Skip to content

Commit

Permalink
Handle verify user requests with HEAD method (#2392)
Browse files Browse the repository at this point in the history
Co-authored-by: Josip Bilandzija <[email protected]>
  • Loading branch information
jbilandzija and jbiland-nt authored Jul 11, 2023
1 parent a45e397 commit 7e21abd
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 0 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,12 @@ public String emailSent() {
return "accounts/email_sent";
}

@RequestMapping(value = "/verify_user", method = RequestMethod.HEAD)
public String verifyUser() {
// Some mail providers initially send a HEAD request to check the validity of the link before redirecting users.
return "redirect:/login";
}

@RequestMapping(value = "/verify_user", method = GET)
public String verifyUser(Model model,
@RequestParam("code") String code,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.when;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.head;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.model;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.redirectedUrl;
Expand Down Expand Up @@ -216,6 +217,22 @@ void verifyUser() throws Exception {
assertNull(SecurityContextHolder.getContext().getAuthentication());
}

@Test
void verifyUserWithPriorHeadRequest() throws Exception {
when(accountCreationService.completeActivation("the_secret_code"))
.thenReturn(new AccountCreationService.AccountCreationResponse("newly-created-user-id", "username", "[email protected]", "//example.com/callback"));

mockMvc.perform(head("/verify_user").param("code", "the_secret_code"))
.andExpect(status().isFound())
.andExpect(redirectedUrl("/login"));
mockMvc.perform(get("/verify_user").param("code", "the_secret_code"))
.andExpect(status().isFound())
.andExpect(redirectedUrl("/login?success=verify_success&form_redirect_uri=//example.com/callback"));

assertNull(SecurityContextHolder.getContext().getAuthentication());
Mockito.verify(accountCreationService, times(1)).completeActivation("the_secret_code");
}

@EnableWebMvc
@Import(ThymeleafConfig.class)
static class ContextConfiguration implements WebMvcConfigurer {
Expand Down

0 comments on commit 7e21abd

Please sign in to comment.