package edu.yale.its.tp.cas.client.filter;

import com.mockrunner.mock.web.MockFilterConfig;
import com.mockrunner.mock.web.MockHttpServletRequest;
import com.mockrunner.mock.web.MockHttpServletResponse;
import com.mockrunner.mock.web.MockHttpSession;
import com.mockrunner.mock.web.MockServletContext;
import edu.yale.its.tp.cas.client.CASReceipt;
import java.io.IOException;
import java.util.ArrayList;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequestWrapper;
import javax.servlet.ServletResponseWrapper;
import junit.framework.TestCase;

/* loaded from: classes.dex */
public class ProxyChainScrutinizerFilterTest extends TestCase {
    private static final String GOOD_AUTHORIZED_PROXIES_STRING = "https://www.yale.edu/immediatelyPreviousServiceInChain https://www.princeton.edu/middleware https://www.northwestern.edu/userInitiallyAuthenticatedToThisApplication ; https://www.immediatelyPreviousAuthenticationProxyingService.com https://secure.com/middleTierService https://secure.com/userInterface";
    private ProxyChainScrutinizerFilter correctlyConfiguredFilter;
    private WatchfulFilterChain filterChain;
    private MockHttpServletRequest request;
    private MockHttpServletResponse response;

    protected void setUp() throws Exception {
        super.setUp();
        FilterConfig mockFilterConfig = new MockFilterConfig();
        MockServletContext mockServletContext = new MockServletContext();
        mockServletContext.setInitParameter(ProxyChainScrutinizerFilter.AUTHORIZED_PROXIES_INITPARAM, GOOD_AUTHORIZED_PROXIES_STRING);
        mockFilterConfig.setupServletContext(mockServletContext);
        this.correctlyConfiguredFilter = new ProxyChainScrutinizerFilter();
        this.correctlyConfiguredFilter.init(mockFilterConfig);
        this.request = new MockHttpServletRequest();
        this.response = new MockHttpServletResponse();
        this.filterChain = new WatchfulFilterChain();
    }

    protected void tearDown() throws Exception {
        super.tearDown();
    }

    public void testDoFilterAuthorizedProxyChainOne() throws IOException, ServletException {
        MockHttpSession mockHttpSession = new MockHttpSession();
        CASReceipt cASReceipt = new CASReceipt();
        ArrayList arrayList = new ArrayList();
        arrayList.add("https://www.yale.edu/immediatelyPreviousServiceInChain");
        arrayList.add("https://www.princeton.edu/middleware");
        arrayList.add("https://www.northwestern.edu/userInitiallyAuthenticatedToThisApplication");
        cASReceipt.setProxyList(arrayList);
        mockHttpSession.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", cASReceipt);
        this.request.setSession(mockHttpSession);
        this.correctlyConfiguredFilter.doFilter(this.request, this.response, this.filterChain);
        assertTrue(this.filterChain.isChainInvoked());
    }

    public void testDoFilterAuthorizedProxyChainTwo() throws IOException, ServletException {
        MockHttpSession mockHttpSession = new MockHttpSession();
        CASReceipt cASReceipt = new CASReceipt();
        ArrayList arrayList = new ArrayList();
        arrayList.add("https://www.immediatelyPreviousAuthenticationProxyingService.com");
        arrayList.add("https://secure.com/middleTierService");
        arrayList.add("https://secure.com/userInterface");
        cASReceipt.setProxyList(arrayList);
        mockHttpSession.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", cASReceipt);
        this.request.setSession(mockHttpSession);
        this.correctlyConfiguredFilter.doFilter(this.request, this.response, this.filterChain);
        assertTrue(this.filterChain.isChainInvoked());
    }

