Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/6.5.x'

Browse Source
This commit is contained in:
Josh Cummings
2025-10-20 17:10:05 -06:00
parent 69d28dc35b 1c112005fa
commit fb701e4615
2 changed files with 18 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
web/src/main/java/org/springframework/security/web/authentication/ott/GenerateOneTimeTokenFilter.java
-6
View File
@@ -30,7 +30,6 @@ import org.springframework.security.authentication.ott.OneTimeTokenService;
import org.springframework.security.web.servlet.util.matcher.PathPatternRequestMatcher;
import org.springframework.security.web.util.matcher.RequestMatcher;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;
/**
@@ -68,11 +67,6 @@ public final class GenerateOneTimeTokenFilter extends OncePerRequestFilter {
filterChain.doFilter(request, response);
return;
}
String username = request.getParameter("username");
if (!StringUtils.hasText(username)) {
filterChain.doFilter(request, response);
return;
}
GenerateOneTimeTokenRequest generateRequest = this.requestResolver.resolve(request);
if (generateRequest == null) {
filterChain.doFilter(request, response);
web/src/test/java/org/springframework/security/web/authentication/ott/GenerateOneTimeTokenFilterTests.java
+18
View File
@@ -113,4 +113,22 @@ public class GenerateOneTimeTokenFilterTests {
// @formatter:on
}
@Test
void filterWhenUsernameFormParamIsEmptyButRequestResolverCanResolveThenSuccess()
throws ServletException, IOException {
GenerateOneTimeTokenRequestResolver requestResolver = mock();
given(this.oneTimeTokenService.generate(ArgumentMatchers.any(GenerateOneTimeTokenRequest.class)))
.willReturn((new DefaultOneTimeToken(TOKEN, USERNAME, Instant.now())));
given(requestResolver.resolve(this.request)).willReturn(new GenerateOneTimeTokenRequest(USERNAME));
GenerateOneTimeTokenFilter filter = new GenerateOneTimeTokenFilter(this.oneTimeTokenService,
this.successHandler);
filter.setRequestResolver(requestResolver);
filter.doFilter(this.request, this.response, this.filterChain);
verify(this.oneTimeTokenService).generate(ArgumentMatchers.any(GenerateOneTimeTokenRequest.class));
assertThat(this.response.getRedirectedUrl()).isEqualTo("/login/ott");
}
}