GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Fix tests for deferred CSRF tokens 

Issue gh-4001
pull/11964/head
Steve Riesenberg 3 years ago
parent
521cdfd738
commit
ee9449dbfe
No known key found for this signature in database
GPG Key ID: 5F311AB48A55D521
1 changed files with 10 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      web/src/test/java/org/springframework/security/web/csrf/XorCsrfTokenRequestAttributeHandlerTests.java

15
web/src/test/java/org/springframework/security/web/csrf/XorCsrfTokenRequestAttributeHandlerTests.java
Unescape View File

@ -105,9 +105,11 @@ public class XorCsrfTokenRequestAttributeHandlerTests { @@ -105,9 +105,11 @@ public class XorCsrfTokenRequestAttributeHandlerTests {
@Test
public void handleWhenCsrfTokenIsNullThenThrowsIllegalStateException() {
this.handler.handle(this.request, this.response, () -> null);
CsrfToken csrfTokenAttribute = (CsrfToken) this.request.getAttribute("_csrf");
// @formatter:off
assertThatIllegalStateException()
.isThrownBy(() -> this.handler.handle(this.request, this.response, () -> null))
.isThrownBy(csrfTokenAttribute::getToken)
.withMessage("csrfToken supplier returned null");
// @formatter:on
}
@ -128,8 +130,12 @@ public class XorCsrfTokenRequestAttributeHandlerTests { @@ -128,8 +130,12 @@ public class XorCsrfTokenRequestAttributeHandlerTests {
@Test
public void handleWhenSecureRandomSetThenUsed() {
willAnswer(fillByteArray()).given(this.secureRandom).nextBytes(anyByteArray());
this.handler.setSecureRandom(this.secureRandom);
this.handler.handle(this.request, this.response, () -> this.token);
CsrfToken csrfTokenAttribute = (CsrfToken) this.request.getAttribute(CsrfToken.class.getName());
assertThat(csrfTokenAttribute.getToken()).isEqualTo(XOR_CSRF_TOKEN_VALUE);
verify(this.secureRandom).nextBytes(anyByteArray());
verifyNoMoreInteractions(this.secureRandom);
}
@ -140,12 +146,11 @@ public class XorCsrfTokenRequestAttributeHandlerTests { @@ -140,12 +146,11 @@ public class XorCsrfTokenRequestAttributeHandlerTests {
this.handler.setSecureRandom(this.secureRandom);
this.handler.handle(this.request, this.response, () -> this.token);
verify(this.secureRandom).nextBytes(anyByteArray());
assertThat(this.request.getAttribute(CsrfToken.class.getName())).isNotNull();
assertThat(this.request.getAttribute(this.token.getParameterName())).isNotNull();
CsrfToken csrfTokenAttribute = (CsrfToken) this.request.getAttribute(CsrfToken.class.getName());
assertThat(csrfTokenAttribute.getToken()).isEqualTo(XOR_CSRF_TOKEN_VALUE);
verify(this.secureRandom).nextBytes(anyByteArray());
assertThat(this.request.getAttribute(CsrfToken.class.getName())).isNotNull();
assertThat(this.request.getAttribute("_csrf")).isNotNull();
}
@Test

Write Preview
Loading…
Cancel
Save