    public void testDoFilterAuthorizedServiceTicketReceipt() throws IOException, ServletException {
        MockServletContext mockServletContext = new MockServletContext();
        mockServletContext.setInitParameter(ProxyChainScrutinizerFilter.AUTHORIZED_PROXIES_INITPARAM, "; https://www.yale.edu/immediatelyPreviousServiceInChain https://www.princeton.edu/middleware https://www.northwestern.edu/userInitiallyAuthenticatedToThisApplication ; https://www.immediatelyPreviousAuthenticationProxyingService.com https://secure.com/middleTierService https://secure.com/userInterface");
        FilterConfig mockFilterConfig = new MockFilterConfig();
        mockFilterConfig.setupServletContext(mockServletContext);
        ProxyChainScrutinizerFilter proxyChainScrutinizerFilter = new ProxyChainScrutinizerFilter();
        proxyChainScrutinizerFilter.init(mockFilterConfig);
        CASReceipt cASReceipt = new CASReceipt();
        MockHttpSession mockHttpSession = new MockHttpSession();
        mockHttpSession.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", cASReceipt);
        this.request.setSession(mockHttpSession);
        proxyChainScrutinizerFilter.doFilter(this.request, this.response, this.filterChain);
        assertTrue(this.filterChain.isChainInvoked());
    }

    public void testDoFilterNoSession() throws IOException, ServletException {
        this.correctlyConfiguredFilter.doFilter(this.request, this.response, this.filterChain);
        assertEquals(403, this.response.getErrorCode());
    }

    public void testDoFilterNotHttpServletRequestButHttpServletResponse() throws IOException, ServletException {
        this.correctlyConfiguredFilter.doFilter(new ServletRequestWrapper(this.request), this.response, this.filterChain);
        assertEquals(403, this.response.getErrorCode());
    }

    public void testDoFilterNotHttpServletRequestNotHttpServletResponse() throws IOException {
        try {
            this.correctlyConfiguredFilter.doFilter(new ServletRequestWrapper(this.request), new ServletResponseWrapper(this.response), this.filterChain);
            fail("doFilter() should have failed because request was not an HttpServletRequest.");
        } catch (ServletException e) {
        }
    }

    public void testDoFilterPrefixOfAuthorizedChain() throws IOException, ServletException {
        MockHttpSession mockHttpSession = new MockHttpSession();
        CASReceipt cASReceipt = new CASReceipt();
        ArrayList arrayList = new ArrayList();
        arrayList.add("https://www.immediatelyPreviousAuthenticationProxyingService.com");
        arrayList.add("https://secure.com/middleTierService");
        cASReceipt.setProxyList(arrayList);
        mockHttpSession.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", cASReceipt);
        this.request.setSession(mockHttpSession);
        this.correctlyConfiguredFilter.doFilter(this.request, this.response, this.filterChain);
        assertEquals(403, this.response.getErrorCode());
    }

    public void testDoFilterServiceTicketReceipt() throws IOException, ServletException {
        MockHttpSession mockHttpSession = new MockHttpSession();
        mockHttpSession.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", new CASReceipt());
        this.request.setSession(mockHttpSession);
        this.correctlyConfiguredFilter.doFilter(this.request, this.response, this.filterChain);
        assertEquals(403, this.response.getErrorCode());
    }

    public void testDoFilterSessionAttributeOfWrongType() throws IOException, ServletException {
        MockHttpSession mockHttpSession = new MockHttpSession();
        mockHttpSession.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", new ProxyChainScrutinizerFilter());
        this.request.setSession(mockHttpSession);
        this.correctlyConfiguredFilter.doFilter(this.request, this.response, this.filterChain);
        assertEquals(403, this.response.getErrorCode());
    }

    public void testDoFilterSessionButNoAttribute() throws IOException, ServletException {
        this.request.setSession(new MockHttpSession());
        this.correctlyConfiguredFilter.doFilter(this.request, this.response, this.filterChain);
        assertEquals(403, this.response.getErrorCode());
    }

    public void testDoFilterSuffixOfAuthorizedChain() throws IOException, ServletException {
        MockHttpSession mockHttpSession = new MockHttpSession();
        CASReceipt cASReceipt = new CASReceipt();
        ArrayList arrayList = new ArrayList();
        arrayList.add("https://www.princeton.edu/middleware");
        arrayList.add("https://www.northwestern.edu/userInitiallyAuthenticatedToThisApplication");
        cASReceipt.setProxyList(arrayList);
        mockHttpSession.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", cASReceipt);
        this.request.setSession(mockHttpSession);
        this.correctlyConfiguredFilter.doFilter(this.request, this.response, this.filterChain);
        assertEquals(403, this.response.getErrorCode());
    }

