package no.nav.sbl.dialogarena.common.web.security;

import java.io.IOException;
import java.util.UUID;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.MockitoAnnotations;

/* loaded from: input_file:no/nav/sbl/dialogarena/common/web/security/CsrfDoubleSubmitCookieFilterTest.class */
public class CsrfDoubleSubmitCookieFilterTest {
    private static final String NAV_CSRF_PROTECTION = "NAV_CSRF_PROTECTION";

    @Mock
    private FilterConfig mockFilterConfig;

    @Mock
    private HttpServletRequest mockHttpServletRequest;

    @Mock
    private HttpServletResponse mockHttpServletResponse;

    @Mock
    private FilterChain mockFilterChain;
    private CsrfDoubleSubmitCookieFilter filter;

    @Before
    public void setUp() throws ServletException {
        MockitoAnnotations.initMocks(this);
        this.filter = new CsrfDoubleSubmitCookieFilter();
        this.filter.init(this.mockFilterConfig);
        Mockito.when(this.mockHttpServletRequest.getRequestURI()).thenReturn("");
        Mockito.when(this.mockHttpServletRequest.getContextPath()).thenReturn("");
        Cookie createCsrfProtectionCookie = createCsrfProtectionCookie();
        Mockito.when(this.mockHttpServletRequest.getCookies()).thenReturn(new Cookie[]{createCsrfProtectionCookie});
        Mockito.when(this.mockHttpServletRequest.getHeader(NAV_CSRF_PROTECTION)).thenReturn(createCsrfProtectionCookie.getValue());
    }

    @Test
    public void skal_ikke_filtrere_gyldige_csrf_state_endring_requests() throws ServletException, IOException {
        this.filter.doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse, this.mockFilterChain);
        ((HttpServletResponse) Mockito.verify(this.mockHttpServletResponse, Mockito.times(0))).sendError(Mockito.anyInt(), Mockito.anyString());
        ((FilterChain) Mockito.verify(this.mockFilterChain, Mockito.times(1))).doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse);
    }

    @Test
    public void skal_ikke_filtrere_ugyldige_csrf_get_requests() throws ServletException, IOException {
        Mockito.when(this.mockHttpServletRequest.getMethod()).thenReturn("GET");
        Mockito.when(this.mockHttpServletRequest.getHeader(NAV_CSRF_PROTECTION)).thenReturn("Dette er en ugyldig header");
        this.filter.doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse, this.mockFilterChain);
        ((HttpServletResponse) Mockito.verify(this.mockHttpServletResponse, Mockito.times(0))).sendError(Mockito.anyInt(), Mockito.anyString());
        ((FilterChain) Mockito.verify(this.mockFilterChain, Mockito.times(1))).doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse);
    }

    @Test
    public void skal_ikke_filtrere_ugyldige_csrf_head_requests() throws ServletException, IOException {
        Mockito.when(this.mockHttpServletRequest.getMethod()).thenReturn("HEAD");
        Mockito.when(this.mockHttpServletRequest.getHeader(NAV_CSRF_PROTECTION)).thenReturn("Dette er en ugyldig header");
        this.filter.doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse, this.mockFilterChain);
        ((HttpServletResponse) Mockito.verify(this.mockHttpServletResponse, Mockito.times(0))).sendError(Mockito.anyInt(), Mockito.anyString());
        ((FilterChain) Mockito.verify(this.mockFilterChain, Mockito.times(1))).doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse);
    }

    @Test
    public void skal_filtrere_ugyldige_csrf_state_endring_requests_og_gi_feilmelding() throws ServletException, IOException {
        Mockito.when(this.mockHttpServletRequest.getHeader(NAV_CSRF_PROTECTION)).thenReturn("Dette er en ugyldig header");
        this.filter.doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse, this.mockFilterChain);
        ((HttpServletResponse) Mockito.verify(this.mockHttpServletResponse, Mockito.times(1))).sendError(Mockito.anyInt(), Mockito.anyString());
        ((FilterChain) Mockito.verify(this.mockFilterChain, Mockito.times(0))).doFilter((ServletRequest) Mockito.any(), (ServletResponse) Mockito.any());
    }

    @Test
    public void skal_kaste_feil_og_avbryte_dersom_header_mangler() throws IOException, ServletException {
        Mockito.when(this.mockHttpServletRequest.getHeader(NAV_CSRF_PROTECTION)).thenReturn("");
        this.filter.doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse, this.mockFilterChain);
        ((FilterChain) Mockito.verify(this.mockFilterChain, Mockito.never())).doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse);
    }

    @Test
    public void skal_kaste_feil_og_avbryte_dersom_header_ikke_matcher_cookieverdi() throws IOException, ServletException {
        Mockito.when(this.mockHttpServletRequest.getHeader(NAV_CSRF_PROTECTION)).thenReturn("Matcher ikke");
        this.filter.doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse, this.mockFilterChain);
        ((FilterChain) Mockito.verify(this.mockFilterChain, Mockito.never())).doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse);
    }

    @Test
    public void takler_at_ingen_cookies_er_satt() throws ServletException, IOException {
        Mockito.when(this.mockHttpServletRequest.getCookies()).thenReturn((Object) null);
        this.filter.doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse, this.mockFilterChain);
        ((HttpServletResponse) Mockito.verify(this.mockHttpServletResponse)).sendError(Mockito.anyInt(), Mockito.anyString());
        ((FilterChain) Mockito.verify(this.mockFilterChain, Mockito.never())).doFilter(this.mockHttpServletRequest, this.mockHttpServletResponse);
    }

    private Cookie createCsrfProtectionCookie() {
        return new Cookie(NAV_CSRF_PROTECTION, UUID.randomUUID().toString());
    }
}
