zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-08-06 01:35:17 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add XSRF protection to legacy authentication mechanism

Browse source 
-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=148689952
This commit is contained in:
mountford 2017-02-27 13:53:10 -08:00 committed by Ben McIlwain
parent a5932c0fc3
commit c7a62e9b98
12 changed files with 227 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

2
javatests/google/registry/ui/server/registrar/RegistrarSettingsActionTestCase.java
View file

@ -113,7 +113,7 @@ public class RegistrarSettingsActionTestCase {
when(req.getMethod()).thenReturn("POST");
when(rsp.getWriter()).thenReturn(new PrintWriter(writer));
when(req.getContentType()).thenReturn("application/json");
when(req.getHeader(eq("X-CSRF-Token"))).thenReturn(xsrfTokenManager.generateToken("console"));
when(req.getHeader(eq("X-CSRF-Token"))).thenReturn(xsrfTokenManager.generateTokenWithCurrentUser("console"));
when(req.getReader()).thenReturn(createJsonPayload(ImmutableMap.of("op", "read")));
when(sessionUtils.isLoggedIn()).thenReturn(true);
when(sessionUtils.checkRegistrarConsoleLogin(req)).thenReturn(true);