package it.com.atlassian.plugins.whitelist.ui;

import com.atlassian.plugins.whitelist.WhitelistType;
import com.atlassian.plugins.whitelist.applinks.ApplicationLinkRestrictiveness;
import com.atlassian.plugins.whitelist.ui.WhitelistBean;
import com.atlassian.plugins.whitelist.ui.WhitelistListResponseBean;
import com.atlassian.plugins.whitelist.ui.WhitelistSettingsBean;
import com.atlassian.plugins.whitelist.ui.WhitelistTypeMapper;
import io.atlassian.fugue.Pair;
import java.io.IOException;
import java.util.List;
import java.util.Map;
import javax.ws.rs.core.Response;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.BasicResponseHandler;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.type.TypeReference;
import org.hamcrest.Matchers;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:it/com/atlassian/plugins/whitelist/ui/TestWhitelistResource.class */
public class TestWhitelistResource {
    private static final String WWW_ATLASSIAN_COM = "https://www.atlassian.com";
    private static final String HTTP_WAC = "http://atlassian.com";
    private static final String HTTPS_WAC_443 = "https://atlassian.com:443";
    private static final String BASE_URL = System.getProperty("baseurl", "http://localhost:5990/refapp");
    private static final String REST_URL = BASE_URL + "/rest/whitelist/latest/";
    private static final ObjectMapper OBJECT_MAPPER = new ObjectMapper();
    private static final HttpClient HTTP_CLIENT = new DefaultHttpClient();
    private static final ResponseHandler<String> BASIC_RESPONSE_HANDLER = new BasicResponseHandler();
    private static final int BAD_REQUEST = Response.Status.BAD_REQUEST.getStatusCode();
    private static final Pair<Boolean, Boolean> NOT_ALLOWED = Pair.pair(false, false);
    private static final Pair<Boolean, Boolean> BOTH_ALLOWED = Pair.pair(true, true);
    private static final Pair<Boolean, Boolean> ONLY_OUTGOING_ALLOWED = Pair.pair(true, false);

    @Before
    public void setUp() throws IOException {
        get(BASE_URL + "/plugins/servlet/login?os_username=admin&os_password=admin&os_websudo=true");
    }

    @After
    public void tearDown() throws Exception {
        execute(new HttpDelete(BASE_URL + "/rest/whitelist-testing/latest/all"));
    }

    @Test
    public void testGetRulesEmpty() throws IOException {
        Assert.assertThat(getRules(), Matchers.is(Matchers.empty()));
    }

    @Test
    public void testGetRulesEmptyPages() throws IOException {
        WhitelistListResponseBean rulesResponse = getRulesResponse();
        Assert.assertThat(Integer.valueOf(rulesResponse.getPage()), Matchers.is(Matchers.equalTo(0)));
        Assert.assertThat(Integer.valueOf(rulesResponse.getTotalPages()), Matchers.is(Matchers.equalTo(0)));
    }

    @Test
    public void testGetRulesSingle() throws IOException {
        create(HTTP_WAC, WhitelistType.EXACT_URL);
        List<WhitelistBean> rules = getRules();
        Assert.assertThat(rules, Matchers.hasSize(1));
        Assert.assertThat(rules.get(0).getType(), Matchers.is(Matchers.equalTo(WhitelistType.EXACT_URL)));
    }

    @Test
    public void testGetRulesSinglePages() throws IOException {
        create(HTTP_WAC, WhitelistType.EXACT_URL);
        WhitelistListResponseBean rulesResponse = getRulesResponse();
        Assert.assertThat(Integer.valueOf(rulesResponse.getPage()), Matchers.is(Matchers.equalTo(1)));
        Assert.assertThat(Integer.valueOf(rulesResponse.getTotalPages()), Matchers.is(Matchers.equalTo(1)));
    }

    @Test
    public void testGetRulesMultiple() throws IOException {
        create(HTTP_WAC, WhitelistType.DOMAIN_NAME);
        create(HTTPS_WAC_443, WhitelistType.EXACT_URL);
        Assert.assertThat(getRules(), Matchers.hasSize(2));
    }

    @Test
    public void testIsAllowedAndEnableAndDisable() throws IOException {
        Assert.assertThat(getAllowance("http://some.url"), Matchers.is(NOT_ALLOWED));
        disableWhitelist();
        Assert.assertThat(getAllowance("http://some.url"), Matchers.is(BOTH_ALLOWED));
        enableWhitelist();
        Assert.assertThat(getAllowance("http://some.url"), Matchers.is(NOT_ALLOWED));
    }

