LazyCsrfTokenRepository#loadToken Supports Deferring Delegation
Previously LazyCsrfTokenRepository supported lazily saving the CsrfToken which allowed for lazily saving the CsrfToken. However, it did not support lazily reading the CsrfToken. This meant every request required reading the CsrfToken (often the HttpSession). This commit allows for lazily reading the CsrfToken and thus prevents unnecessary reads to the HttpSession. Closes gh-11700
This commit is contained in:
@@ -31,6 +31,7 @@ import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.verifyNoInteractions;
|
||||
import static org.mockito.Mockito.verifyZeroInteractions;
|
||||
|
||||
/**
|
||||
@@ -98,4 +99,15 @@ public class LazyCsrfTokenRepositoryTests {
|
||||
verify(this.delegate).loadToken(this.request);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void loadTokenWhenDeferLoadToken() {
|
||||
given(this.delegate.loadToken(this.request)).willReturn(this.token);
|
||||
this.repository.setDeferLoadToken(true);
|
||||
CsrfToken loadToken = this.repository.loadToken(this.request);
|
||||
verifyNoInteractions(this.delegate);
|
||||
assertThat(loadToken.getToken()).isEqualTo(this.token.getToken());
|
||||
assertThat(loadToken.getHeaderName()).isEqualTo(this.token.getHeaderName());
|
||||
assertThat(loadToken.getParameterName()).isEqualTo(this.token.getParameterName());
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user