package waffle.apache;

import com.sun.jna.platform.win32.Sspi;
import com.sun.jna.platform.win32.SspiUtil;
import java.io.IOException;
import java.util.Base64;
import java.util.Collections;
import javax.servlet.ServletException;
import mockit.Expectations;
import mockit.Mocked;
import org.apache.catalina.Context;
import org.apache.catalina.Engine;
import org.apache.catalina.LifecycleException;
import org.apache.catalina.deploy.LoginConfig;
import org.apache.catalina.realm.GenericPrincipal;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import waffle.apache.catalina.SimpleHttpRequest;
import waffle.apache.catalina.SimpleHttpResponse;
import waffle.mock.MockWindowsAuthProvider;
import waffle.windows.auth.IWindowsCredentialsHandle;
import waffle.windows.auth.IWindowsIdentity;
import waffle.windows.auth.PrincipalFormat;
import waffle.windows.auth.impl.WindowsAccountImpl;
import waffle.windows.auth.impl.WindowsCredentialsHandleImpl;
import waffle.windows.auth.impl.WindowsSecurityContextImpl;

/* loaded from: input_file:waffle/apache/MixedAuthenticatorTests.class */
public class MixedAuthenticatorTests {
    MixedAuthenticator authenticator;

    @Mocked
    Context context;

    @Mocked
    Engine engine;

    @BeforeEach
    public void setUp() throws LifecycleException {
        this.authenticator = new MixedAuthenticator();
        this.authenticator.setContainer(this.context);
        Assertions.assertNotNull(new Expectations() { // from class: waffle.apache.MixedAuthenticatorTests.1
            {
                MixedAuthenticatorTests.this.context.getName();
                this.result = "context";
                MixedAuthenticatorTests.this.context.getParent();
                this.result = MixedAuthenticatorTests.this.engine;
                MixedAuthenticatorTests.this.context.getParent();
                this.result = null;
            }
        });
        this.authenticator.start();
    }

    @AfterEach
    public void tearDown() throws LifecycleException {
        this.authenticator.stop();
    }

    @Test
    public void testChallengeGET() {
        SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
        simpleHttpRequest.setMethod("GET");
        simpleHttpRequest.setQueryString("j_negotiate_check");
        SimpleHttpResponse simpleHttpResponse = new SimpleHttpResponse();
        this.authenticator.authenticate(simpleHttpRequest, simpleHttpResponse, (LoginConfig) null);
        String[] headerValues = simpleHttpResponse.getHeaderValues("WWW-Authenticate");
        Assertions.assertNotNull(headerValues);
        Assertions.assertEquals(2, headerValues.length);
        Assertions.assertEquals("Negotiate", headerValues[0]);
        Assertions.assertEquals("NTLM", headerValues[1]);
        Assertions.assertEquals("close", simpleHttpResponse.getHeader("Connection"));
        Assertions.assertEquals(2, simpleHttpResponse.getHeaderNames().size());
        Assertions.assertEquals(401, simpleHttpResponse.getStatus());
    }

    @Test
    public void testChallengePOST() {
        IWindowsCredentialsHandle iWindowsCredentialsHandle = null;
        WindowsSecurityContextImpl windowsSecurityContextImpl = null;
        try {
            iWindowsCredentialsHandle = WindowsCredentialsHandleImpl.getCurrent("Negotiate");
            iWindowsCredentialsHandle.initialize();
            windowsSecurityContextImpl = new WindowsSecurityContextImpl();
            windowsSecurityContextImpl.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
            windowsSecurityContextImpl.setCredentialsHandle(iWindowsCredentialsHandle);
            windowsSecurityContextImpl.setSecurityPackage("Negotiate");
            windowsSecurityContextImpl.initialize((Sspi.CtxtHandle) null, (Sspi.SecBufferDesc) null, WindowsAccountImpl.getCurrentUsername());
            SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
            simpleHttpRequest.setQueryString("j_negotiate_check");
            simpleHttpRequest.setMethod("POST");
            simpleHttpRequest.setContentLength(0);
            simpleHttpRequest.addHeader("Authorization", "Negotiate " + Base64.getEncoder().encodeToString(windowsSecurityContextImpl.getToken()));
            SimpleHttpResponse simpleHttpResponse = new SimpleHttpResponse();
            this.authenticator.authenticate(simpleHttpRequest, simpleHttpResponse, (LoginConfig) null);
            Assertions.assertTrue(simpleHttpResponse.getHeader("WWW-Authenticate").startsWith("Negotiate "));
            Assertions.assertEquals("keep-alive", simpleHttpResponse.getHeader("Connection"));
            Assertions.assertEquals(2, simpleHttpResponse.getHeaderNames().size());
            Assertions.assertEquals(401, simpleHttpResponse.getStatus());
            if (windowsSecurityContextImpl != null) {
                windowsSecurityContextImpl.dispose();
            }
            if (iWindowsCredentialsHandle != null) {
                iWindowsCredentialsHandle.dispose();
            }
        } catch (Throwable th) {
            if (windowsSecurityContextImpl != null) {
                windowsSecurityContextImpl.dispose();
            }
            if (iWindowsCredentialsHandle != null) {
                iWindowsCredentialsHandle.dispose();
            }
            throw th;
        }
    }

