Example 51 with WebSession
use of org.springframework.web.server.WebSession in project spring-security by spring-projects.
the class WebSessionServerCsrfTokenRepositoryTests method saveTokenChangeSessionId.
@Test
public void saveTokenChangeSessionId() {
String originalSessionId = this.exchange.getSession().block().getId();
this.repository.saveToken(this.exchange, null).block();
WebSession session = this.exchange.getSession().block();
assertThat(session.getId()).isNotEqualTo(originalSessionId);
}
Also used :
WebSession(org.springframework.web.server.WebSession)
Test(org.junit.jupiter.api.Test)
Example 52 with WebSession
use of org.springframework.web.server.WebSession in project spring-security by spring-projects.
the class WebSessionServerCsrfTokenRepositoryTests method saveTokenWhenDefaultThenAddsToSession.
@Test
public void saveTokenWhenDefaultThenAddsToSession() {
Mono<CsrfToken> result = this.repository.generateToken(this.exchange).delayUntil((t) -> this.repository.saveToken(this.exchange, t));
result.block();
WebSession session = this.exchange.getSession().block();
Map<String, Object> attributes = session.getAttributes();
assertThat(session.isStarted()).isTrue();
assertThat(attributes).hasSize(1);
assertThat(attributes.values().iterator().next()).isInstanceOf(CsrfToken.class);
}
Also used :
WebSession(org.springframework.web.server.WebSession)
Test(org.junit.jupiter.api.Test)
Example 53 with WebSession
use of org.springframework.web.server.WebSession in project spring-security by spring-projects.
the class WebSessionServerSecurityContextRepositoryTests method saveAndLoadWhenCustomAttributeThenFound.
@Test
public void saveAndLoadWhenCustomAttributeThenFound() {
String attrName = "attr";
this.repository.setSpringSecurityContextAttrName(attrName);
SecurityContext expected = new SecurityContextImpl();
this.repository.save(this.exchange, expected).block();
WebSession session = this.exchange.getSession().block();
assertThat(session.<SecurityContext>getAttribute(attrName)).isEqualTo(expected);
SecurityContext actual = this.repository.load(this.exchange).block();
assertThat(actual).isEqualTo(expected);
}
Also used :
SecurityContextImpl(org.springframework.security.core.context.SecurityContextImpl)
WebSession(org.springframework.web.server.WebSession)
SecurityContext(org.springframework.security.core.context.SecurityContext)
Test(org.junit.jupiter.api.Test)
Aggregations
WebSession (org.springframework.web.server.WebSession)53
Test (org.junit.Test)24
Test (org.junit.jupiter.api.Test)24
Method (java.lang.reflect.Method)3
TestBean (org.springframework.beans.testfixture.beans.TestBean)3
GetMapping (org.springframework.web.bind.annotation.GetMapping)3
HandlerMethod (org.springframework.web.method.HandlerMethod)3
SyncInvocableHandlerMethod (org.springframework.web.reactive.result.method.SyncInvocableHandlerMethod)3
ServerWebExchange (org.springframework.web.server.ServerWebExchange)3
Mono (reactor.core.publisher.Mono)3
Instant (java.time.Instant)2
HashMap (java.util.HashMap)2
Map (java.util.Map)2
BeforeEach (org.junit.jupiter.api.BeforeEach)2
ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)2
BDDMockito.given (org.mockito.BDDMockito.given)2
Mockito.mock (org.mockito.Mockito.mock)2
Mockito.spy (org.mockito.Mockito.spy)2
Mockito.times (org.mockito.Mockito.times)2
Mockito.verify (org.mockito.Mockito.verify)2
