package org.picketbox.http.test.authentication;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import junit.framework.Assert;
import org.junit.Before;
import org.junit.Test;
import org.picketbox.core.UserContext;
import org.picketbox.core.authentication.AuthenticationStatus;
import org.picketbox.core.util.Base64;
import org.picketbox.http.HTTPUserContext;
import org.picketbox.http.authentication.credential.HTTPDigestCredential;
import org.picketbox.http.config.HTTPConfigurationBuilder;
import org.picketbox.http.test.TestServletRequest;
import org.picketbox.http.test.TestServletResponse;
import org.picketbox.http.util.HTTPDigestUtil;
import org.picketlink.idm.credential.internal.Digest;

/* loaded from: input_file:org/picketbox/http/test/authentication/HTTPDigestAuthenticationTestCase.class */
public class HTTPDigestAuthenticationTestCase extends AbstractAuthenticationTest {
    @Before
    public void setup() throws Exception {
        super.initialize();
    }

    @Override // org.picketbox.http.test.authentication.AbstractAuthenticationTest
    protected void doConfigureManager(HTTPConfigurationBuilder hTTPConfigurationBuilder) {
        hTTPConfigurationBuilder.authentication().digest().realm("testrealm@host.com");
        hTTPConfigurationBuilder.authentication().digest().opaque("5ccc069c403ebaf9f0171e9517f40e41");
    }

    @Test
    public void testHttpDigest() throws Exception {
        TestServletRequest testServletRequest = new TestServletRequest(new InputStream() { // from class: org.picketbox.http.test.authentication.HTTPDigestAuthenticationTestCase.1
            @Override // java.io.InputStream
            public int read() throws IOException {
                return 0;
            }
        });
        TestServletResponse testServletResponse = new TestServletResponse(new OutputStream() { // from class: org.picketbox.http.test.authentication.HTTPDigestAuthenticationTestCase.2
            @Override // java.io.OutputStream
            public void write(int i) throws IOException {
                System.out.println(i);
            }
        });
        testServletRequest.setMethod("GET");
        testServletRequest.setContextPath("/test");
        testServletRequest.setRequestURI(testServletRequest.getContextPath() + "/index.html");
        UserContext authenticate = this.picketBoxManager.authenticate(new HTTPUserContext(testServletRequest, testServletResponse, new HTTPDigestCredential(testServletRequest, testServletResponse)));
        Assert.assertNotNull(authenticate);
        org.junit.Assert.assertFalse(authenticate.isAuthenticated());
        org.junit.Assert.assertNotNull(authenticate.getAuthenticationResult().getStatus());
        org.junit.Assert.assertEquals(authenticate.getAuthenticationResult().getStatus(), AuthenticationStatus.CONTINUE);
        testServletRequest.addHeader("Authorization", "Digest " + getPositive(HTTPDigestUtil.digest(HTTPDigestUtil.quoteTokenize(testServletResponse.getHeader("WWW-Authenticate").substring(7)))));
        UserContext authenticate2 = this.picketBoxManager.authenticate(new HTTPUserContext(testServletRequest, testServletResponse, new HTTPDigestCredential(testServletRequest, testServletResponse)));
        Assert.assertNotNull(authenticate2);
        org.junit.Assert.assertTrue(authenticate2.isAuthenticated());
        org.junit.Assert.assertNotNull(authenticate2.getAuthenticationResult().getStatus());
        org.junit.Assert.assertEquals(authenticate2.getAuthenticationResult().getStatus(), AuthenticationStatus.SUCCESS);
        testServletRequest.clearHeaders();
        testServletRequest.getSession().setAttribute("SUBJECT", (Object) null);
        testServletRequest.addHeader("Authorization", "Digest " + getNegative());
        UserContext authenticate3 = this.picketBoxManager.authenticate(new HTTPUserContext(testServletRequest, testServletResponse, new HTTPDigestCredential(testServletRequest, testServletResponse)));
        Assert.assertNotNull(authenticate3);
        org.junit.Assert.assertFalse(authenticate3.isAuthenticated());
        org.junit.Assert.assertNotNull(authenticate3.getAuthenticationResult().getStatus());
        org.junit.Assert.assertEquals(authenticate3.getAuthenticationResult().getStatus(), AuthenticationStatus.INVALID_CREDENTIALS);
        org.junit.Assert.assertTrue(testServletResponse.getHeader("WWW-Authenticate").startsWith("Digest realm="));
    }

    private String getPositive(Digest digest) {
        digest.setUsername("Aladdin");
        digest.setMethod("GET");
        digest.setUri("/dir/index.html");
        digest.setCnonce("0a4f113b");
        digest.setNc("00000001");
        digest.setQop("auth");
        String clientResponseValue = HTTPDigestUtil.clientResponseValue(digest, "Open Sesame".toCharArray());
        StringBuilder sb = new StringBuilder(" username=\"Aladdin\",");
        sb.append("realm=\"" + digest.getRealm() + "\",");
        sb.append("nonce=\"").append(digest.getNonce()).append("\",");
        sb.append("uri=\"/dir/index.html\",");
        sb.append("qop=auth,").append("nc=00000001,").append("cnonce=\"0a4f113b\",");
        sb.append("response=\"" + clientResponseValue + "\",");
        sb.append("opaque=\"").append(digest.getOpaque()).append("\"");
        return sb.toString();
    }

    private String getNegative() {
        return Base64.encodeBytes("Aladdin:Bad sesame".getBytes());
    }
}
