package org.wildfly.camel.test.policy;

import javax.ejb.EJBAccessException;
import javax.naming.Context;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.security.auth.login.LoginContext;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.junit.Arquillian;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.asset.EmptyAsset;
import org.jboss.shrinkwrap.api.spec.JavaArchive;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.wildfly.camel.test.policy.subA.AnnotatedSLSB;
import org.wildfly.camel.test.policy.subA.SecureRouteBuilder;
import org.wildfly.extension.camel.security.LoginContextBuilder;

@RunWith(Arquillian.class)
/* loaded from: input_file:org/wildfly/camel/test/policy/EJBSecurityTestCase.class */
public class EJBSecurityTestCase {
    @Deployment
    public static JavaArchive createDeployment() {
        JavaArchive create = ShrinkWrap.create(JavaArchive.class, "ejb-security-test.jar");
        create.addClasses(new Class[]{AnnotatedSLSB.class, SecureRouteBuilder.class});
        create.addAsManifestResource(EmptyAsset.INSTANCE, "beans.xml");
        return create;
    }

    @Test
    public void testAccessAllowed() throws Exception {
        Assert.assertEquals("Hello Kermit", ((AnnotatedSLSB) lookup(new InitialContext(), AnnotatedSLSB.class, AnnotatedSLSB.class)).doAnything("Kermit"));
    }

    @Test
    public void testAuthorizedAccess() throws Exception {
        AnnotatedSLSB annotatedSLSB = (AnnotatedSLSB) lookup(new InitialContext(), AnnotatedSLSB.class, AnnotatedSLSB.class);
        LoginContext build = new LoginContextBuilder(LoginContextBuilder.Type.CLIENT).domain("user-domain").username(AnnotatedSLSB.USERNAME).encryptedPassword(AnnotatedSLSB.PASSWORD.toCharArray()).build();
        build.login();
        try {
            Assert.assertEquals("Hello Kermit", annotatedSLSB.doSelected("Kermit"));
            build.logout();
        } catch (Throwable th) {
            build.logout();
            throw th;
        }
    }

    @Test
    public void testCallerPricipalPropagation() throws Exception {
        AnnotatedSLSB annotatedSLSB = (AnnotatedSLSB) lookup(new InitialContext(), AnnotatedSLSB.class, AnnotatedSLSB.class);
        LoginContext build = new LoginContextBuilder(LoginContextBuilder.Type.CLIENT).domain("user-domain").username(AnnotatedSLSB.USERNAME).encryptedPassword(AnnotatedSLSB.PASSWORD.toCharArray()).build();
        build.login();
        try {
            Assert.assertEquals("Hello Kermit", annotatedSLSB.secureRouteAccess("Kermit"));
            build.logout();
        } catch (Throwable th) {
            build.logout();
            throw th;
        }
    }

    @Test
    public void testUnauthorizedAccess() throws Exception {
        AnnotatedSLSB annotatedSLSB = (AnnotatedSLSB) lookup(new InitialContext(), AnnotatedSLSB.class, AnnotatedSLSB.class);
        try {
            annotatedSLSB.doSelected("Kermit");
            Assert.fail("Call to doSelected() method was expected to fail");
        } catch (EJBAccessException e) {
        }
        LoginContext build = new LoginContextBuilder(LoginContextBuilder.Type.CLIENT).username("user1").password("wrongpass".toCharArray()).build();
        build.login();
        try {
            annotatedSLSB.doSelected("Kermit");
            Assert.fail("Call to doSelected() method was expected to fail");
            build.logout();
        } catch (EJBAccessException e2) {
            build.logout();
        } catch (Throwable th) {
            build.logout();
            throw th;
        }
    }

    @Test
    public void testAccessDenied() throws Exception {
        try {
            ((AnnotatedSLSB) lookup(new InitialContext(), AnnotatedSLSB.class, AnnotatedSLSB.class)).restrictedMethod();
            Assert.fail("Call to restrictedMethod() method was expected to fail");
        } catch (EJBAccessException e) {
        }
    }

    private <T> T lookup(Context context, Class<?> cls, Class<T> cls2) throws NamingException {
        return cls2.cast(context.lookup("java:module/" + cls.getSimpleName() + "!" + cls2.getName()));
    }
}
