I am developing a SPRING rest service with Spring Security and I have enabled the CSRF token like below
http
.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).
Now, the problem is I need to pass the XSRF token backe to server to complete the authentication, for that I have tried couple of ways using curl command but no luck, any kind of help would be of great help help. and below are the curl commnads example, i have used and the server response.
curl -i -X POST -d username=user1@gmail.com -d password=user -c
/opt/cookies.txt --header "X-XSRF-TOKEN=18280b55-8fc7-4266-9116-
d21df13b841d" http://localhost:8080/login
and this the response from the server
HTTP/1.1 401
Set-Cookie: XSRF-TOKEN=18280b55-8fc7-4266-9116-d21df13b841d; Path=/
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self'; base-uri 'self'; https://fonts.google.com/; script-src 'self' https: 'unsafe-inline' ; style-src 'self' https: 'unsafe-inline' ; connect-src 'self' ; font-src https://fonts.google.com/ ; form-action 'self' ; frame-ancestors 'none' ; img-src 'self' ; media-src 'self' ; object-src 'none' ; plugin-types 'none' ; child-src 'none'; object-src 'none'
Referrer-Policy: origin
Content-Length: 0
Date: Mon, 20 May 2019 18:56:10 GMT
