package org.apereo.cas.web;

import com.github.benmanes.caffeine.cache.Caffeine;
import java.util.LinkedHashMap;
import java.util.LinkedHashSet;
import org.apache.commons.lang3.tuple.Pair;
import org.apereo.cas.authentication.AuthenticationServiceSelectionStrategy;
import org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionPlan;
import org.apereo.cas.authentication.DefaultAuthenticationServiceSelectionStrategy;
import org.apereo.cas.authentication.principal.WebApplicationServiceFactory;
import org.apereo.cas.services.AbstractRegisteredService;
import org.apereo.cas.services.DefaultRegisteredServiceProperty;
import org.apereo.cas.services.DefaultServicesManager;
import org.apereo.cas.services.InMemoryServiceRegistry;
import org.apereo.cas.services.RegisteredServiceProperty;
import org.apereo.cas.services.RegisteredServiceTestUtils;
import org.apereo.cas.services.web.support.RegisteredServiceResponseHeadersEnforcementFilter;
import org.apereo.cas.web.support.DefaultArgumentExtractor;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.context.support.StaticApplicationContext;
import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@Tag("RegisteredService")
/* loaded from: input_file:org/apereo/cas/web/RegisteredServiceResponseHeadersEnforcementFilterTests.class */
public class RegisteredServiceResponseHeadersEnforcementFilterTests {
    @Test
    public void verifyCacheControl() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_CACHE_CONTROL);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("service", "service-0");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNotNull(mockHttpServletResponse.getHeader("Cache-Control"));
    }

    @Test
    public void verifyCacheControlDisabled() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty((Pair<RegisteredServiceProperty.RegisteredServiceProperties, String>[]) new Pair[]{Pair.of(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_CACHE_CONTROL, "false")});
        filterForProperty.setEnableCacheControl(true);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("service", "service-0");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNull(mockHttpServletResponse.getHeader("Cache-Control"));
    }

    @Test
    public void verifyContentSecurityPolicy() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_CONTENT_SECURITY_POLICY);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setRequestURI("/cas/login");
        filterForProperty.setContentSecurityPolicy("sample-policy");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNotNull(mockHttpServletResponse.getHeader("Content-Security-Policy"));
    }

    @Test
    public void verifyStrictTransport() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_STRICT_TRANSPORT_SECURITY);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("service", "service-0");
        mockHttpServletRequest.setSecure(true);
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNotNull(mockHttpServletResponse.getHeader("Strict-Transport-Security"));
    }

    @Test
    public void verifyStrictTransportDisabled() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty((Pair<RegisteredServiceProperty.RegisteredServiceProperties, String>[]) new Pair[]{Pair.of(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_STRICT_TRANSPORT_SECURITY, "false")});
        filterForProperty.setEnableStrictTransportSecurity(true);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("service", "service-0");
        mockHttpServletRequest.setSecure(true);
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNull(mockHttpServletResponse.getHeader("Strict-Transport-Security"));
    }

    @Test
    public void verifyXContentOptions() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_XCONTENT_OPTIONS);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("service", "service-0");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNotNull(mockHttpServletResponse.getHeader("X-Content-Type-Options"));
    }

    @Test
    public void verifyXContentOptionsDisabled() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty((Pair<RegisteredServiceProperty.RegisteredServiceProperties, String>[]) new Pair[]{Pair.of(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_XCONTENT_OPTIONS, "false")});
        filterForProperty.setEnableXContentTypeOptions(true);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("service", "service-0");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNull(mockHttpServletResponse.getHeader("X-Content-Type-Options"));
    }

    @Test
    public void verifyXframeOptions() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty((Pair<RegisteredServiceProperty.RegisteredServiceProperties, String>[]) new Pair[]{Pair.of(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_XFRAME_OPTIONS, "true"), Pair.of(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_XFRAME_OPTIONS, "sameorigin")});
        filterForProperty.setXframeOptions("some-other-value");
        filterForProperty.setEnableXFrameOptions(true);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setParameter("service", "service-0");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertEquals("sameorigin", mockHttpServletResponse.getHeader("X-Frame-Options"));
        MockHttpServletResponse mockHttpServletResponse2 = new MockHttpServletResponse();
        mockHttpServletRequest.setParameter("service", "service-something-else");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse2, new MockFilterChain());
        Assertions.assertEquals("some-other-value", mockHttpServletResponse2.getHeader("X-Frame-Options"));
    }

