHttpConfigTests { CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) request.setParameter(token.parameterName,token.token) request.servletPath = "/some-url" request.requestURI = "/some-url" @@ -178,6 +179,7 @@ class CsrfConfigTests extends AbstractHttpConfigTests { CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) request.setParameter(token.parameterName,token.token) request.servletPath = "/some-url" request.requestURI = "/some-url" @@ -277,6 +279,7 @@ class CsrfConfigTests extends AbstractHttpConfigTests { CsrfTokenRepository repo = appContext.getBean("repo",CsrfTokenRepository) CsrfToken token = new DefaultCsrfToken("X-CSRF-TOKEN","_csrf", "abc") when(repo.loadToken(any(HttpServletRequest))).thenReturn(token) + when(repo.generateToken(any(HttpServletRequest))).thenReturn(token) request.setParameter(token.parameterName,token.token) request.method = "POST" request.setParameter("username","user")