package org.jboss.dashboard.ui;

import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jboss.dashboard.ui.controller.SecureHeaderFilter;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:org/jboss/dashboard/ui/SecureHeaderTest.class */
public class SecureHeaderTest extends UITestBase {

    @Mock
    HttpServletRequest request;

    @Mock
    HttpServletResponse response;

    @Mock
    FilterChain filterChain;

    @InjectMocks
    SecureHeaderFilter secureHeaderFilter;

    @Override // org.jboss.dashboard.ui.UITestBase
    @Before
    public void setUp() throws Exception {
        super.setUp();
        this.secureHeaderFilter = new SecureHeaderFilter();
        this.secureHeaderFilter.setHttpSettings(this.httpSettings);
    }

    @Test
    public void testFrameOptionsSameOrigin() throws Exception {
        Mockito.when(this.httpSettings.getXFrameOptions()).thenReturn("SAMEORIGIN");
        this.secureHeaderFilter.doFilter(this.request, this.response, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.response)).setHeader("X-FRAME-OPTIONS", "SAMEORIGIN");
    }

    @Test
    public void testFrameOptionsDeny() throws Exception {
        Mockito.when(this.httpSettings.getXFrameOptions()).thenReturn("DENY");
        this.secureHeaderFilter.doFilter(this.request, this.response, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.response)).setHeader("X-FRAME-OPTIONS", "DENY");
    }

    @Test
    public void testFrameOptionsDisabled() throws Exception {
        Mockito.when(this.httpSettings.getXFrameOptions()).thenReturn((Object) null);
        this.secureHeaderFilter.doFilter(this.request, this.response, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.response, Mockito.never())).setHeader((String) Mockito.eq("X-FRAME-OPTIONS"), Mockito.anyString());
    }

    @Test
    public void testXSSMode() throws Exception {
        Mockito.when(Boolean.valueOf(this.httpSettings.isXSSProtectionEnabled())).thenReturn(true);
        Mockito.when(Boolean.valueOf(this.httpSettings.isXSSProtectionBlock())).thenReturn(true);
        this.secureHeaderFilter.doFilter(this.request, this.response, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.response)).setHeader("X-XSS-Protection", "1; mode=block");
    }

    @Test
    public void testXSSSameOrigin() throws Exception {
        Mockito.when(Boolean.valueOf(this.httpSettings.isXSSProtectionEnabled())).thenReturn(true);
        Mockito.when(Boolean.valueOf(this.httpSettings.isXSSProtectionBlock())).thenReturn(false);
        this.secureHeaderFilter.doFilter(this.request, this.response, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.response)).setHeader("X-XSS-Protection", "1");
    }

    @Test
    public void testXSSProtectionDisabled() throws Exception {
        Mockito.when(Boolean.valueOf(this.httpSettings.isXSSProtectionEnabled())).thenReturn(false);
        this.secureHeaderFilter.doFilter(this.request, this.response, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.response, Mockito.never())).setHeader((String) Mockito.eq("X-XSS-Protection"), Mockito.anyString());
    }
}
