package org.wildfly.security.sasl.test;

import java.lang.Thread;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessController;
import java.security.Provider;
import java.security.Security;
import java.util.Collections;
import java.util.HashMap;
import java.util.concurrent.ScheduledThreadPoolExecutor;
import java.util.concurrent.ThreadFactory;
import javax.security.auth.callback.CallbackHandler;
import javax.security.sasl.Sasl;
import javax.security.sasl.SaslClient;
import javax.security.sasl.SaslException;
import javax.security.sasl.SaslServer;
import org.jboss.threads.JBossThreadFactory;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.auth.client.AuthenticationContext;
import org.wildfly.security.auth.client.ClientUtils;
import org.wildfly.security.auth.client.MatchRule;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.WildFlyElytronPasswordProvider;
import org.wildfly.security.password.spec.ClearPasswordSpec;
import org.wildfly.security.sasl.SaslMechanismSelector;
import org.wildfly.security.sasl.digest.DigestServerFactory;
import org.wildfly.security.sasl.digest.WildFlyElytronSaslDigestProvider;

/* loaded from: input_file:org/wildfly/security/sasl/test/SaslAuthenticationTimeoutTest.class */
public class SaslAuthenticationTimeoutTest {
    private static final String DIGEST = "DIGEST-MD5";
    private static final String AUTHENTICATION_TIMEOUT_MESSAGE = "Authentication mechanism server timed out";
    private static final Provider[] providers = {WildFlyElytronSaslDigestProvider.getInstance(), WildFlyElytronPasswordProvider.getInstance()};

    @BeforeClass
    public static void registerPasswordProvider() {
        for (Provider provider : providers) {
            Security.insertProviderAt(provider, 1);
        }
    }

    @AfterClass
    public static void removePasswordProvider() {
        for (Provider provider : providers) {
            Security.removeProvider(provider.getName());
        }
    }

    @Test
    public void testSuccessfulTimeout() throws Exception {
        ScheduledThreadPoolExecutor scheduledThreadPoolExecutor = new ScheduledThreadPoolExecutor(1, (ThreadFactory) AccessController.doPrivileged(() -> {
            return new JBossThreadFactory(new ThreadGroup("SecurityDomain ThreadGroup"), Boolean.FALSE, (Integer) null, "%G - %t", (Thread.UncaughtExceptionHandler) null, (Long) null);
        }));
        scheduledThreadPoolExecutor.setRemoveOnCancelPolicy(true);
        scheduledThreadPoolExecutor.setExecuteExistingDelayedTasksAfterShutdownPolicy(false);
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("wildfly.sasl.authentication-timeout", "3");
            SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProtocol("TestProtocol").setServerName("TestServer").setProperties(hashMap).setScheduledExecutorService(scheduledThreadPoolExecutor).addMechanismRealm("TestRealm").build();
            SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), createClearPwdClientCallbackHandler("George", "gpwd", "TestRealm"));
            byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
            Thread.sleep(5000L);
            build.evaluateResponse(createSaslClient.evaluateChallenge(evaluateResponse));
            Assert.fail("Expected SaslException not thrown");
        } catch (SaslException e) {
            Assert.assertTrue(e.getMessage().contains(AUTHENTICATION_TIMEOUT_MESSAGE));
        }
    }

    @Test
    public void testSuccessfulTimeout_DefaultExecuterService() throws Exception {
        try {
            HashMap hashMap = new HashMap();
            hashMap.put("wildfly.sasl.authentication-timeout", "3");
            SaslServer build = new SaslServerBuilder(DigestServerFactory.class, DIGEST).setUserName("George").setPassword("gpwd".toCharArray()).setProtocol("TestProtocol").setServerName("TestServer").setProperties(hashMap).addMechanismRealm("TestRealm").build();
            SaslClient createSaslClient = Sasl.createSaslClient(new String[]{DIGEST}, "George", "TestProtocol", "TestServer", Collections.emptyMap(), createClearPwdClientCallbackHandler("George", "gpwd", "TestRealm"));
            byte[] evaluateResponse = build.evaluateResponse(new byte[0]);
            Thread.sleep(5000L);
            build.evaluateResponse(createSaslClient.evaluateChallenge(evaluateResponse));
            Assert.fail("Expected SaslException not thrown");
        } catch (SaslException e) {
            Assert.assertTrue(e.getMessage().contains(AUTHENTICATION_TIMEOUT_MESSAGE));
        }
    }

    private static CallbackHandler createClearPwdClientCallbackHandler(String str, String str2, String str3) throws Exception {
        return createClientCallbackHandler(str, PasswordFactory.getInstance("clear").generatePassword(new ClearPasswordSpec(str2.toCharArray())), str3);
    }

    private static CallbackHandler createClientCallbackHandler(String str, Password password, String str2) throws URISyntaxException {
        return ClientUtils.getCallbackHandler(new URI("seems://irrelevant"), AuthenticationContext.empty().with(MatchRule.ALL, AuthenticationConfiguration.empty().useName(str).usePassword(password).useRealm(str2).setSaslMechanismSelector(SaslMechanismSelector.NONE.addMechanism(DIGEST))));
    }
}
