Use contextPath in One-Time-Token default submit UI

Author: Kehrlann

web/src/main/java/org/springframework/security/web/authentication/ui/DefaultOneTimeTokenSubmitPageGeneratingFilter.java

@@ -66,6 +66,7 @@ protected void doFilterInternal(HttpServletRequest request, HttpServletResponse
 	private String generateHtml(HttpServletRequest request) {
 		String token = request.getParameter("token");
 		String tokenValue = StringUtils.hasText(token) ? token : "";
+		String contextPath = request.getContextPath();
 
 		String hiddenInputs = this.resolveHiddenInputs.apply(request)
 			.entrySet()
@@ -76,7 +77,7 @@ private String generateHtml(HttpServletRequest request) {
 		return HtmlTemplates.fromTemplate(ONE_TIME_TOKEN_SUBMIT_PAGE_TEMPLATE)
 			.withRawHtml("cssStyle", CssUtils.getCssStyleBlock().indent(4))
 			.withValue("tokenValue", tokenValue)
-			.withValue("loginProcessingUrl", this.loginProcessingUrl)
+			.withValue("loginProcessingUrl", contextPath + this.loginProcessingUrl)
 			.withRawHtml("hiddenInputs", hiddenInputs)
 			.render();
 	}

web/src/test/java/org/springframework/security/web/authentication/ui/DefaultOneTimeTokenSubmitPageGeneratingFilterTests.java

@@ -77,6 +77,15 @@ void setLoginProcessingUrlThenUseItForFormAction() throws Exception {
 		assertThat(response).contains("<form class=\"login-form\" action=\"/login/another\" method=\"post\">");
 	}
 
+	@Test
+	void setContextThenGenerates() throws Exception {
+		this.request.setContextPath("/context");
+		this.filter.setLoginProcessingUrl("/login/another");
+		this.filter.doFilterInternal(this.request, this.response, this.filterChain);
+		String response = this.response.getContentAsString();
+		assertThat(response).contains("<form class=\"login-form\" action=\"/context/login/another\" method=\"post\">");
+	}
+
 	@Test
 	void filterWhenTokenQueryParamUsesSpecialCharactersThenValueIsEscaped() throws Exception {
 		this.request.setParameter("token", "this<>!@#\"");