package org.uberfire.security.server;

import javax.servlet.FilterChain;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.Assert;
import org.junit.Test;
import org.mockito.Mockito;
import org.uberfire.security.impl.IdentityImpl;
import org.uberfire.security.server.auth.FormAuthenticationScheme;
import org.uberfire.security.server.cdi.SecurityFactory;
import org.uberfire.security.server.mock.MockAuthenticationManager;
import org.uberfire.security.server.mock.MockAuthenticationProvider;
import org.uberfire.security.server.mock.MockAuthenticationScheme;

/* loaded from: input_file:org/uberfire/security/server/FormBasedLoginTest.class */
public class FormBasedLoginTest extends BaseSecurityFilterTest {
    @Test
    public void test401WhenNotAuthenticated() throws Exception {
        this.filterConfig.initParams.put("org.uberfire.auth.scheme", MockAuthenticationScheme.class.getName());
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getServletPath()).thenReturn("/in.erraiBus");
        Mockito.when(httpServletRequest.getRequestURI()).thenReturn("/test-context/in.erraiBus");
        Mockito.when(httpServletRequest.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        UberFireSecurityFilter uberFireSecurityFilter = new UberFireSecurityFilter();
        uberFireSecurityFilter.init(this.filterConfig);
        uberFireSecurityFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletResponse) Mockito.verify(httpServletResponse)).sendError(Mockito.eq(401), Mockito.anyString());
        ((FilterChain) Mockito.verify(filterChain, Mockito.never())).doFilter((ServletRequest) Mockito.any(HttpServletRequest.class), (ServletResponse) Mockito.any(HttpServletResponse.class));
    }

    @Test
    public void shouldPassAuthenticatedRequestsThrough() throws Exception {
        this.filterConfig.initParams.put("org.uberfire.auth.manager", MockAuthenticationManager.class.getName());
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getServletPath()).thenReturn("/in.erraiBus");
        Mockito.when(httpServletRequest.getRequestURI()).thenReturn("/test-context/in.erraiBus");
        Mockito.when(httpServletRequest.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        UberFireSecurityFilter uberFireSecurityFilter = new UberFireSecurityFilter();
        uberFireSecurityFilter.init(this.filterConfig);
        uberFireSecurityFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendError(Mockito.anyInt(), Mockito.anyString());
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendError(Mockito.anyInt());
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendRedirect(Mockito.anyString());
        Assert.assertFalse(httpServletResponse.isCommitted());
        ((FilterChain) Mockito.verify(filterChain)).doFilter((ServletRequest) Mockito.any(HttpServletRequest.class), (ServletResponse) Mockito.any(HttpServletResponse.class));
    }

    @Test
    public void successfulFormBasedLoginShouldRedirectToForceUrl() throws Exception {
        this.filterConfig.initParams.put("org.uberfire.auth.scheme", MockAuthenticationScheme.class.getName());
        this.filterConfig.initParams.put("org.uberfire.auth.provider", MockAuthenticationProvider.class.getName());
        this.filterConfig.initParams.put("org.uberfire.auth.force.url", "/MyGwtModule/MyGwtHostPage.html");
        RequestDispatcher requestDispatcher = (RequestDispatcher) Mockito.mock(RequestDispatcher.class);
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getContextPath()).thenReturn("/test-context");
        Mockito.when(httpServletRequest.getServletPath()).thenReturn("/uf_security_check");
        Mockito.when(httpServletRequest.getRequestURI()).thenReturn("/test-context/uf_security_check");
        Mockito.when(httpServletRequest.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getRequestDispatcher(Mockito.anyString())).thenReturn(requestDispatcher);
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        UberFireSecurityFilter uberFireSecurityFilter = new UberFireSecurityFilter();
        uberFireSecurityFilter.init(this.filterConfig);
        uberFireSecurityFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendError(Mockito.anyInt(), Mockito.anyString());
        ((HttpServletResponse) Mockito.verify(httpServletResponse)).sendRedirect("/test-context/MyGwtModule/MyGwtHostPage.html");
        ((FilterChain) Mockito.verify(filterChain, Mockito.never())).doFilter((ServletRequest) Mockito.any(HttpServletRequest.class), (ServletResponse) Mockito.any(HttpServletResponse.class));
    }

