package io.druid.server.http.security;

import com.google.common.collect.Lists;
import io.druid.jackson.DefaultObjectMapper;
import io.druid.java.util.common.ISE;
import io.druid.java.util.emitter.EmittingLogger;
import io.druid.java.util.emitter.service.ServiceEmitter;
import io.druid.server.security.AllowAllAuthenticator;
import io.druid.server.security.AuthenticationResult;
import io.druid.server.security.Authenticator;
import io.druid.server.security.PreResponseAuthorizationCheckFilter;
import java.util.List;
import java.util.Map;
import javax.servlet.FilterChain;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.easymock.EasyMock;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;

/* loaded from: input_file:io/druid/server/http/security/PreResponseAuthorizationCheckFilterTest.class */
public class PreResponseAuthorizationCheckFilterTest {
    private static List<Authenticator> authenticators = Lists.newArrayList(new Authenticator[]{new AllowAllAuthenticator()});

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Test
    public void testValidRequest() throws Exception {
        AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", (Map) null);
        HttpServletRequest httpServletRequest = (HttpServletRequest) EasyMock.createStrictMock(HttpServletRequest.class);
        HttpServletResponse httpServletResponse = (HttpServletResponse) EasyMock.createStrictMock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) EasyMock.createNiceMock(FilterChain.class);
        ServletOutputStream servletOutputStream = (ServletOutputStream) EasyMock.createNiceMock(ServletOutputStream.class);
        EasyMock.expect(httpServletRequest.getAttribute("Druid-Authentication-Result")).andReturn(authenticationResult).once();
        EasyMock.expect(httpServletRequest.getAttribute("Druid-Authorization-Checked")).andReturn(true).once();
        EasyMock.replay(new Object[]{httpServletRequest, httpServletResponse, filterChain, servletOutputStream});
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(httpServletRequest, httpServletResponse, filterChain);
        EasyMock.verify(new Object[]{httpServletRequest, httpServletResponse, filterChain, servletOutputStream});
    }

    @Test
    public void testAuthenticationFailedRequest() throws Exception {
        HttpServletRequest httpServletRequest = (HttpServletRequest) EasyMock.createStrictMock(HttpServletRequest.class);
        HttpServletResponse httpServletResponse = (HttpServletResponse) EasyMock.createStrictMock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) EasyMock.createNiceMock(FilterChain.class);
        ServletOutputStream servletOutputStream = (ServletOutputStream) EasyMock.createNiceMock(ServletOutputStream.class);
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn(servletOutputStream).once();
        EasyMock.expect(httpServletRequest.getAttribute("Druid-Authentication-Result")).andReturn((Object) null).once();
        httpServletResponse.setStatus(401);
        EasyMock.expectLastCall().once();
        httpServletResponse.setContentType("application/json");
        EasyMock.expectLastCall().once();
        httpServletResponse.setCharacterEncoding("UTF-8");
        EasyMock.expectLastCall().once();
        EasyMock.replay(new Object[]{httpServletRequest, httpServletResponse, filterChain, servletOutputStream});
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(httpServletRequest, httpServletResponse, filterChain);
        EasyMock.verify(new Object[]{httpServletRequest, httpServletResponse, filterChain, servletOutputStream});
    }

    @Test
    public void testMissingAuthorizationCheck() throws Exception {
        EmittingLogger.registerEmitter((ServiceEmitter) EasyMock.createNiceMock(ServiceEmitter.class));
        this.expectedException.expect(ISE.class);
        this.expectedException.expectMessage("Request did not have an authorization check performed.");
        AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", (Map) null);
        HttpServletRequest httpServletRequest = (HttpServletRequest) EasyMock.createStrictMock(HttpServletRequest.class);
        HttpServletResponse httpServletResponse = (HttpServletResponse) EasyMock.createStrictMock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) EasyMock.createNiceMock(FilterChain.class);
        ServletOutputStream servletOutputStream = (ServletOutputStream) EasyMock.createNiceMock(ServletOutputStream.class);
        EasyMock.expect(httpServletRequest.getAttribute("Druid-Authentication-Result")).andReturn(authenticationResult).once();
        EasyMock.expect(httpServletRequest.getAttribute("Druid-Authorization-Checked")).andReturn((Object) null).once();
        EasyMock.expect(Integer.valueOf(httpServletResponse.getStatus())).andReturn(200).once();
        EasyMock.expect(httpServletRequest.getRequestURI()).andReturn("uri").once();
        EasyMock.expect(httpServletRequest.getMethod()).andReturn("GET").once();
        EasyMock.expect(httpServletRequest.getRemoteAddr()).andReturn("1.2.3.4").once();
        EasyMock.expect(httpServletRequest.getRemoteHost()).andReturn("ahostname").once();
        EasyMock.expect(Boolean.valueOf(httpServletResponse.isCommitted())).andReturn(true).once();
        httpServletResponse.setStatus(403);
        EasyMock.expectLastCall().once();
        httpServletResponse.setContentType("application/json");
        EasyMock.expectLastCall().once();
        httpServletResponse.setCharacterEncoding("UTF-8");
        EasyMock.expectLastCall().once();
        EasyMock.replay(new Object[]{httpServletRequest, httpServletResponse, filterChain, servletOutputStream});
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(httpServletRequest, httpServletResponse, filterChain);
        EasyMock.verify(new Object[]{httpServletRequest, httpServletResponse, filterChain, servletOutputStream});
    }

    @Test
    public void testMissingAuthorizationCheckWithError() throws Exception {
        EmittingLogger.registerEmitter((ServiceEmitter) EasyMock.createNiceMock(ServiceEmitter.class));
        AuthenticationResult authenticationResult = new AuthenticationResult("so-very-valid", "so-very-valid", (Map) null);
        HttpServletRequest httpServletRequest = (HttpServletRequest) EasyMock.createStrictMock(HttpServletRequest.class);
        HttpServletResponse httpServletResponse = (HttpServletResponse) EasyMock.createStrictMock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) EasyMock.createNiceMock(FilterChain.class);
        ServletOutputStream servletOutputStream = (ServletOutputStream) EasyMock.createNiceMock(ServletOutputStream.class);
        EasyMock.expect(httpServletRequest.getAttribute("Druid-Authentication-Result")).andReturn(authenticationResult).once();
        EasyMock.expect(httpServletRequest.getAttribute("Druid-Authorization-Checked")).andReturn((Object) null).once();
        EasyMock.expect(Integer.valueOf(httpServletResponse.getStatus())).andReturn(404).once();
        EasyMock.replay(new Object[]{httpServletRequest, httpServletResponse, filterChain, servletOutputStream});
        new PreResponseAuthorizationCheckFilter(authenticators, new DefaultObjectMapper()).doFilter(httpServletRequest, httpServletResponse, filterChain);
        EasyMock.verify(new Object[]{httpServletRequest, httpServletResponse, filterChain, servletOutputStream});
    }
}
