package com.atlassian.jira.webtests.ztests.bundledplugins2.rest;

import com.atlassian.jira.functest.framework.FuncTestCase;
import com.atlassian.jira.functest.framework.suite.Category;
import com.atlassian.jira.functest.framework.suite.WebTest;
import com.atlassian.jira.plugin.labels.Constants;
import com.atlassian.jira.plugin.labels.utils.LabelUtils;
import com.atlassian.jira.util.json.JSONException;
import com.atlassian.jira.util.json.JSONObject;
import com.atlassian.jira.webtests.ztests.bundledplugins2.rest.client.Attachment;
import com.atlassian.jira.webtests.ztests.bundledplugins2.rest.client.Issue;
import com.atlassian.jira.webtests.ztests.bundledplugins2.rest.client.IssueClient;
import com.google.common.collect.Sets;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.httpclient.Cookie;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.methods.RequestEntity;
import org.apache.log4j.Logger;

@WebTest({Category.FUNC_TEST, Category.REST})
/* loaded from: input_file:com/atlassian/jira/webtests/ztests/bundledplugins2/rest/TestAttachTemporaryFileResource.class */
public class TestAttachTemporaryFileResource extends FuncTestCase {
    private static final Logger log = Logger.getLogger(TestAttachTemporaryFileResource.class);
    private static final String REST_PATH = "rest/internal/1.0/AttachTemporaryFile";
    private static final String ATTACH_PATH = "secure/AttachFile.jspa";
    private static final String PARAM_FILENAME = "filename";
    private static final String PARAM_ISSUE_ID = "issueId";
    private static final String PARAM_ID = "id";
    private static final String PARAM_SIZE = "size";
    private static final String PARAM_CONVERT_ID = "filetoconvert";
    private static final String PARAM_DECORATOR = "decorator";
    private static final String PARAM_USERNAME = "os_username";
    private static final String PARAM_PASSWORD = "os_password";
    private static final String PARAM_COOKIE = "os_cookie";
    private static final String PARAM_XSRF = "atl_token";
    private static final String JSON_NAME = "name";
    private static final String JSON_ID = "id";
    private static final String JSON_ERROR_MSG = "errorMessage";
    private static final String HEADER_SERAPH_RESPONSE = "X-Seraph-LoginReason";
    private static final String COOKIE_XSRF = "atlassian.xsrf.token";
    private static final String GOOD_LOGIN = "OK";
    private static final String NONE = "none";
    private static final long ISSUE_ID = 10000;
    private static final String ISSUE_KEY = "HSP-1";
    public static final String JSON_TOKEN = "token";

    /* loaded from: input_file:com/atlassian/jira/webtests/ztests/bundledplugins2/rest/TestAttachTemporaryFileResource$RandomBytesEntity.class */
    private static class RandomBytesEntity implements RequestEntity {
        private int contentLength;
        private int actualLength;
        private String contentType;

        private RandomBytesEntity() {
            this.contentLength = 10240;
            this.actualLength = this.contentLength;
            this.contentType = "application/octet-stream";
        }

        public RandomBytesEntity setLength(int i) {
            this.contentLength = i;
            this.actualLength = i;
            return this;
        }

        public RandomBytesEntity setActualLength(int i) {
            this.actualLength = i;
            return this;
        }

        public RandomBytesEntity setContentLength(int i) {
            this.contentLength = i;
            return this;
        }

        public RandomBytesEntity setContentType(String str) {
            this.contentType = str;
            return this;
        }

        public boolean isRepeatable() {
            return true;
        }

        public void writeRequest(OutputStream outputStream) throws IOException {
            int i = this.actualLength;
            int i2 = 0;
            byte[] bArr = new byte[4];
            while (i > 0) {
                bArr[0] = (byte) i2;
                bArr[1] = (byte) (i2 >> 8);
                bArr[2] = (byte) (i2 >> 16);
                bArr[3] = (byte) (i2 >> 24);
                int min = Math.min(i, bArr.length);
                outputStream.write(bArr, 0, min);
                i -= min;
                i2++;
            }
        }

        public long getContentLength() {
            return this.contentLength;
        }

        public String getContentType() {
            return this.contentType;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.atlassian.jira.functest.framework.FuncTestCase
    public void setUpTest() {
        this.administration.restoreData("TestAttachTemporaryFileResource.xml");
    }

    public void testNoSizeRequest() throws Exception {
        HttpClient createClientForUser = createClientForUser("admin");
        PostMethod postMethod = new PostMethod(getRestUrlWithToken(createClientForUser, PARAM_FILENAME, "text.txt", PARAM_ISSUE_ID, 1));
        postMethod.setRequestEntity(new RandomBytesEntity().setContentLength(-1).setActualLength(1));
        try {
            createClientForUser.executeMethod(postMethod);
            assertBadResponse(400, postMethod);
            postMethod.releaseConnection();
        } catch (Throwable th) {
            postMethod.releaseConnection();
            throw th;
        }
    }