    @Test
    public void verifyXframeOptionsDisabled() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty((Pair<RegisteredServiceProperty.RegisteredServiceProperties, String>[]) new Pair[]{Pair.of(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_XFRAME_OPTIONS, "false")});
        filterForProperty.setXframeOptions("some-other-value");
        filterForProperty.setEnableXFrameOptions(true);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setParameter("service", "service-0");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNull(mockHttpServletResponse.getHeader("X-Frame-Options"));
        MockHttpServletResponse mockHttpServletResponse2 = new MockHttpServletResponse();
        mockHttpServletRequest.setParameter("service", "service-something-else");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse2, new MockFilterChain());
        Assertions.assertEquals("some-other-value", mockHttpServletResponse2.getHeader("X-Frame-Options"));
    }

    @Test
    public void verifyXssProtection() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_XSS_PROTECTION);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("service", "service-0");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNotNull(mockHttpServletResponse.getHeader("X-XSS-Protection"));
    }

    @Test
    public void verifyXssProtectionDisabled() throws Exception {
        RegisteredServiceResponseHeadersEnforcementFilter filterForProperty = getFilterForProperty((Pair<RegisteredServiceProperty.RegisteredServiceProperties, String>[]) new Pair[]{Pair.of(RegisteredServiceProperty.RegisteredServiceProperties.HTTP_HEADER_ENABLE_XSS_PROTECTION, "false")});
        filterForProperty.setEnableXSSProtection(true);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("service", "service-0");
        filterForProperty.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        Assertions.assertNull(mockHttpServletResponse.getHeader("X-XSS-Protection"));
    }

    private static RegisteredServiceResponseHeadersEnforcementFilter getFilterForProperty(RegisteredServiceProperty.RegisteredServiceProperties registeredServiceProperties) {
        return getFilterForProperty((Pair<RegisteredServiceProperty.RegisteredServiceProperties, String>[]) new Pair[]{Pair.of(registeredServiceProperties, "true")});
    }

    private static RegisteredServiceResponseHeadersEnforcementFilter getFilterForProperty(Pair<RegisteredServiceProperty.RegisteredServiceProperties, String>... pairArr) {
        StaticApplicationContext staticApplicationContext = new StaticApplicationContext();
        staticApplicationContext.refresh();
        DefaultServicesManager defaultServicesManager = new DefaultServicesManager(new InMemoryServiceRegistry(staticApplicationContext), staticApplicationContext, new LinkedHashSet(), Caffeine.newBuilder().build());
        DefaultArgumentExtractor defaultArgumentExtractor = new DefaultArgumentExtractor(new WebApplicationServiceFactory());
        AbstractRegisteredService registeredService = RegisteredServiceTestUtils.getRegisteredService("service-0");
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (Pair<RegisteredServiceProperty.RegisteredServiceProperties, String> pair : pairArr) {
            DefaultRegisteredServiceProperty defaultRegisteredServiceProperty = new DefaultRegisteredServiceProperty();
            defaultRegisteredServiceProperty.addValue((String) pair.getValue());
            linkedHashMap.put(((RegisteredServiceProperty.RegisteredServiceProperties) pair.getKey()).getPropertyName(), defaultRegisteredServiceProperty);
        }
        registeredService.setProperties(linkedHashMap);
        defaultServicesManager.save(registeredService);
        return new RegisteredServiceResponseHeadersEnforcementFilter(defaultServicesManager, defaultArgumentExtractor, new DefaultAuthenticationServiceSelectionPlan(new AuthenticationServiceSelectionStrategy[]{new DefaultAuthenticationServiceSelectionStrategy()}));
    }
}