    public void testDoFilterUnauthorizedProxyChain() throws IOException, ServletException {
        MockHttpSession mockHttpSession = new MockHttpSession();
        CASReceipt cASReceipt = new CASReceipt();
        ArrayList arrayList = new ArrayList();
        arrayList.add("https://www.immediatelyPreviousAuthenticationProxyingService.com");
        arrayList.add("https://secure.com/middleTierService");
        arrayList.add("https://secure.com/notTheAuthorizedUserInterface");
        cASReceipt.setProxyList(arrayList);
        mockHttpSession.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", cASReceipt);
        this.request.setSession(mockHttpSession);
        this.correctlyConfiguredFilter.doFilter(this.request, this.response, this.filterChain);
        assertEquals(403, this.response.getErrorCode());
    }

    public void testEgregiouslyBadParam() {
        FilterConfig mockFilterConfig = new MockFilterConfig();
        MockServletContext mockServletContext = new MockServletContext();
        mockServletContext.setInitParameter(ProxyChainScrutinizerFilter.AUTHORIZED_PROXIES_INITPARAM, "wombat foobar splat");
        mockFilterConfig.setupServletContext(mockServletContext);
        try {
            new ProxyChainScrutinizerFilter().init(mockFilterConfig);
            fail("Initialization should have failed because edu.yale.its.tp.cas.client.filter.authorizedProxyChains had garbage values.");
        } catch (ServletException e) {
        }
    }

    public void testEmptyParam() {
        FilterConfig mockFilterConfig = new MockFilterConfig();
        MockServletContext mockServletContext = new MockServletContext();
        mockServletContext.setInitParameter(ProxyChainScrutinizerFilter.AUTHORIZED_PROXIES_INITPARAM, "     ");
        mockFilterConfig.setupServletContext(mockServletContext);
        try {
            new ProxyChainScrutinizerFilter().init(mockFilterConfig);
            fail("Initialization should have failed because edu.yale.its.tp.cas.client.filter.authorizedProxyChains had only whitespace");
        } catch (ServletException e) {
        }
    }

    public void testGoodParam() throws ServletException {
        FilterConfig mockFilterConfig = new MockFilterConfig();
        MockServletContext mockServletContext = new MockServletContext();
        mockServletContext.setInitParameter(ProxyChainScrutinizerFilter.AUTHORIZED_PROXIES_INITPARAM, GOOD_AUTHORIZED_PROXIES_STRING);
        mockFilterConfig.setupServletContext(mockServletContext);
        new ProxyChainScrutinizerFilter().init(mockFilterConfig);
    }

    public void testInitNoParam() {
        FilterConfig mockFilterConfig = new MockFilterConfig();
        mockFilterConfig.setupServletContext(new MockServletContext());
        try {
            new ProxyChainScrutinizerFilter().init(mockFilterConfig);
            fail("Initialization should have failed because edu.yale.its.tp.cas.client.filter.authorizedProxyChains was not set.");
        } catch (ServletException e) {
        }
    }

    public void testInsecureUrlsParam() {
        FilterConfig mockFilterConfig = new MockFilterConfig();
        MockServletContext mockServletContext = new MockServletContext();
        mockServletContext.setInitParameter(ProxyChainScrutinizerFilter.AUTHORIZED_PROXIES_INITPARAM, "https://www.yale.edu/bulldog https://www.princeton.edu/tiger https://www.northwestern.edu/wildcat ; https://www.beginSecondChain.com http://insecure.com/service https://secure.com/anotherService");
        mockFilterConfig.setupServletContext(mockServletContext);
        try {
            new ProxyChainScrutinizerFilter().init(mockFilterConfig);
            fail("Initialization should have failed because edu.yale.its.tp.cas.client.filter.authorizedProxyChains contained an insecure URL.");
        } catch (ServletException e) {
        }
    }
}
