package at.gv.egiz.eaaf.core.test.impl.idp.validation;

import at.gv.egiz.eaaf.core.api.IRequest;
import at.gv.egiz.eaaf.core.exceptions.EaafSecurityException;
import at.gv.egiz.eaaf.core.impl.idp.auth.dummy.DummyPendingRequest;
import at.gv.egiz.eaaf.core.impl.idp.validation.CookieBasedRequestValidator;
import at.gv.egiz.eaaf.core.test.dummy.DummyAuthConfigMap;
import jakarta.servlet.http.Cookie;
import java.util.UUID;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.jupiter.api.Assertions;
import org.junit.runner.RunWith;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

@ContextConfiguration({"/SpringTest-context_eaaf_core.xml"})
@RunWith(SpringJUnit4ClassRunner.class)
/* loaded from: input_file:at/gv/egiz/eaaf/core/test/impl/idp/validation/CookieBasedRequestValidatorTest.class */
public class CookieBasedRequestValidatorTest {
    DummyAuthConfigMap config = new DummyAuthConfigMap();
    CookieBasedRequestValidator toCheck = new CookieBasedRequestValidator();
    MockHttpServletRequest httpReq;
    IRequest pendingReq;

    @Before
    public void initialize() {
        this.pendingReq = new DummyPendingRequest();
        this.httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
        this.pendingReq.initialize(this.httpReq, this.config);
    }

    @Test
    public void setHttpCookie() {
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        this.toCheck.setValidationInfos(mockHttpServletResponse, this.pendingReq);
        String str = (String) this.pendingReq.getRawData("eaafSession", String.class);
        Assert.assertNotNull("stored http cookie", str);
        Cookie cookie = mockHttpServletResponse.getCookie("eaafSession");
        Assert.assertNotNull("response http cookie", cookie);
        Assertions.assertEquals(str, cookie.getValue(), "cookie value not match");
        Assert.assertTrue("httpOnly", cookie.isHttpOnly());
        Assert.assertTrue("secured", cookie.getSecure());
        Assertions.assertEquals("", cookie.getPath(), "wrong Context Path");
    }

    @Test
    public void success() {
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        this.toCheck.setValidationInfos(mockHttpServletResponse, this.pendingReq);
        this.httpReq.setCookies(mockHttpServletResponse.getCookies());
        this.toCheck.validate(this.httpReq, this.pendingReq);
    }

    @Test
    public void notCookieInSession() {
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        this.toCheck.setValidationInfos(mockHttpServletResponse, this.pendingReq);
        this.pendingReq.removeRawDataFromTransaction("eaafSession");
        this.httpReq.setCookies(mockHttpServletResponse.getCookies());
        this.toCheck.validate(this.httpReq, this.pendingReq);
    }

    @Test
    public void wrongCookie() {
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        this.toCheck.setValidationInfos(mockHttpServletResponse, this.pendingReq);
        Cookie cookie = mockHttpServletResponse.getCookie("eaafSession");
        cookie.setValue(UUID.randomUUID().toString());
        this.httpReq.setCookies(new Cookie[]{cookie});
        Assertions.assertEquals("process.80", Assertions.assertThrows(EaafSecurityException.class, () -> {
            this.toCheck.validate(this.httpReq, this.pendingReq);
        }).getErrorId(), "wrong ErrorCode");
    }
}
