package io.micronaut.http.server.tck.tests.filter;

import io.micronaut.context.annotation.Requires;
import io.micronaut.http.HttpAttributes;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.HttpResponse;
import io.micronaut.http.HttpStatus;
import io.micronaut.http.MutableHttpResponse;
import io.micronaut.http.annotation.Controller;
import io.micronaut.http.annotation.Filter;
import io.micronaut.http.annotation.Get;
import io.micronaut.http.filter.HttpServerFilter;
import io.micronaut.http.filter.ServerFilterChain;
import io.micronaut.http.server.tck.AssertionUtils;
import io.micronaut.http.server.tck.HttpResponseAssertion;
import io.micronaut.http.server.tck.ServerUnderTest;
import io.micronaut.http.server.tck.TestScenario;
import io.micronaut.web.router.MethodBasedRouteMatch;
import io.micronaut.web.router.RouteMatch;
import jakarta.annotation.security.RolesAllowed;
import java.io.IOException;
import java.util.Optional;
import java.util.function.BiConsumer;
import java.util.stream.Stream;
import org.junit.jupiter.api.Test;
import org.reactivestreams.Publisher;
import reactor.core.publisher.Mono;

/* loaded from: input_file:io/micronaut/http/server/tck/tests/filter/HttpServerFilterTest.class */
public class HttpServerFilterTest {
    private static final String PATH = "/http-server-filter-test";
    private static final String SPEC_NAME = "HttpServerFilterTest";

    @Controller
    @Requires(property = "spec.name", value = HttpServerFilterTest.SPEC_NAME)
    /* loaded from: input_file:io/micronaut/http/server/tck/tests/filter/HttpServerFilterTest$MyController.class */
    public static class MyController {
        @RolesAllowed({"ROLE_ADMIN"})
        @Get(HttpServerFilterTest.PATH)
        public String rolesAllowed(HttpRequest<?> httpRequest) {
            return "foo";
        }

        @Get("/open")
        public String open(HttpRequest<?> httpRequest) {
            return "foo";
        }
    }

    @Filter({"/**"})
    @Requires(property = "spec.name", value = HttpServerFilterTest.SPEC_NAME)
    /* loaded from: input_file:io/micronaut/http/server/tck/tests/filter/HttpServerFilterTest$SecurityFilter.class */
    static class SecurityFilter implements HttpServerFilter {
        public Publisher<MutableHttpResponse<?>> doFilter(HttpRequest<?> httpRequest, ServerFilterChain serverFilterChain) {
            MethodBasedRouteMatch methodBasedRouteMatch = (RouteMatch) httpRequest.getAttribute(HttpAttributes.ROUTE_MATCH, RouteMatch.class).orElse(null);
            if (methodBasedRouteMatch instanceof MethodBasedRouteMatch) {
                MethodBasedRouteMatch methodBasedRouteMatch2 = methodBasedRouteMatch;
                if (methodBasedRouteMatch2.hasAnnotation(RolesAllowed.class)) {
                    String str = (String) httpRequest.getHeaders().get("Authorization");
                    if (str == null) {
                        return Mono.fromCallable(() -> {
                            return HttpResponse.status(HttpStatus.UNAUTHORIZED);
                        });
                    }
                    Optional value = methodBasedRouteMatch2.getValue(RolesAllowed.class, String[].class);
                    if (value.isPresent()) {
                        String[] strArr = (String[]) value.get();
                        if (str != null && Stream.of((Object[]) strArr).anyMatch(str2 -> {
                            return str2.equals(str);
                        })) {
                            return serverFilterChain.proceed(httpRequest);
                        }
                    }
                    return Mono.fromCallable(() -> {
                        return HttpResponse.status(HttpStatus.FORBIDDEN);
                    });
                }
            }
            return serverFilterChain.proceed(httpRequest);
        }
    }

    @Test
    public void httpServerFilterTest() throws IOException {
        assertion(HttpRequest.GET(PATH), throwsStatus(HttpStatus.UNAUTHORIZED));
        assertion(HttpRequest.GET(PATH).header("Authorization", "ROLE_USER"), throwsStatus(HttpStatus.FORBIDDEN));
        BiConsumer biConsumer = (serverUnderTest, httpRequest) -> {
            AssertionUtils.assertDoesNotThrow(serverUnderTest, httpRequest, HttpResponseAssertion.builder().status(HttpStatus.OK).body("foo").build());
        };
        assertion(HttpRequest.GET(PATH).header("Authorization", "ROLE_ADMIN"), biConsumer);
        assertion(HttpRequest.GET("/open"), biConsumer);
    }

    private static BiConsumer<ServerUnderTest, HttpRequest<?>> throwsStatus(HttpStatus httpStatus) {
        return (serverUnderTest, httpRequest) -> {
            AssertionUtils.assertThrows(serverUnderTest, httpRequest, HttpResponseAssertion.builder().status(httpStatus).build());
        };
    }

    private static void assertion(HttpRequest<?> httpRequest, BiConsumer<ServerUnderTest, HttpRequest<?>> biConsumer) throws IOException {
        TestScenario.builder().specName(SPEC_NAME).request(httpRequest).assertion(biConsumer).run();
    }
}
