package io.confluent.rest;

import java.util.Arrays;
import java.util.Properties;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Configurable;
import org.apache.http.Header;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.kafka.common.config.ConfigException;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.ValueSource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/confluent/rest/TestCustomizedHttpResponseHeaders.class */
public class TestCustomizedHttpResponseHeaders {
    private static final Logger log = LoggerFactory.getLogger(TestCustomizeThreadPool.class);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/confluent/rest/TestCustomizedHttpResponseHeaders$TestApp.class */
    public static class TestApp extends Application<TestRestConfig> {
        static Properties props = null;

        @Produces({"text/plain"})
        @Path("/custom")
        /* loaded from: input_file:io/confluent/rest/TestCustomizedHttpResponseHeaders$TestApp$RestResource.class */
        public static class RestResource {
            @GET
            @Path("/resource1")
            public String get1() {
                return "testing resource1";
            }

            @POST
            @Path("/resource2")
            public String get2() {
                return "testing resource2";
            }
        }

        public TestApp() {
            super(createConfig());
        }

        public TestApp(Properties properties) {
            super(TestRestConfig.maprCompatible(properties));
            props = properties;
        }

        public void setupResources(Configurable<?> configurable, TestRestConfig testRestConfig) {
            configurable.register(new RestResource());
        }

        public String getUri() {
            return (String) props.get("listeners");
        }

        private static TestRestConfig createConfig() {
            props = new Properties();
            return TestRestConfig.maprCompatible(props);
        }

        public /* bridge */ /* synthetic */ void setupResources(Configurable configurable, RestConfig restConfig) {
            setupResources((Configurable<?>) configurable, (TestRestConfig) restConfig);
        }
    }

    @ValueSource(strings = {"set", "badaction X-Frame-Options:DENY", "set add X-XSS-Protection:1", "addX-XSS-Protection", "X-XSS-Protection:", "add set X-XSS-Protection:", "add X-XSS-Protection:1 X-XSS-Protection:1 ", "add X-XSS-Protection:1,   ,", "set X-Frame-Options:DENY, add  :no-cache, no-store, must-revalidate "})
    @ParameterizedTest
    public void testInvalidHeaderConfigFormat(String str) throws Exception {
        Properties properties = new Properties();
        properties.put("listeners", "http://localhost:8080");
        Assertions.assertThrows(ConfigException.class, () -> {
            properties.put("response.http.headers.config", str);
            TestApp testApp = new TestApp(properties);
            CloseableHttpResponse closeableHttpResponse = null;
            try {
                testApp.start();
                closeableHttpResponse = makeGetRequest(testApp, "/custom/resource1");
                if (closeableHttpResponse != null) {
                    try {
                        closeableHttpResponse.close();
                    } catch (Exception e) {
                    }
                }
                testApp.stop();
            } catch (Throwable th) {
                if (closeableHttpResponse != null) {
                    try {
                        closeableHttpResponse.close();
                    } catch (Exception e2) {
                        testApp.stop();
                        throw th;
                    }
                }
                testApp.stop();
                throw th;
            }
        });
    }

    @Test
    public void testNoCustomizedHeaderConfigs() throws Exception {
        Properties properties = new Properties();
        properties.put("listeners", "http://localhost:8080");
        TestApp testApp = new TestApp(properties);
        CloseableHttpResponse closeableHttpResponse = null;
        try {
            testApp.start();
            closeableHttpResponse = makePostRequest(testApp, "/custom/resource2");
            Assertions.assertNull(getResponseHeader(closeableHttpResponse, "X-Frame-Options"));
            if (closeableHttpResponse != null) {
                try {
                    closeableHttpResponse.close();
                } catch (Exception e) {
                }
            }
            testApp.stop();
        } catch (Throwable th) {
            if (closeableHttpResponse != null) {
                try {
                    closeableHttpResponse.close();
                } catch (Exception e2) {
                    testApp.stop();
                    throw th;
                }
            }
            testApp.stop();
            throw th;
        }
    }

    @Test
    public void testValidHeaderConfigs() throws Exception {
        Properties properties = new Properties();
        properties.put("listeners", "http://localhost:8080");
        properties.put("response.http.headers.config", "  set    X-Frame-Options: DENY, \"  add     Cache-Control:   no-cache, no-store, must-revalidate\" ");
        TestApp testApp = new TestApp(properties);
        CloseableHttpResponse closeableHttpResponse = null;
        try {
            testApp.start();
            closeableHttpResponse = makeGetRequest(testApp, "/custom/resource1");
            Assertions.assertEquals("DENY", getResponseHeader(closeableHttpResponse, "X-Frame-Options"));
            Assertions.assertEquals("no-cache, no-store, must-revalidate", getResponseHeader(closeableHttpResponse, "Cache-Control"));
            Assertions.assertNull(getResponseHeader(closeableHttpResponse, "X-Custom-Value"));
            if (closeableHttpResponse != null) {
                try {
                    closeableHttpResponse.close();
                } catch (Exception e) {
                }
            }
            testApp.stop();
        } catch (Throwable th) {
            if (closeableHttpResponse != null) {
                try {
                    closeableHttpResponse.close();
                } catch (Exception e2) {
                    testApp.stop();
                    throw th;
                }
            }
            testApp.stop();
            throw th;
        }
    }

    private static CloseableHttpResponse makeGetRequest(TestApp testApp, String str) throws Exception {
        HttpGet httpGet = new HttpGet(testApp.getUri() + str);
        CloseableHttpClient createDefault = HttpClients.createDefault();
        CloseableHttpResponse execute = createDefault.execute(httpGet);
        if (createDefault != null) {
            try {
                createDefault.close();
            } catch (Exception e) {
            }
        }
        return execute;
    }

    private static CloseableHttpResponse makePostRequest(TestApp testApp, String str) throws Exception {
        HttpPost httpPost = new HttpPost(testApp.getUri() + str);
        CloseableHttpClient createDefault = HttpClients.createDefault();
        CloseableHttpResponse execute = createDefault.execute(httpPost);
        if (createDefault != null) {
            try {
                createDefault.close();
            } catch (Exception e) {
            }
        }
        return execute;
    }

    private static String getResponseHeader(CloseableHttpResponse closeableHttpResponse, String str) {
        String str2 = null;
        Header[] allHeaders = closeableHttpResponse.getAllHeaders();
        if (allHeaders != null && allHeaders.length > 0) {
            Arrays.stream(allHeaders).forEach(header -> {
                log.debug("header name: {}, header value: {}.", header.getName(), header.getValue());
            });
        }
        Header[] headers = closeableHttpResponse.getHeaders(str);
        if (headers != null && headers.length > 0) {
            str2 = headers[0].getValue();
        }
        return str2;
    }
}
