package it.com.atlassian.applinks.refapp_refapp;

import it.com.atlassian.applinks.AbstractAppLinksSeleniumTest;
import it.com.atlassian.applinks.ProductInstance;
import org.hamcrest.Matchers;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:it/com/atlassian/applinks/refapp_refapp/XssProtectionTest.class */
public class XssProtectionTest extends AbstractAppLinksSeleniumTest {
    @Before
    public void setUp() throws Exception {
        cleanup(ProductInstance.REFAPP1, ProductInstance.REFAPP2);
        try {
            login(ProductInstance.REFAPP1, ProductInstance.REFAPP2);
            assertNoApplicationLinksAreConfigured();
        } catch (Exception e) {
            tearDown();
            throw e;
        }
    }

    @After
    public void tearDown() throws Exception {
        cleanup(ProductInstance.REFAPP1, ProductInstance.REFAPP2);
        logout(ProductInstance.REFAPP1, ProductInstance.REFAPP2);
    }

    @Test
    public void linkPresentToAddFirstApplicationLink() {
        Assert.assertEquals("Click here to add one.", this.client.getText("id=add-first-application-link"));
    }

    @Test
    public void addApplicationLinkUrlErrorEscapesMessage() {
        this.client.click("add-application-link");
        this.client.type("application-url", "https://");
        this.client.click("//div[@id='add-application-link-dialog']//button[. = 'Next']");
        this.client.waitForAjaxWithJquery();
        Assert.assertThat(this.client.getText("css=.applinks-error"), Matchers.startsWith("The URL 'https://' is not valid."));
    }

    void createSingleApplicationWithUrlAndName(String str, String str2) {
        gotoPage("/plugins/servlet/applinks/listApplicationLinks");
        this.client.click("add-application-link");
        this.client.type("application-url", str);
        this.client.click("//div[@id='add-application-link-dialog']//button[. = 'Next']");
        this.client.type("application-name", str2);
        this.client.select("application-types", "label=Generic Application");
        this.client.click("//div[@id='add-application-link-dialog']//button[. = 'Create']");
        this.client.waitForAjaxWithJquery();
    }

    @Test
    public void relocationInfoBoxesEscapeTheirApplicationTitle() {
        createSingleApplicationWithUrlAndName("http://localhost:1/", "Test <i>XSS</i>");
        gotoPage("/plugins/servlet/applinks/listApplicationLinks");
        this.client.waitForPageToLoad();
        Assert.assertThat(this.client.getText("css=.aui-message div"), Matchers.startsWith("Application 'Test <i>XSS</i>' seems to be offline."));
        Assert.assertThat(this.client.getText("css=a.relocate-warning"), Matchers.startsWith("Click here to Relocate"));
    }

    @Test
    public void infoBoxAfterLinkCreationEscapesSourceEntityName() {
        createSingleApplicationWithUrlAndName("http://localhost:1/", "Test");
        createCharlie("CHARLIE_TEST_KEY", "Charlie <b>name</b>");
        this.client.click("charlieManagement");
        this.client.click("//div[@class='refapp-body']//a[.='CHARLIE_TEST_KEY']");
        this.client.waitForPageToLoad();
        this.client.click("link=Configure Entity Links");
        this.client.waitForPageToLoad();
        Assert.assertEquals("RefApp Administration", this.client.getText("//h1"));
        this.client.click("//li[@id='dropDown-standard']/a/span");
        this.client.click("//li[@id='dropDown-standard']/ul/li/a/span");
        this.client.type("add-non-ual-entity-link-entity", "B");
        this.client.type("add-non-ual-entity-link-alias", "C");
        this.client.click("//div[@id='add-entity-link-wizard']//button[.='Create']");
        this.client.waitForAjaxWithJquery();
        Assert.assertThat(this.client.getText("css=div.aui-message div.page-info"), Matchers.equalTo("Created link from Charlie 'Charlie <b>name</b>' to Generic Project 'C'"));
    }

    @Test
    public void messageContentsAreShownForRelocationDialogError() {
        createSingleApplicationWithUrlAndName("http://localhost:1/", "Test <i>XSS</i>");
        gotoPage("/plugins/servlet/applinks/listApplicationLinks");
        this.client.waitForPageToLoad();
        this.client.click("css=a.relocate-warning");
        this.client.type("relocate-url", "https://");
        this.client.click("css=button.applinks-next-button");
        Assert.assertThat(this.client.getText("relocate-error"), Matchers.startsWith("Failed to convert https:// to URI"));
    }

    @Test
    public void projectNameIsEscapedInAddProjectLink() throws Exception {
        createApplicationLinkToRefapp2(AbstractAppLinksSeleniumTest.AuthType.TRUSTED_APPS);
        createCharlie(ProductInstance.REFAPP2, "X", "<b>XSS</b> Test 1");
        createCharlie(ProductInstance.REFAPP2, "Y", "<b>XSS</b> Test 2");
        createCharlie(ProductInstance.REFAPP1, "CHARLIE_TEST_KEY", "Charlie");
        this.client.clickLinkWithText("CHARLIE_TEST_KEY", true);
        this.client.clickLinkWithText("Configure Entity Links", true);
        this.client.clickLinkWithText("Add Link", false);
        this.client.click("//a[@class='item-link']", false);
        this.client.waitUntilVisible("#add-entity-link-entity");
        this.client.click("//input[@id='add-entity-link-entity']");
        this.client.waitUntilVisible(".remote-entity");
        Assert.assertThat(this.client.getText("//a[@class='remote-entity']"), Matchers.containsString("<b>XSS</b>"));
    }

    @Test
    public void configureDisplayUrlErrorEscapesMessage() {
        this.client.click("add-application-link");
        this.client.type("application-url", "http://<i>localhost</i>");
        this.client.click("//div[@id='add-application-link-dialog']//button[. = 'Next']");
        Assert.assertThat(this.client.getText("css=.applinks-error"), Matchers.startsWith("The URL 'http://<i>localhost</i>' is not valid."));
    }
}