    @Test
    public void successfulLoginShouldRedirectToInitiallyDeniedUrl() throws Exception {
        this.filterConfig.initParams.put("org.uberfire.auth.provider", MockAuthenticationProvider.class.getName());
        RequestDispatcher requestDispatcher = (RequestDispatcher) Mockito.mock(RequestDispatcher.class);
        UberFireSecurityFilter uberFireSecurityFilter = new UberFireSecurityFilter();
        uberFireSecurityFilter.init(this.filterConfig);
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getContextPath()).thenReturn("/test-context");
        Mockito.when(httpServletRequest.getServletPath()).thenReturn("");
        Mockito.when(httpServletRequest.getRequestURI()).thenReturn("/test-context/MyGwtModule/MyGwtHostPage.html");
        Mockito.when(httpServletRequest.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getRequestDispatcher(Mockito.anyString())).thenReturn(requestDispatcher);
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        uberFireSecurityFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletResponse) Mockito.verify(httpServletResponse)).sendError(Mockito.eq(401), Mockito.anyString());
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendRedirect(Mockito.anyString());
        ((FilterChain) Mockito.verify(filterChain, Mockito.never())).doFilter((ServletRequest) Mockito.any(HttpServletRequest.class), (ServletResponse) Mockito.any(HttpServletResponse.class));
        HttpServletRequest httpServletRequest2 = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest2.getContextPath()).thenReturn("/test-context");
        Mockito.when(httpServletRequest2.getServletPath()).thenReturn("");
        Mockito.when(httpServletRequest2.getRequestURI()).thenReturn("/test-context/login.jsp");
        Mockito.when(httpServletRequest2.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest2.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest2.getRequestDispatcher(Mockito.anyString())).thenReturn(requestDispatcher);
        uberFireSecurityFilter.doFilter(httpServletRequest2, (HttpServletResponse) Mockito.mock(HttpServletResponse.class), (FilterChain) Mockito.mock(FilterChain.class));
        HttpServletRequest httpServletRequest3 = (HttpServletRequest) Mockito.mock(HttpServletRequest.class, Mockito.withSettings().verboseLogging());
        Mockito.when(httpServletRequest3.getContextPath()).thenReturn("/test-context");
        Mockito.when(httpServletRequest3.getServletPath()).thenReturn("/uf_security_check");
        Mockito.when(httpServletRequest3.getRequestURI()).thenReturn("/test-context/uf_security_check");
        Mockito.when(httpServletRequest3.getParameter("uf_username")).thenReturn("i-am-a-user");
        Mockito.when(httpServletRequest3.getParameter("uf_password")).thenReturn("let-me-in");
        Mockito.when(httpServletRequest3.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest3.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest3.getRequestDispatcher(Mockito.anyString())).thenReturn(requestDispatcher);
        HttpServletResponse httpServletResponse2 = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        FilterChain filterChain2 = (FilterChain) Mockito.mock(FilterChain.class);
        uberFireSecurityFilter.doFilter(httpServletRequest3, httpServletResponse2, filterChain2);
        ((HttpServletResponse) Mockito.verify(httpServletResponse2, Mockito.never())).sendError(Mockito.anyInt(), Mockito.anyString());
        ((HttpServletResponse) Mockito.verify(httpServletResponse2)).sendRedirect("/test-context/MyGwtModule/MyGwtHostPage.html");
        ((FilterChain) Mockito.verify(filterChain2, Mockito.never())).doFilter((ServletRequest) Mockito.any(HttpServletRequest.class), (ServletResponse) Mockito.any(HttpServletResponse.class));
    }

    @Test
    public void newLoginAttemptShouldTakePrecedenceOverExistingSessionData() throws Exception {
        this.filterConfig.initParams.put("org.uberfire.auth.scheme", FormAuthenticationScheme.class.getName());
        this.filterConfig.initParams.put("org.uberfire.auth.provider", MockAuthenticationProvider.class.getName());
        this.filterConfig.initParams.put("org.uberfire.auth.force.url", "/MyGwtModule/MyGwtHostPage.html");
        RequestDispatcher requestDispatcher = (RequestDispatcher) Mockito.mock(RequestDispatcher.class);
        this.mockHttpSession.setAttribute("org.uf.subject", new IdentityImpl("previously_logged_in"));
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getContextPath()).thenReturn("/test-context");
        Mockito.when(httpServletRequest.getServletPath()).thenReturn("/uf_security_check");
        Mockito.when(httpServletRequest.getRequestURI()).thenReturn("/test-context/uf_security_check");
        Mockito.when(httpServletRequest.getParameter("uf_username")).thenReturn("logged_in_via_form");
        Mockito.when(httpServletRequest.getParameter("uf_password")).thenReturn("logged_in_via_form");
        Mockito.when(httpServletRequest.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getRequestDispatcher(Mockito.anyString())).thenReturn(requestDispatcher);
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        UberFireSecurityFilter uberFireSecurityFilter = new UberFireSecurityFilter();
        uberFireSecurityFilter.init(this.filterConfig);
        uberFireSecurityFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
        Assert.assertEquals("logged_in_via_form", SecurityFactory.getIdentity().getName());
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendError(Mockito.anyInt(), Mockito.anyString());
        ((HttpServletResponse) Mockito.verify(httpServletResponse)).sendRedirect("/test-context/MyGwtModule/MyGwtHostPage.html");
        ((FilterChain) Mockito.verify(filterChain, Mockito.never())).doFilter((ServletRequest) Mockito.any(HttpServletRequest.class), (ServletResponse) Mockito.any(HttpServletResponse.class));
    }

