From 8ef2fc3837f6081952922b15645dff32eb9d89e2 Mon Sep 17 00:00:00 2001 From: Josh Cummings Date: Mon, 5 Dec 2022 10:50:49 -0700 Subject: [PATCH] Format Issue gh-12086 --- .../web/csrf/CookieCsrfTokenRepository.java | 20 ++++++------ .../csrf/CookieServerCsrfTokenRepository.java | 11 ++++--- .../csrf/CookieCsrfTokenRepositoryTests.java | 31 ++++++++++--------- .../CookieServerCsrfTokenRepositoryTests.java | 14 ++++----- 4 files changed, 40 insertions(+), 36 deletions(-) diff --git a/web/src/main/java/org/springframework/security/web/csrf/CookieCsrfTokenRepository.java b/web/src/main/java/org/springframework/security/web/csrf/CookieCsrfTokenRepository.java index 72adba529e..dd3b447290 100644 --- a/web/src/main/java/org/springframework/security/web/csrf/CookieCsrfTokenRepository.java +++ b/web/src/main/java/org/springframework/security/web/csrf/CookieCsrfTokenRepository.java @@ -15,6 +15,7 @@ */ package org.springframework.security.web.csrf; + import java.util.UUID; import java.util.function.Consumer; @@ -65,11 +66,12 @@ public final class CookieCsrfTokenRepository implements CsrfTokenRepository { private int cookieMaxAge = -1; - private Consumer cookieCustomizer = (builder) -> {}; + private Consumer cookieCustomizer = (builder) -> { + }; /** - * Add a {@link Consumer} for a {@code ResponseCookieBuilder} that will be invoked - * for each cookie being built, just before the call to {@code build()}. + * Add a {@link Consumer} for a {@code ResponseCookieBuilder} that will be invoked for + * each cookie being built, just before the call to {@code build()}. * @param cookieCustomizer consumer for a cookie builder * @since 6.1 */ @@ -88,10 +90,9 @@ public final class CookieCsrfTokenRepository implements CsrfTokenRepository { String tokenValue = (token != null) ? token.getToken() : ""; ResponseCookie.ResponseCookieBuilder cookieBuilder = ResponseCookie.from(this.cookieName, tokenValue) - .secure(this.secure != null ? this.secure : request.isSecure()) + .secure((this.secure != null) ? this.secure : request.isSecure()) .path(StringUtils.hasLength(this.cookiePath) ? this.cookiePath : this.getRequestContext(request)) - .maxAge(token != null ? this.cookieMaxAge : 0) - .httpOnly(this.cookieHttpOnly) + .maxAge((token != null) ? this.cookieMaxAge : 0).httpOnly(this.cookieHttpOnly) .domain(this.cookieDomain); this.cookieCustomizer.accept(cookieBuilder); @@ -203,8 +204,8 @@ public final class CookieCsrfTokenRepository implements CsrfTokenRepository { } /** - * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. * @since 5.2 + * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. */ @Deprecated(since = "6.1") public void setCookieDomain(String cookieDomain) { @@ -212,8 +213,8 @@ public final class CookieCsrfTokenRepository implements CsrfTokenRepository { } /** - * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. * @since 5.4 + * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. */ @Deprecated(since = "6.1") public void setSecure(Boolean secure) { @@ -221,12 +222,13 @@ public final class CookieCsrfTokenRepository implements CsrfTokenRepository { } /** - * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. * @since 5.5 + * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. */ @Deprecated(since = "6.1") public void setCookieMaxAge(int cookieMaxAge) { Assert.isTrue(cookieMaxAge != 0, "cookieMaxAge cannot be zero"); this.cookieMaxAge = cookieMaxAge; } + } diff --git a/web/src/main/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepository.java b/web/src/main/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepository.java index add90288e0..fcce394733 100644 --- a/web/src/main/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepository.java +++ b/web/src/main/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepository.java @@ -62,11 +62,12 @@ public final class CookieServerCsrfTokenRepository implements ServerCsrfTokenRep private int cookieMaxAge = -1; - private Consumer cookieCustomizer = (builder) -> {}; + private Consumer cookieCustomizer = (builder) -> { + }; /** - * Add a {@link Consumer} for a {@code ResponseCookieBuilder} that will be invoked - * for each cookie being built, just before the call to {@code build()}. + * Add a {@link Consumer} for a {@code ResponseCookieBuilder} that will be invoked for + * each cookie being built, just before the call to {@code build()}. * @param cookieCustomizer consumer for a cookie builder * @since 6.1 */ @@ -175,8 +176,8 @@ public final class CookieServerCsrfTokenRepository implements ServerCsrfTokenRep } /** - * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. * @since 5.5 + * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. */ @Deprecated(since = "6.1") public void setSecure(boolean secure) { @@ -184,8 +185,8 @@ public final class CookieServerCsrfTokenRepository implements ServerCsrfTokenRep } /** - * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. * @since 5.8 + * @deprecated Use {@link #setCookieCustomizer(Consumer)} instead. */ @Deprecated(since = "6.1") public void setCookieMaxAge(int cookieMaxAge) { diff --git a/web/src/test/java/org/springframework/security/web/csrf/CookieCsrfTokenRepositoryTests.java b/web/src/test/java/org/springframework/security/web/csrf/CookieCsrfTokenRepositoryTests.java index c3720b61b8..9c6cbc214b 100644 --- a/web/src/test/java/org/springframework/security/web/csrf/CookieCsrfTokenRepositoryTests.java +++ b/web/src/test/java/org/springframework/security/web/csrf/CookieCsrfTokenRepositoryTests.java @@ -42,7 +42,7 @@ class CookieCsrfTokenRepositoryTests { MockHttpServletRequest request; @BeforeEach - public void setup() { + void setup() { this.repository = new CookieCsrfTokenRepository(); this.request = new MockHttpServletRequest(); this.response = new MockHttpServletResponse(); @@ -106,7 +106,7 @@ class CookieCsrfTokenRepositoryTests { @Test void saveTokenSecureFlagTrueUsingCustomizer() { this.request.setSecure(false); - this.repository.setCookieCustomizer(customizer -> customizer.secure(Boolean.TRUE)); + this.repository.setCookieCustomizer((customizer) -> customizer.secure(Boolean.TRUE)); CsrfToken token = this.repository.generateToken(this.request); this.repository.saveToken(token, this.request, this.response); Cookie tokenCookie = this.response.getCookie(CookieCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME); @@ -126,7 +126,7 @@ class CookieCsrfTokenRepositoryTests { @Test void saveTokenSecureFlagFalseUsingCustomizer() { this.request.setSecure(true); - this.repository.setCookieCustomizer(customizer -> customizer.secure(Boolean.FALSE)); + this.repository.setCookieCustomizer((customizer) -> customizer.secure(Boolean.FALSE)); CsrfToken token = this.repository.generateToken(this.request); this.repository.saveToken(token, this.request, this.response); Cookie tokenCookie = this.response.getCookie(CookieCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME); @@ -156,7 +156,7 @@ class CookieCsrfTokenRepositoryTests { @Test void saveTokenHttpOnlyTrueUsingCustomizer() { - this.repository.setCookieCustomizer(customizer -> customizer.httpOnly(true)); + this.repository.setCookieCustomizer((customizer) -> customizer.httpOnly(true)); CsrfToken token = this.repository.generateToken(this.request); this.repository.saveToken(token, this.request, this.response); Cookie tokenCookie = this.response.getCookie(CookieCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME); @@ -174,7 +174,7 @@ class CookieCsrfTokenRepositoryTests { @Test void saveTokenHttpOnlyFalseUsingCustomizer() { - this.repository.setCookieCustomizer(customizer -> customizer.httpOnly(false)); + this.repository.setCookieCustomizer((customizer) -> customizer.httpOnly(false)); CsrfToken token = this.repository.generateToken(this.request); this.repository.saveToken(token, this.request, this.response); Cookie tokenCookie = this.response.getCookie(CookieCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME); @@ -233,7 +233,7 @@ class CookieCsrfTokenRepositoryTests { @Test void saveTokenWithCookieDomainUsingCustomizer() { String domainName = "example.com"; - this.repository.setCookieCustomizer(customizer -> customizer.domain(domainName)); + this.repository.setCookieCustomizer((customizer) -> customizer.domain(domainName)); CsrfToken token = this.repository.generateToken(this.request); this.repository.saveToken(token, this.request, this.response); Cookie tokenCookie = this.response.getCookie(CookieCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME); @@ -253,7 +253,7 @@ class CookieCsrfTokenRepositoryTests { @Test void saveTokenWithCookieMaxAgeUsingCustomizer() { int maxAge = 1200; - this.repository.setCookieCustomizer(customizer -> customizer.maxAge(maxAge)); + this.repository.setCookieCustomizer((customizer) -> customizer.maxAge(maxAge)); CsrfToken token = this.repository.generateToken(this.request); this.repository.saveToken(token, this.request, this.response); Cookie tokenCookie = this.response.getCookie(CookieCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME); @@ -263,31 +263,31 @@ class CookieCsrfTokenRepositoryTests { @Test void saveTokenWithSameSiteNull() { String sameSitePolicy = null; - this.repository.setCookieCustomizer(customizer -> customizer.sameSite(sameSitePolicy)); + this.repository.setCookieCustomizer((customizer) -> customizer.sameSite(sameSitePolicy)); CsrfToken token = this.repository.generateToken(this.request); this.repository.saveToken(token, this.request, this.response); Cookie tokenCookie = this.response.getCookie(CookieCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME); - assertThat(((MockCookie)tokenCookie).getSameSite()).isNull(); + assertThat(((MockCookie) tokenCookie).getSameSite()).isNull(); } @Test void saveTokenWithSameSiteStrict() { String sameSitePolicy = "Strict"; - this.repository.setCookieCustomizer(customizer -> customizer.sameSite(sameSitePolicy)); + this.repository.setCookieCustomizer((customizer) -> customizer.sameSite(sameSitePolicy)); CsrfToken token = this.repository.generateToken(this.request); this.repository.saveToken(token, this.request, this.response); Cookie tokenCookie = this.response.getCookie(CookieCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME); - assertThat(((MockCookie)tokenCookie).getSameSite()).isEqualTo(sameSitePolicy); + assertThat(((MockCookie) tokenCookie).getSameSite()).isEqualTo(sameSitePolicy); } @Test void saveTokenWithSameSiteLax() { String sameSitePolicy = "Lax"; - this.repository.setCookieCustomizer(customizer -> customizer.sameSite(sameSitePolicy)); + this.repository.setCookieCustomizer((customizer) -> customizer.sameSite(sameSitePolicy)); CsrfToken token = this.repository.generateToken(this.request); this.repository.saveToken(token, this.request, this.response); Cookie tokenCookie = this.response.getCookie(CookieCsrfTokenRepository.DEFAULT_CSRF_COOKIE_NAME); - assertThat(((MockCookie)tokenCookie).getSameSite()).isEqualTo(sameSitePolicy); + assertThat(((MockCookie) tokenCookie).getSameSite()).isEqualTo(sameSitePolicy); } @Test @@ -394,7 +394,7 @@ class CookieCsrfTokenRepositoryTests { String domainName = "example.com"; String customPath = "/custompath"; String sameSitePolicy = "Strict"; - this.repository.setCookieCustomizer(customizer -> { + this.repository.setCookieCustomizer((customizer) -> { customizer.domain(domainName); customizer.secure(false); customizer.path(customPath); @@ -408,7 +408,7 @@ class CookieCsrfTokenRepositoryTests { assertThat(tokenCookie.getDomain()).isEqualTo(domainName); assertThat(tokenCookie.getPath()).isEqualTo(customPath); assertThat(tokenCookie.isHttpOnly()).isEqualTo(Boolean.TRUE); - assertThat(((MockCookie)tokenCookie).getSameSite()).isEqualTo(sameSitePolicy); + assertThat(((MockCookie) tokenCookie).getSameSite()).isEqualTo(sameSitePolicy); } @Test @@ -430,4 +430,5 @@ class CookieCsrfTokenRepositoryTests { void setCookieMaxAgeZeroIllegalArgumentException() { assertThatIllegalArgumentException().isThrownBy(() -> this.repository.setCookieMaxAge(0)); } + } diff --git a/web/src/test/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepositoryTests.java b/web/src/test/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepositoryTests.java index d6e9c167f3..7ecafc546d 100644 --- a/web/src/test/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepositoryTests.java +++ b/web/src/test/java/org/springframework/security/web/server/csrf/CookieServerCsrfTokenRepositoryTests.java @@ -66,7 +66,7 @@ class CookieServerCsrfTokenRepositoryTests { private String expectedSameSitePolicy = null; @BeforeEach - public void setUp() { + void setUp() { this.csrfTokenRepository = new CookieServerCsrfTokenRepository(); this.request = MockServerHttpRequest.get("/someUri"); } @@ -156,7 +156,7 @@ class CookieServerCsrfTokenRepositoryTests { CsrfToken token = createToken(); - this.csrfTokenRepository.setCookieCustomizer(customizer -> { + this.csrfTokenRepository.setCookieCustomizer((customizer) -> { customizer.domain(expectedDomain); customizer.maxAge(expectedMaxAge); customizer.path(expectedPath); @@ -209,7 +209,7 @@ class CookieServerCsrfTokenRepositoryTests { @Test void saveTokenWhenSecureFlagTrueThenSecureUsingCustomizer() { MockServerWebExchange exchange = MockServerWebExchange.from(this.request); - this.csrfTokenRepository.setCookieCustomizer(customizer -> customizer.secure(true)); + this.csrfTokenRepository.setCookieCustomizer((customizer) -> customizer.secure(true)); this.csrfTokenRepository.saveToken(exchange, createToken()).block(); ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName); assertThat(cookie).isNotNull(); @@ -229,7 +229,7 @@ class CookieServerCsrfTokenRepositoryTests { @Test void saveTokenWhenSecureFlagFalseThenNotSecureUsingCustomizer() { MockServerWebExchange exchange = MockServerWebExchange.from(this.request); - this.csrfTokenRepository.setCookieCustomizer(customizer -> customizer.secure(false)); + this.csrfTokenRepository.setCookieCustomizer((customizer) -> customizer.secure(false)); this.csrfTokenRepository.saveToken(exchange, createToken()).block(); ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName); assertThat(cookie).isNotNull(); @@ -251,7 +251,7 @@ class CookieServerCsrfTokenRepositoryTests { void saveTokenWhenSecureFlagFalseAndSslInfoThenNotSecureUsingCustomizer() { MockServerWebExchange exchange = MockServerWebExchange.from(this.request); this.request.sslInfo(new MockSslInfo()); - this.csrfTokenRepository.setCookieCustomizer(customizer -> customizer.secure(false)); + this.csrfTokenRepository.setCookieCustomizer((customizer) -> customizer.secure(false)); this.csrfTokenRepository.saveToken(exchange, createToken()).block(); ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName); assertThat(cookie).isNotNull(); @@ -325,8 +325,8 @@ class CookieServerCsrfTokenRepositoryTests { this.expectedMaxAge = Duration.ofSeconds(expectedCookieMaxAge); } - private void setExpectedSameSitePolicy(String sameSitePolicy){ - this.csrfTokenRepository.setCookieCustomizer(customizer -> customizer.sameSite(sameSitePolicy)); + private void setExpectedSameSitePolicy(String sameSitePolicy) { + this.csrfTokenRepository.setCookieCustomizer((customizer) -> customizer.sameSite(sameSitePolicy)); this.expectedSameSitePolicy = sameSitePolicy; }