SEC-2749: CsrfConfigurer.requireCsrfProtectionMatcher correct null check

config/src/main/java/org/springframework/security/config/annotation/web/configurers/CsrfConfigurer.java

@@ -97,7 +97,7 @@ public final class CsrfConfigurer<H extends HttpSecurityBuilder<H>> extends Abst
      * @return the {@link CsrfConfigurer} for further customizations
      */
     public CsrfConfigurer<H> requireCsrfProtectionMatcher(RequestMatcher requireCsrfProtectionMatcher) {
-        Assert.notNull(csrfTokenRepository, "requireCsrfProtectionMatcher cannot be null");
+        Assert.notNull(requireCsrfProtectionMatcher, "requireCsrfProtectionMatcher cannot be null");
         this.requireCsrfProtectionMatcher = requireCsrfProtectionMatcher;
         return this;
     }

config/src/test/groovy/org/springframework/security/config/annotation/web/configurers/CsrfConfigurerTests.groovy

@@ -464,6 +464,13 @@ class CsrfConfigurerTests extends BaseSpringSpec {
         }
     }
 
+    def 'SEC-2749: requireCsrfProtectionMatcher null'() {
+        when:
+        new CsrfConfigurer<>().requireCsrfProtectionMatcher(null)
+        then:
+        thrown(IllegalArgumentException)
+    }
+
     def clearCsrfToken() {
         request.removeAllParameters()
     }