package org.uberfire.ext.security.server;

import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.codec.binary.Base64;
import org.jboss.errai.security.shared.api.identity.UserImpl;
import org.jboss.errai.security.shared.service.AuthenticationService;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:org/uberfire/ext/security/server/BasicAuthSecurityFilterTest.class */
public class BasicAuthSecurityFilterTest {

    @Mock
    private HttpServletRequest request;

    @Mock
    private HttpServletResponse response;

    @Mock
    private FilterChain chain;

    @Mock
    private AuthenticationService authenticationService;

    @Mock
    private HttpSession httpSession;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/uberfire/ext/security/server/BasicAuthSecurityFilterTest$SessionProvider.class */
    public class SessionProvider {
        private int counter;
        private HttpSession httpSession;

        public SessionProvider(HttpSession httpSession) {
            this.counter = 0;
            this.httpSession = httpSession;
        }

        public SessionProvider(HttpSession httpSession, int i) {
            this.counter = 0;
            this.httpSession = httpSession;
            this.counter = i;
        }

        public HttpSession provideSession() {
            if (this.counter == 0) {
                return this.httpSession;
            }
            this.counter--;
            return null;
        }
    }

    @Test
    public void testIndependentSessionInvalidated() throws Exception {
        SessionProvider sessionProvider = new SessionProvider(this.httpSession, 1);
        Mockito.when(this.authenticationService.getUser()).thenReturn(new UserImpl("testUser"));
        Mockito.when(this.request.getSession(Mockito.anyBoolean())).then(invocationOnMock -> {
            return sessionProvider.provideSession();
        });
        BasicAuthSecurityFilter basicAuthSecurityFilter = new BasicAuthSecurityFilter();
        basicAuthSecurityFilter.authenticationService = this.authenticationService;
        basicAuthSecurityFilter.doFilter(this.request, this.response, this.chain);
        ((HttpSession) Mockito.verify(this.httpSession, Mockito.times(1))).invalidate();
    }

    @Test
    public void testExistingSessionNotInvalidated() throws Exception {
        SessionProvider sessionProvider = new SessionProvider(this.httpSession);
        Mockito.when(this.authenticationService.getUser()).thenReturn(new UserImpl("testUser"));
        Mockito.when(this.request.getSession(Mockito.anyBoolean())).then(invocationOnMock -> {
            return sessionProvider.provideSession();
        });
        BasicAuthSecurityFilter basicAuthSecurityFilter = new BasicAuthSecurityFilter();
        basicAuthSecurityFilter.authenticationService = this.authenticationService;
        basicAuthSecurityFilter.doFilter(this.request, this.response, this.chain);
        ((HttpSession) Mockito.verify(this.httpSession, Mockito.never())).invalidate();
    }

    @Test
    public void testNotInvalidateSession() throws Exception {
        SessionProvider sessionProvider = new SessionProvider(this.httpSession, 1);
        Mockito.when(this.authenticationService.getUser()).thenReturn(new UserImpl("testUser"));
        Mockito.when(this.request.getSession(Mockito.anyBoolean())).then(invocationOnMock -> {
            return sessionProvider.provideSession();
        });
        BasicAuthSecurityFilter basicAuthSecurityFilter = new BasicAuthSecurityFilter();
        FilterConfig filterConfig = (FilterConfig) Mockito.mock(FilterConfig.class);
        Mockito.when(filterConfig.getInitParameter("invalidate")).thenReturn("false");
        basicAuthSecurityFilter.init(filterConfig);
        basicAuthSecurityFilter.authenticationService = this.authenticationService;
        basicAuthSecurityFilter.doFilter(this.request, this.response, this.chain);
        ((HttpSession) Mockito.verify(this.httpSession, Mockito.never())).invalidate();
    }

    @Test
    public void testEmptyPassword() throws Exception {
        Mockito.when(this.request.getHeader("Authorization")).thenReturn("Basic " + Base64.encodeBase64String(("fakeUser:").getBytes()));
        BasicAuthSecurityFilter basicAuthSecurityFilter = new BasicAuthSecurityFilter();
        basicAuthSecurityFilter.authenticationService = this.authenticationService;
        basicAuthSecurityFilter.doFilter(this.request, this.response, this.chain);
        ((AuthenticationService) Mockito.verify(this.authenticationService, Mockito.times(1))).login("fakeUser", "");
    }
}