    public void testTooBigRequest() throws Exception {
        HttpClient createClientForUser = createClientForUser("admin");
        PostMethod postMethod = new PostMethod(getRestUrlWithToken(createClientForUser, PARAM_FILENAME, "test.data", PARAM_ISSUE_ID, Long.valueOf(ISSUE_ID), PARAM_SIZE, 10));
        postMethod.setRequestEntity(new RandomBytesEntity().setLength(20));
        try {
            createClientForUser.executeMethod(postMethod);
            assertBadResponse(LabelUtils.MAX_ALLOWED_LABELS, postMethod);
            postMethod.releaseConnection();
        } catch (Throwable th) {
            postMethod.releaseConnection();
            throw th;
        }
    }

    public void testTooSmallRequest() throws Exception {
        HttpClient createClientForUser = createClientForUser("admin");
        PostMethod postMethod = new PostMethod(getRestUrlWithToken(createClientForUser, PARAM_FILENAME, "test.data", PARAM_ISSUE_ID, Long.valueOf(ISSUE_ID), PARAM_SIZE, 40));
        postMethod.setRequestEntity(new RandomBytesEntity().setLength(20));
        try {
            createClientForUser.executeMethod(postMethod);
            assertBadResponse(LabelUtils.MAX_ALLOWED_LABELS, postMethod);
            postMethod.releaseConnection();
        } catch (Throwable th) {
            postMethod.releaseConnection();
            throw th;
        }
    }

    public void testGoodRequest() throws Exception {
        HttpClient createClientForUser = createClientForUser("admin");
        PostMethod postMethod = new PostMethod(getRestUrlWithToken(createClientForUser, PARAM_FILENAME, "test.data", PARAM_ISSUE_ID, Long.valueOf(ISSUE_ID)));
        RandomBytesEntity length = new RandomBytesEntity().setLength(150);
        postMethod.setRequestEntity(length);
        try {
            assertEquals(201, createClientForUser.executeMethod(postMethod));
            JSONObject jSONObject = new JSONObject(postMethod.getResponseBodyAsString());
            assertEquals(Sets.newHashSet(new String[]{JSON_NAME, "id"}), Sets.newHashSet(jSONObject.keys()));
            assertEquals("test.data", jSONObject.getString(JSON_NAME));
            String string = jSONObject.getString("id");
            postMethod.releaseConnection();
            postMethod = new PostMethod(getUrl(ATTACH_PATH, new Object[0]));
            postMethod.setParameter(PARAM_CONVERT_ID, String.valueOf(string));
            postMethod.setParameter("id", String.valueOf(ISSUE_ID));
            postMethod.setParameter(PARAM_DECORATOR, NONE);
            postMethod.setParameter("atl_token", getToken(createClientForUser));
            try {
                int executeMethod = createClientForUser.executeMethod(postMethod);
                if (executeMethod != 302) {
                    fail(String.format("Trying to add attachment but got status %s: %s.", HttpStatus.getStatusText(executeMethod), postMethod.getResponseBodyAsString()));
                }
                postMethod.releaseConnection();
                List<Attachment> list = new IssueClient(getEnvironmentData()).get("HSP-1", new Issue.Expand[0]).fields.attachment.value;
                assertEquals(1, list.size());
                Attachment attachment = list.get(0);
                assertEquals("test.data", attachment.filename);
                GetMethod getMethod = new GetMethod(attachment.content);
                try {
                    assertEquals(Constants.MAX_RECENT_LABELES, createClientForUser.executeMethod(getMethod));
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    length.writeRequest(byteArrayOutputStream);
                    assertStreams(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()), getMethod.getResponseBodyAsStream());
                    getMethod.releaseConnection();
                } catch (Throwable th) {
                    getMethod.releaseConnection();
                    throw th;
                }
            } finally {
            }
        } finally {
        }
    }

    public void testAttachmentsDisabled() throws IOException, JSONException {
        this.administration.attachments().disable();
        HttpClient createClientForUser = createClientForUser("admin");
        PostMethod postMethod = new PostMethod(getRestUrlWithToken(createClientForUser, PARAM_FILENAME, "test.data", PARAM_ISSUE_ID, Long.valueOf(ISSUE_ID)));
        postMethod.setRequestEntity(new RandomBytesEntity().setLength(150));
        try {
            createClientForUser.executeMethod(postMethod);
            assertBadResponse(LabelUtils.MAX_ALLOWED_LABELS, postMethod);
            postMethod.releaseConnection();
        } catch (Throwable th) {
            postMethod.releaseConnection();
            throw th;
        }
    }

    public void testNoAttachPermission() throws IOException, JSONException {
        this.administration.attachments().disable();
        HttpClient createClientForUser = createClientForUser("fred");
        PostMethod postMethod = new PostMethod(getRestUrlWithToken(createClientForUser, PARAM_FILENAME, "test.data", PARAM_ISSUE_ID, Long.valueOf(ISSUE_ID)));
        postMethod.setRequestEntity(new RandomBytesEntity().setLength(150));
        try {
            createClientForUser.executeMethod(postMethod);
            assertBadResponse(LabelUtils.MAX_ALLOWED_LABELS, postMethod);
            postMethod.releaseConnection();
        } catch (Throwable th) {
            postMethod.releaseConnection();
            throw th;
        }
    }

