package io.vertx.ext.web.handler;

import io.vertx.core.Vertx;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.http.HttpMethod;
import io.vertx.ext.web.WebTestBase;
import io.vertx.ext.web.handler.impl.HttpStatusException;
import java.util.List;
import java.util.concurrent.CountDownLatch;
import org.junit.AfterClass;
import org.junit.Ignore;
import org.junit.Test;

/* loaded from: input_file:io/vertx/ext/web/handler/CSRFHandlerTest.class */
public class CSRFHandlerTest extends WebTestBase {
    Throwable failure;
    String rawCookie;
    String tmpCookie;

    @AfterClass
    public static void oneTimeTearDown() {
        Vertx vertx = Vertx.vertx();
        if (vertx.fileSystem().existsBlocking("file-uploads")) {
            vertx.fileSystem().deleteRecursiveBlocking("file-uploads", true);
        }
    }

    @Test
    public void testGetCookie() throws Exception {
        this.router.route().handler(CSRFHandler.create("Abracadabra"));
        this.router.get().handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.GET, "/", null, httpClientResponse -> {
            List all = httpClientResponse.headers().getAll("set-cookie");
            assertEquals(1L, all.size());
            assertEquals("XSRF-TOKEN", ((String) all.get(0)).substring(0, ((String) all.get(0)).indexOf(61)));
        }, 200, "OK", null);
    }

    @Test
    public void testPostWithoutHeader() throws Exception {
        CountDownLatch countDownLatch = new CountDownLatch(1);
        this.router.route().handler(CSRFHandler.create("Abracadabra"));
        this.router.route().handler(routingContext -> {
            routingContext.response().end();
        });
        this.router.errorHandler(403, routingContext2 -> {
            this.failure = routingContext2.failure();
            countDownLatch.countDown();
        });
        testRequest(HttpMethod.POST, "/", null, null, 403, "Forbidden", null);
        countDownLatch.await();
        assertTrue(this.failure instanceof HttpStatusException);
        assertEquals(this.failure.getPayload(), "Invalid or missing csrf token");
    }

    @Test
    public void testPostWithHeader() throws Exception {
        this.router.route().handler(StaticHandler.create());
        this.router.route("/xsrf").handler(CSRFHandler.create("Abracadabra"));
        this.router.route("/xsrf").handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.GET, "/xsrf", null, httpClientResponse -> {
            String str = (String) httpClientResponse.headers().getAll("set-cookie").get(0);
            this.rawCookie = str;
            this.tmpCookie = str.substring(str.indexOf(61) + 1, str.indexOf(59));
        }, 200, "OK", null);
        testRequest(HttpMethod.POST, "/xsrf", httpClientRequest -> {
            httpClientRequest.putHeader("X-XSRF-TOKEN", this.tmpCookie);
            httpClientRequest.putHeader("Cookie", this.rawCookie);
        }, null, 200, "OK", null);
    }

    @Test
    public void testPostWithExpiredCookie() throws Exception {
        this.router.route().handler(CSRFHandler.create("Abracadabra").setTimeout(1L));
        this.router.route().handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.POST, "/", httpClientRequest -> {
            httpClientRequest.putHeader("X-XSRF-TOKEN", "4CYp9vQsr2VSQEsi/oVsMu35Ho9TlR0EovcYovlbiBw=.1437037602082.41jwU0FPl/n7ZNZAZEA07GyIUnpKSTKQ8Eju7Nicb34=");
        }, null, 403, "Forbidden", null);
    }

    @Test
    public void testPostWithFormAttribute() throws Exception {
        this.router.route().handler(BodyHandler.create());
        this.router.route().handler(CSRFHandler.create("Abracadabra"));
        this.router.route().handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.GET, "/", null, httpClientResponse -> {
            String str = (String) httpClientResponse.headers().getAll("set-cookie").get(0);
            this.rawCookie = str;
            this.tmpCookie = str.substring(str.indexOf(61) + 1, str.indexOf(59));
        }, 200, "OK", null);
        testRequest(HttpMethod.POST, "/", httpClientRequest -> {
            Buffer buffer = Buffer.buffer();
            buffer.appendString("--dLV9Wyq26L_-JQxk6ferf-RT153LhOO\r\nContent-Disposition: form-data; name=\"X-XSRF-TOKEN\"\r\n\r\n" + this.tmpCookie + "\r\n--dLV9Wyq26L_-JQxk6ferf-RT153LhOO--\r\n");
            httpClientRequest.headers().set("content-length", String.valueOf(buffer.length()));
            httpClientRequest.headers().set("content-type", "multipart/form-data; boundary=dLV9Wyq26L_-JQxk6ferf-RT153LhOO");
            httpClientRequest.putHeader("Cookie", this.rawCookie);
            httpClientRequest.write(buffer);
        }, null, 200, "OK", null);
    }

    @Test
    @Ignore
    public void testPostWithFormAttributeWithoutCookies() throws Exception {
        this.router.route().handler(BodyHandler.create());
        this.router.route().handler(CSRFHandler.create("Abracadabra"));
        this.router.route().handler(routingContext -> {
            String str = (String) routingContext.get("X-XSRF-TOKEN");
            if (str != null) {
                routingContext.response().end(str);
            } else {
                routingContext.response().end();
            }
        });
        CountDownLatch countDownLatch = new CountDownLatch(1);
        testRequest(HttpMethod.GET, "/", null, httpClientResponse -> {
            httpClientResponse.bodyHandler(buffer -> {
                this.tmpCookie = buffer.toString();
                countDownLatch.countDown();
            });
            assertEquals(0L, httpClientResponse.headers().getAll("set-cookie").size());
        }, 200, "OK", null);
        countDownLatch.await();
        testRequest(HttpMethod.POST, "/", httpClientRequest -> {
            Buffer buffer = Buffer.buffer();
            buffer.appendString("--dLV9Wyq26L_-JQxk6ferf-RT153LhOO\r\nContent-Disposition: form-data; name=\"X-XSRF-TOKEN\"\r\n\r\n" + this.tmpCookie + "\r\n--dLV9Wyq26L_-JQxk6ferf-RT153LhOO--\r\n");
            httpClientRequest.headers().set("content-length", String.valueOf(buffer.length()));
            httpClientRequest.headers().set("content-type", "multipart/form-data; boundary=dLV9Wyq26L_-JQxk6ferf-RT153LhOO");
            httpClientRequest.write(buffer);
        }, null, 403, "Forbidden", null);
    }

    @Test
    public void testPostWithCustomResponseBody() throws Exception {
        this.router.route().handler(CSRFHandler.create("Abracadabra").setTimeout(1L).setResponseBody("Expected response body"));
        this.router.route().handler(routingContext -> {
            routingContext.response().end();
        });
        testRequest(HttpMethod.POST, "/", httpClientRequest -> {
            httpClientRequest.putHeader("X-XSRF-TOKEN", "4CYp9vQsr2VSQEsi/oVsMu35Ho9TlR0EovcYovlbiBw=.1437037602082.41jwU0FPl/n7ZNZAZEA07GyIUnpKSTKQ8Eju7Nicb34=");
        }, null, 403, "Forbidden", "Expected response body");
    }
}
