package org.springframework.cloud.gateway.filter.factory;

import org.assertj.core.api.Assertions;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.boot.SpringBootConfiguration;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.gateway.test.BaseWebClientTests;
import org.springframework.cloud.gateway.test.TestUtils;
import org.springframework.context.annotation.Import;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.junit4.SpringRunner;
import reactor.core.publisher.Mono;
import reactor.test.StepVerifier;

@RunWith(SpringRunner.class)
@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
@DirtiesContext
/* loaded from: input_file:org/springframework/cloud/gateway/filter/factory/SecureHeadersGatewayFilterFactoryTests.class */
public class SecureHeadersGatewayFilterFactoryTests extends BaseWebClientTests {

    @EnableAutoConfiguration
    @SpringBootConfiguration
    @Import({BaseWebClientTests.DefaultTestConfig.class})
    /* loaded from: input_file:org/springframework/cloud/gateway/filter/factory/SecureHeadersGatewayFilterFactoryTests$TestConfig.class */
    public static class TestConfig {
    }

    @Test
    public void secureHeadersFilterWorks() {
        Mono exchange = this.webClient.get().uri("/headers", new Object[0]).header("Host", new String[]{"www.secureheaders.org"}).exchange();
        SecureHeadersProperties secureHeadersProperties = new SecureHeadersProperties();
        StepVerifier.create(exchange).consumeNextWith(clientResponse -> {
            TestUtils.assertStatus(clientResponse, HttpStatus.OK);
            HttpHeaders asHttpHeaders = clientResponse.headers().asHttpHeaders();
            Assertions.assertThat(asHttpHeaders.getFirst("X-Xss-Protection")).isEqualTo(secureHeadersProperties.getXssProtectionHeader());
            Assertions.assertThat(asHttpHeaders.getFirst("Strict-Transport-Security")).isEqualTo(secureHeadersProperties.getStrictTransportSecurity());
            Assertions.assertThat(asHttpHeaders.getFirst("X-Frame-Options")).isEqualTo(secureHeadersProperties.getFrameOptions());
            Assertions.assertThat(asHttpHeaders.getFirst("X-Content-Type-Options")).isEqualTo(secureHeadersProperties.getContentTypeOptions());
            Assertions.assertThat(asHttpHeaders.getFirst("Referrer-Policy")).isEqualTo(secureHeadersProperties.getReferrerPolicy());
            Assertions.assertThat(asHttpHeaders.getFirst("Content-Security-Policy")).isEqualTo(secureHeadersProperties.getContentSecurityPolicy());
            Assertions.assertThat(asHttpHeaders.getFirst("X-Download-Options")).isEqualTo(secureHeadersProperties.getDownloadOptions());
            Assertions.assertThat(asHttpHeaders.getFirst("X-Permitted-Cross-Domain-Policies")).isEqualTo(secureHeadersProperties.getPermittedCrossDomainPolicies());
        }).expectComplete().verify(DURATION);
    }
}
