package org.apache.cxf.systest.jaxrs.security.jose.jwt;

import com.fasterxml.jackson.jaxrs.json.JacksonJsonProvider;
import java.net.URL;
import java.time.ZoneOffset;
import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import org.apache.cxf.jaxrs.client.WebClient;
import org.apache.cxf.rs.security.jose.jaxrs.JwtAuthenticationClientFilter;
import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
import org.apache.cxf.rs.security.jose.jwt.JwtToken;
import org.apache.cxf.systest.jaxrs.security.Book;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:org/apache/cxf/systest/jaxrs/security/jose/jwt/JWTPropertiesTest.class */
public class JWTPropertiesTest extends AbstractBusClientServerTestBase {
    public static final String PORT = BookServerJwtProperties.PORT;

    @BeforeClass
    public static void startServers() throws Exception {
        assertTrue("server did not launch correctly", launchServer(BookServerJwtProperties.class, true));
    }

    @Test
    public void testExpiredToken() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        String str = "https://localhost:" + PORT + "/unsignedjwt/bookstore/books";
        WebClient create = WebClient.create(str, arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
        jwtClaims.setIssuedAt(Long.valueOf(now.toEpochSecond()));
        jwtClaims.setAudiences(toList(str));
        jwtClaims.setExpiryTime(Long.valueOf(now.minusDays(1L).toEpochSecond()));
        JwtToken jwtToken = new JwtToken(jwtClaims);
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.token", jwtToken);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertNotEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    @Test
    public void testFutureToken() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        String str = "https://localhost:" + PORT + "/unsignedjwt/bookstore/books";
        WebClient create = WebClient.create(str, arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        jwtClaims.setAudiences(toList(str));
        jwtClaims.setIssuedAt(Long.valueOf(ZonedDateTime.now(ZoneOffset.UTC).plusDays(1L).toEpochSecond()));
        JwtToken jwtToken = new JwtToken(jwtClaims);
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.token", jwtToken);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertNotEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    @Test
    public void testNearFutureTokenFailure() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        String str = "https://localhost:" + PORT + "/unsignedjwt/bookstore/books";
        WebClient create = WebClient.create(str, arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        jwtClaims.setAudiences(toList(str));
        jwtClaims.setIssuedAt(Long.valueOf(ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(30L).toEpochSecond()));
        JwtToken jwtToken = new JwtToken(jwtClaims);
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.token", jwtToken);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertNotEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    @Test
    public void testNearFutureTokenSuccess() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        String str = "https://localhost:" + PORT + "/unsignedjwtnearfuture/bookstore/books";
        WebClient create = WebClient.create(str, arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        jwtClaims.setAudiences(toList(str));
        jwtClaims.setIssuedAt(Long.valueOf(ZonedDateTime.now(ZoneOffset.UTC).plusSeconds(30L).toEpochSecond()));
        JwtToken jwtToken = new JwtToken(jwtClaims);
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.token", jwtToken);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    @Test
    public void testNotBeforeFailure() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        String str = "https://localhost:" + PORT + "/unsignedjwt/bookstore/books";
        WebClient create = WebClient.create(str, arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        jwtClaims.setAudiences(toList(str));
        ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
        jwtClaims.setIssuedAt(Long.valueOf(now.toEpochSecond()));
        jwtClaims.setNotBefore(Long.valueOf(now.plusSeconds(30L).toEpochSecond()));
        JwtToken jwtToken = new JwtToken(jwtClaims);
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.token", jwtToken);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertNotEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    @Test
    public void testNotBeforeSuccess() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        String str = "https://localhost:" + PORT + "/unsignedjwtnearfuture/bookstore/books";
        WebClient create = WebClient.create(str, arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        jwtClaims.setAudiences(toList(str));
        ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
        jwtClaims.setIssuedAt(Long.valueOf(now.toEpochSecond()));
        jwtClaims.setNotBefore(Long.valueOf(now.plusSeconds(30L).toEpochSecond()));
        JwtToken jwtToken = new JwtToken(jwtClaims);
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.token", jwtToken);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    @Test
    public void testSetClaimsDirectly() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        String str = "https://localhost:" + PORT + "/unsignedjwt/bookstore/books";
        WebClient create = WebClient.create(str, arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        jwtClaims.setIssuedAt(Long.valueOf(ZonedDateTime.now(ZoneOffset.UTC).toEpochSecond()));
        jwtClaims.setAudiences(toList(str));
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.claims", jwtClaims);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    @Test
    public void testBadAudience() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        WebClient create = WebClient.create("https://localhost:" + PORT + "/unsignedjwt/bookstore/books", arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        jwtClaims.setIssuedAt(Long.valueOf(ZonedDateTime.now(ZoneOffset.UTC).toEpochSecond()));
        jwtClaims.setAudiences(toList("https://localhost:" + PORT + "/badunsignedjwt/bookstore/books"));
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.claims", jwtClaims);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertNotEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    @Test
    public void testNoAudience() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        WebClient create = WebClient.create("https://localhost:" + PORT + "/unsignedjwt/bookstore/books", arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        jwtClaims.setIssuedAt(Long.valueOf(ZonedDateTime.now(ZoneOffset.UTC).toEpochSecond()));
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.claims", jwtClaims);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    @Test
    public void testMultipleAudiences() throws Exception {
        URL resource = JWTPropertiesTest.class.getResource("client.xml");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new JacksonJsonProvider());
        arrayList.add(new JwtAuthenticationClientFilter());
        String str = "https://localhost:" + PORT + "/unsignedjwt/bookstore/books";
        WebClient create = WebClient.create(str, arrayList, resource.toString());
        create.type("application/json").accept(new String[]{"application/json"});
        JwtClaims jwtClaims = new JwtClaims();
        jwtClaims.setSubject("alice");
        jwtClaims.setIssuer("DoubleItSTSIssuer");
        jwtClaims.setIssuedAt(Long.valueOf(ZonedDateTime.now(ZoneOffset.UTC).toEpochSecond()));
        String str2 = "https://localhost:" + PORT + "/badunsignedjwt/bookstore/books";
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(str);
        arrayList2.add(str2);
        jwtClaims.setAudiences(arrayList2);
        HashMap hashMap = new HashMap();
        hashMap.put("rs.security.signature.algorithm", "none");
        hashMap.put("jwt.claims", jwtClaims);
        WebClient.getConfig(create).getRequestContext().putAll(hashMap);
        assertEquals(create.post(new Book("book", 123L)).getStatus(), 200L);
    }

    private List<String> toList(String str) {
        return Collections.singletonList(str);
    }
}
