CSRFController.java

1 
package edu.ucsb.cs156.example.controllers;
2
3 
import org.springframework.context.annotation.Profile;
4 
import org.springframework.security.web.csrf.CsrfToken;
5 
import org.springframework.web.bind.annotation.GetMapping;
6 
import org.springframework.web.bind.annotation.RestController;
7
8 
import io.swagger.v3.oas.annotations.tags.Tag;
9 
import io.swagger.v3.oas.annotations.Operation;
10
11 
/**
12 
 * The CSRF controller is used to get a CSRF token.
13 
 * This is only enabled in the development profile,
14 
 * and is used to test APIs with Postman or swagger.ui/
15 
 *
16 
 * For more information on CSRF, do a web search on "Cross-Site Request Forgery".
17 
 */
18
19 
@Profile("development")
20 
@Tag(name = "CSRF (enabled only in development; can be used with Postman to test APIs)")
21 
@RestController
22 
public class CSRFController {
23
24 
  /**
25 
   * This method returns a CSRF token.
26 
   * @param token the CSRF token, injected by Spring automatically
27 
   * @return the CSRF token
28 
   */
29 
  @Operation(summary = "Get a CSRF Token")
30 
  @GetMapping("/csrf")
31 
  public CsrfToken csrf(CsrfToken token) {
32 1 1. csrf : replaced return value with null for edu/ucsb/cs156/example/controllers/CSRFController::csrf → KILLED
 
    return token;
33 
  }
34 
}

Mutations

32

1.1
Location : csrf
Killed by : edu.ucsb.cs156.example.controllers.CSRFControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.example.controllers.CSRFControllerTests]/[method:csrf_returns_ok()] replaced return value with null for edu/ucsb/cs156/example/controllers/CSRFController::csrf → KILLED

Active mutators

Tests examined


Report generated by PIT 1.17.0