package org.primeframework.mvc.security;

import com.google.inject.Inject;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.easymock.EasyMock;
import org.example.action.Post;
import org.example.action.Secure;
import org.example.action.SecureNoRoles;
import org.primeframework.mock.servlet.MockHttpServletRequest;
import org.primeframework.mvc.PrimeBaseTest;
import org.primeframework.mvc.action.ActionInvocation;
import org.primeframework.mvc.action.DefaultActionInvocationStore;
import org.primeframework.mvc.action.ExecuteMethodConfiguration;
import org.primeframework.mvc.action.config.DefaultActionConfigurationBuilder;
import org.primeframework.mvc.security.guice.SecuritySchemeFactory;
import org.primeframework.mvc.workflow.WorkflowChain;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:org/primeframework/mvc/security/DefaultSecurityWorkflowTest.class */
public class DefaultSecurityWorkflowTest extends PrimeBaseTest {

    @Inject
    public DefaultActionConfigurationBuilder actionConfigurationBuilder;

    /* loaded from: input_file:org/primeframework/mvc/security/DefaultSecurityWorkflowTest$TestSecuritySchemeFactory.class */
    public static class TestSecuritySchemeFactory extends SecuritySchemeFactory {
        private final TestUserLoginSecurityContext securityContext;

        public TestSecuritySchemeFactory(TestUserLoginSecurityContext testUserLoginSecurityContext) {
            super(DefaultSecurityWorkflowTest.injector);
            this.securityContext = testUserLoginSecurityContext;
        }

        public SecurityScheme build(String str) {
            UserLoginSecurityScheme userLoginSecurityScheme = new UserLoginSecurityScheme();
            userLoginSecurityScheme.setUserLoginSecurityContext(this.securityContext);
            return userLoginSecurityScheme;
        }
    }

    /* loaded from: input_file:org/primeframework/mvc/security/DefaultSecurityWorkflowTest$TestUserLoginSecurityContext.class */
    public static class TestUserLoginSecurityContext extends BaseHttpSessionUserLoginSecurityContext {
        public final Set<String> roles;

        public TestUserLoginSecurityContext(HttpServletRequest httpServletRequest, Set<String> set) {
            super(httpServletRequest);
            this.roles = new HashSet();
            this.roles.addAll(set);
        }

        public Set<String> getCurrentUsersRoles() {
            return this.roles;
        }
    }

    @Test
    public void performAuthenticationNotRequired() throws Exception {
        ActionInvocation actionInvocation = new ActionInvocation(new Post(), (ExecuteMethodConfiguration) null, (String) null, (String) null, this.actionConfigurationBuilder.build(Post.class));
        DefaultActionInvocationStore defaultActionInvocationStore = new DefaultActionInvocationStore(this.request);
        defaultActionInvocationStore.setCurrent(actionInvocation);
        DefaultSecurityWorkflow defaultSecurityWorkflow = new DefaultSecurityWorkflow(defaultActionInvocationStore, new TestSecuritySchemeFactory(new TestUserLoginSecurityContext(this.request, Collections.emptySet())));
        WorkflowChain workflowChain = (WorkflowChain) EasyMock.createStrictMock(WorkflowChain.class);
        workflowChain.continueWorkflow();
        EasyMock.replay(new Object[]{workflowChain});
        defaultSecurityWorkflow.perform(workflowChain);
        EasyMock.verify(new Object[]{workflowChain});
    }

    @Test
    public void performAuthenticationRequiredNoRolesRequired() throws Exception {
        ActionInvocation actionInvocation = new ActionInvocation(new SecureNoRoles(), (ExecuteMethodConfiguration) null, (String) null, (String) null, this.actionConfigurationBuilder.build(SecureNoRoles.class));
        DefaultActionInvocationStore defaultActionInvocationStore = new DefaultActionInvocationStore(this.request);
        defaultActionInvocationStore.setCurrent(actionInvocation);
        DefaultSecurityWorkflow defaultSecurityWorkflow = new DefaultSecurityWorkflow(defaultActionInvocationStore, new TestSecuritySchemeFactory(new TestUserLoginSecurityContext(this.request, new HashSet(Collections.singletonList("bad")))));
        this.request.getSession().setAttribute("prime-mvc-security-user", "user");
        WorkflowChain workflowChain = (WorkflowChain) EasyMock.createStrictMock(WorkflowChain.class);
        workflowChain.continueWorkflow();
        EasyMock.replay(new Object[]{workflowChain});
        defaultSecurityWorkflow.perform(workflowChain);
        EasyMock.verify(new Object[]{workflowChain});
    }

    @Test
    public void performAuthenticationRequiredNotLoggedInGET() throws Exception {
        ActionInvocation actionInvocation = new ActionInvocation(new Secure(), (ExecuteMethodConfiguration) null, (String) null, (String) null, this.actionConfigurationBuilder.build(Secure.class));
        DefaultActionInvocationStore defaultActionInvocationStore = new DefaultActionInvocationStore(this.request);
        defaultActionInvocationStore.setCurrent(actionInvocation);
        this.request.setMethod(MockHttpServletRequest.Method.GET);
        this.request.setUri("/secure");
        this.request.getParameters().put("test", Collections.singletonList("value"));
        this.request.getParameters().put("test2", Collections.singletonList("value2"));
        DefaultSecurityWorkflow defaultSecurityWorkflow = new DefaultSecurityWorkflow(defaultActionInvocationStore, new TestSecuritySchemeFactory(new TestUserLoginSecurityContext(this.request, Collections.emptySet())));
        WorkflowChain workflowChain = (WorkflowChain) EasyMock.createStrictMock(WorkflowChain.class);
        EasyMock.replay(new Object[]{workflowChain});
        try {
            defaultSecurityWorkflow.perform(workflowChain);
            Assert.fail("Should have failed");
        } catch (UnauthenticatedException e) {
        }
        EasyMock.verify(new Object[]{workflowChain});
    }

