package org.wildfly.security.auth.server;

import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.function.Supplier;
import java.util.function.UnaryOperator;
import org.junit.Assert;
import org.junit.Test;
import org.wildfly.security.auth.permission.LoginPermission;
import org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm;
import org.wildfly.security.auth.realm.SimpleRealmEntry;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.authz.MapAttributes;
import org.wildfly.security.authz.RoleMapper;
import org.wildfly.security.authz.Roles;

/* loaded from: input_file:org/wildfly/security/auth/server/AdHocIdentityTest.class */
public class AdHocIdentityTest {
    @Test
    public void testAdHocIdentityWithoutSecurityIdentityTransformer() {
        SecurityIdentity createAdHocIdentity = getSecurityDomain(null).createAdHocIdentity("alice");
        Assert.assertNotNull(createAdHocIdentity);
        Assert.assertEquals("alice", createAdHocIdentity.getPrincipal().getName());
        Assert.assertTrue(createAdHocIdentity.getRoles().isEmpty());
    }

    @Test
    public void testAdHocIdentityWithSecurityIdentityTransformer() {
        SecurityIdentity createAdHocIdentity = getSecurityDomain(securityIdentity -> {
            return securityIdentity.withDefaultRoleMapper(RoleMapper.constant(Roles.of("constantRole")));
        }).createAdHocIdentity("alice");
        Assert.assertNotNull(createAdHocIdentity);
        Assert.assertEquals("alice", createAdHocIdentity.getPrincipal().getName());
        Assert.assertTrue(createAdHocIdentity.getRoles().contains("constantRole"));
    }

    @Test
    public void testAdHocIdentityWithComplexSecurityIdentityTransformer() {
        SecurityDomain securityDomain = getSecurityDomain(getRealm(), null);
        SecurityDomain securityDomain2 = getSecurityDomain(securityIdentity -> {
            return outflow(securityIdentity, securityDomain);
        });
        SecurityIdentity createAdHocIdentity = securityDomain2.createAdHocIdentity("joe");
        Assert.assertNotNull(createAdHocIdentity);
        Assert.assertEquals("joe", createAdHocIdentity.getPrincipal().getName());
        Assert.assertEquals(securityDomain2, createAdHocIdentity.getSecurityDomain());
        Assert.assertEquals(securityDomain.getAnonymousSecurityIdentity(), securityDomain.getCurrentSecurityIdentity());
        SecurityIdentity securityIdentity2 = (SecurityIdentity) createAdHocIdentity.runAsSupplierEx(() -> {
            return securityDomain.getCurrentSecurityIdentity();
        });
        Assert.assertEquals("joe", securityIdentity2.getPrincipal().getName());
        Assert.assertTrue(securityIdentity2.getRoles().contains("User"));
    }

    @Test
    public void testAdHocIdentityWithComplexSecurityIdentityTransformerAndDefaultRoleMapper() {
        SecurityDomain securityDomain = getSecurityDomain(getRealm(), null);
        SecurityDomain securityDomain2 = getSecurityDomain(securityIdentity -> {
            return outflow(securityIdentity, securityDomain);
        });
        SecurityIdentity createAdHocIdentity = securityDomain2.createAdHocIdentity("joe");
        Assert.assertNotNull(createAdHocIdentity);
        Assert.assertEquals("joe", createAdHocIdentity.getPrincipal().getName());
        Assert.assertEquals(securityDomain2, createAdHocIdentity.getSecurityDomain());
        SecurityIdentity withDefaultRoleMapper = createAdHocIdentity.withDefaultRoleMapper(RoleMapper.constant(Roles.of("constantRole")));
        Assert.assertTrue(withDefaultRoleMapper.getRoles().contains("constantRole"));
        Assert.assertEquals(securityDomain.getAnonymousSecurityIdentity(), securityDomain.getCurrentSecurityIdentity());
        SecurityIdentity securityIdentity2 = (SecurityIdentity) withDefaultRoleMapper.runAsSupplierEx(() -> {
            return securityDomain.getCurrentSecurityIdentity();
        });
        Assert.assertEquals("joe", securityIdentity2.getPrincipal().getName());
        Assert.assertTrue(securityIdentity2.getRoles().contains("User"));
        Assert.assertFalse(securityIdentity2.getRoles().contains("constantRole"));
    }

    private static void addUser(Map<String, SimpleRealmEntry> map, String str, String str2) {
        MapAttributes mapAttributes = new MapAttributes();
        mapAttributes.addAll("Roles", Collections.singletonList(str2));
        map.put(str, new SimpleRealmEntry(Collections.emptyList(), mapAttributes));
    }

    private static SecurityDomain getSecurityDomain(UnaryOperator<SecurityIdentity> unaryOperator) {
        return getSecurityDomain(null, unaryOperator);
    }

    private static SecurityDomain getSecurityDomain(SecurityRealm securityRealm, UnaryOperator<SecurityIdentity> unaryOperator) {
        SecurityDomain.Builder builder = SecurityDomain.builder();
        if (securityRealm != null) {
            builder.addRealm("default", securityRealm).build();
            builder.setDefaultRealmName("default");
            builder.setTrustedSecurityDomainPredicate(securityDomain -> {
                return true;
            });
        }
        builder.setPermissionMapper((permissionMappable, roles) -> {
            return LoginPermission.getInstance();
        });
        if (unaryOperator != null) {
            builder.setSecurityIdentityTransformer(unaryOperator);
        }
        return builder.build();
    }

    private static SecurityRealm getRealm() {
        SimpleMapBackedSecurityRealm simpleMapBackedSecurityRealm = new SimpleMapBackedSecurityRealm();
        HashMap hashMap = new HashMap();
        addUser(hashMap, "joe", "User");
        addUser(hashMap, "bob", "User");
        simpleMapBackedSecurityRealm.setIdentityMap(hashMap);
        return simpleMapBackedSecurityRealm;
    }

    private SecurityIdentity outflow(SecurityIdentity securityIdentity, SecurityDomain securityDomain) {
        return securityIdentity.withSecurityIdentitySupplier(performOutflow(securityIdentity, securityDomain));
    }

    private static Supplier<SecurityIdentity[]> performOutflow(SecurityIdentity securityIdentity, SecurityDomain securityDomain) {
        return () -> {
            ServerAuthenticationContext createNewAuthenticationContext = securityDomain.createNewAuthenticationContext();
            try {
                Assert.assertTrue(createNewAuthenticationContext.importIdentity(securityIdentity));
            } catch (RealmUnavailableException e) {
                Assert.fail("Unable to import identity");
            }
            return new SecurityIdentity[]{createNewAuthenticationContext.getAuthorizedIdentity()};
        };
    }
}
