package org.apache.druid.server.http.security;

import java.io.IOException;
import java.util.Collections;
import java.util.List;
import javax.servlet.ServletException;
import org.apache.druid.jackson.DefaultObjectMapper;
import org.apache.druid.java.util.emitter.EmittingLogger;
import org.apache.druid.server.metrics.NoopServiceEmitter;
import org.apache.druid.server.mocks.MockHttpServletRequest;
import org.apache.druid.server.mocks.MockHttpServletResponse;
import org.apache.druid.server.security.AllowAllAuthenticator;
import org.apache.druid.server.security.AuthConfig;
import org.apache.druid.server.security.AuthenticationResult;
import org.apache.druid.server.security.Authenticator;
import org.apache.druid.server.security.PreResponseAuthorizationCheckFilter;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/druid/server/http/security/PreResponseAuthorizationCheckFilterTest.class */
public class PreResponseAuthorizationCheckFilterTest {
    private static final List<Authenticator> authenticators = Collections.singletonList(new AllowAllAuthenticator());

    @Test
    public void testValidRequest() throws Exception {
        AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", null, null);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletRequest.attributes.put(AuthConfig.DRUID_AUTHENTICATION_RESULT, authenticationResult);
        mockHttpServletRequest.attributes.put(AuthConfig.DRUID_AUTHORIZATION_CHECKED, true);
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(mockHttpServletRequest, mockHttpServletResponse, (servletRequest, servletResponse) -> {
        });
    }

    @Test
    public void testAuthenticationFailedRequest() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(mockHttpServletRequest, mockHttpServletResponse, (servletRequest, servletResponse) -> {
        });
        Assert.assertEquals(401L, mockHttpServletResponse.getStatus());
        Assert.assertEquals("application/json", mockHttpServletResponse.getContentType());
        Assert.assertEquals("UTF-8", mockHttpServletResponse.getCharacterEncoding());
    }

    @Test
    public void testMissingAuthorizationCheckAndNotCommitted() throws ServletException, IOException {
        EmittingLogger.registerEmitter(new NoopServiceEmitter());
        AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", null, null);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.requestUri = "uri";
        mockHttpServletRequest.method = "GET";
        mockHttpServletRequest.remoteAddr = "1.2.3.4";
        mockHttpServletRequest.remoteHost = "aHost";
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletResponse.setStatus(200);
        mockHttpServletRequest.attributes.put(AuthConfig.DRUID_AUTHENTICATION_RESULT, authenticationResult);
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(mockHttpServletRequest, mockHttpServletResponse, (servletRequest, servletResponse) -> {
        });
        Assert.assertEquals(403L, mockHttpServletResponse.getStatus());
    }

    @Test
    public void testMissingAuthorizationCheck401ResponseAndNotCommitted() throws ServletException, IOException {
        EmittingLogger.registerEmitter(new NoopServiceEmitter());
        AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", null, null);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.requestUri = "uri";
        mockHttpServletRequest.method = "GET";
        mockHttpServletRequest.remoteAddr = "1.2.3.4";
        mockHttpServletRequest.remoteHost = "aHost";
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletResponse.setStatus(401);
        mockHttpServletRequest.attributes.put(AuthConfig.DRUID_AUTHENTICATION_RESULT, authenticationResult);
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(mockHttpServletRequest, mockHttpServletResponse, (servletRequest, servletResponse) -> {
        });
        Assert.assertEquals(401L, mockHttpServletResponse.getStatus());
    }

    @Test
    public void testMissingAuthorizationCheckWithForbidden() throws Exception {
        EmittingLogger.registerEmitter(new NoopServiceEmitter());
        AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", null, null);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.attributes.put(AuthConfig.DRUID_AUTHENTICATION_RESULT, authenticationResult);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletResponse.setStatus(403);
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(mockHttpServletRequest, mockHttpServletResponse, (servletRequest, servletResponse) -> {
        });
        Assert.assertEquals(403L, mockHttpServletResponse.getStatus());
    }

    @Test
    public void testMissingAuthorizationCheckWith404Keeps404() throws Exception {
        EmittingLogger.registerEmitter(new NoopServiceEmitter());
        AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", null, null);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.attributes.put(AuthConfig.DRUID_AUTHENTICATION_RESULT, authenticationResult);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletResponse.setStatus(404);
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(mockHttpServletRequest, mockHttpServletResponse, (servletRequest, servletResponse) -> {
        });
        Assert.assertEquals(404L, mockHttpServletResponse.getStatus());
    }

    @Test
    public void testMissingAuthorizationCheckWith307Keeps307() throws Exception {
        EmittingLogger.registerEmitter(new NoopServiceEmitter());
        AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", null, null);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.attributes.put(AuthConfig.DRUID_AUTHENTICATION_RESULT, authenticationResult);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        mockHttpServletResponse.setStatus(307);
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(mockHttpServletRequest, mockHttpServletResponse, (servletRequest, servletResponse) -> {
        });
        Assert.assertEquals(307L, mockHttpServletResponse.getStatus());
    }
}
