package org.apache.nifi.web.security.csrf;

import jakarta.servlet.FilterChain;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.Cookie;
import java.io.IOException;
import java.util.UUID;
import org.apache.nifi.web.security.http.SecurityCookieName;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.ArgumentMatchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.jupiter.MockitoExtension;
import org.springframework.http.HttpMethod;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.web.csrf.CsrfFilter;

@ExtendWith({MockitoExtension.class})
/* loaded from: input_file:org/apache/nifi/web/security/csrf/SkipReplicatedCsrfFilterTest.class */
class SkipReplicatedCsrfFilterTest {
    private static final String SHOULD_NOT_FILTER = String.format("SHOULD_NOT_FILTER%s", CsrfFilter.class.getName());
    MockHttpServletRequest httpServletRequest;
    MockHttpServletResponse httpServletResponse;

    @Mock
    FilterChain filterChain;
    SkipReplicatedCsrfFilter filter;

    SkipReplicatedCsrfFilterTest() {
    }

    @BeforeEach
    void setHandler() {
        this.filter = new SkipReplicatedCsrfFilter();
        this.httpServletRequest = new MockHttpServletRequest();
        this.httpServletResponse = new MockHttpServletResponse();
    }

    @Test
    void testDoFilterInternalNotSkipped() throws ServletException, IOException {
        this.httpServletRequest.setMethod(HttpMethod.GET.name());
        this.filter.doFilterInternal(this.httpServletRequest, this.httpServletResponse, this.filterChain);
        assertCsrfFilterNotSkipped();
    }

    @Test
    void testDoFilterInternalBearerCookieNotSkipped() throws ServletException, IOException {
        this.httpServletRequest.setMethod(HttpMethod.GET.name());
        this.httpServletRequest.setCookies(new Cookie[]{new Cookie(SecurityCookieName.AUTHORIZATION_BEARER.getName(), UUID.randomUUID().toString())});
        this.filter.doFilterInternal(this.httpServletRequest, this.httpServletResponse, this.filterChain);
        assertCsrfFilterNotSkipped();
    }

    @Test
    void testDoFilterInternalReplicatedHeaderAndBearerCookieNotSkipped() throws ServletException, IOException {
        this.httpServletRequest.setMethod(HttpMethod.GET.name());
        this.httpServletRequest.addHeader("X-RequestTransactionId", UUID.randomUUID().toString());
        this.httpServletRequest.setCookies(new Cookie[]{new Cookie(SecurityCookieName.AUTHORIZATION_BEARER.getName(), UUID.randomUUID().toString())});
        this.filter.doFilterInternal(this.httpServletRequest, this.httpServletResponse, this.filterChain);
        assertCsrfFilterNotSkipped();
    }

    @Test
    void testDoFilterInternalReplicatedHeaderSkipped() throws ServletException, IOException {
        this.httpServletRequest.setMethod(HttpMethod.GET.name());
        this.httpServletRequest.addHeader("X-RequestTransactionId", UUID.randomUUID().toString());
        this.filter.doFilterInternal(this.httpServletRequest, this.httpServletResponse, this.filterChain);
        Assertions.assertEquals(Boolean.TRUE, this.httpServletRequest.getAttribute(SHOULD_NOT_FILTER));
        ((FilterChain) Mockito.verify(this.filterChain)).doFilter((ServletRequest) ArgumentMatchers.eq(this.httpServletRequest), (ServletResponse) ArgumentMatchers.eq(this.httpServletResponse));
    }

    private void assertCsrfFilterNotSkipped() throws ServletException, IOException {
        Assertions.assertNotEquals(Boolean.TRUE, this.httpServletRequest.getAttribute(SHOULD_NOT_FILTER));
        ((FilterChain) Mockito.verify(this.filterChain)).doFilter((ServletRequest) ArgumentMatchers.eq(this.httpServletRequest), (ServletResponse) ArgumentMatchers.eq(this.httpServletResponse));
    }
}
