package com.cloudera.server.web.cmf.csrf;

import com.cloudera.cmf.service.config.MetricsSourceConfigEvaluatorTest;
import com.cloudera.cmf.service.scm.ScmParamTrackerStore;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.server.cmf.CurrentUserManager;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:com/cloudera/server/web/cmf/csrf/CsrfRefererInterceptorTest.class */
public class CsrfRefererInterceptorTest {

    @Mock
    private ScmParamTrackerStore scmPts;

    @Mock
    private CurrentUserManager currentUserMgr;

    @Mock
    private HttpServletRequest request;

    @Mock
    private HttpServletResponse response;

    @Mock
    private Object handler;

    @InjectMocks
    private CsrfRefererInterceptor interceptor;

    @Before
    public void before() {
        Mockito.when(this.scmPts.get(ScmParams.REFERER_CHECK)).thenReturn(true);
        Mockito.when(this.request.getMethod()).thenReturn("POST");
        mockRequest("cluster/delete");
    }

    private void mockReferrer(String str) {
        Mockito.when(this.request.getHeader("Referer")).thenReturn(str);
    }

    private void mockRequest(String str) {
        Mockito.when(this.request.getRequestURL()).thenReturn(new StringBuffer("https://cm.big.customer.that.cares.about.pci.compliance:7183/cmf/").append(str));
        Mockito.when(this.request.getRequestURI()).thenReturn("/cmf/" + str);
    }

    @Test
    public void testValid() throws Exception {
        mockReferrer("https://cm.big.customer.that.cares.about.pci.compliance:7183/cmf/cluster");
        this.interceptor.preHandle(this.request, this.response, this.handler);
        ((HttpServletResponse) Mockito.verify(this.response, Mockito.never())).sendError(((Integer) Mockito.any(Integer.class)).intValue(), (String) Mockito.any(String.class));
    }

    @Test
    public void testNoReferrer() throws Exception {
        mockReferrer(null);
        Assert.assertFalse(this.interceptor.preHandle(this.request, this.response, this.handler));
        ((HttpServletResponse) Mockito.verify(this.response)).sendError(Mockito.eq(403), (String) Mockito.any(String.class));
    }

    @Test
    public void testInvalidReferrer() throws Exception {
        mockReferrer("http://bogus.referer.ibm.com");
        Assert.assertFalse(this.interceptor.preHandle(this.request, this.response, this.handler));
        ((HttpServletResponse) Mockito.verify(this.response)).sendError(Mockito.eq(403), (String) Mockito.any(String.class));
    }

    @Test
    public void testOff() throws Exception {
        Mockito.when(this.scmPts.get(ScmParams.REFERER_CHECK)).thenReturn(false);
        mockReferrer("http://bogus.referer.ibm.com");
        Assert.assertTrue(this.interceptor.preHandle(this.request, this.response, this.handler));
        ((HttpServletResponse) Mockito.verify(this.response, Mockito.never())).sendError(((Integer) Mockito.any(Integer.class)).intValue(), (String) Mockito.any(String.class));
    }

    @Test
    public void testGet() throws Exception {
        Mockito.when(this.request.getMethod()).thenReturn("GET");
        mockReferrer("http://bogus.referer.ibm.com");
        Assert.assertTrue(this.interceptor.preHandle(this.request, this.response, this.handler));
        ((HttpServletResponse) Mockito.verify(this.response, Mockito.never())).sendError(((Integer) Mockito.any(Integer.class)).intValue(), (String) Mockito.any(String.class));
    }

    @Test
    public void testInternalHiveExportUri() throws Exception {
        mockReferrer(null);
        mockRequest("services/replication/hiveExport");
        Assert.assertFalse(this.interceptor.preHandle(this.request, this.response, this.handler));
        ((HttpServletResponse) Mockito.verify(this.response)).sendError(Mockito.eq(403), (String) Mockito.any(String.class));
        Mockito.reset(new HttpServletResponse[]{this.response});
        Mockito.when(Boolean.valueOf(this.currentUserMgr.isInternallyManagedUser())).thenReturn(true);
        Assert.assertTrue(this.interceptor.preHandle(this.request, this.response, this.handler));
        ((HttpServletResponse) Mockito.verify(this.response, Mockito.never())).sendError(((Integer) Mockito.any(Integer.class)).intValue(), (String) Mockito.any(String.class));
    }

    @Test
    public void testFrontendReferrer() throws Exception {
        Mockito.when(this.scmPts.get(ScmParams.FRONTEND_URL)).thenReturn("http://cm-frontend-host:8443/");
        mockReferrer("http://cm-frontend-host:8443/cmf/home");
        Assert.assertTrue(this.interceptor.preHandle(this.request, this.response, this.handler));
        ((HttpServletResponse) Mockito.verify(this.response, Mockito.never())).sendError(((Integer) Mockito.any(Integer.class)).intValue(), (String) Mockito.any(String.class));
    }

    @Test
    public void testEmptyFrontendUrl() throws Exception {
        Mockito.when(this.scmPts.get(ScmParams.FRONTEND_URL)).thenReturn(MetricsSourceConfigEvaluatorTest.PLACE_HOLDER);
        mockReferrer("http://cm-frontend-host:8443/cmf/home");
        Assert.assertFalse(this.interceptor.preHandle(this.request, this.response, this.handler));
        ((HttpServletResponse) Mockito.verify(this.response)).sendError(Mockito.eq(403), (String) Mockito.any(String.class));
    }
}
