package org.apache.nifi.web.security.headers;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import org.eclipse.jetty.servlet.FilterHolder;
import org.junit.Assert;
import org.junit.Test;
import org.mockito.Mockito;
import org.springframework.mock.web.MockHttpServletResponse;

/* loaded from: input_file:org/apache/nifi/web/security/headers/HTTPHeaderFiltersTest.class */
public class HTTPHeaderFiltersTest {
    @Test
    public void testCSPHeaderApplied() throws ServletException, IOException, Exception {
        FilterHolder filterHolder = new FilterHolder(new ContentSecurityPolicyFilter());
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        filterHolder.start();
        filterHolder.initialize();
        filterHolder.getFilter().doFilter(httpServletRequest, mockHttpServletResponse, filterChain);
        Assert.assertEquals("frame-ancestors 'self'", mockHttpServletResponse.getHeader("Content-Security-Policy"));
    }

    @Test
    public void testCSPHeaderAppliedOnlyOnce() throws ServletException, IOException, Exception {
        FilterHolder filterHolder = new FilterHolder(new ContentSecurityPolicyFilter());
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        filterHolder.start();
        filterHolder.initialize();
        filterHolder.getFilter().doFilter(httpServletRequest, mockHttpServletResponse, filterChain);
        filterHolder.getFilter().doFilter(httpServletRequest, mockHttpServletResponse, filterChain);
        Assert.assertEquals("frame-ancestors 'self'", mockHttpServletResponse.getHeader("Content-Security-Policy"));
    }

    @Test
    public void testXFrameOptionsHeaderApplied() throws ServletException, IOException, Exception {
        FilterHolder filterHolder = new FilterHolder(new XFrameOptionsFilter());
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        filterHolder.start();
        filterHolder.initialize();
        filterHolder.getFilter().doFilter(httpServletRequest, mockHttpServletResponse, filterChain);
        Assert.assertEquals("SAMEORIGIN", mockHttpServletResponse.getHeader("X-Frame-Options"));
    }

    @Test
    public void testHSTSHeaderApplied() throws ServletException, IOException, Exception {
        FilterHolder filterHolder = new FilterHolder(new StrictTransportSecurityFilter());
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        filterHolder.start();
        filterHolder.initialize();
        filterHolder.getFilter().doFilter(httpServletRequest, mockHttpServletResponse, filterChain);
        Assert.assertEquals("max-age=31540000", mockHttpServletResponse.getHeader("Strict-Transport-Security"));
    }

    @Test
    public void testXSSProtectionHeaderApplied() throws ServletException, IOException, Exception {
        FilterHolder filterHolder = new FilterHolder(new XSSProtectionFilter());
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        filterHolder.start();
        filterHolder.initialize();
        filterHolder.getFilter().doFilter(httpServletRequest, mockHttpServletResponse, filterChain);
        Assert.assertEquals("1; mode=block", mockHttpServletResponse.getHeader("X-XSS-Protection"));
    }

    @Test
    public void testXContentTypeOptionsHeaderApplied() throws Exception {
        FilterHolder filterHolder = new FilterHolder(new XContentTypeOptionsFilter());
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        filterHolder.start();
        filterHolder.initialize();
        filterHolder.getFilter().doFilter(httpServletRequest, mockHttpServletResponse, filterChain);
        Assert.assertEquals("nosniff", mockHttpServletResponse.getHeader("X-Content-Type-Options"));
    }
}