    @Test
    public void loginRequestToForceUrlShouldNotRedirectBackToItself() throws Exception {
        this.filterConfig.initParams.put("org.uberfire.auth.scheme", MockAuthenticationScheme.class.getName());
        this.filterConfig.initParams.put("org.uberfire.auth.provider", MockAuthenticationProvider.class.getName());
        this.filterConfig.initParams.put("org.uberfire.auth.force.url", "/force-uri.html");
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getServletPath()).thenReturn("");
        Mockito.when(httpServletRequest.getContextPath()).thenReturn("/test-context");
        Mockito.when(httpServletRequest.getRequestURI()).thenReturn("/test-context/force-uri.html");
        Mockito.when(httpServletRequest.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class, Mockito.withSettings().verboseLogging());
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        UberFireSecurityFilter uberFireSecurityFilter = new UberFireSecurityFilter();
        uberFireSecurityFilter.init(this.filterConfig);
        uberFireSecurityFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendError(Mockito.anyInt(), Mockito.anyString());
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendRedirect("/test-context/force-uri.html");
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendRedirect(Mockito.anyString());
        ((FilterChain) Mockito.verify(filterChain)).doFilter((ServletRequest) Mockito.any(HttpServletRequest.class), (ServletResponse) Mockito.any(HttpServletResponse.class));
    }

    @Test
    public void authenticatedRequestToForceUrlShouldNotRedirectBackToItself() throws Exception {
        this.mockHttpSession.setAttribute("org.uf.subject", new IdentityImpl("previously_logged_in"));
        this.filterConfig.initParams.put("org.uberfire.auth.force.url", "/force-uri.html");
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getServletPath()).thenReturn("");
        Mockito.when(httpServletRequest.getRequestURI()).thenReturn("/test-context/force-uri.html");
        Mockito.when(httpServletRequest.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        UberFireSecurityFilter uberFireSecurityFilter = new UberFireSecurityFilter();
        uberFireSecurityFilter.init(this.filterConfig);
        uberFireSecurityFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendError(Mockito.anyInt(), Mockito.anyString());
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendRedirect("/test-context/force-uri.html");
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendRedirect(Mockito.anyString());
        ((FilterChain) Mockito.verify(filterChain)).doFilter((ServletRequest) Mockito.any(HttpServletRequest.class), (ServletResponse) Mockito.any(HttpServletResponse.class));
    }

    @Test
    public void authenticatedRequestToAnyUrlShouldNotRedirectToForceUrl() throws Exception {
        this.mockHttpSession.setAttribute("org.uf.subject", new IdentityImpl("previously_logged_in"));
        this.filterConfig.initParams.put("org.uberfire.auth.force.url", "/force-uri.html");
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getServletPath()).thenReturn("");
        Mockito.when(httpServletRequest.getRequestURI()).thenReturn("/test-context/foo.css");
        Mockito.when(httpServletRequest.getSession()).thenReturn(this.mockHttpSession);
        Mockito.when(httpServletRequest.getSession(Mockito.anyBoolean())).thenReturn(this.mockHttpSession);
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        UberFireSecurityFilter uberFireSecurityFilter = new UberFireSecurityFilter();
        uberFireSecurityFilter.init(this.filterConfig);
        uberFireSecurityFilter.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendError(Mockito.anyInt(), Mockito.anyString());
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendRedirect("/test-context/force-uri.html");
        ((HttpServletResponse) Mockito.verify(httpServletResponse, Mockito.never())).sendRedirect(Mockito.anyString());
        ((FilterChain) Mockito.verify(filterChain)).doFilter((ServletRequest) Mockito.any(HttpServletRequest.class), (ServletResponse) Mockito.any(HttpServletResponse.class));
    }
}
