package org.infinispan.rest;

import java.security.Principal;
import java.util.Base64;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.HttpMethod;
import org.infinispan.configuration.cache.ConfigurationBuilder;
import org.infinispan.configuration.global.GlobalConfigurationBuilder;
import org.infinispan.manager.DefaultCacheManager;
import org.infinispan.manager.EmbeddedCacheManager;
import org.infinispan.rest.assertion.ResponseAssertion;
import org.infinispan.rest.authentication.Authenticator;
import org.infinispan.rest.authentication.SecurityDomain;
import org.infinispan.rest.authentication.impl.BasicAuthenticator;
import org.infinispan.rest.configuration.RestServerConfigurationBuilder;
import org.infinispan.test.AbstractInfinispanTest;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.mockito.internal.stubbing.answers.ThrowsExceptionClass;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.AfterSuite;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.BeforeSuite;
import org.testng.annotations.Test;

@Test(groups = {"functional"}, testName = "rest.AuthenticationTest")
/* loaded from: input_file:org/infinispan/rest/AuthenticationTest.class */
public class AuthenticationTest extends AbstractInfinispanTest {
    private EmbeddedCacheManager cacheManager;
    private HttpClient client;
    private RestServer restServer;
    private RestServerConfigurationBuilder restServerConfiguration;

    @BeforeSuite
    public void beforeSuite() throws Exception {
        GlobalConfigurationBuilder nonClusteredDefault = new GlobalConfigurationBuilder().nonClusteredDefault();
        nonClusteredDefault.globalJmxStatistics().allowDuplicateDomains(true);
        this.cacheManager = new DefaultCacheManager(nonClusteredDefault.build(), new ConfigurationBuilder().build());
        this.restServerConfiguration = new RestServerConfigurationBuilder();
        this.restServerConfiguration.host("localhost").port(0);
    }

    @AfterSuite
    public void afterSuite() throws Exception {
        this.cacheManager.stop();
    }

    @BeforeMethod
    public void beforeMethod() throws Exception {
        this.client = new HttpClient();
        this.client.start();
    }

    @AfterMethod
    public void afterMethod() throws Exception {
        this.cacheManager.getCache("default").clear();
        if (this.restServer != null) {
            this.restServer.stop();
        }
        this.client.stop();
    }

    @Test
    public void shouldAuthenticateWhenProvidingProperCredentials() throws Exception {
        SecurityDomain securityDomain = (SecurityDomain) Mockito.mock(SecurityDomain.class, new ThrowsExceptionClass(SecurityException.class));
        ((SecurityDomain) Mockito.doReturn(Mockito.mock(Principal.class)).when(securityDomain)).authenticate((String) Matchers.eq("test"), (String) Matchers.eq("test"));
        startRestWithAuthenticator(new BasicAuthenticator(securityDomain, "ApplicationRealm"));
        ResponseAssertion.assertThat(this.client.newRequest(String.format("http://localhost:%d/rest/%s/%s", Integer.valueOf(this.restServer.getPort()), "default", "test")).method(HttpMethod.HEAD).header(HttpHeader.AUTHORIZATION, "Basic " + Base64.getEncoder().encodeToString("test:test".getBytes())).send()).isNotFound();
    }

    private void startRestWithAuthenticator(Authenticator authenticator) {
        this.restServer = new RestServer();
        this.restServer.setAuthenticator(authenticator);
        this.restServer.start(this.restServerConfiguration.build(), this.cacheManager);
    }

    @Test
    public void shouldRejectNotValidAuthorizationString() throws Exception {
        startRestWithAuthenticator(new BasicAuthenticator((SecurityDomain) Mockito.mock(SecurityDomain.class), "ApplicationRealm"));
        ResponseAssertion.assertThat(this.client.newRequest(String.format("http://localhost:%d/rest/%s/%s", Integer.valueOf(this.restServer.getPort()), "default", "test")).method(HttpMethod.GET).header(HttpHeader.AUTHORIZATION, "Invalid string").send()).isUnauthorized();
    }

    @Test
    public void shouldRejectNoAuthentication() throws Exception {
        startRestWithAuthenticator(new BasicAuthenticator((SecurityDomain) Mockito.mock(SecurityDomain.class), "ApplicationRealm"));
        ResponseAssertion.assertThat(this.client.newRequest(String.format("http://localhost:%d/rest/%s/%s", Integer.valueOf(this.restServer.getPort()), "default", "test")).method(HttpMethod.GET).send()).isUnauthorized();
    }
}
