Merge branch '5.8.x'

This commit is contained in:
Steve Riesenberg
2022-10-12 13:14:20 -05:00
4 changed files with 72 additions and 10 deletions

View File

@@ -153,16 +153,31 @@ public class XorCsrfTokenRequestAttributeHandlerTests {
assertThat(this.request.getAttribute("_csrf")).isNotNull();
}
@Test
public void handleWhenCsrfTokenRequestedTwiceThenCached() {
this.handler.handle(this.request, this.response, () -> this.token);
CsrfToken csrfTokenAttribute = (CsrfToken) this.request.getAttribute(CsrfToken.class.getName());
assertThat(csrfTokenAttribute.getToken()).isNotEqualTo(this.token.getToken());
assertThat(csrfTokenAttribute.getToken()).isEqualTo(csrfTokenAttribute.getToken());
}
@Test
public void resolveCsrfTokenValueWhenRequestIsNullThenThrowsIllegalArgumentException() {
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.resolveCsrfTokenValue(null, this.token))
// @formatter:off
assertThatIllegalArgumentException()
.isThrownBy(() -> this.handler.resolveCsrfTokenValue(null, this.token))
.withMessage("request cannot be null");
// @formatter:on
}
@Test
public void resolveCsrfTokenValueWhenCsrfTokenIsNullThenThrowsIllegalArgumentException() {
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.resolveCsrfTokenValue(this.request, null))
// @formatter:off
assertThatIllegalArgumentException()
.isThrownBy(() -> this.handler.resolveCsrfTokenValue(this.request, null))
.withMessage("csrfToken cannot be null");
// @formatter:on
}
@Test

View File

@@ -68,20 +68,29 @@ public class XorServerCsrfTokenRequestAttributeHandlerTests {
@Test
public void setSecureRandomWhenNullThenThrowsIllegalArgumentException() {
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.setSecureRandom(null))
// @formatter:off
assertThatIllegalArgumentException()
.isThrownBy(() -> this.handler.setSecureRandom(null))
.withMessage("secureRandom cannot be null");
// @formatter:on
}
@Test
public void handleWhenExchangeIsNullThenThrowsIllegalArgumentException() {
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.handle(null, Mono.just(this.token)))
// @formatter:off
assertThatIllegalArgumentException()
.isThrownBy(() -> this.handler.handle(null, Mono.just(this.token)))
.withMessage("exchange cannot be null");
// @formatter:on
}
@Test
public void handleWhenCsrfTokenIsNullThenThrowsIllegalArgumentException() {
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.handle(this.exchange, null))
// @formatter:off
assertThatIllegalArgumentException()
.isThrownBy(() -> this.handler.handle(this.exchange, null))
.withMessage("csrfToken cannot be null");
// @formatter:on
}
@Test
@@ -110,16 +119,33 @@ public class XorServerCsrfTokenRequestAttributeHandlerTests {
verify(this.secureRandom).nextBytes(anyByteArray());
}
@Test
public void handleWhenCsrfTokenRequestedTwiceThenCached() {
this.handler.handle(this.exchange, Mono.just(this.token));
Mono<CsrfToken> csrfTokenAttribute = this.exchange.getAttribute(CsrfToken.class.getName());
assertThat(csrfTokenAttribute).isNotNull();
CsrfToken csrfToken1 = csrfTokenAttribute.block();
CsrfToken csrfToken2 = csrfTokenAttribute.block();
assertThat(csrfToken1.getToken()).isNotEqualTo(this.token.getToken());
assertThat(csrfToken1.getToken()).isEqualTo(csrfToken2.getToken());
}
@Test
public void resolveCsrfTokenValueWhenExchangeIsNullThenThrowsIllegalArgumentException() {
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.resolveCsrfTokenValue(null, this.token))
// @formatter:off
assertThatIllegalArgumentException()
.isThrownBy(() -> this.handler.resolveCsrfTokenValue(null, this.token))
.withMessage("exchange cannot be null");
// @formatter:on
}
@Test
public void resolveCsrfTokenValueWhenCsrfTokenIsNullThenThrowsIllegalArgumentException() {
assertThatIllegalArgumentException().isThrownBy(() -> this.handler.resolveCsrfTokenValue(this.exchange, null))
// @formatter:off
assertThatIllegalArgumentException()
.isThrownBy(() -> this.handler.resolveCsrfTokenValue(this.exchange, null))
.withMessage("csrfToken cannot be null");
// @formatter:on
}
@Test