    @Test
    public void testCreateDelete() throws IOException {
        Assert.assertThat(getAllowance(HTTP_WAC), Matchers.is(NOT_ALLOWED));
        WhitelistBean create = create(HTTP_WAC, WhitelistType.EXACT_URL);
        try {
            Assert.assertThat(create.getId(), Matchers.notNullValue());
            Assert.assertThat(getAllowance(HTTP_WAC), Matchers.is(ONLY_OUTGOING_ALLOWED));
        } finally {
            delete(create.getId().intValue());
            Assert.assertThat(getAllowance(HTTP_WAC), Matchers.is(NOT_ALLOWED));
        }
    }

    @Test
    public void createExactUrl() throws IOException {
        WhitelistBean create = create(HTTPS_WAC_443, WhitelistType.EXACT_URL);
        Assert.assertThat(create.getExpression(), Matchers.is(HTTPS_WAC_443));
        Assert.assertThat(create.getType(), Matchers.is(WhitelistType.EXACT_URL));
        Assert.assertFalse(create.isAllowInbound().booleanValue());
        Assert.assertThat(getAllowance(HTTPS_WAC_443), Matchers.is(ONLY_OUTGOING_ALLOWED));
    }

    @Test
    public void createExactUrlWithInboundAllowed() throws IOException {
        WhitelistBean createWithInboundAllowed = createWithInboundAllowed(HTTPS_WAC_443, WhitelistType.EXACT_URL);
        Assert.assertThat(createWithInboundAllowed.getExpression(), Matchers.is(HTTPS_WAC_443));
        Assert.assertThat(createWithInboundAllowed.getType(), Matchers.is(WhitelistType.EXACT_URL));
        Assert.assertTrue(createWithInboundAllowed.isAllowInbound().booleanValue());
        Assert.assertThat(getAllowance(HTTPS_WAC_443), Matchers.is(BOTH_ALLOWED));
    }

    @Test
    public void createWildcardExpressionWithProtocolWildcard() throws IOException {
        WhitelistBean create = create("*://atlassian.com:443", WhitelistType.WILDCARD_EXPRESSION);
        Assert.assertThat(create.getExpression(), Matchers.is("*://atlassian.com:443"));
        Assert.assertThat(create.getType(), Matchers.is(WhitelistType.WILDCARD_EXPRESSION));
        Assert.assertFalse(create.isAllowInbound().booleanValue());
        Assert.assertThat(getAllowance(HTTPS_WAC_443), Matchers.is(ONLY_OUTGOING_ALLOWED));
        Assert.assertThat(getAllowance("http://atlassian.com:443"), Matchers.is(ONLY_OUTGOING_ALLOWED));
        Assert.assertThat(getAllowance("http://atlassian.com:80"), Matchers.is(NOT_ALLOWED));
    }

    @Test
    public void createWildcardExpressionWithPathWildcard() throws IOException {
        WhitelistBean create = create("https://atlassian.com*", WhitelistType.WILDCARD_EXPRESSION);
        Assert.assertThat(create.getExpression(), Matchers.is("https://atlassian.com*"));
        Assert.assertThat(create.getType(), Matchers.is(WhitelistType.WILDCARD_EXPRESSION));
        Assert.assertFalse(create.isAllowInbound().booleanValue());
        Assert.assertThat(getAllowance(HTTPS_WAC_443), Matchers.is(ONLY_OUTGOING_ALLOWED));
        Assert.assertThat(getAllowance("https://atlassian.com"), Matchers.is(ONLY_OUTGOING_ALLOWED));
    }

    @Test
    public void createRegularExpression() throws IOException {
        WhitelistBean create = create("https?://atlassian.com(?::\\d+)?", WhitelistType.REGULAR_EXPRESSION);
        Assert.assertThat(create.getExpression(), Matchers.is("https?://atlassian.com(?::\\d+)?"));
        Assert.assertThat(create.getType(), Matchers.is(WhitelistType.REGULAR_EXPRESSION));
        Assert.assertFalse(create.isAllowInbound().booleanValue());
        Assert.assertThat(getAllowance(HTTPS_WAC_443), Matchers.is(ONLY_OUTGOING_ALLOWED));
        Assert.assertThat(getAllowance(HTTP_WAC), Matchers.is(ONLY_OUTGOING_ALLOWED));
        Assert.assertThat(getAllowance("ftp://atlassian.com"), Matchers.is(NOT_ALLOWED));
    }

