package org.apache.nifi.web.security.cookie;

import jakarta.servlet.http.Cookie;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.net.URI;
import java.util.Optional;
import java.util.UUID;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.ArgumentCaptor;
import org.mockito.ArgumentMatchers;
import org.mockito.Captor;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.jupiter.MockitoExtension;
import org.springframework.mock.web.MockCookie;

@ExtendWith({MockitoExtension.class})
/* loaded from: input_file:org/apache/nifi/web/security/cookie/StandardApplicationCookieServiceTest.class */
public class StandardApplicationCookieServiceTest {
    private static final String ROOT_PATH = "/";
    private static final int EXPECTED_MAX_AGE = 60;
    private static final int SESSION_MAX_AGE = -1;
    private static final int REMOVE_MAX_AGE = 0;
    private static final String SAME_SITE = "SameSite";
    private URI resourceUri;
    private URI contextResourceUri;
    private StandardApplicationCookieService service;

    @Mock
    private HttpServletRequest request;

    @Mock
    private HttpServletResponse response;

    @Captor
    private ArgumentCaptor<String> cookieArgumentCaptor;
    private static final String DOMAIN = "localhost.localdomain";
    private static final String RESOURCE_URI = String.format("https://%s", DOMAIN);
    private static final String CONTEXT_PATH = "/context";
    private static final String CONTEXT_RESOURCE_URI = String.format("https://%s%s", DOMAIN, CONTEXT_PATH);
    private static final String COOKIE_VALUE = UUID.randomUUID().toString();
    private static final ApplicationCookieName COOKIE_NAME = ApplicationCookieName.LOGOUT_REQUEST_IDENTIFIER;

    @BeforeEach
    public void setService() {
        this.service = new StandardApplicationCookieService();
        this.resourceUri = URI.create(RESOURCE_URI);
        this.contextResourceUri = URI.create(CONTEXT_RESOURCE_URI);
    }

    @Test
    public void testAddCookie() {
        this.service.addCookie(this.resourceUri, this.response, COOKIE_NAME, COOKIE_VALUE);
        ((HttpServletResponse) Mockito.verify(this.response)).addHeader((String) ArgumentMatchers.eq("Set-Cookie"), (String) this.cookieArgumentCaptor.capture());
        assertAddCookieMatches((String) this.cookieArgumentCaptor.getValue(), ROOT_PATH, 60L);
    }

    @Test
    public void testAddCookieContextPath() {
        this.service.addCookie(this.contextResourceUri, this.response, COOKIE_NAME, COOKIE_VALUE);
        ((HttpServletResponse) Mockito.verify(this.response)).addHeader((String) ArgumentMatchers.eq("Set-Cookie"), (String) this.cookieArgumentCaptor.capture());
        assertAddCookieMatches((String) this.cookieArgumentCaptor.getValue(), CONTEXT_PATH, 60L);
    }

    @Test
    public void testAddSessionCookie() {
        this.service.addSessionCookie(this.resourceUri, this.response, COOKIE_NAME, COOKIE_VALUE);
        ((HttpServletResponse) Mockito.verify(this.response)).addHeader((String) ArgumentMatchers.eq("Set-Cookie"), (String) this.cookieArgumentCaptor.capture());
        assertAddCookieMatches((String) this.cookieArgumentCaptor.getValue(), ROOT_PATH, -1L);
    }

    @Test
    public void testAddSessionCookieContextPath() {
        this.service.addSessionCookie(this.contextResourceUri, this.response, COOKIE_NAME, COOKIE_VALUE);
        ((HttpServletResponse) Mockito.verify(this.response)).addHeader((String) ArgumentMatchers.eq("Set-Cookie"), (String) this.cookieArgumentCaptor.capture());
        assertAddCookieMatches((String) this.cookieArgumentCaptor.getValue(), CONTEXT_PATH, -1L);
    }

    @Test
    public void testGetCookieValue() {
        Mockito.when(this.request.getCookies()).thenReturn(new Cookie[]{new Cookie(COOKIE_NAME.getCookieName(), COOKIE_VALUE)});
        Optional cookieValue = this.service.getCookieValue(this.request, COOKIE_NAME);
        Assertions.assertTrue(cookieValue.isPresent());
        Assertions.assertEquals(COOKIE_VALUE, cookieValue.get());
    }

    @Test
    public void testGetCookieValueEmpty() {
        Assertions.assertFalse(this.service.getCookieValue(this.request, COOKIE_NAME).isPresent());
    }

    @Test
    public void testRemoveCookie() {
        this.service.removeCookie(this.resourceUri, this.response, COOKIE_NAME);
        ((HttpServletResponse) Mockito.verify(this.response)).addHeader((String) ArgumentMatchers.eq("Set-Cookie"), (String) this.cookieArgumentCaptor.capture());
        assertRemoveCookieMatches((String) this.cookieArgumentCaptor.getValue(), ROOT_PATH);
    }

    @Test
    public void testRemoveCookieContextPath() {
        this.service.removeCookie(this.contextResourceUri, this.response, COOKIE_NAME);
        ((HttpServletResponse) Mockito.verify(this.response)).addHeader((String) ArgumentMatchers.eq("Set-Cookie"), (String) this.cookieArgumentCaptor.capture());
        assertRemoveCookieMatches((String) this.cookieArgumentCaptor.getValue(), CONTEXT_PATH);
    }

    private void assertAddCookieMatches(String str, String str2, long j) {
        MockCookie parse = MockCookie.parse(str);
        assertCookieMatches(str, parse, str2);
        Assertions.assertEquals(COOKIE_VALUE, parse.getValue());
        Assertions.assertEquals(j, parse.getMaxAge());
    }

    private void assertRemoveCookieMatches(String str, String str2) {
        MockCookie parse = MockCookie.parse(str);
        assertCookieMatches(str, parse, str2);
        Assertions.assertEquals("", parse.getValue());
        Assertions.assertEquals(REMOVE_MAX_AGE, parse.getMaxAge());
    }

    private void assertCookieMatches(String str, Cookie cookie, String str2) {
        Assertions.assertEquals(COOKIE_NAME.getCookieName(), cookie.getName(), "Cookie Name not matched");
        Assertions.assertEquals(str2, cookie.getPath(), "Path not matched");
        Assertions.assertEquals(DOMAIN, cookie.getDomain(), "Domain not matched");
        Assertions.assertTrue(cookie.isHttpOnly(), "HTTP Only not matched");
        Assertions.assertTrue(cookie.getSecure(), "Secure not matched");
        Assertions.assertTrue(str.contains(SAME_SITE), "SameSite not found");
    }
}
