package org.picketbox.test.authentication;

import java.security.GeneralSecurityException;
import java.util.Calendar;
import java.util.Date;
import java.util.TimeZone;
import java.util.UUID;
import junit.framework.Assert;
import org.junit.Test;
import org.picketbox.core.PicketBoxManager;
import org.picketbox.core.UserContext;
import org.picketbox.core.authentication.credential.OTPCredential;
import org.picketbox.core.config.ConfigurationBuilder;
import org.picketbox.core.util.TimeBasedOTP;
import org.picketbox.core.util.TimeBasedOTPUtil;
import org.picketbox.test.AbstractDefaultPicketBoxManagerTestCase;
import org.picketlink.idm.IdentityManager;
import org.picketlink.idm.model.Attribute;
import org.picketlink.idm.model.User;

/* loaded from: input_file:org/picketbox/test/authentication/OTPAuthenticationTestCase.class */
public class OTPAuthenticationTestCase extends AbstractDefaultPicketBoxManagerTestCase {
    @Test
    public void testSuccessfulAuthentication() throws Exception {
        PicketBoxManager createManager = createManager(new ConfigurationBuilder[0]);
        IdentityManager identityManager = createManager.getIdentityManager();
        UserContext userContext = new UserContext();
        String generateOTP = generateOTP(identityManager);
        userContext.setCredential(new OTPCredential("admin", "admin", generateOTP));
        UserContext authenticate = createManager.authenticate(userContext);
        Assert.assertNotNull(authenticate);
        Assert.assertTrue(authenticate.isAuthenticated());
        assertRoles(authenticate);
        assertGroups(authenticate);
        createManager.logout(authenticate);
        final Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
        calendar.setTime(new Date());
        calendar.add(13, 25);
        TimeBasedOTPUtil.setTimeTracker(new TimeBasedOTPUtil.TimeTracker() { // from class: org.picketbox.test.authentication.OTPAuthenticationTestCase.1
            public Calendar getCalendar() {
                return calendar;
            }
        });
        userContext.setCredential(new OTPCredential("admin", "admin", generateOTP));
        UserContext authenticate2 = createManager.authenticate(userContext);
        Assert.assertNotNull(authenticate2);
        Assert.assertTrue(authenticate2.isAuthenticated());
        assertRoles(authenticate2);
        assertGroups(authenticate2);
        TimeBasedOTPUtil.setTimeTracker((TimeBasedOTPUtil.TimeTracker) null);
    }

    @Test
    public void testInvalidOTPAuthentication() throws Exception {
        PicketBoxManager createManager = createManager(new ConfigurationBuilder[0]);
        IdentityManager identityManager = createManager.getIdentityManager();
        UserContext userContext = new UserContext();
        String generateOTP = generateOTP(identityManager);
        userContext.setCredential(new OTPCredential("admin", "admin", generateOTP));
        UserContext authenticate = createManager.authenticate(userContext);
        Assert.assertNotNull(authenticate);
        org.junit.Assert.assertTrue(authenticate.isAuthenticated());
        createManager.logout(authenticate);
        userContext.setCredential(new OTPCredential("admin", "admin", generateOTP));
        TimeZone timeZone = TimeZone.getTimeZone("UTC");
        Date date = new Date();
        final Calendar calendar = Calendar.getInstance(timeZone);
        calendar.setTime(date);
        calendar.add(10, 1);
        TimeBasedOTPUtil.setTimeTracker(new TimeBasedOTPUtil.TimeTracker() { // from class: org.picketbox.test.authentication.OTPAuthenticationTestCase.2
            public Calendar getCalendar() {
                return calendar;
            }
        });
        UserContext authenticate2 = createManager.authenticate(userContext);
        Assert.assertNotNull(authenticate2);
        org.junit.Assert.assertFalse(authenticate2.isAuthenticated());
        TimeBasedOTPUtil.setTimeTracker((TimeBasedOTPUtil.TimeTracker) null);
    }

    @Test
    public void testNullToken() throws Exception {
        PicketBoxManager createManager = createManager(new ConfigurationBuilder[0]);
        IdentityManager identityManager = createManager.getIdentityManager();
        UserContext userContext = new UserContext();
        generateOTP(identityManager);
        userContext.setCredential(new OTPCredential("admin", "admin", (String) null));
        UserContext authenticate = createManager.authenticate(userContext);
        Assert.assertNotNull(authenticate);
        org.junit.Assert.assertFalse(authenticate.isAuthenticated());
    }

    @Test
    public void testUserAuthenticationWithoutSeed() throws Exception {
        PicketBoxManager createManager = createManager(new ConfigurationBuilder[0]);
        UserContext userContext = new UserContext();
        userContext.setCredential(new OTPCredential("admin", "admin", (String) null));
        UserContext authenticate = createManager.authenticate(userContext);
        Assert.assertNotNull(authenticate);
        org.junit.Assert.assertFalse(authenticate.isAuthenticated());
        org.junit.Assert.assertFalse(authenticate.getAuthenticationResult().getMessages().isEmpty());
    }

    private String generateOTP(IdentityManager identityManager) throws GeneralSecurityException {
        User user = identityManager.getUser("admin");
        Attribute attribute = user.getAttribute("serial");
        if (attribute == null) {
            attribute = new Attribute("serial", toHexString(UUID.randomUUID().toString().replace('-', 'c').substring(0, 10).getBytes()));
            user.setAttribute(attribute);
            identityManager.update(user);
        }
        return TimeBasedOTP.generateTOTP((String) attribute.getValue(), 6);
    }

    private String toHexString(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            sb.append(String.format("%x", Byte.valueOf(b)));
        }
        return sb.toString();
    }
}