    @Test
    public void createRuleWithTypeApplicationLinkRejected() throws IOException {
        Assert.assertThat(Integer.valueOf(createStatusCode(WWW_ATLASSIAN_COM, WhitelistType.APPLICATION_LINK)), Matchers.equalTo(Integer.valueOf(BAD_REQUEST)));
    }

    @Test
    public void updateRuleToTypeApplicationLinkRejected() throws IOException {
        Assert.assertThat(Integer.valueOf(updateStatusCode(WhitelistBean.builder().copyOf(create(HTTPS_WAC_443, WhitelistType.EXACT_URL)).type(WhitelistType.APPLICATION_LINK).build())), Matchers.equalTo(Integer.valueOf(BAD_REQUEST)));
    }

    @Test
    public void updateExpression() throws IOException {
        Assert.assertThat(update(WhitelistBean.builder().copyOf(create(HTTPS_WAC_443, WhitelistType.EXACT_URL)).expression(WWW_ATLASSIAN_COM).build()).getExpression(), Matchers.is(WWW_ATLASSIAN_COM));
        Assert.assertThat(getAllowance(HTTPS_WAC_443), Matchers.is(NOT_ALLOWED));
        Assert.assertThat(getAllowance(WWW_ATLASSIAN_COM), Matchers.is(ONLY_OUTGOING_ALLOWED));
    }

    @Test
    public void updateType() throws IOException {
        Assert.assertThat(update(WhitelistBean.builder().copyOf(create(WWW_ATLASSIAN_COM, WhitelistType.EXACT_URL)).type(WhitelistType.DOMAIN_NAME).build()).getType(), Matchers.is(WhitelistType.DOMAIN_NAME));
    }

    @Test
    public void updatedAllowInbound() throws IOException {
        Assert.assertTrue(update(WhitelistBean.builder().copyOf(create(WWW_ATLASSIAN_COM, WhitelistType.EXACT_URL)).allowInbound(true).build()).isAllowInbound().booleanValue());
        Assert.assertThat(getAllowance(WWW_ATLASSIAN_COM), Matchers.is(BOTH_ALLOWED));
    }

    @Test
    public void changeRestrictiveness() throws IOException {
        WhitelistSettingsBean whitelistSettingsBean = new WhitelistSettingsBean(ApplicationLinkRestrictiveness.DENY);
        WhitelistSettingsBean whitelistSettingsBean2 = new WhitelistSettingsBean(ApplicationLinkRestrictiveness.ALLOW_ANONYMOUS);
        Assert.assertEquals(whitelistSettingsBean.getApplicationLinkRestrictiveness(), updateSettings(whitelistSettingsBean).getApplicationLinkRestrictiveness());
        Assert.assertEquals(whitelistSettingsBean2.getApplicationLinkRestrictiveness(), updateSettings(whitelistSettingsBean2).getApplicationLinkRestrictiveness());
    }

    @Test
    public void checkEndpointAuthRequired() throws IOException {
        createWithAuthRequired(WWW_ATLASSIAN_COM, WhitelistType.EXACT_URL);
        Map<String, Boolean> whitelistTest = getWhitelistTest(WWW_ATLASSIAN_COM);
        Assert.assertThat(whitelistTest, Matchers.hasEntry("inbound", false));
        Assert.assertThat(whitelistTest, Matchers.hasEntry("outbound", false));
        Assert.assertThat(whitelistTest, Matchers.hasEntry("outboundWithAuth", true));
    }

    private static List<WhitelistBean> getRules() throws IOException {
        return getRulesResponse().getRules();
    }

    private static WhitelistListResponseBean getRulesResponse() throws IOException {
        return (WhitelistListResponseBean) OBJECT_MAPPER.readValue(get(REST_URL), WhitelistListResponseBean.class);
    }

    private static WhitelistBean create(String str, WhitelistType whitelistType) throws IOException {
        return (WhitelistBean) OBJECT_MAPPER.readValue(post(REST_URL, new WhitelistBean(str, WhitelistTypeMapper.asString(whitelistType), false, true)), WhitelistBean.class);
    }

