CSRFController.java

1 
package edu.ucsb.cs156.rec.controllers;
2
3 
import org.springframework.context.annotation.Profile;
4 
import org.springframework.security.web.csrf.CsrfToken;
5 
import org.springframework.web.bind.annotation.GetMapping;
6 
import org.springframework.web.bind.annotation.RestController;
7
8
9 
import io.swagger.v3.oas.annotations.Operation;
10 
import io.swagger.v3.oas.annotations.tags.Tag;
11
12 
/**
13 
 * The CSRF controller is used to get a CSRF token.
14 
 * This is only enabled in the development profile,
15 
 * and is used to test APIs with Postman or swagger.ui/
16 
 *
17 
 * For more information on CSRF, do a web search on "Cross-Site Request Forgery".
18 
 */
19
20 
@Profile("development")
21 
@Tag(name = "CSRF (enabled only in development; can be used with Postman to test APIs)")
22 
@RestController
23 
public class CSRFController {
24
25 
  /**
26 
   * This method returns a CSRF token.
27 
   * @param token the CSRF token, injected by Spring automatically
28 
   * @return the CSRF token
29 
   */
30 
  @Operation(summary= "Get a CSRF Token")
31 
  @GetMapping("/csrf")
32 
  public CsrfToken csrf(CsrfToken token) {
33 1 1. csrf : replaced return value with null for edu/ucsb/cs156/rec/controllers/CSRFController::csrf → KILLED
 
    return token;
34 
  }
35 
}

Mutations

33

1.1
Location : csrf
Killed by : edu.ucsb.cs156.rec.controllers.CSRFControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.rec.controllers.CSRFControllerTests]/[method:csrf_returns_ok()] replaced return value with null for edu/ucsb/cs156/rec/controllers/CSRFController::csrf → KILLED

Active mutators

Tests examined


Report generated by PIT 1.17.0