crash.software
Projects
Pull Requests
Issues
Builds
wrongsecrets
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY wrongsecrets Commits 096607f3
🤬
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    pom.xml
    skipped 94 lines
    95 95   <version>${spring.security.version}</version>
    96 96   </dependency>
    97 97   <dependency>
     98 + <groupId>org.springframework.security</groupId>
     99 + <artifactId>spring-security-test</artifactId>
     100 + <version>${spring.security.version}</version>
     101 + <scope>test</scope>
     102 + </dependency>
     103 + <dependency>
    98 104   <groupId>org.springframework.boot</groupId>
    99 105   <artifactId>spring-boot-starter-web</artifactId>
    100 106   </dependency>
    skipped 102 lines
    203 209   <groupId>com.h2database</groupId>
    204 210   <artifactId>h2</artifactId>
    205 211   <version>2.1.214</version>
    206  - </dependency>
    207  - <dependency>
    208  - <groupId>junit</groupId>
    209  - <artifactId>junit</artifactId>
    210  - <scope>test</scope>
    211  - </dependency>
    212  - <dependency>
    213  - <groupId>junit</groupId>
    214  - <artifactId>junit</artifactId>
    215  - <version>4.12</version>
    216  - <scope>test</scope>
    217 212   </dependency>
    218 213   </dependencies>
    219 214   
    skipped 228 lines
  • ■ ■ ■ ■ ■ ■
    src/test/java/org/owasp/wrongsecrets/ChallengesControllerCTFModeTest.java
    1 1  package org.owasp.wrongsecrets;
    2 2   
    3  -import org.junit.jupiter.api.BeforeEach;
    4 3  import org.junit.jupiter.api.Test;
    5 4  import org.junit.jupiter.api.extension.ExtendWith;
    6  -import org.junit.runner.RunWith;
    7  -import org.mockito.Mock;
    8  -import org.mockito.junit.jupiter.MockitoExtension;
    9  -import org.owasp.wrongsecrets.RuntimeEnvironment.Environment;
    10  -import org.owasp.wrongsecrets.challenges.*;
     5 +import org.owasp.wrongsecrets.challenges.ChallengeForm;
    11 6  import org.owasp.wrongsecrets.challenges.docker.Challenge1;
    12 7  import org.springframework.beans.factory.annotation.Autowired;
    13 8  import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
    14 9  import org.springframework.boot.test.context.SpringBootTest;
    15  -import org.springframework.boot.web.client.RestTemplateBuilder;
    16  -import org.springframework.boot.web.server.LocalServerPort;
    17  -import org.springframework.http.HttpStatus;
    18 10  import org.springframework.http.MediaType;
    19  -import org.springframework.test.context.junit4.SpringRunner;
     11 +import org.springframework.test.context.junit.jupiter.SpringExtension;
    20 12  import org.springframework.test.web.servlet.MockMvc;
    21  -import org.springframework.test.web.servlet.setup.MockMvcBuilders;
    22  -import org.springframework.web.client.RestClientResponseException;
    23 13   
    24  -import javax.ws.rs.core.Application;
    25  -import java.util.List;
    26  - 
    27  -import static org.assertj.core.api.Assertions.assertThat;
    28 14  import static org.hamcrest.Matchers.containsString;
    29  -import static org.junit.jupiter.api.Assertions.fail;
    30  -import static org.mockito.ArgumentMatchers.anyString;
    31  -import static org.mockito.ArgumentMatchers.contains;
    32  -import static org.mockito.Mockito.when;
    33  -import static org.springframework.boot.test.context.SpringBootTest.WebEnvironment.MOCK;
     15 +import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.csrf;
    34 16  import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
    35 17  import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
    36  -import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.*;
     18 +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
     19 +import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
    37 20   
    38  -@RunWith(SpringRunner.class)
     21 +@ExtendWith(SpringExtension.class)
    39 22  @SpringBootTest(
    40 23   properties = {"CTF_ENABLED=true", "CTF_KEY=randomtextforkey"},
    41 24   classes = WrongSecretsApplication.class
    skipped 15 lines
    57 40   
    58 41   @Test
    59 42   void shouldShowFlagWhenRespondingWithSuccessInCTFMode() throws Exception {
    60  - var spoil = new ChallengeForm(new Challenge1(new InMemoryScoreCard(1)).spoiler().solution()).toString();
    61  - mvc.perform(post("/challenges/1")
     43 + var spoil = new Challenge1(new InMemoryScoreCard(1)).spoiler().solution();
     44 + mvc.perform(post("/challenge/1")
    62 45   .contentType(MediaType.APPLICATION_FORM_URLENCODED)
    63 46   .param("solution", spoil)
    64 47   .param("action", "submit")
    65  - .param("csrf","fd6aae2e-e85b-4c52-96f3-d71c6c725d11"))
    66  - .andExpect(status().isOk());
     48 + .with(csrf()))
     49 + .andExpect(status().isOk())
     50 + .andExpect(content().string(containsString("ba9a72ac7057576344856")));
    67 51   
    68 52   }
    69 53  }
    skipped 1 lines
Please wait...
Page is in error, reload to recover