Example 21 with ResponseCookie
use of org.springframework.http.ResponseCookie in project spring-security by spring-projects.
the class CookieServerCsrfTokenRepositoryTests method saveTokenWhenSslInfoNullThenNotSecure.
@Test
public void saveTokenWhenSslInfoNullThenNotSecure() {
MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
this.csrfTokenRepository.saveToken(exchange, createToken()).block();
ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName);
assertThat(cookie).isNotNull();
assertThat(cookie.isSecure()).isFalse();
}
Also used :
MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange)
ResponseCookie(org.springframework.http.ResponseCookie)
Test(org.junit.jupiter.api.Test)
Example 22 with ResponseCookie
use of org.springframework.http.ResponseCookie in project spring-security by spring-projects.
the class CookieServerCsrfTokenRepositoryTests method saveTokenWhenSecureFlagFalseAndSslInfoThenNotSecure.
@Test
public void saveTokenWhenSecureFlagFalseAndSslInfoThenNotSecure() {
MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
this.request.sslInfo(new MockSslInfo());
this.csrfTokenRepository.setSecure(false);
this.csrfTokenRepository.saveToken(exchange, createToken()).block();
ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName);
assertThat(cookie).isNotNull();
assertThat(cookie.isSecure()).isFalse();
}
Also used :
MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange)
ResponseCookie(org.springframework.http.ResponseCookie)
Test(org.junit.jupiter.api.Test)
Example 23 with ResponseCookie
use of org.springframework.http.ResponseCookie in project spring-security by spring-projects.
the class CookieServerCsrfTokenRepositoryTests method saveTokenWhenSecureFlagTrueThenSecure.
@Test
public void saveTokenWhenSecureFlagTrueThenSecure() {
MockServerWebExchange exchange = MockServerWebExchange.from(this.request);
this.csrfTokenRepository.setSecure(true);
this.csrfTokenRepository.saveToken(exchange, createToken()).block();
ResponseCookie cookie = exchange.getResponse().getCookies().getFirst(this.expectedCookieName);
assertThat(cookie).isNotNull();
assertThat(cookie.isSecure()).isTrue();
}
Also used :
MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange)
ResponseCookie(org.springframework.http.ResponseCookie)
Test(org.junit.jupiter.api.Test)
Example 24 with ResponseCookie
use of org.springframework.http.ResponseCookie in project spring-security by spring-projects.
the class CookieServerRequestCacheTests method saveRequestWhenPostRequestAndCustomMatcherThenRequestUriInCookie.
@Test
public void saveRequestWhenPostRequestAndCustomMatcherThenRequestUriInCookie() {
this.cache.setSaveRequestMatcher((e) -> ServerWebExchangeMatcher.MatchResult.match());
MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.post("/secured/"));
this.cache.saveRequest(exchange).block();
MultiValueMap<String, ResponseCookie> cookies = exchange.getResponse().getCookies();
ResponseCookie cookie = cookies.getFirst("REDIRECT_URI");
assertThat(cookie).isNotNull();
String encodedRedirectUrl = Base64.getEncoder().encodeToString("/secured/".getBytes());
assertThat(cookie.toString()).isEqualTo("REDIRECT_URI=" + encodedRedirectUrl + "; Path=/; HttpOnly; SameSite=Lax");
}
Also used :
MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange)
ResponseCookie(org.springframework.http.ResponseCookie)
Test(org.junit.jupiter.api.Test)
Example 25 with ResponseCookie
use of org.springframework.http.ResponseCookie in project spring-security by spring-projects.
the class CookieServerRequestCacheTests method saveRequestWhenGetRequestWithQueryParamsThenRequestUriInCookie.
@Test
public void saveRequestWhenGetRequestWithQueryParamsThenRequestUriInCookie() {
MockServerWebExchange exchange = MockServerWebExchange.from(MockServerHttpRequest.get("/secured/").queryParam("key", "value").accept(MediaType.TEXT_HTML));
this.cache.saveRequest(exchange).block();
MultiValueMap<String, ResponseCookie> cookies = exchange.getResponse().getCookies();
assertThat(cookies.size()).isEqualTo(1);
ResponseCookie cookie = cookies.getFirst("REDIRECT_URI");
assertThat(cookie).isNotNull();
String encodedRedirectUrl = Base64.getEncoder().encodeToString("/secured/?key=value".getBytes());
assertThat(cookie.toString()).isEqualTo("REDIRECT_URI=" + encodedRedirectUrl + "; Path=/; HttpOnly; SameSite=Lax");
}
Also used :
MockServerWebExchange(org.springframework.mock.web.server.MockServerWebExchange)
ResponseCookie(org.springframework.http.ResponseCookie)
Test(org.junit.jupiter.api.Test)
Aggregations
ResponseCookie (org.springframework.http.ResponseCookie)35
Test (org.junit.jupiter.api.Test)23
MockServerWebExchange (org.springframework.mock.web.server.MockServerWebExchange)12
HttpHeaders (org.springframework.http.HttpHeaders)6
DataBuffer (org.springframework.core.io.buffer.DataBuffer)5
LinkedMultiValueMap (org.springframework.util.LinkedMultiValueMap)5
MockServerHttpRequest (org.springframework.web.testfixture.http.server.reactive.MockServerHttpRequest)5
MockServerWebExchange (org.springframework.web.testfixture.server.MockServerWebExchange)5
Mono (reactor.core.publisher.Mono)5
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)4
HttpStatus (org.springframework.http.HttpStatus)4
Collections (java.util.Collections)3
MultiValueMap (org.springframework.util.MultiValueMap)3
MockServerHttpResponse (org.springframework.web.testfixture.http.server.reactive.MockServerHttpResponse)3
Flux (reactor.core.publisher.Flux)3
StepVerifier (reactor.test.StepVerifier)3
Cookie (io.netty.handler.codec.http.cookie.Cookie)2
DefaultCookie (io.netty.handler.codec.http.cookie.DefaultCookie)2
URI (java.net.URI)2
StandardCharsets (java.nio.charset.StandardCharsets)2
