I am trying to write an IT.
mockMvc.perform( post( "/my_endpoint" )
.contentType( MediaType.APPLICATION_JSON )
.header("Authorization", my_credentials)
.with(csrf())
.content( jsonPayload )
)
.andExpect( status().isOk() );
I need to import the csrf()
static method, but the package where usually was founded (org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors...) no longer exists.
Some fresh idea on how can I write a csrf protection to avoid a 403
on the test?
Thanks.
CodePudding user response:
To use the Spring Security test support, you must include spring-security-test-5.1.2.RELEASE.jar as a dependency of your project. And give a try below:-
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProce ssors.*;
mvc.perform(post("/").with(csrf()))
or,
mvc.perform(post("/").with(csrf().asHeader()))
or,
mvc.perform(post("/").with(csrf().useInvalidToken()))
CodePudding user response:
You can use it as follows
csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())