package org.apache.archiva.redback.rest.services;

import java.io.IOException;
import java.util.ArrayList;
import junit.framework.TestCase;
import org.apache.archiva.redback.authentication.TokenManager;
import org.apache.archiva.redback.configuration.UserConfigurationException;
import org.apache.archiva.redback.rest.services.interceptors.RequestValidationInterceptor;
import org.apache.archiva.redback.rest.services.mock.MockContainerRequestContext;
import org.apache.archiva.redback.rest.services.mock.MockUserConfiguration;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;
import org.springframework.mock.web.MockHttpServletRequest;

@RunWith(JUnit4.class)
/* loaded from: input_file:org/apache/archiva/redback/rest/services/RequestValidationInterceptorTest.class */
public class RequestValidationInterceptorTest extends TestCase {
    @Test
    public void validateRequestWithoutHeader() throws UserConfigurationException, IOException {
        new TokenManager();
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        requestValidationInterceptor.setHttpRequest(new MockHttpServletRequest());
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertTrue(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithOrigin() throws UserConfigurationException, IOException {
        new TokenManager();
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("test.archiva.org");
        mockHttpServletRequest.addHeader("Origin", "http://test.archiva.org/myservlet");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertFalse(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithBadOrigin() throws UserConfigurationException, IOException {
        new TokenManager();
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("test.archiva.org");
        mockHttpServletRequest.addHeader("Origin", "http://test2.archiva.org/myservlet");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertTrue(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithReferer() throws UserConfigurationException, IOException {
        new TokenManager();
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("test.archiva.org");
        mockHttpServletRequest.addHeader("Referer", "http://test.archiva.org/myservlet2");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertFalse(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithBadReferer() throws UserConfigurationException, IOException {
        new TokenManager();
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("test.archiva.org");
        mockHttpServletRequest.addHeader("Referer", "http://test3.archiva.org/myservlet2");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertTrue(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithOriginAndReferer() throws UserConfigurationException, IOException {
        new TokenManager();
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("test.archiva.org");
        mockHttpServletRequest.addHeader("Origin", "http://test.archiva.org/myservlet");
        mockHttpServletRequest.addHeader("Referer", "http://test.archiva.org/myservlet2");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertFalse(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithOriginAndRefererAndXForwarded() throws UserConfigurationException, IOException {
        new TokenManager();
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("xxx.archiva.org");
        mockHttpServletRequest.addHeader("Origin", "http://test.archiva.org/myservlet");
        mockHttpServletRequest.addHeader("Referer", "http://test.archiva.org/myservlet2");
        mockHttpServletRequest.addHeader("X-Forwarded-Host", "test.archiva.org");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertFalse(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithOriginAndRefererAndWrongXForwarded() throws UserConfigurationException, IOException {
        new TokenManager();
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("xxx.archiva.org");
        mockHttpServletRequest.addHeader("Origin", "http://test.archiva.org/myservlet");
        mockHttpServletRequest.addHeader("Referer", "http://test.archiva.org/myservlet2");
        mockHttpServletRequest.addHeader("X-Forwarded-Host", "test2.archiva.org");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertTrue(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithOriginAndRefererAndXForwardedMultiple() throws UserConfigurationException, IOException {
        new TokenManager();
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("xxx.archiva.org");
        mockHttpServletRequest.addHeader("Origin", "http://test.archiva.org/myservlet");
        mockHttpServletRequest.addHeader("Referer", "http://test.archiva.org/myservlet2");
        mockHttpServletRequest.addHeader("X-Forwarded-Host", "my.proxy.org, test.archiva.org:80");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertFalse(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithOriginAndStaticUrl() throws UserConfigurationException, IOException {
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        ArrayList arrayList = new ArrayList();
        arrayList.add("http://test.archiva.org");
        mockUserConfiguration.addList("rest.baseUrl", arrayList);
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        new TokenManager();
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("test4.archiva.org");
        mockHttpServletRequest.addHeader("Origin", "http://test.archiva.org/myservlet");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertFalse(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithBadOriginAndStaticUrl() throws UserConfigurationException, IOException {
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        ArrayList arrayList = new ArrayList();
        arrayList.add("http://mytest.archiva.org");
        mockUserConfiguration.addList("rest.baseUrl", arrayList);
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        new TokenManager();
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("mytest.archiva.org");
        mockHttpServletRequest.addHeader("Origin", "http://test.archiva.org/myservlet");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertTrue(mockContainerRequestContext.isAborted());
    }

    @Test
    public void validateRequestWithOriginListAndStaticUrl() throws UserConfigurationException, IOException {
        MockUserConfiguration mockUserConfiguration = new MockUserConfiguration();
        ArrayList arrayList = new ArrayList();
        arrayList.add("http://mytest.archiva.org");
        arrayList.add("http://mytest2.archiva.org");
        arrayList.add("http://test.archiva.org");
        mockUserConfiguration.addList("rest.baseUrl", arrayList);
        mockUserConfiguration.addValue("rest.csrffilter.disableTokenValidation", "true");
        new TokenManager();
        RequestValidationInterceptor requestValidationInterceptor = new RequestValidationInterceptor(mockUserConfiguration);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest("GET", "/api/v1/userService");
        mockHttpServletRequest.setServerName("mytest.archiva.org");
        mockHttpServletRequest.addHeader("Origin", "http://test.archiva.org/myservlet");
        requestValidationInterceptor.setHttpRequest(mockHttpServletRequest);
        requestValidationInterceptor.init();
        MockContainerRequestContext mockContainerRequestContext = new MockContainerRequestContext();
        requestValidationInterceptor.filter(mockContainerRequestContext);
        assertFalse(mockContainerRequestContext.isAborted());
    }
}