    private static WhitelistBean createWithInboundAllowed(String str, WhitelistType whitelistType) throws IOException {
        return (WhitelistBean) OBJECT_MAPPER.readValue(post(REST_URL, new WhitelistBean(str, WhitelistTypeMapper.asString(whitelistType), true, true)), WhitelistBean.class);
    }

    private static WhitelistBean createWithAuthRequired(String str, WhitelistType whitelistType) throws IOException {
        return (WhitelistBean) OBJECT_MAPPER.readValue(post(REST_URL, new WhitelistBean(str, WhitelistTypeMapper.asString(whitelistType), false, false)), WhitelistBean.class);
    }

    private static Pair<Boolean, Boolean> getAllowance(String str) throws IOException {
        Map<String, Boolean> whitelistTest = getWhitelistTest(str);
        return Pair.pair(whitelistTest.get("outbound"), whitelistTest.get("inbound"));
    }

    private static Map<String, Boolean> getWhitelistTest(String str) throws IOException {
        return (Map) OBJECT_MAPPER.readValue(get(REST_URL + "check?url=" + str), new TypeReference<Map<String, Boolean>>() { // from class: it.com.atlassian.plugins.whitelist.ui.TestWhitelistResource.1
        });
    }

    private static void enableWhitelist() {
        post(REST_URL + "enable");
    }

    private static void disableWhitelist() {
        post(REST_URL + "disable");
    }

    private static WhitelistBean update(WhitelistBean whitelistBean) throws IOException {
        return (WhitelistBean) OBJECT_MAPPER.readValue(put(REST_URL + whitelistBean.getId(), whitelistBean), WhitelistBean.class);
    }

    private static WhitelistSettingsBean updateSettings(WhitelistSettingsBean whitelistSettingsBean) throws IOException {
        return (WhitelistSettingsBean) OBJECT_MAPPER.readValue(put(REST_URL + "settings", whitelistSettingsBean), WhitelistSettingsBean.class);
    }

    private static void delete(int i) {
        delete(REST_URL + i);
    }

    private static String get(String str) {
        return execute(new HttpGet(str));
    }

    private static void post(String str) {
        HttpPost httpPost = new HttpPost(str);
        httpPost.addHeader("X-Atlassian-Token", "no-check");
        execute(httpPost);
    }

    private static String post(String str, Object obj) throws IOException {
        HttpPost httpPost = new HttpPost(str);
        httpPost.addHeader("X-Atlassian-Token", "no-check");
        httpPost.setEntity(new StringEntity(OBJECT_MAPPER.writeValueAsString(obj), ContentType.APPLICATION_JSON));
        return execute(httpPost);
    }

    private static String put(String str, Object obj) throws IOException {
        HttpPut httpPut = new HttpPut(str);
        httpPut.setEntity(new StringEntity(OBJECT_MAPPER.writeValueAsString(obj), ContentType.APPLICATION_JSON));
        return execute(httpPut);
    }

    private static void delete(String str) {
        execute(new HttpDelete(str));
    }

    private static String execute(HttpUriRequest httpUriRequest) {
        try {
            return (String) HTTP_CLIENT.execute(httpUriRequest, BASIC_RESPONSE_HANDLER);
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private static int returnStatusCode(WhitelistBean whitelistBean, HttpEntityEnclosingRequestBase httpEntityEnclosingRequestBase) throws IOException {
        httpEntityEnclosingRequestBase.setEntity(new StringEntity(OBJECT_MAPPER.writeValueAsString(whitelistBean), ContentType.APPLICATION_JSON));
        HttpResponse execute = HTTP_CLIENT.execute(httpEntityEnclosingRequestBase);
        EntityUtils.consume(execute.getEntity());
        return execute.getStatusLine().getStatusCode();
    }

    private static int createStatusCode(String str, WhitelistType whitelistType) throws IOException {
        WhitelistBean whitelistBean = new WhitelistBean(str, WhitelistTypeMapper.asString(whitelistType), false, true);
        HttpPost httpPost = new HttpPost(REST_URL);
        httpPost.addHeader("X-Atlassian-Token", "no-check");
        return returnStatusCode(whitelistBean, httpPost);
    }

    private static int updateStatusCode(WhitelistBean whitelistBean) throws IOException {
        return returnStatusCode(whitelistBean, new HttpPut(REST_URL + whitelistBean.getId()));
    }
}
