Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 14:52:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create the CSRF token on the bounded elactic scheduler

Browse Source 
The CSRF token is generated by UUID.randomUUID() which is I/O blocking operation.
This commit changes the subscriber thread to the bounded elactic scheduler.

Closes gh-9018
This commit is contained in:
Tomoki Tsubaki 2020-09-16 21:52:26 +09:00 committed by Josh Cummings
parent 4f849de399
commit e44471331b
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
web/src/main/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepository.java
View File

@ -26,6 +26,7 @@ import org.springframework.util.StringUtils;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
import reactor.core.scheduler.Schedulers;
/**
* A {@link ServerCsrfTokenRepository} that persists the CSRF token in a cookie named "XSRF-TOKEN" and
@ -62,7 +63,7 @@ public final class CookieServerCsrfTokenRepository implements ServerCsrfTokenRep
@Override
public Mono<CsrfToken> generateToken(ServerWebExchange exchange) {
return Mono.fromCallable(this::createCsrfToken);
return Mono.fromCallable(this::createCsrfToken).subscribeOn(Schedulers.boundedElastic());
}
@Override