package org.keycloak.model.test;

import java.util.Arrays;
import java.util.UUID;
import javax.ws.rs.core.MultivaluedMap;
import org.jboss.resteasy.specimpl.MultivaluedMapImpl;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.keycloak.models.AuthenticationProviderModel;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserCredentialModel;
import org.keycloak.models.UserModel;
import org.keycloak.models.utils.TimeBasedOTP;
import org.keycloak.services.ClientConnection;
import org.keycloak.services.managers.AuthenticationManager;
import org.keycloak.services.managers.BruteForceProtector;

/* loaded from: input_file:org/keycloak/model/test/AuthenticationManagerTest.class */
public class AuthenticationManagerTest extends AbstractModelTest {
    private AuthenticationManager am;
    private MultivaluedMap<String, String> formData;
    private TimeBasedOTP otp;
    private RealmModel realm;
    private UserModel user;
    private BruteForceProtector protector;
    private ClientConnection dummyConnection = new ClientConnection() { // from class: org.keycloak.model.test.AuthenticationManagerTest.1
        public String getRemoteAddr() {
            return "127.0.0.1";
        }

        public String getRemoteHost() {
            return "localhost";
        }

        public int getReportPort() {
            return 8080;
        }
    };

    @Test
    public void authForm() {
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.SUCCESS, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Test
    public void authFormInvalidPassword() {
        this.formData.remove("password");
        this.formData.add("password", "invalid");
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.INVALID_CREDENTIALS, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Test
    public void authFormMissingUsername() {
        this.formData.remove("username");
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.INVALID_USER, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Test
    public void authFormMissingPassword() {
        this.formData.remove("password");
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.MISSING_PASSWORD, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Test
    public void authFormRequiredAction() {
        this.realm.addRequiredCredential("totp");
        this.user.addRequiredAction(UserModel.RequiredAction.CONFIGURE_TOTP);
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.ACTIONS_REQUIRED, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Test
    public void authFormUserDisabled() {
        this.user.setEnabled(false);
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.ACCOUNT_DISABLED, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Test
    public void authFormWithTotp() {
        this.realm.addRequiredCredential("totp");
        String uuid = UUID.randomUUID().toString();
        UserCredentialModel userCredentialModel = new UserCredentialModel();
        userCredentialModel.setType("totp");
        userCredentialModel.setValue(uuid);
        this.realm.updateCredential(this.user, userCredentialModel);
        this.user.setTotp(true);
        this.formData.add("totp", this.otp.generate(uuid));
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.SUCCESS, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Test
    public void authFormWithTotpInvalidPassword() {
        authFormWithTotp();
        this.formData.remove("password");
        this.formData.add("password", "invalid");
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.INVALID_CREDENTIALS, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Test
    public void authFormWithTotpInvalidTotp() {
        authFormWithTotp();
        this.formData.remove("totp");
        this.formData.add("totp", "invalid");
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.INVALID_CREDENTIALS, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Test
    public void authFormWithTotpMissingTotp() {
        authFormWithTotp();
        this.formData.remove("totp");
        Assert.assertEquals(AuthenticationManager.AuthenticationStatus.MISSING_TOTP, this.am.authenticateForm(this.dummyConnection, this.realm, this.formData));
    }

    @Override // org.keycloak.model.test.AbstractModelTest
    @Before
    public void before() throws Exception {
        super.before();
        this.realm = this.realmManager.createRealm("Test");
        this.realm.setAccessCodeLifespan(100);
        this.realm.setEnabled(true);
        this.realm.setName("Test");
        this.realm.setPrivateKeyPem("0234234");
        this.realm.setPublicKeyPem("0234234");
        this.realm.setAccessTokenLifespan(1000);
        this.realm.addRequiredCredential("password");
        this.realm.setAuthenticationProviders(Arrays.asList(AuthenticationProviderModel.DEFAULT_PROVIDER));
        this.protector = new BruteForceProtector(factory);
        this.protector.start();
        this.am = new AuthenticationManager(this.providerSession, this.protector);
        this.user = this.realm.addUser("test");
        this.user.setEnabled(true);
        UserCredentialModel userCredentialModel = new UserCredentialModel();
        userCredentialModel.setType("password");
        userCredentialModel.setValue("password");
        this.realm.updateCredential(this.user, userCredentialModel);
        this.formData = new MultivaluedMapImpl();
        this.formData.add("username", "test");
        this.formData.add("password", "password");
        this.otp = new TimeBasedOTP();
    }

    @Override // org.keycloak.model.test.AbstractModelTest
    @After
    public void after() throws Exception {
        this.protector.shutdown();
        super.after();
    }
}
