package org.kie.server.services.jbpm.security;

import java.util.Arrays;
import org.assertj.core.api.Assertions;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;
import org.powermock.api.mockito.PowerMockito;
import org.powermock.reflect.Whitebox;
import org.wildfly.security.auth.server.RealmUnavailableException;
import org.wildfly.security.auth.server.SecurityIdentity;
import org.wildfly.security.authz.AuthorizationFailureException;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:org/kie/server/services/jbpm/security/ElytronUserGroupAdapterTest.class */
public class ElytronUserGroupAdapterTest {
    private static final String USER_ID = "user";
    private static final String WRONG_USER_ID = "anotherUser";
    private static final String ROLE_1 = "role1";
    private static final String ROLE_2 = "role2";
    private static final String ROLE_3 = "role3";

    @Mock
    private ElytronUserGroupAdapter adapter;

    @Test
    public void testNoSecurityContext() {
        setAuthorizationFailureExceptionClass();
        PowerMockito.when(Boolean.valueOf(this.adapter.isActive())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getGroupsForUser(Mockito.anyString())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getUserName()).thenReturn((Object) null);
        Assertions.assertThat(this.adapter.getGroupsForUser(USER_ID)).isNotNull().isEmpty();
    }

    @Test
    public void testSecurityContextNoIdentity() {
        setAuthorizationFailureExceptionClass();
        PowerMockito.when(Boolean.valueOf(this.adapter.isActive())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getGroupsForUser(Mockito.anyString())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getUserName()).thenReturn(USER_ID);
        Assertions.assertThat(this.adapter.getGroupsForUser(USER_ID)).isNotNull().isEmpty();
    }

    @Test
    public void testSecurityForWrongUser() throws RealmUnavailableException {
        setAuthorizationFailureExceptionClass();
        PowerMockito.when(Boolean.valueOf(this.adapter.isActive())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getGroupsForUser(Mockito.anyString())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getUserName()).thenReturn(USER_ID);
        PowerMockito.when(Boolean.valueOf(this.adapter.runAsPrincipalExists(WRONG_USER_ID))).thenReturn(true);
        PowerMockito.when(this.adapter.toRunAsPrincipalRoles(WRONG_USER_ID, true)).thenReturn(Arrays.asList(ROLE_1, ROLE_2));
        Assertions.assertThat(this.adapter.getGroupsForUser(WRONG_USER_ID)).isNotNull().hasSize(2).contains(new String[]{ROLE_1, ROLE_2});
    }

    @Test
    public void testSecurityForLoggedUser() {
        setAuthorizationFailureExceptionClass();
        PowerMockito.when(Boolean.valueOf(this.adapter.isActive())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getGroupsForUser(Mockito.anyString())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getUserName()).thenReturn(USER_ID);
        PowerMockito.when(this.adapter.toPrincipalRoles(Mockito.anyString())).thenReturn(Arrays.asList(ROLE_1, ROLE_2, ROLE_3));
        Assertions.assertThat(this.adapter.getGroupsForUser(USER_ID)).isNotNull().hasSize(3).contains(new String[]{ROLE_1, ROLE_2, ROLE_3});
    }

    @Test
    public void testSecurityOnRealmUnavailable() throws RealmUnavailableException {
        setAuthorizationFailureExceptionClass();
        PowerMockito.when(Boolean.valueOf(this.adapter.isActive())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getGroupsForUser(Mockito.anyString())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getUserName()).thenReturn(WRONG_USER_ID);
        PowerMockito.when(Boolean.valueOf(this.adapter.runAsPrincipalExists(USER_ID))).thenThrow(new Throwable[]{new RealmUnavailableException()});
        Mockito.lenient().when(this.adapter.toPrincipalRoles(Mockito.anyString())).thenReturn(Arrays.asList(ROLE_1, ROLE_2, ROLE_3));
        Mockito.lenient().when(this.adapter.toRunAsPrincipalRoles(Mockito.anyString(), Mockito.eq(false))).thenReturn(Arrays.asList(ROLE_1, ROLE_2, ROLE_3));
        Assertions.assertThat(this.adapter.getGroupsForUser(USER_ID)).isNotNull().isEmpty();
    }

    @Test
    public void testSecurityOnAuthorizationFailure() throws AuthorizationFailureException, RealmUnavailableException {
        setAuthorizationFailureExceptionClass();
        PowerMockito.when(Boolean.valueOf(this.adapter.isActive())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getGroupsForUser(Mockito.anyString())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getUserName()).thenReturn(WRONG_USER_ID);
        PowerMockito.when(Boolean.valueOf(this.adapter.runAsPrincipalExists(USER_ID))).thenThrow(AuthorizationFailureException.class);
        PowerMockito.when(this.adapter.toRunAsPrincipalRoles(Mockito.anyString(), Mockito.eq(false))).thenReturn(Arrays.asList(ROLE_1, ROLE_2, ROLE_3));
        Assertions.assertThat(this.adapter.getGroupsForUser(USER_ID)).isNotNull().hasSize(3).contains(new String[]{ROLE_1, ROLE_2, ROLE_3});
    }

    @Test
    public void testSecurityElytronDisabled() throws RealmUnavailableException {
        PowerMockito.when(Boolean.valueOf(this.adapter.isActive())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getGroupsForUser(Mockito.anyString())).thenCallRealMethod();
        PowerMockito.when(this.adapter.getUserName()).thenReturn(USER_ID);
        Assertions.assertThat(this.adapter.getGroupsForUser(USER_ID)).isNotNull().isEmpty();
    }

    @Test
    public void testToRolesWithEmptySecurityIdentity() {
        Assertions.assertThat(this.adapter.toRoles((SecurityIdentity) null)).isNotNull().isEmpty();
    }

    private void setAuthorizationFailureExceptionClass() {
        Whitebox.setInternalState(this.adapter, Class.class, AuthorizationFailureException.class);
    }
}
