package org.apache.brooklyn.rest;

import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Iterables;
import java.net.URI;
import java.util.Map;
import org.apache.brooklyn.rest.filter.CsrfTokenFilter;
import org.apache.brooklyn.util.http.HttpTool;
import org.apache.brooklyn.util.http.HttpToolResponse;
import org.apache.http.client.HttpClient;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:org/apache/brooklyn/rest/CsrfTokenFilterLauncherTest.class */
public class CsrfTokenFilterLauncherTest extends BrooklynRestApiLauncherTestFixture {
    @Test
    public void testRequestToken() {
        useServerForTest(baseLauncher().withoutJsgui().start());
        HttpClient client = client();
        HttpToolResponse httpGet = HttpTool.httpGet(client, URI.create(getBaseUriRest() + "server/status"), ImmutableMap.of("X-Csrf-Token-Required-For-Requests", CsrfTokenFilter.CsrfTokenRequiredForRequests.WRITE.toString()));
        assertOkayResponse(httpGet, "MASTER");
        Map cookieKeyValues = httpGet.getCookieKeyValues();
        String str = (String) Iterables.getOnlyElement((Iterable) cookieKeyValues.get(CsrfTokenFilter.CSRF_TOKEN_VALUE_COOKIE));
        Assert.assertNotNull(str);
        Assert.assertEquals(str, (String) Iterables.getOnlyElement((Iterable) cookieKeyValues.get(CsrfTokenFilter.CSRF_TOKEN_VALUE_COOKIE_ANGULAR_NAME)));
        assertOkayResponse(HttpTool.httpPost(client, URI.create(getBaseUriRest() + "script/groovy"), ImmutableMap.of("Content-Type", "application/text", CsrfTokenFilter.CSRF_TOKEN_VALUE_HEADER, str), "return 0;".getBytes()), "{\"result\":\"0\"}");
        Assert.assertEquals(HttpTool.httpPost(client, URI.create(getBaseUriRest() + "script/groovy"), ImmutableMap.of("Content-Type", "application/text"), "return 0;".getBytes()).getResponseCode(), 401);
        assertOkayResponse(HttpTool.httpGet(client, URI.create(getBaseUriRest() + "server/status"), ImmutableMap.of()), "MASTER");
        assertOkayResponse(HttpTool.httpGet(client, URI.create(getBaseUriRest() + "server/status"), ImmutableMap.of("X-Csrf-Token-Required-For-Requests", CsrfTokenFilter.CsrfTokenRequiredForRequests.ALL.toString().toLowerCase())), "MASTER");
        Assert.assertEquals(HttpTool.httpGet(client, URI.create(getBaseUriRest() + "server/status"), ImmutableMap.of()).getResponseCode(), 401);
        assertOkayResponse(HttpTool.httpPost(client(), URI.create(getBaseUriRest() + "script/groovy"), ImmutableMap.of("Content-Type", "application/text"), "return 0;".getBytes()), "{\"result\":\"0\"}");
    }

    protected HttpClient client() {
        return HttpTool.httpClientBuilder().uri(getBaseUriRest(this.server)).build();
    }

    public static void assertOkayResponse(HttpToolResponse httpToolResponse, String str) {
        Assert.assertEquals(httpToolResponse.getResponseCode(), 200);
        Assert.assertEquals(httpToolResponse.getContentAsString(), str);
    }
}
