package org.apereo.cas.web.support.filters;

import jakarta.servlet.FilterChain;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockFilterConfig;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockServletContext;

@Tag("Web")
/* loaded from: input_file:org/apereo/cas/web/support/filters/ResponseHeadersEnforcementFilterTests.class */
class ResponseHeadersEnforcementFilterTests {
    private ResponseHeadersEnforcementFilter filter;
    private MockFilterConfig filterConfig;

    ResponseHeadersEnforcementFilterTests() {
    }

    @BeforeEach
    public void setup() {
        this.filterConfig = new MockFilterConfig(new MockServletContext());
        this.filterConfig.addInitParameter("enableCacheControl", "true");
        this.filterConfig.addInitParameter("enableStrictTransportSecurity", "true");
        this.filterConfig.addInitParameter("enableXFrameOptions", "true");
        this.filterConfig.addInitParameter("enableXContentTypeOptions", "true");
        this.filterConfig.addInitParameter("enableXSSProtection", "true");
        this.filterConfig.addInitParameter("contentSecurityPolicy", "default-src https");
        this.filterConfig.addInitParameter("cacheControlStaticResources", "css|js|png|txt|jpg|ico|jpeg|bmp|gif");
        this.filter = new ResponseHeadersEnforcementFilter();
    }

    @Test
    void verifyUnrecognizedParam() throws Throwable {
        this.filterConfig.addInitParameter("bad-param", "bad-value");
        Assertions.assertThrows(RuntimeException.class, () -> {
            this.filter.init(this.filterConfig);
        });
    }

    @Test
    void verifyParam() throws Throwable {
        this.filter.init(this.filterConfig);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setSecure(true);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        Assertions.assertThrows(RuntimeException.class, () -> {
            this.filter.doFilter(mockHttpServletRequest, mockHttpServletResponse, (FilterChain) null);
        });
        Assertions.assertDoesNotThrow(() -> {
            this.filter.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        });
        this.filter.destroy();
        Assertions.assertNotNull(mockHttpServletResponse.getHeaderValue("Cache-Control"));
        Assertions.assertNotNull(mockHttpServletResponse.getHeaderValue("Pragma"));
        Assertions.assertNotNull(mockHttpServletResponse.getHeaderValue("Expires"));
        Assertions.assertNotNull(mockHttpServletResponse.getHeaderValue("Content-Security-Policy"));
        Assertions.assertNotNull(mockHttpServletResponse.getHeaderValue("X-XSS-Protection"));
        Assertions.assertNotNull(mockHttpServletResponse.getHeaderValue("X-Frame-Options"));
        Assertions.assertNotNull(mockHttpServletResponse.getHeaderValue("X-Content-Type-Options"));
        Assertions.assertNotNull(mockHttpServletResponse.getHeaderValue("Strict-Transport-Security"));
    }

    @Test
    void verifyNoCacheParamJpeg() throws Throwable {
        this.filter.init(this.filterConfig);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setSecure(true);
        mockHttpServletRequest.setRequestURI("test.jpeg");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        Assertions.assertThrows(RuntimeException.class, () -> {
            this.filter.doFilter(mockHttpServletRequest, mockHttpServletResponse, (FilterChain) null);
        });
        Assertions.assertDoesNotThrow(() -> {
            this.filter.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        });
        this.filter.destroy();
        Assertions.assertNull(mockHttpServletResponse.getHeaderValue("Cache-Control"));
        Assertions.assertNull(mockHttpServletResponse.getHeaderValue("Pragma"));
    }

    @Test
    void verifyNoCacheParamPng() throws Throwable {
        this.filter.init(this.filterConfig);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setSecure(true);
        mockHttpServletRequest.setRequestURI("test.png");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        Assertions.assertThrows(RuntimeException.class, () -> {
            this.filter.doFilter(mockHttpServletRequest, mockHttpServletResponse, (FilterChain) null);
        });
        Assertions.assertDoesNotThrow(() -> {
            this.filter.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
        });
        this.filter.destroy();
        Assertions.assertNull(mockHttpServletResponse.getHeaderValue("Cache-Control"));
        Assertions.assertNull(mockHttpServletResponse.getHeaderValue("Pragma"));
    }
}
