package org.cloudfoundry.multiapps.controller.web.security;

import java.io.IOException;
import java.io.PrintWriter;
import java.util.Arrays;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.cloudfoundry.multiapps.common.SLException;
import org.cloudfoundry.multiapps.controller.web.resources.CFExceptionMapper;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;
import org.mockito.Spy;
import org.springframework.http.HttpStatus;

/* loaded from: input_file:org/cloudfoundry/multiapps/controller/web/security/CompositeUriAuthorizationFilterTest.class */
public class CompositeUriAuthorizationFilterTest {
    private static final String FOO_REQUEST_URI = "/foo/qux";
    private static final String BAR_REQUEST_URI = "/bar/qux";
    private static final String BAZ_REQUEST_URI = "/baz/qux";
    private static final String BAR_REQUEST_WITH_SLASHES_URI = "/////bar////qux";

    @Mock
    private HttpServletRequest request;

    @Mock
    private HttpServletResponse response;

    @Spy
    private FooUriAuthorizationFilter fooUriAuthorizationFilter;

    @Spy
    private BarUriAuthorizationFilter barUriAuthorizationFilter;
    private CompositeUriAuthorizationFilter compositeUriAuthorizationFilter;

    /* loaded from: input_file:org/cloudfoundry/multiapps/controller/web/security/CompositeUriAuthorizationFilterTest$BarUriAuthorizationFilter.class */
    private static class BarUriAuthorizationFilter implements UriAuthorizationFilter {
        private BarUriAuthorizationFilter() {
        }

        public String getUriRegex() {
            return "/bar/.*";
        }

        public boolean ensureUserIsAuthorized(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            return false;
        }
    }

    /* loaded from: input_file:org/cloudfoundry/multiapps/controller/web/security/CompositeUriAuthorizationFilterTest$FooUriAuthorizationFilter.class */
    private static class FooUriAuthorizationFilter implements UriAuthorizationFilter {
        private FooUriAuthorizationFilter() {
        }

        public String getUriRegex() {
            return "/foo/.*";
        }

        public boolean ensureUserIsAuthorized(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            return true;
        }
    }

    @BeforeEach
    public void setUp() {
        MockitoAnnotations.initMocks(this);
        this.compositeUriAuthorizationFilter = new CompositeUriAuthorizationFilter(Arrays.asList(this.fooUriAuthorizationFilter, this.barUriAuthorizationFilter), new CFExceptionMapper());
    }

    @Test
    public void testUriMatching() throws IOException {
        Mockito.when(this.request.getRequestURI()).thenReturn(FOO_REQUEST_URI);
        Assertions.assertTrue(this.compositeUriAuthorizationFilter.ensureUserIsAuthorized(this.request, this.response));
        ((FooUriAuthorizationFilter) Mockito.verify(this.fooUriAuthorizationFilter)).ensureUserIsAuthorized(this.request, this.response);
        ((BarUriAuthorizationFilter) Mockito.verify(this.barUriAuthorizationFilter, Mockito.never())).ensureUserIsAuthorized(this.request, this.response);
    }

    @Test
    public void testUriMatchingWithoutAnyMatchingFilters() throws IOException {
        Mockito.when(this.request.getRequestURI()).thenReturn(BAZ_REQUEST_URI);
        Assertions.assertTrue(this.compositeUriAuthorizationFilter.ensureUserIsAuthorized(this.request, this.response));
        ((FooUriAuthorizationFilter) Mockito.verify(this.fooUriAuthorizationFilter, Mockito.never())).ensureUserIsAuthorized(this.request, this.response);
        ((BarUriAuthorizationFilter) Mockito.verify(this.barUriAuthorizationFilter, Mockito.never())).ensureUserIsAuthorized(this.request, this.response);
    }

    @Test
    public void testUriWhichContainsLotsOfForwardSlashes() throws IOException {
        Mockito.when(this.request.getRequestURI()).thenReturn(BAR_REQUEST_WITH_SLASHES_URI);
        Assertions.assertFalse(this.compositeUriAuthorizationFilter.ensureUserIsAuthorized(this.request, this.response));
        ((FooUriAuthorizationFilter) Mockito.verify(this.fooUriAuthorizationFilter, Mockito.never())).ensureUserIsAuthorized(this.request, this.response);
        ((BarUriAuthorizationFilter) Mockito.verify(this.barUriAuthorizationFilter)).ensureUserIsAuthorized(this.request, this.response);
    }

    @Test
    public void testWithAuthorizationException() throws IOException {
        Mockito.when(this.request.getRequestURI()).thenReturn(FOO_REQUEST_URI);
        Mockito.when(Boolean.valueOf(this.fooUriAuthorizationFilter.ensureUserIsAuthorized(this.request, this.response))).thenThrow(new Throwable[]{new SLException("...")});
        PrintWriter printWriter = (PrintWriter) Mockito.mock(PrintWriter.class);
        Mockito.when(this.response.getWriter()).thenReturn(printWriter);
        Assertions.assertFalse(this.compositeUriAuthorizationFilter.ensureUserIsAuthorized(this.request, this.response));
        ((HttpServletResponse) Mockito.verify(this.response)).setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
        ((PrintWriter) Mockito.verify(printWriter)).print("...");
        ((PrintWriter) Mockito.verify(printWriter)).flush();
    }

    @Test
    public void testWithUnauthorizedUser() throws IOException {
        Mockito.when(this.request.getRequestURI()).thenReturn(BAR_REQUEST_URI);
        Assertions.assertFalse(this.compositeUriAuthorizationFilter.ensureUserIsAuthorized(this.request, this.response));
        ((BarUriAuthorizationFilter) Mockito.verify(this.barUriAuthorizationFilter)).ensureUserIsAuthorized(this.request, this.response);
    }
}