    public void testBadXsrfAttach() throws IOException, JSONException {
        this.administration.attachments().disable();
        HttpClient createClientForUser = createClientForUser("fred");
        PostMethod postMethod = new PostMethod(getRestUrl(PARAM_FILENAME, "test.data", PARAM_ISSUE_ID, Long.valueOf(ISSUE_ID)));
        postMethod.setRequestEntity(new RandomBytesEntity().setLength(150));
        try {
            createClientForUser.executeMethod(postMethod);
            assertXsrfResponse(LabelUtils.MAX_ALLOWED_LABELS, postMethod, createClientForUser);
            postMethod.releaseConnection();
        } catch (Throwable th) {
            postMethod.releaseConnection();
            throw th;
        }
    }

    private void assertStreams(InputStream inputStream, InputStream inputStream2) throws IOException {
        int read = inputStream.read();
        int read2 = inputStream2.read();
        int i = 0;
        while (read >= 0 && read2 >= 0) {
            assertEquals(String.format("Byte at position %d differers.%n", Integer.valueOf(i)), read, read2);
            read = inputStream.read();
            read2 = inputStream2.read();
            i++;
        }
        if (read >= 0) {
            fail("Expected more input but actual had only " + i + " bytes.");
        } else if (read2 >= 0) {
            fail("Expected less input as expected had only " + i + " bytes.");
        }
    }

    private void assertBadResponse(int i, HttpMethod httpMethod) {
        assertFalse(assertBadCommon(i, httpMethod).has(JSON_TOKEN));
    }

    private JSONObject assertBadCommon(int i, HttpMethod httpMethod) {
        assertEquals(i, httpMethod.getStatusCode());
        JSONObject jSONObject = null;
        try {
            jSONObject = new JSONObject(httpMethod.getResponseBodyAsString());
            assertTrue(jSONObject.has(JSON_ERROR_MSG));
        } catch (JSONException e) {
            log.error("Response did not contain JSON.", e);
            fail("Response did not contain JSON.");
        } catch (IOException e2) {
            log.error("IO error occured while reading the response.", e2);
            fail("IO error occured while reading the response.");
        }
        return jSONObject;
    }

    private void assertXsrfResponse(int i, HttpMethod httpMethod, HttpClient httpClient) {
        JSONObject assertBadCommon = assertBadCommon(i, httpMethod);
        assertTrue(assertBadCommon.has(JSON_TOKEN));
        try {
            assertEquals(getToken(httpClient), assertBadCommon.getString(JSON_TOKEN));
        } catch (JSONException e) {
            throw new RuntimeException(e);
        }
    }

    private HttpClient createClientForUser(String str) throws IOException {
        HttpClient httpClient = new HttpClient();
        httpClient.getParams().setCookiePolicy("compatibility");
        PostMethod postMethod = new PostMethod(getUrl("login.jsp", new Object[0]));
        try {
            postMethod.setParameter(PARAM_USERNAME, str);
            postMethod.setParameter(PARAM_PASSWORD, str);
            postMethod.setParameter(PARAM_COOKIE, String.valueOf(true));
            httpClient.executeMethod(postMethod);
            assertEquals(GOOD_LOGIN, postMethod.getResponseHeader(HEADER_SERAPH_RESPONSE).getValue());
            postMethod.releaseConnection();
            return httpClient;
        } catch (Throwable th) {
            postMethod.releaseConnection();
            throw th;
        }
    }

    private String getToken(HttpClient httpClient) {
        for (Cookie cookie : httpClient.getState().getCookies()) {
            if (cookie.getName().equals(COOKIE_XSRF)) {
                return cookie.getValue();
            }
        }
        return null;
    }

    private String getRestUrl(Object... objArr) {
        return getUrl(REST_PATH, objArr);
    }

    public String getRestUrlWithToken(HttpClient httpClient, Object... objArr) {
        ArrayList arrayList = new ArrayList(Arrays.asList(objArr));
        arrayList.add("atl_token");
        arrayList.add(getToken(httpClient));
        return getUrl(REST_PATH, arrayList);
    }

    private String getUrl(String str, Object... objArr) {
        return getUrl(str, Arrays.asList(objArr));
    }

    private String getUrl(String str, Collection<Object> collection) {
        String externalForm = getEnvironmentData().getBaseUrl().toExternalForm();
        StringBuilder sb = new StringBuilder(externalForm);
        if (!externalForm.endsWith("/")) {
            sb.append("/");
        }
        sb.append(str);
        if (collection != null && !collection.isEmpty()) {
            Iterator<Object> it = collection.iterator();
            int i = 1;
            sb.append("?").append(encode(it.next())).append("=");
            while (it.hasNext()) {
                boolean z = (i & 1) == 0;
                if (z) {
                    sb.append("&");
                }
                sb.append(encode(it.next()));
                if (z) {
                    sb.append("=");
                }
                i++;
            }
        }
        return sb.toString();
    }

    private String encode(Object obj) {
        try {
            return URLEncoder.encode(obj.toString(), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException(e);
        }
    }
}
