package io.undertow.servlet.test.security.form;

import io.undertow.server.handlers.PathHandler;
import io.undertow.servlet.api.DeploymentInfo;
import io.undertow.servlet.api.DeploymentManager;
import io.undertow.servlet.api.LoginConfig;
import io.undertow.servlet.api.ServletContainer;
import io.undertow.servlet.api.ServletInfo;
import io.undertow.servlet.api.ServletSecurityInfo;
import io.undertow.servlet.test.SimpleServletTestCase;
import io.undertow.servlet.test.security.constraint.ServletIdentityManager;
import io.undertow.servlet.test.util.TestClassIntrospector;
import io.undertow.testutils.DefaultServer;
import io.undertow.testutils.HttpClientUtils;
import io.undertow.testutils.TestHttpClient;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
import org.apache.http.ProtocolException;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultRedirectStrategy;
import org.apache.http.message.BasicNameValuePair;
import org.apache.http.protocol.HttpContext;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;

@RunWith(DefaultServer.class)
/* loaded from: input_file:io/undertow/servlet/test/security/form/SaveOriginalPostRequestTestCase.class */
public class SaveOriginalPostRequestTestCase {

    /* loaded from: input_file:io/undertow/servlet/test/security/form/SaveOriginalPostRequestTestCase$RequestDumper.class */
    static class RequestDumper extends HttpServlet {
        RequestDumper() {
        }

        protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
            dumpRequest(httpServletRequest, httpServletResponse);
        }

        protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
            dumpRequest(httpServletRequest, httpServletResponse);
        }

        private void dumpRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
            StringBuilder sb = new StringBuilder();
            PrintWriter writer = httpServletResponse.getWriter();
            sb.append("Method: " + httpServletRequest.getMethod() + "\n");
            Enumeration parameterNames = httpServletRequest.getParameterNames();
            sb.append("Parameters: ");
            while (parameterNames.hasMoreElements()) {
                String str = (String) parameterNames.nextElement();
                sb.append(str + "=" + httpServletRequest.getParameter(str));
                sb.append("/");
            }
            writer.write(sb.toString());
        }
    }

    @BeforeClass
    public static void setup() throws ServletException {
        PathHandler pathHandler = new PathHandler();
        ServletContainer newInstance = ServletContainer.Factory.newInstance();
        ServletInfo addMapping = new ServletInfo("SecuredRequestDumperServlet", RequestDumper.class).setServletSecurityInfo(new ServletSecurityInfo().addRoleAllowed("role1")).addMapping("/secured/dumpRequest");
        ServletInfo addMapping2 = new ServletInfo("UnsecuredRequestDumperServlet", RequestDumper.class).addMapping("/dumpRequest");
        ServletInfo addMapping3 = new ServletInfo("loginPage", FormLoginServlet.class).setServletSecurityInfo(new ServletSecurityInfo().addRoleAllowed("group1")).addMapping("/FormLoginServlet");
        ServletIdentityManager servletIdentityManager = new ServletIdentityManager();
        servletIdentityManager.addUser("user1", "password1", "role1");
        DeploymentInfo addServlets = new DeploymentInfo().setClassLoader(SimpleServletTestCase.class.getClassLoader()).setContextPath("/servletContext").setClassIntrospecter(TestClassIntrospector.INSTANCE).setDeploymentName("servletContext.war").setIdentityManager(servletIdentityManager).setLoginConfig(new LoginConfig("FORM", "Test Realm", "/FormLoginServlet", "/error.html")).addServlets(new ServletInfo[]{addMapping, addMapping2, addMapping3});
        DeploymentManager addDeployment = newInstance.addDeployment(addServlets);
        addDeployment.deploy();
        pathHandler.addPrefixPath(addServlets.getContextPath(), addDeployment.start());
        DefaultServer.setRootHandler(pathHandler);
    }

    @Test
    public void testParametersFromOriginalPostRequest() throws IOException {
        TestHttpClient createHttpClient = createHttpClient();
        HttpResponse executePostRequest = executePostRequest(createHttpClient, "/servletContext/dumpRequest", new BasicNameValuePair("param1", "param1Value"), new BasicNameValuePair("param2", "param2Value"));
        Assert.assertEquals(200L, executePostRequest.getStatusLine().getStatusCode());
        Assert.assertTrue(HttpClientUtils.readResponse(executePostRequest).contains("param1=param1Value/param2=param2Value"));
        HttpResponse executePostRequest2 = executePostRequest(createHttpClient, "/servletContext/secured/dumpRequest", new BasicNameValuePair("securedParam1", "securedParam1Value"), new BasicNameValuePair("securedParam2", "securedParam2Value"));
        Assert.assertEquals(200L, executePostRequest2.getStatusLine().getStatusCode());
        Assert.assertEquals("Login Page", HttpClientUtils.readResponse(executePostRequest2));
        HttpResponse executePostRequest3 = executePostRequest(createHttpClient, "/servletContext/j_security_check", new BasicNameValuePair("j_username", "user1"), new BasicNameValuePair("j_password", "password1"));
        Assert.assertEquals(200L, executePostRequest3.getStatusLine().getStatusCode());
        String readResponse = HttpClientUtils.readResponse(executePostRequest3);
        Assert.assertTrue(readResponse.contains("securedParam1=securedParam1Value"));
        Assert.assertTrue(readResponse.contains("securedParam2=securedParam2Value"));
    }

    private TestHttpClient createHttpClient() {
        TestHttpClient testHttpClient = new TestHttpClient();
        testHttpClient.setRedirectStrategy(new DefaultRedirectStrategy() { // from class: io.undertow.servlet.test.security.form.SaveOriginalPostRequestTestCase.1
            public boolean isRedirected(HttpRequest httpRequest, HttpResponse httpResponse, HttpContext httpContext) throws ProtocolException {
                if (httpResponse.getStatusLine().getStatusCode() == 302) {
                    return true;
                }
                return super.isRedirected(httpRequest, httpResponse, httpContext);
            }
        });
        return testHttpClient;
    }

    private HttpResponse executePostRequest(TestHttpClient testHttpClient, String str, BasicNameValuePair... basicNameValuePairArr) throws IOException {
        HttpPost httpPost = new HttpPost(DefaultServer.getDefaultServerURL() + str);
        httpPost.setEntity(new UrlEncodedFormEntity(new ArrayList(Arrays.asList(basicNameValuePairArr))));
        return testHttpClient.execute(httpPost);
    }
}
