package org.dspace.app.rest.security;

import java.util.List;
import javax.servlet.http.Cookie;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.junit.MockitoJUnitRunner;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.web.csrf.CsrfToken;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:org/dspace/app/rest/security/DSpaceCsrfTokenRepositoryTest.class */
public class DSpaceCsrfTokenRepositoryTest {
    DSpaceCsrfTokenRepository repository;
    MockHttpServletResponse response;
    MockHttpServletRequest request;

    @Before
    public void setup() {
        this.repository = new DSpaceCsrfTokenRepository();
        this.request = new MockHttpServletRequest();
        this.response = new MockHttpServletResponse();
        this.request.setContextPath("/context");
    }

    @Test
    public void generateToken() {
        CsrfToken generateToken = this.repository.generateToken(this.request);
        Assertions.assertThat(generateToken).isNotNull();
        Assertions.assertThat(generateToken.getHeaderName()).isEqualTo("X-XSRF-TOKEN");
        Assertions.assertThat(generateToken.getParameterName()).isEqualTo("_csrf");
        Assertions.assertThat(generateToken.getToken()).isNotEmpty();
    }

    @Test
    public void generateTokenCustom() {
        this.repository.setHeaderName("headerName");
        this.repository.setParameterName("paramName");
        CsrfToken generateToken = this.repository.generateToken(this.request);
        Assertions.assertThat(generateToken).isNotNull();
        Assertions.assertThat(generateToken.getHeaderName()).isEqualTo("headerName");
        Assertions.assertThat(generateToken.getParameterName()).isEqualTo("paramName");
        Assertions.assertThat(generateToken.getToken()).isNotEmpty();
    }

    @Test
    public void saveToken() {
        CsrfToken generateToken = this.repository.generateToken(this.request);
        this.repository.saveToken(generateToken, this.request, this.response);
        Cookie cookie = this.response.getCookie("DSPACE-XSRF-COOKIE");
        Assertions.assertThat(cookie.getMaxAge()).isEqualTo(-1);
        Assertions.assertThat(cookie.getName()).isEqualTo("DSPACE-XSRF-COOKIE");
        Assertions.assertThat(cookie.getPath()).isEqualTo(this.request.getContextPath());
        Assertions.assertThat(cookie.getSecure()).isEqualTo(this.request.isSecure());
        Assertions.assertThat(cookie.getValue()).isEqualTo(generateToken.getToken());
        Assertions.assertThat(cookie.isHttpOnly()).isEqualTo(true);
    }

    @Test
    public void saveTokenSecure() {
        this.request.setSecure(true);
        this.repository.saveToken(this.repository.generateToken(this.request), this.request, this.response);
        Assertions.assertThat(this.response.getCookie("DSPACE-XSRF-COOKIE").getSecure()).isTrue();
        List headers = this.response.getHeaders("Set-Cookie");
        Assertions.assertThat(headers.size()).isEqualTo(1);
        Assertions.assertThat((String) headers.get(0)).containsIgnoringCase("SameSite=None");
    }

    @Test
    public void saveTokenNull() {
        this.request.setSecure(true);
        this.repository.saveToken((CsrfToken) null, this.request, this.response);
        Cookie cookie = this.response.getCookie("DSPACE-XSRF-COOKIE");
        Assertions.assertThat(cookie.getMaxAge()).isZero();
        Assertions.assertThat(cookie.getName()).isEqualTo("DSPACE-XSRF-COOKIE");
        Assertions.assertThat(cookie.getPath()).isEqualTo(this.request.getContextPath());
        Assertions.assertThat(cookie.getSecure()).isEqualTo(this.request.isSecure());
        Assertions.assertThat(cookie.getValue()).isEmpty();
    }

    @Test
    public void saveTokenHttpOnlyTrue() {
        this.repository.setCookieHttpOnly(true);
        this.repository.saveToken(this.repository.generateToken(this.request), this.request, this.response);
        Assertions.assertThat(this.response.getCookie("DSPACE-XSRF-COOKIE").isHttpOnly()).isTrue();
    }

    @Test
    public void saveTokenHttpOnlyFalse() {
        this.repository.setCookieHttpOnly(false);
        this.repository.saveToken(this.repository.generateToken(this.request), this.request, this.response);
        Assertions.assertThat(this.response.getCookie("DSPACE-XSRF-COOKIE").isHttpOnly()).isFalse();
    }

