mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-07-12 13:23:29 +00:00
Use setCookieCustomizer
Issue gh-14132
This commit is contained in:
Josh Cummings
parent
7f8b9c895f
commit
ee2b826362
@ -131,13 +131,19 @@ class CookieServerCsrfTokenRepositoryTests {
|
||||
|
||||
@Test
|
||||
void saveTokenWhenCustomPropertiesThenCustomProperties() {
|
||||
setExpectedDomain("spring.io");
|
||||
setExpectedCookieName("csrfCookie");
|
||||
setExpectedPath("/some/path");
|
||||
setExpectedHeaderName("headerName");
|
||||
setExpectedParameterName("paramName");
|
||||
setExpectedSameSitePolicy("Strict");
|
||||
setExpectedCookieMaxAge(3600);
|
||||
this.csrfTokenRepository.setCookieCustomizer((cookie) -> {
|
||||
this.expectedPath = "/some/path";
|
||||
cookie.path(this.expectedPath);
|
||||
this.expectedDomain = "spring.io";
|
||||
cookie.domain(this.expectedDomain);
|
||||
this.expectedMaxAge = Duration.ofSeconds(3600);
|
||||
cookie.maxAge(this.expectedMaxAge);
|
||||
this.expectedSameSitePolicy = "Strict";
|
||||
cookie.sameSite(this.expectedSameSitePolicy);
|
||||
});
|
||||
saveAndAssertExpectedValues(createToken());
|
||||
}
|
||||
|
||||
@ -195,16 +201,6 @@ class CookieServerCsrfTokenRepositoryTests {
|
||||
assertThat(cookie.isSecure()).isFalse();
|
||||
}
|
||||
|
||||
@Test
|
||||
void saveTokenWhenSecureFlagTrueThenSecure() {
|
||||
MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
|
||||
this.csrfTokenRepository.setSecure(true);
|
||||
this.csrfTokenRepository.saveToken(exchange, createToken()).block();
|
||||
ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName);
|
||||
assertThat(cookie).isNotNull();
|
||||
assertThat(cookie.isSecure()).isTrue();
|
||||
}
|
||||
|
||||
@Test
|
||||
void saveTokenWhenSecureFlagTrueThenSecureUsingCustomizer() {
|
||||
MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
|
||||
@ -215,16 +211,6 @@ class CookieServerCsrfTokenRepositoryTests {
|
||||
assertThat(cookie.isSecure()).isTrue();
|
||||
}
|
||||
|
||||
@Test
|
||||
void saveTokenWhenSecureFlagFalseThenNotSecure() {
|
||||
MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
|
||||
this.csrfTokenRepository.setSecure(false);
|
||||
this.csrfTokenRepository.saveToken(exchange, createToken()).block();
|
||||
ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName);
|
||||
assertThat(cookie).isNotNull();
|
||||
assertThat(cookie.isSecure()).isFalse();
|
||||
}
|
||||
|
||||
@Test
|
||||
void saveTokenWhenSecureFlagFalseThenNotSecureUsingCustomizer() {
|
||||
MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
|
||||
@ -235,17 +221,6 @@ class CookieServerCsrfTokenRepositoryTests {
|
||||
assertThat(cookie.isSecure()).isFalse();
|
||||
}
|
||||
|
||||
@Test
|
||||
void saveTokenWhenSecureFlagFalseAndSslInfoThenNotSecure() {
|
||||
MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
|
||||
this.request.sslInfo(SslInfo.from("sessionId"));
|
||||
this.csrfTokenRepository.setSecure(false);
|
||||
this.csrfTokenRepository.saveToken(exchange, createToken()).block();
|
||||
ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName);
|
||||
assertThat(cookie).isNotNull();
|
||||
assertThat(cookie.isSecure()).isFalse();
|
||||
}
|
||||
|
||||
@Test
|
||||
void saveTokenWhenSecureFlagFalseAndSslInfoThenNotSecureUsingCustomizer() {
|
||||
MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
|
||||
@ -314,11 +289,6 @@ class CookieServerCsrfTokenRepositoryTests {
|
||||
this.expectedParameterName = expectedParameterName;
|
||||
}
|
||||
|
||||
private void setExpectedDomain(String expectedDomain) {
|
||||
this.csrfTokenRepository.setCookieDomain(expectedDomain);
|
||||
this.expectedDomain = expectedDomain;
|
||||
}
|
||||
|
||||
private void setExpectedPath(String expectedPath) {
|
||||
this.csrfTokenRepository.setCookiePath(expectedPath);
|
||||
this.expectedPath = expectedPath;
|
||||
@ -326,7 +296,7 @@ class CookieServerCsrfTokenRepositoryTests {
|
||||
|
||||
private void setExpectedHttpOnly(boolean expectedHttpOnly) {
|
||||
this.expectedHttpOnly = expectedHttpOnly;
|
||||
this.csrfTokenRepository.setCookieHttpOnly(expectedHttpOnly);
|
||||
this.csrfTokenRepository.setCookieCustomizer((cookie) -> cookie.httpOnly(expectedHttpOnly));
|
||||
}
|
||||
|
||||
private void setExpectedCookieName(String expectedCookieName) {
|
||||
@ -335,7 +305,8 @@ class CookieServerCsrfTokenRepositoryTests {
|
||||
}
|
||||
|
||||
private void setExpectedCookieMaxAge(int expectedCookieMaxAge) {
|
||||
this.csrfTokenRepository.setCookieMaxAge(expectedCookieMaxAge);
|
||||
Duration duration = Duration.ofSeconds(expectedCookieMaxAge);
|
||||
this.csrfTokenRepository.setCookieCustomizer((cookie) -> cookie.maxAge(duration));
|
||||
this.expectedMaxAge = Duration.ofSeconds(expectedCookieMaxAge);
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user