package io.micronaut.http.server.tck.tests.cors;

import io.micronaut.context.annotation.Requires;
import io.micronaut.context.event.ApplicationEventListener;
import io.micronaut.context.event.ApplicationEventPublisher;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.HttpStatus;
import io.micronaut.http.annotation.Controller;
import io.micronaut.http.annotation.Post;
import io.micronaut.http.annotation.Status;
import io.micronaut.http.server.tck.AssertionUtils;
import io.micronaut.http.server.tck.HttpResponseAssertion;
import io.micronaut.http.server.tck.TestScenario;
import io.micronaut.runtime.context.scope.refresh.RefreshEvent;
import jakarta.inject.Inject;
import jakarta.inject.Singleton;
import java.io.IOException;
import java.util.Collections;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:io/micronaut/http/server/tck/tests/cors/SimpleRequestWithCorsNotEnabledTest.class */
public class SimpleRequestWithCorsNotEnabledTest {
    private static final String SPECNAME = "SimpleRequestWithCorsNotEnabledTest";

    @Requires(property = "spec.name", value = SimpleRequestWithCorsNotEnabledTest.SPECNAME)
    @Controller
    /* loaded from: input_file:io/micronaut/http/server/tck/tests/cors/SimpleRequestWithCorsNotEnabledTest$RefreshController.class */
    static class RefreshController {

        @Inject
        ApplicationEventPublisher<RefreshEvent> refreshEventApplicationEventPublisher;

        /* JADX INFO: Access modifiers changed from: package-private */
        @Post("/refresh")
        @Status(HttpStatus.OK)
        public void refresh() {
            this.refreshEventApplicationEventPublisher.publishEvent(new RefreshEvent());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Singleton
    @Requires(property = "spec.name", value = SimpleRequestWithCorsNotEnabledTest.SPECNAME)
    /* loaded from: input_file:io/micronaut/http/server/tck/tests/cors/SimpleRequestWithCorsNotEnabledTest$RefreshCounter.class */
    public static class RefreshCounter implements ApplicationEventListener<RefreshEvent> {
        private int refreshCount = 0;

        public void onApplicationEvent(RefreshEvent refreshEvent) {
            this.refreshCount++;
        }

        public int getRefreshCount() {
            return this.refreshCount;
        }
    }

    @Test
    void corsSimpleRequestNotAllowedForLocalhostAndAny() throws IOException {
        TestScenario.asserts(SPECNAME, createRequest("https://sdelamo.github.io"), (serverUnderTest, httpRequest) -> {
            RefreshCounter refreshCounter = (RefreshCounter) serverUnderTest.getApplicationContext().getBean(RefreshCounter.class);
            Assertions.assertEquals(0, refreshCounter.getRefreshCount());
            AssertionUtils.assertThrows(serverUnderTest, httpRequest, HttpResponseAssertion.builder().status(HttpStatus.FORBIDDEN).assertResponse(httpResponse -> {
                Assertions.assertFalse(httpResponse.getHeaders().contains("Vary"));
            }).build());
            Assertions.assertEquals(0, refreshCounter.getRefreshCount());
        });
    }

    @Test
    void corsSimpleRequestAllowedForLocalhostAndOriginLocalhost() throws IOException {
        TestScenario.asserts(SPECNAME, createRequest("http://localhost:8000"), (serverUnderTest, httpRequest) -> {
            RefreshCounter refreshCounter = (RefreshCounter) serverUnderTest.getApplicationContext().getBean(RefreshCounter.class);
            Assertions.assertEquals(0, refreshCounter.getRefreshCount());
            AssertionUtils.assertDoesNotThrow(serverUnderTest, httpRequest, HttpResponseAssertion.builder().status(HttpStatus.OK).build());
            Assertions.assertEquals(1, refreshCounter.getRefreshCount());
        });
    }

    private static HttpRequest<?> createRequest(String str) {
        return HttpRequest.POST("/refresh", Collections.emptyMap()).header("Accept", "*/*").header("Accept-Encoding", "gzip, deflate, br").header("Accept-Language", "en-GB,en-US;q=0.9,en;q=0.8").header("Connection", "keep-alive").header("Content-Length", "0").header("Host", "localhost:8080").header("Origin", str).header("sec-ch-ua", "\"Not?A_Brand\";v=\"8\", \"Chromium\";v=\"108\", \"Google Chrome\";v=\"108\"").header("sec-ch-ua-mobile", "?0").header("sec-ch-ua-platform", "\"macOS\"").header("Sec-Fetch-Dest", "empty").header("Sec-Fetch-Mode", "cors").header("Sec-Fetch-Site", "cross-site").header("User-Agent", "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36");
    }
}