    @Test
    public void performAuthenticationRequiredNotLoggedInPOST() throws Exception {
        ActionInvocation actionInvocation = new ActionInvocation(new Secure(), (ExecuteMethodConfiguration) null, (String) null, (String) null, this.actionConfigurationBuilder.build(Secure.class));
        DefaultActionInvocationStore defaultActionInvocationStore = new DefaultActionInvocationStore(this.request);
        defaultActionInvocationStore.setCurrent(actionInvocation);
        this.request.setMethod(MockHttpServletRequest.Method.POST);
        this.request.setUri("/secure");
        this.request.getParameters().put("test", Collections.singletonList("value"));
        this.request.getParameters().put("test2", Collections.singletonList("value2"));
        DefaultSecurityWorkflow defaultSecurityWorkflow = new DefaultSecurityWorkflow(defaultActionInvocationStore, new TestSecuritySchemeFactory(new TestUserLoginSecurityContext(this.request, Collections.emptySet())));
        WorkflowChain workflowChain = (WorkflowChain) EasyMock.createStrictMock(WorkflowChain.class);
        EasyMock.replay(new Object[]{workflowChain});
        try {
            defaultSecurityWorkflow.perform(workflowChain);
            Assert.fail("Should have failed");
        } catch (UnauthenticatedException e) {
        }
        EasyMock.verify(new Object[]{workflowChain});
    }

    @Test
    public void performAuthenticationRequiredSuccess() throws Exception {
        ActionInvocation actionInvocation = new ActionInvocation(new Secure(), (ExecuteMethodConfiguration) null, (String) null, (String) null, this.actionConfigurationBuilder.build(Secure.class));
        DefaultActionInvocationStore defaultActionInvocationStore = new DefaultActionInvocationStore(this.request);
        defaultActionInvocationStore.setCurrent(actionInvocation);
        DefaultSecurityWorkflow defaultSecurityWorkflow = new DefaultSecurityWorkflow(defaultActionInvocationStore, new TestSecuritySchemeFactory(new TestUserLoginSecurityContext(this.request, new HashSet(Collections.singletonList("admin")))));
        this.request.getSession().setAttribute("prime-mvc-security-user", "user");
        WorkflowChain workflowChain = (WorkflowChain) EasyMock.createStrictMock(WorkflowChain.class);
        workflowChain.continueWorkflow();
        EasyMock.replay(new Object[]{workflowChain});
        defaultSecurityWorkflow.perform(workflowChain);
        EasyMock.verify(new Object[]{workflowChain});
    }

    @Test
    public void performAuthenticationRequiredWrongRoles() throws Exception {
        ActionInvocation actionInvocation = new ActionInvocation(new Secure(), (ExecuteMethodConfiguration) null, (String) null, (String) null, this.actionConfigurationBuilder.build(Secure.class));
        DefaultActionInvocationStore defaultActionInvocationStore = new DefaultActionInvocationStore(this.request);
        defaultActionInvocationStore.setCurrent(actionInvocation);
        DefaultSecurityWorkflow defaultSecurityWorkflow = new DefaultSecurityWorkflow(defaultActionInvocationStore, new TestSecuritySchemeFactory(new TestUserLoginSecurityContext(this.request, new HashSet(Collections.singletonList("bad")))));
        this.request.getSession().setAttribute("prime-mvc-security-user", "user");
        WorkflowChain workflowChain = (WorkflowChain) EasyMock.createStrictMock(WorkflowChain.class);
        EasyMock.replay(new Object[]{workflowChain});
        try {
            defaultSecurityWorkflow.perform(workflowChain);
            Assert.fail("Should have thrown");
        } catch (UnauthorizedException e) {
        }
        EasyMock.verify(new Object[]{workflowChain});
    }

    @Test
    public void performNotConfigured() throws Exception {
        ActionInvocation actionInvocation = new ActionInvocation(new Post(), (ExecuteMethodConfiguration) null, (String) null, (String) null, this.actionConfigurationBuilder.build(Post.class));
        DefaultActionInvocationStore defaultActionInvocationStore = new DefaultActionInvocationStore(this.request);
        defaultActionInvocationStore.setCurrent(actionInvocation);
        DefaultSecurityWorkflow defaultSecurityWorkflow = new DefaultSecurityWorkflow(defaultActionInvocationStore, new TestSecuritySchemeFactory(null));
        WorkflowChain workflowChain = (WorkflowChain) EasyMock.createStrictMock(WorkflowChain.class);
        workflowChain.continueWorkflow();
        EasyMock.replay(new Object[]{workflowChain});
        defaultSecurityWorkflow.perform(workflowChain);
        EasyMock.verify(new Object[]{workflowChain});
    }
}
