@Test
@KnotxApplyConfiguration("io/knotx/server/test-server-csrf.json")
public void whenDoPostSecureWithCSRF_expectOK(
VertxTestContext context, Vertx vertx) {
createPassThroughKnot(vertx, "test-splitter");
createPassThroughKnot(vertx, "test-assembler");
createSimpleKnot(vertx, "some-knot", "test", null);
MultiMap body = MultiMap.caseInsensitiveMultiMap().add("field", "value");
WebClient client = WebClient.create(vertx);
client.get(KNOTX_SERVER_PORT, KNOTX_SERVER_ADDRESS, "/content/local/simple.html").send(
ar -> {
if (ar.succeeded()) {
String token = getToken(ar.result().cookies());
client.post(KNOTX_SERVER_PORT, KNOTX_SERVER_ADDRESS, "/content/local/simple.html")
.putHeader(CSRFHandler.DEFAULT_HEADER_NAME, token)
.putHeader(HttpHeaderNames.COOKIE.toString(),
CSRFHandler.DEFAULT_COOKIE_NAME + "=" + token)
.sendForm(body, res -> {
if (res.succeeded()) {
assertEquals(HttpResponseStatus.OK.code(), res.result().statusCode());
context.completeNow();
} else {
context.failNow(ar.cause());
}
});
} else {
context.failNow(ar.cause());
}
});
}