CSRF module change caused a config change too

quarkiverse · Sep 16, 2024 · 0aa25f7 · 0aa25f7
1 parent df947fe
commit 0aa25f7
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/deployment/src/test/java/io/quarkiverse/renarde/test/CsrfDisabledTest.java b/deployment/src/test/java/io/quarkiverse/renarde/test/CsrfDisabledTest.java
@@ -26,7 +26,7 @@ public class CsrfDisabledTest {
             .setArchiveProducer(() -> ShrinkWrap.create(JavaArchive.class)
                     .addClasses(MyController.class)
                     .addAsResource(new StringAsset("{#authenticityToken/}"), "templates/MyController/csrf.txt")
-                    .addAsResource(new StringAsset("quarkus.csrf-reactive.enabled=false"), "application.properties")
+                    .addAsResource(new StringAsset("quarkus.rest-csrf.enabled=false"), "application.properties")
                     .addAsManifestResource(EmptyAsset.INSTANCE, "beans.xml"));
 
     @TestHTTPResource

diff --git a/docs/modules/ROOT/pages/security.adoc b/docs/modules/ROOT/pages/security.adoc
@@ -10,7 +10,7 @@ a mix of both.
 == CSRF
 
 Renarde comes with built-in support for https://owasp.org/www-community/attacks/csrf[Cross-Site Request Forgery (CSRF)] protection,
-via the (already imported) {quarkus-guides-url}/security-csrf-prevention[`quarkus-csrf-reactive`] module dependency.
+via the (already imported) {quarkus-guides-url}/security-csrf-prevention[`quarkus-rest-csrf`] module dependency.
 
 To be safe, make sure that all your `GET`, `HEAD` and `OPTIONS` endpoints do not alter application state, and
 always include a CSRF token to your `POST`, `PUT`, `DELETE` (and other) endpoints. On your endpoint side, you

diff --git a/test/src/main/java/io/quarkiverse/renarde/test/CSRF.java b/test/src/main/java/io/quarkiverse/renarde/test/CSRF.java
@@ -15,8 +15,8 @@ public class CSRF {
 
     public static String makeCSRFToken() {
         Optional<String> tokenSignatureKey = ConfigProvider.getConfig()
-                .getOptionalValue("quarkus.csrf-reactive.token-signature-key", String.class);
-        Optional<Integer> tokenSize = ConfigProvider.getConfig().getOptionalValue("quarkus.csrf-reactive.token-size",
+                .getOptionalValue("quarkus.rest-csrf.token-signature-key", String.class);
+        Optional<Integer> tokenSize = ConfigProvider.getConfig().getOptionalValue("quarkus.rest-csrf.token-size",
                 Integer.class);
         byte[] tokenBytes = new byte[tokenSize.orElse(16)];
         secureRandom.nextBytes(tokenBytes);
@@ -27,12 +27,12 @@ public static String makeCSRFToken() {
     }
 
     public static String getTokenCookieName() {
-        return ConfigProvider.getConfig().getOptionalValue("quarkus.csrf-reactive.cookie-name", String.class)
+        return ConfigProvider.getConfig().getOptionalValue("quarkus.rest-csrf.cookie-name", String.class)
                 .orElse("csrf-token");
     }
 
     public static String getTokenFormName() {
-        return ConfigProvider.getConfig().getOptionalValue("quarkus.csrf-reactive.form-field-name", String.class)
+        return ConfigProvider.getConfig().getOptionalValue("quarkus.rest-csrf.form-field-name", String.class)
                 .orElse("csrf-token");
     }
 }