    @Test
    public void saveTokenWithHttpOnlyFalse() {
        this.repository = DSpaceCsrfTokenRepository.withHttpOnlyFalse();
        this.repository.saveToken(this.repository.generateToken(this.request), this.request, this.response);
        Assertions.assertThat(this.response.getCookie("DSPACE-XSRF-COOKIE").isHttpOnly()).isFalse();
    }

    @Test
    public void saveTokenCustomPath() {
        this.repository.setCookiePath("/custompath");
        this.repository.saveToken(this.repository.generateToken(this.request), this.request, this.response);
        Assertions.assertThat(this.response.getCookie("DSPACE-XSRF-COOKIE").getPath()).isEqualTo(this.repository.getCookiePath());
    }

    @Test
    public void saveTokenEmptyCustomPath() {
        this.repository.setCookiePath("");
        this.repository.saveToken(this.repository.generateToken(this.request), this.request, this.response);
        Assertions.assertThat(this.response.getCookie("DSPACE-XSRF-COOKIE").getPath()).isEqualTo(this.request.getContextPath());
    }

    @Test
    public void saveTokenNullCustomPath() {
        this.repository.setCookiePath((String) null);
        this.repository.saveToken(this.repository.generateToken(this.request), this.request, this.response);
        Assertions.assertThat(this.response.getCookie("DSPACE-XSRF-COOKIE").getPath()).isEqualTo(this.request.getContextPath());
    }

    @Test
    public void saveTokenWithCookieDomain() {
        this.repository.setCookieDomain("example.com");
        this.repository.saveToken(this.repository.generateToken(this.request), this.request, this.response);
        Assertions.assertThat(this.response.getCookie("DSPACE-XSRF-COOKIE").getDomain()).isEqualTo("example.com");
    }

    @Test
    public void loadTokenNoCookiesNull() {
        Assertions.assertThat(this.repository.loadToken(this.request)).isNull();
    }

    @Test
    public void loadTokenCookieIncorrectNameNull() {
        this.request.setCookies(new Cookie[]{new Cookie("other", "name")});
        Assertions.assertThat(this.repository.loadToken(this.request)).isNull();
    }

    @Test
    public void loadTokenCookieValueEmptyString() {
        this.request.setCookies(new Cookie[]{new Cookie("DSPACE-XSRF-COOKIE", "")});
        Assertions.assertThat(this.repository.loadToken(this.request)).isNull();
    }

    @Test
    public void loadToken() {
        CsrfToken generateToken = this.repository.generateToken(this.request);
        this.request.setCookies(new Cookie[]{new Cookie("DSPACE-XSRF-COOKIE", generateToken.getToken())});
        CsrfToken loadToken = this.repository.loadToken(this.request);
        Assertions.assertThat(loadToken).isNotNull();
        Assertions.assertThat(loadToken.getHeaderName()).isEqualTo(generateToken.getHeaderName());
        Assertions.assertThat(loadToken.getParameterName()).isEqualTo(generateToken.getParameterName());
        Assertions.assertThat(loadToken.getToken()).isNotEmpty();
    }

    @Test
    public void loadTokenCustom() {
        this.repository.setHeaderName("headerName");
        this.repository.setParameterName("paramName");
        this.repository.setCookieName("cookieName");
        this.request.setCookies(new Cookie[]{new Cookie("cookieName", "value")});
        CsrfToken loadToken = this.repository.loadToken(this.request);
        Assertions.assertThat(loadToken).isNotNull();
        Assertions.assertThat(loadToken.getHeaderName()).isEqualTo("headerName");
        Assertions.assertThat(loadToken.getParameterName()).isEqualTo("paramName");
        Assertions.assertThat(loadToken.getToken()).isEqualTo("value");
    }

    @Test(expected = IllegalArgumentException.class)
    public void setCookieNameNullIllegalArgumentException() {
        this.repository.setCookieName((String) null);
    }

    @Test(expected = IllegalArgumentException.class)
    public void setParameterNameNullIllegalArgumentException() {
        this.repository.setParameterName((String) null);
    }

    @Test(expected = IllegalArgumentException.class)
    public void setHeaderNameNullIllegalArgumentException() {
        this.repository.setHeaderName((String) null);
    }
}
