package org.projecthusky.common.utils.xml;

import jakarta.xml.bind.DataBindingException;
import javax.xml.parsers.ParserConfigurationException;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.condition.DisabledOnOs;
import org.junit.jupiter.api.condition.EnabledOnOs;
import org.junit.jupiter.api.condition.OS;
import org.projecthusky.common.hl7cdar2.POCDMT000040ClinicalDocument;
import org.projecthusky.common.hl7cdar2.ST;

/* loaded from: input_file:org/projecthusky/common/utils/xml/XmlUnmarshallerTest.class */
class XmlUnmarshallerTest {
    private static final String URL_TO_FETCH = "https://api.ipify.org/";
    private static final String FILE_TO_FETCH_WINDOWS = "C:/Windows/System32/drivers/etc/hosts";
    private static final String FILE_TO_FETCH_OTHERS = "/etc/hosts";

    XmlUnmarshallerTest() {
    }

    @Test
    void testEntitySupport() {
        Assertions.assertThrows(DataBindingException.class, () -> {
            XmlUnmarshaller.unmarshallStringAsType("<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE replace [<!ENTITY entity \"VULNERABLE\"> ]><ClinicalDocument xmlns=\"urn:hl7-org:v3\"><title>&entity;</title></ClinicalDocument>", POCDMT000040ClinicalDocument.class);
        });
    }

    @Test
    void testBillionLaughAttack() {
        Assertions.assertThrows(DataBindingException.class, () -> {
            XmlUnmarshaller.unmarshallStringAsType("<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE data [\n<!ENTITY a0 \"dos\" >\n<!ENTITY a1 \"&a0;&a0;&a0;&a0;&a0;&a0;&a0;&a0;&a0;&a0;\">\n<!ENTITY a2 \"&a1;&a1;&a1;&a1;&a1;&a1;&a1;&a1;&a1;&a1;\">\n<!ENTITY a3 \"&a2;&a2;&a2;&a2;&a2;&a2;&a2;&a2;&a2;&a2;\">\n]><ClinicalDocument xmlns=\"urn:hl7-org:v3\"><title>&a3;</title></ClinicalDocument>", POCDMT000040ClinicalDocument.class);
        });
    }

    @Test
    @EnabledOnOs({OS.WINDOWS})
    void testXxeFileInjectionWindows() {
        Assertions.assertThrows(DataBindingException.class, () -> {
            XmlUnmarshaller.unmarshallStringAsType("<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE foo [ <!ENTITY xxe SYSTEM \"file:///C:/Windows/System32/drivers/etc/hosts\"> ]><ClinicalDocument xmlns=\"urn:hl7-org:v3\"><title>&xxe;</title></ClinicalDocument>", POCDMT000040ClinicalDocument.class);
        });
    }

    @Test
    @DisabledOnOs({OS.WINDOWS})
    void testXxeFileInjectionOthers() {
        Assertions.assertThrows(DataBindingException.class, () -> {
            XmlUnmarshaller.unmarshallStringAsType("<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE foo [ <!ENTITY xxe SYSTEM \"file:////etc/hosts\"> ]><ClinicalDocument xmlns=\"urn:hl7-org:v3\"><title>&xxe;</title></ClinicalDocument>", POCDMT000040ClinicalDocument.class);
        });
    }

    @Test
    void testXxeUrlInjection() {
        Assertions.assertThrows(DataBindingException.class, () -> {
            XmlUnmarshaller.unmarshallStringAsType("<?xml version=\"1.0\" encoding=\"UTF-8\"?><!DOCTYPE foo [ <!ENTITY xxe SYSTEM \"https://api.ipify.org/\"> ]><ClinicalDocument xmlns=\"urn:hl7-org:v3\"><title>&xxe;</title></ClinicalDocument>", POCDMT000040ClinicalDocument.class);
        });
    }

    @Test
    @EnabledOnOs({OS.WINDOWS})
    void testXIncludeFileInjectionWindows() throws ParserConfigurationException {
        Assertions.assertEquals("", ((POCDMT000040ClinicalDocument) XmlUnmarshaller.unmarshallStringAsType("<?xml version=\"1.0\" encoding=\"UTF-8\"?><ClinicalDocument xmlns=\"urn:hl7-org:v3\"><title xmlns:xi=\"http://www.w3.org/2001/XInclude\"><xi:include parse=\"text\" href=\"file:///C:/Windows/System32/drivers/etc/hosts\"/></title></ClinicalDocument>", POCDMT000040ClinicalDocument.class)).getTitle().getTextContent());
    }

    @Test
    @DisabledOnOs({OS.WINDOWS})
    void testXIncludeFileInjectionOthers() throws ParserConfigurationException {
        Assertions.assertEquals("", ((POCDMT000040ClinicalDocument) XmlUnmarshaller.unmarshallStringAsType("<?xml version=\"1.0\" encoding=\"UTF-8\"?><ClinicalDocument xmlns=\"urn:hl7-org:v3\"><title xmlns:xi=\"http://www.w3.org/2001/XInclude\"><xi:include parse=\"text\" href=\"file:////etc/hosts\"/></title></ClinicalDocument>", POCDMT000040ClinicalDocument.class)).getTitle().getTextContent());
    }

    @Test
    void testXIncludeUrlInjection() throws ParserConfigurationException {
        Assertions.assertEquals("", ((POCDMT000040ClinicalDocument) XmlUnmarshaller.unmarshallStringAsType("<?xml version=\"1.0\" encoding=\"UTF-8\"?><ClinicalDocument xmlns=\"urn:hl7-org:v3\"><title xmlns:xi=\"http://www.w3.org/2001/XInclude\"><xi:include parse=\"text\" href=\"https://api.ipify.org/\"/></title></ClinicalDocument>", POCDMT000040ClinicalDocument.class)).getTitle().getTextContent());
    }

    @Test
    void testUnmarshallingString() throws ParserConfigurationException {
        ST st = (ST) XmlUnmarshaller.unmarshallStringAsType("<?xml version=\"1.0\" encoding=\"UTF-8\"?><title>Simple title</title>", ST.class);
        Assertions.assertNotNull(st);
        Assertions.assertEquals("Simple title", st.getTextContent());
    }
}
