package org.springframework.cloud.gateway.filter.factory;

import java.util.Arrays;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.ArgumentCaptor;
import org.mockito.Mockito;
import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.factory.SecureHeadersGatewayFilterFactory;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.mock.http.server.reactive.MockServerHttpRequest;
import org.springframework.mock.web.server.MockServerWebExchange;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;

/* loaded from: input_file:org/springframework/cloud/gateway/filter/factory/SecureHeadersGatewayFilterFactoryUnitTests.class */
public class SecureHeadersGatewayFilterFactoryUnitTests {
    private GatewayFilter filter;
    private ServerWebExchange exchange;
    private GatewayFilterChain filterChain;
    private ArgumentCaptor<ServerWebExchange> captor;

    @BeforeEach
    public void setUp() {
        this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("http://localhost", new Object[0]).build());
        this.filterChain = (GatewayFilterChain) Mockito.mock(GatewayFilterChain.class);
        this.captor = ArgumentCaptor.forClass(ServerWebExchange.class);
        Mockito.when(this.filterChain.filter((ServerWebExchange) this.captor.capture())).thenReturn(Mono.empty());
    }

    @Test
    public void addAllHeadersIfNothingIsDisabled() {
        this.filter = new SecureHeadersGatewayFilterFactory(new SecureHeadersProperties()).apply(new SecureHeadersGatewayFilterFactory.Config());
        this.filter.filter(this.exchange, this.filterChain).block();
        Assertions.assertThat(this.exchange.getResponse().getHeaders()).containsKeys(new String[]{"X-Xss-Protection", "Strict-Transport-Security", "X-Frame-Options", "X-Content-Type-Options", "Referrer-Policy", "Content-Security-Policy", "X-Download-Options", "X-Permitted-Cross-Domain-Policies"});
    }

    @Test
    public void doNotAddDisabledHeaders() {
        SecureHeadersProperties secureHeadersProperties = new SecureHeadersProperties();
        secureHeadersProperties.setDisable(Arrays.asList("x-xss-protection", "strict-transport-security", "x-frame-options", "x-content-type-options", "referrer-policy", "content-security-policy", "x-download-options", "x-permitted-cross-domain-policies"));
        this.filter = new SecureHeadersGatewayFilterFactory(secureHeadersProperties).apply(new SecureHeadersGatewayFilterFactory.Config());
        this.filter.filter(this.exchange, this.filterChain).block();
        Assertions.assertThat(((ServerWebExchange) this.captor.getValue()).getResponse().getHeaders()).doesNotContainKeys(new String[]{"X-Xss-Protection", "Strict-Transport-Security", "X-Frame-Options", "X-Content-Type-Options", "Referrer-Policy", "Content-Security-Policy", "X-Download-Options", "X-Permitted-Cross-Domain-Policies"});
    }

    @Test
    public void overrideSomeHeaders() {
        SecureHeadersProperties secureHeadersProperties = new SecureHeadersProperties();
        SecureHeadersGatewayFilterFactory secureHeadersGatewayFilterFactory = new SecureHeadersGatewayFilterFactory(new SecureHeadersProperties());
        SecureHeadersGatewayFilterFactory.Config config = new SecureHeadersGatewayFilterFactory.Config();
        config.setStrictTransportSecurity("max-age=65535");
        config.setReferrerPolicy("referrer");
        this.filter = secureHeadersGatewayFilterFactory.apply(config);
        this.filter.filter(this.exchange, this.filterChain).block();
        ServerHttpResponse response = this.exchange.getResponse();
        Assertions.assertThat(response.getHeaders()).containsKeys(new String[]{"X-Xss-Protection", "Strict-Transport-Security", "X-Frame-Options", "X-Content-Type-Options", "Referrer-Policy", "Content-Security-Policy", "X-Download-Options", "X-Permitted-Cross-Domain-Policies"});
        Assertions.assertThat(response.getHeaders().get("Strict-Transport-Security")).containsOnly(new String[]{"max-age=65535"});
        Assertions.assertThat(response.getHeaders().get("Referrer-Policy")).containsOnly(new String[]{"referrer"});
        Assertions.assertThat(response.getHeaders().get("X-Xss-Protection")).containsOnly(new String[]{secureHeadersProperties.getXssProtectionHeader()});
        Assertions.assertThat(response.getHeaders().get("X-Frame-Options")).containsOnly(new String[]{secureHeadersProperties.getFrameOptions()});
        Assertions.assertThat(response.getHeaders().get("X-Content-Type-Options")).containsOnly(new String[]{secureHeadersProperties.getContentTypeOptions()});
        Assertions.assertThat(response.getHeaders().get("Content-Security-Policy")).containsOnly(new String[]{secureHeadersProperties.getContentSecurityPolicy()});
        Assertions.assertThat(response.getHeaders().get("X-Download-Options")).containsOnly(new String[]{secureHeadersProperties.getDownloadOptions()});
        Assertions.assertThat(response.getHeaders().get("X-Permitted-Cross-Domain-Policies")).containsOnly(new String[]{secureHeadersProperties.getPermittedCrossDomainPolicies()});
    }

    @Test
    public void doesNotDuplicateHeaders() {
        SecureHeadersGatewayFilterFactory secureHeadersGatewayFilterFactory = new SecureHeadersGatewayFilterFactory(new SecureHeadersProperties());
        SecureHeadersGatewayFilterFactory.Config config = new SecureHeadersGatewayFilterFactory.Config();
        for (String str : new String[]{"X-Xss-Protection", "Strict-Transport-Security", "X-Frame-Options", "X-Content-Type-Options", "Referrer-Policy", "Content-Security-Policy", "X-Download-Options", "X-Permitted-Cross-Domain-Policies"}) {
            this.filter = secureHeadersGatewayFilterFactory.apply(config);
            this.exchange = MockServerWebExchange.from(MockServerHttpRequest.get("http://localhost", new Object[0]).build());
            this.exchange.getResponse().getHeaders().set(str, "original-header-value");
            this.filter.filter(this.exchange, this.filterChain).block();
            Assertions.assertThat(((ServerWebExchange) this.captor.getValue()).getResponse().getHeaders().get(str)).containsOnly(new String[]{"original-header-value"});
        }
    }

    @Test
    public void toStringFormat() {
        Assertions.assertThat(new SecureHeadersGatewayFilterFactory(new SecureHeadersProperties()).apply(new SecureHeadersGatewayFilterFactory.Config()).toString()).contains(new CharSequence[]{"SecureHeaders"});
    }
}
