package org.geoserver.wps;

import com.github.tomakehurst.wiremock.WireMockServer;
import com.github.tomakehurst.wiremock.client.WireMock;
import com.github.tomakehurst.wiremock.core.WireMockConfiguration;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.util.Collections;
import org.apache.commons.io.IOUtils;
import org.custommonkey.xmlunit.XMLAssert;
import org.geoserver.security.urlchecks.GeoServerURLChecker;
import org.geoserver.security.urlchecks.RegexURLCheck;
import org.geoserver.security.urlchecks.URLCheckDAO;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.w3c.dom.Document;

/* loaded from: input_file:org/geoserver/wps/ExecuteURLCheckTest.class */
public class ExecuteURLCheckTest extends WPSTestSupport {
    private static final boolean debugMode = false;
    private static final String STATES_COLLECTION = "states-FeatureCollection.xml";
    private static WireMockServer service;
    private static String statesGMLURL;

    @BeforeClass
    public static void beforeClass() throws Exception {
        service = new WireMockServer(WireMockConfiguration.wireMockConfig().dynamicPort());
        service.start();
        String resourceAsString = getResourceAsString(STATES_COLLECTION);
        statesGMLURL = service.baseUrl() + "/states-FeatureCollection.xml";
        service.stubFor(WireMock.get(WireMock.urlEqualTo("/states-FeatureCollection.xml")).willReturn(WireMock.aResponse().withStatus(200).withHeader("Content-Type", new String[]{"text/xml"}).withBody(resourceAsString)));
    }

    private static String getResourceAsString(String str) throws IOException {
        InputStream resourceAsStream = ExecuteURLCheckTest.class.getResourceAsStream(str);
        try {
            String iOUtils = IOUtils.toString(resourceAsStream, StandardCharsets.UTF_8);
            if (resourceAsStream != null) {
                resourceAsStream.close();
            }
            return iOUtils;
        } catch (Throwable th) {
            if (resourceAsStream != null) {
                try {
                    resourceAsStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @AfterClass
    public static void afterClass() throws Exception {
        service.stop();
    }

    @Before
    public void setup() throws Exception {
        Assert.assertNotNull(applicationContext.getBean(GeoServerURLChecker.class));
        ((URLCheckDAO) applicationContext.getBean(URLCheckDAO.class)).saveChecks(Collections.emptyList());
    }

    @Test
    public void testRemoteInputAllowed() throws Exception {
        ((URLCheckDAO) applicationContext.getBean(URLCheckDAO.class)).save(new RegexURLCheck("pointStyle", "Just the point style", "^" + statesGMLURL + "$"));
        Document postAsDOM = postAsDOM(root(), buildGetBoundsRequest());
        XMLAssert.assertXpathEvaluatesTo("0.0 0.0", "//ows:BoundingBox/ows:LowerCorner", postAsDOM);
        XMLAssert.assertXpathEvaluatesTo("5.0 5.0", "//ows:BoundingBox/ows:UpperCorner", postAsDOM);
    }

    @Test
    public void testRemoteInputDisallowed() throws Exception {
        ((URLCheckDAO) applicationContext.getBean(URLCheckDAO.class)).save(new RegexURLCheck("deny", "Won't match", "^abcd$"));
        MatcherAssert.assertThat(checkOws11Exception(postAsDOM(root(), buildGetBoundsRequest()), "InvalidParameterValue", "features"), CoreMatchers.containsString(statesGMLURL));
    }

    public String buildGetBoundsRequest() {
        return "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<wps:Execute version=\"1.0.0\" service=\"WPS\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns=\"http://www.opengis.net/wps/1.0.0\" xmlns:wfs=\"http://www.opengis.net/wfs\" xmlns:wps=\"http://www.opengis.net/wps/1.0.0\" xmlns:ows=\"http://www.opengis.net/ows/1.1\" xmlns:gml=\"http://www.opengis.net/gml\" xmlns:ogc=\"http://www.opengis.net/ogc\" xmlns:wcs=\"http://www.opengis.net/wcs/1.1.1\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" xsi:schemaLocation=\"http://www.opengis.net/wps/1.0.0 http://schemas.opengis.net/wps/1.0.0/wpsAll.xsd\">\n  <ows:Identifier>gs:Bounds</ows:Identifier>\n  <wps:DataInputs>\n    <wps:Input>\n      <ows:Identifier>features</ows:Identifier>\n      <wps:Reference mimeType=\"text/xml; subtype=wfs-collection/1.1\" xlink:href=\"" + statesGMLURL + "\" method=\"GET\"/>\n    </wps:Input>\n  </wps:DataInputs>\n  <wps:ResponseForm>\n    <wps:RawDataOutput>\n      <ows:Identifier>bounds</ows:Identifier>\n    </wps:RawDataOutput>\n  </wps:ResponseForm>\n</wps:Execute>";
    }
}
