package org.jahia.test.services.render;

import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.lang.StringUtils;
import org.jahia.bin.Jahia;
import org.jahia.settings.SettingsBean;
import org.jahia.test.JahiaTestCase;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jahia/test/services/render/JSessionIDTest.class */
public class JSessionIDTest extends JahiaTestCase {
    private static Logger logger = LoggerFactory.getLogger(JSessionIDTest.class);
    private HttpClient httpClient;
    private String jsessionid;
    private static boolean isJsessionIdActive;

    @BeforeClass
    public static void oneTimeSetUp() throws Exception {
        isJsessionIdActive = SettingsBean.getInstance().isDisableJsessionIdParameter();
    }

    @AfterClass
    public static void oneTimeTearDown() throws Exception {
        SettingsBean.getInstance().setDisableJsessionIdParameter(isJsessionIdActive);
    }

    @Before
    public void setUp() {
        this.httpClient = new HttpClient();
        this.httpClient.getParams().setCookiePolicy("ignoreCookies");
        this.jsessionid = "jsessionid";
    }

    @After
    public void tearDown() {
    }

    @Test
    public void testJsessionIdExists() throws Exception {
        findJSessionId(false);
    }

    @Test
    public void testJsessionIdRemoved() throws Exception {
        findJSessionId(true);
    }

    private void findJSessionId(boolean z) throws IOException {
        SettingsBean.getInstance().setDisableJsessionIdParameter(z);
        SettingsBean.getInstance().setJsessionIdParameterName(this.jsessionid);
        GetMethod getMethod = new GetMethod(getBaseServerURL() + Jahia.getContextPath() + "/start");
        try {
            Assert.assertEquals("Method failed: " + getMethod.getStatusLine(), 401L, this.httpClient.executeMethod(getMethod));
            Matcher matcher = Pattern.compile("action=\"([^\"]*)\"").matcher(getMethod.getResponseBodyAsString());
            Assert.assertTrue(matcher.find());
            String group = matcher.group(1);
            if (!z) {
                logger.info("Unencoded URL: " + getBaseServerURL() + Jahia.getContextPath() + "/start");
                logger.info("Encoded redirect URL: " + getResponse().encodeRedirectURL(getBaseServerURL() + Jahia.getContextPath() + "/start"));
                logger.info("Encoded URL: " + getResponse().encodeURL(getBaseServerURL() + Jahia.getContextPath() + "/start"));
            }
            Assert.assertEquals("jsession ID is not " + (z ? "removed" : "present") + " in administration login url:" + group, Boolean.valueOf(z), Boolean.valueOf(!StringUtils.containsIgnoreCase(group, this.jsessionid)));
            getMethod.releaseConnection();
        } catch (Throwable th) {
            getMethod.releaseConnection();
            throw th;
        }
    }
}
