package org.keycloak.testsuite.error;

import java.util.List;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Test;
import org.keycloak.common.util.KeycloakUriBuilder;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.testsuite.AbstractKeycloakTest;
import org.keycloak.testsuite.pages.ErrorPage;

/* loaded from: input_file:org/keycloak/testsuite/error/EscapeErrorPageTest.class */
public class EscapeErrorPageTest extends AbstractKeycloakTest {

    @Page
    public ErrorPage errorPage;

    @Override // org.keycloak.testsuite.AbstractKeycloakTest
    public void addTestRealms(List<RealmRepresentation> list) {
    }

    @Test
    public void innerScript() {
        checkMessage("\"<img src=<script>alert(1)</script>/>\"", "\"alert(1)/>\"");
    }

    @Test
    public void innerURL() {
        checkMessage("\"See https://www.keycloak.org/docs\"", "\"See https://www.keycloak.org/docs\"");
    }

    @Test
    public void URL() {
        checkMessage("See https://www.keycloak.org/docs", "See https://www.keycloak.org/docs");
    }

    @Test
    public void ampersandEscape() {
        checkMessage("&lt;img src=&quot;something&quot;&gt;", "<img src=\"something\">");
    }

    @Test
    public void hexEscape() {
        checkMessage("&#x3C;img src&#61;something&#x2F;&#x3E;", "<img src=something/>");
    }

    @Test
    public void plainText() {
        checkMessage("It doesn't work", "It doesn't work");
    }

    @Test
    public void textWithPlus() {
        checkMessage("Fact: 1+1=2", "Fact: 1+1=2");
    }

    private void checkMessage(String str, String str2) {
        try {
            this.driver.navigate().to(KeycloakUriBuilder.fromUri(this.suiteContext.getAuthServerInfo().getContextRoot().toURI()).path("/auth/realms/master/testing/display-error-message").queryParam("message", new Object[]{str}).build(new Object[0]).toURL());
            this.errorPage.assertCurrent();
            MatcherAssert.assertThat(this.errorPage.getError(), CoreMatchers.is(str2));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
