File tree 2 files changed +4
-3
lines changed
main/java/org/springframework/security/web/server/csrf
test/java/org/springframework/security/web/server/csrf
2 files changed +4
-3
lines changed Original file line number Diff line number Diff line change @@ -133,7 +133,7 @@ public static void skipExchange(ServerWebExchange exchange) {
133133
134134 private Mono <Void > validateToken (ServerWebExchange exchange ) {
135135 return this .csrfTokenRepository .loadToken (exchange )
136- .switchIfEmpty (Mono .defer (() -> Mono .error (new CsrfException ("CSRF Token has been associated to this client " ))))
136+ .switchIfEmpty (Mono .defer (() -> Mono .error (new CsrfException ("An expected CSRF token cannot be found " ))))
137137 .filterWhen (expected -> containsValidCsrfToken (exchange , expected ))
138138 .switchIfEmpty (Mono .defer (() -> Mono .error (new CsrfException ("Invalid CSRF Token" ))))
139139 .then ();
Original file line number Diff line number Diff line change @@ -65,8 +65,7 @@ public class CsrfWebFilterTests {
6565 private MockServerWebExchange get = from (
6666 MockServerHttpRequest .get ("/" ));
6767
68- private ServerWebExchange post = from (
69- MockServerHttpRequest .post ("/" ));
68+ private MockServerWebExchange post = MockServerWebExchange .from (MockServerHttpRequest .post ("/" ));
7069
7170 @ Test
7271 public void filterWhenGetThenSessionNotCreatedAndChainContinues () {
@@ -110,6 +109,8 @@ public void filterWhenPostAndEstablishedCsrfTokenAndRequestMissingTokenThenCsrfE
110109 .verifyComplete ();
111110
112111 assertThat (this .post .getResponse ().getStatusCode ()).isEqualTo (HttpStatus .FORBIDDEN );
112+ StepVerifier .create (this .post .getResponse ().getBodyAsString ())
113+ .assertNext (b -> assertThat (b ).contains ("An expected CSRF token cannot be found" ));
113114 }
114115
115116 @ Test
You can’t perform that action at this time.
0 commit comments