Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-01 09:42:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix tests in CsrfConfigurerTests

Browse Source 
Closes gh-12241
This commit is contained in:
Steve Riesenberg 2022-11-18 14:55:51 -06:00
parent 5da78f44f2
commit dd9f954ace
No known key found for this signature in database
GPG Key ID: 5F311AB48A55D521
1 changed files with 6 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
config/src/test/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.java
View File

@ -521,8 +521,7 @@ public class CsrfConfigurerTests {
} }
@Test @Test
public void loginWhenFormLoginAndCookieCsrfTokenRepositorySetAndExistingTokenThenRemovesAndGeneratesNewToken() public void loginWhenFormLoginAndCookieCsrfTokenRepositorySetAndExistingTokenThenRemoves() throws Exception {
throws Exception {
CsrfToken csrfToken = new DefaultCsrfToken("X-XSRF-TOKEN", "_csrf", "token"); CsrfToken csrfToken = new DefaultCsrfToken("X-XSRF-TOKEN", "_csrf", "token");
Cookie existingCookie = new Cookie("XSRF-TOKEN", csrfToken.getToken()); Cookie existingCookie = new Cookie("XSRF-TOKEN", csrfToken.getToken());
CookieCsrfTokenRepository csrfTokenRepository = CookieCsrfTokenRepository.withHttpOnlyFalse(); CookieCsrfTokenRepository csrfTokenRepository = CookieCsrfTokenRepository.withHttpOnlyFalse();
@ -541,13 +540,12 @@ public class CsrfConfigurerTests {
MvcResult mvcResult = this.mvc.perform(loginRequest).andExpect(redirectedUrl("/")).andReturn(); MvcResult mvcResult = this.mvc.perform(loginRequest).andExpect(redirectedUrl("/")).andReturn();
List<Cookie> cookies = Arrays.asList(mvcResult.getResponse().getCookies()); List<Cookie> cookies = Arrays.asList(mvcResult.getResponse().getCookies());
cookies.removeIf((cookie) -> !cookie.getName().equalsIgnoreCase(existingCookie.getName())); cookies.removeIf((cookie) -> !cookie.getName().equalsIgnoreCase(existingCookie.getName()));
assertThat(cookies).hasSize(2); assertThat(cookies).hasSize(1);
assertThat(cookies.get(0).getValue()).isEmpty(); assertThat(cookies.get(0).getValue()).isEmpty();
assertThat(cookies.get(1).getValue()).isNotEmpty();
} }
@Test @Test
public void postWhenHttpBasicAndCookieCsrfTokenRepositorySetAndExistingTokenThenRemovesAndGeneratesNewToken() public void postWhenHttpBasicAndCookieCsrfTokenRepositorySetAndExistingTokenThenDoesNotGenerateNewToken()
throws Exception { throws Exception {
CsrfToken csrfToken = new DefaultCsrfToken("X-XSRF-TOKEN", "_csrf", "token"); CsrfToken csrfToken = new DefaultCsrfToken("X-XSRF-TOKEN", "_csrf", "token");
Cookie existingCookie = new Cookie("XSRF-TOKEN", csrfToken.getToken()); Cookie existingCookie = new Cookie("XSRF-TOKEN", csrfToken.getToken());
@ -569,13 +567,11 @@ public class CsrfConfigurerTests {
// @formatter:on // @formatter:on
List<Cookie> cookies = Arrays.asList(mvcResult.getResponse().getCookies()); List<Cookie> cookies = Arrays.asList(mvcResult.getResponse().getCookies());
cookies.removeIf((cookie) -> !cookie.getName().equalsIgnoreCase(existingCookie.getName())); cookies.removeIf((cookie) -> !cookie.getName().equalsIgnoreCase(existingCookie.getName()));
assertThat(cookies).hasSize(2); assertThat(cookies).isEmpty();
assertThat(cookies.get(0).getValue()).isEmpty();
assertThat(cookies.get(1).getValue()).isNotEmpty();
} }
@Test @Test
public void getWhenHttpBasicAndCookieCsrfTokenRepositorySetAndNoExistingCookieThenGeneratesNewToken() public void getWhenHttpBasicAndCookieCsrfTokenRepositorySetAndNoExistingCookieThenDoesNotGenerateNewToken()
throws Exception { throws Exception {
CsrfToken csrfToken = new DefaultCsrfToken("X-XSRF-TOKEN", "_csrf", "token"); CsrfToken csrfToken = new DefaultCsrfToken("X-XSRF-TOKEN", "_csrf", "token");
Cookie expectedCookie = new Cookie("XSRF-TOKEN", csrfToken.getToken()); Cookie expectedCookie = new Cookie("XSRF-TOKEN", csrfToken.getToken());
@ -596,8 +592,7 @@ public class CsrfConfigurerTests {
// @formatter:on // @formatter:on
List<Cookie> cookies = Arrays.asList(mvcResult.getResponse().getCookies()); List<Cookie> cookies = Arrays.asList(mvcResult.getResponse().getCookies());
cookies.removeIf((cookie) -> !cookie.getName().equalsIgnoreCase(expectedCookie.getName())); cookies.removeIf((cookie) -> !cookie.getName().equalsIgnoreCase(expectedCookie.getName()));
assertThat(cookies).hasSize(1); assertThat(cookies).isEmpty();
assertThat(cookies.get(0).getValue()).isNotEmpty();
} }
@Configuration @Configuration