    @Test
    public void testGet() {
        LoginConfig loginConfig = new LoginConfig();
        loginConfig.setErrorPage("error.html");
        loginConfig.setLoginPage("login.html");
        Assertions.assertFalse(this.authenticator.authenticate(new SimpleHttpRequest(), new SimpleHttpResponse(), loginConfig));
    }

    @Test
    public void testGetInfo() {
        org.assertj.core.api.Assertions.assertThat(this.authenticator.getInfo().length()).isGreaterThan(0);
    }

    @Test
    public void testNegotiate() {
        SimpleHttpResponse simpleHttpResponse;
        boolean authenticate;
        IWindowsCredentialsHandle iWindowsCredentialsHandle = null;
        WindowsSecurityContextImpl windowsSecurityContextImpl = null;
        try {
            iWindowsCredentialsHandle = WindowsCredentialsHandleImpl.getCurrent("Negotiate");
            iWindowsCredentialsHandle.initialize();
            windowsSecurityContextImpl = new WindowsSecurityContextImpl();
            windowsSecurityContextImpl.setPrincipalName(WindowsAccountImpl.getCurrentUsername());
            windowsSecurityContextImpl.setCredentialsHandle(iWindowsCredentialsHandle);
            windowsSecurityContextImpl.setSecurityPackage("Negotiate");
            windowsSecurityContextImpl.initialize((Sspi.CtxtHandle) null, (Sspi.SecBufferDesc) null, WindowsAccountImpl.getCurrentUsername());
            SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
            simpleHttpRequest.setQueryString("j_negotiate_check");
            while (true) {
                simpleHttpRequest.addHeader("Authorization", "Negotiate " + Base64.getEncoder().encodeToString(windowsSecurityContextImpl.getToken()));
                simpleHttpResponse = new SimpleHttpResponse();
                authenticate = this.authenticator.authenticate(simpleHttpRequest, simpleHttpResponse, (LoginConfig) null);
                if (authenticate) {
                    break;
                }
                Assertions.assertTrue(simpleHttpResponse.getHeader("WWW-Authenticate").startsWith("Negotiate "));
                Assertions.assertEquals("keep-alive", simpleHttpResponse.getHeader("Connection"));
                Assertions.assertEquals(2, simpleHttpResponse.getHeaderNames().size());
                Assertions.assertEquals(401, simpleHttpResponse.getStatus());
                byte[] decode = Base64.getDecoder().decode(simpleHttpResponse.getHeader("WWW-Authenticate").substring("Negotiate".length() + 1));
                org.assertj.core.api.Assertions.assertThat(decode.length).isGreaterThan(0);
                windowsSecurityContextImpl.initialize(windowsSecurityContextImpl.getHandle(), new SspiUtil.ManagedSecBufferDesc(2, decode), WindowsAccountImpl.getCurrentUsername());
            }
            org.assertj.core.api.Assertions.assertThat(simpleHttpResponse.getHeaderNames().size()).isGreaterThanOrEqualTo(0);
            Assertions.assertTrue(authenticate);
            if (windowsSecurityContextImpl != null) {
                windowsSecurityContextImpl.dispose();
            }
            if (iWindowsCredentialsHandle != null) {
                iWindowsCredentialsHandle.dispose();
            }
        } catch (Throwable th) {
            if (windowsSecurityContextImpl != null) {
                windowsSecurityContextImpl.dispose();
            }
            if (iWindowsCredentialsHandle != null) {
                iWindowsCredentialsHandle.dispose();
            }
            throw th;
        }
    }

    @Test
    public void testPostSecurityCheck() {
        LoginConfig loginConfig = new LoginConfig();
        loginConfig.setErrorPage("error.html");
        loginConfig.setLoginPage("login.html");
        SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
        simpleHttpRequest.setQueryString("j_security_check");
        simpleHttpRequest.addParameter("j_username", "username");
        simpleHttpRequest.addParameter("j_password", "password");
        Assertions.assertFalse(this.authenticator.authenticate(simpleHttpRequest, new SimpleHttpResponse(), loginConfig));
    }

    @Test
    public void testProgrammaticSecurityBoth(@Mocked final IWindowsIdentity iWindowsIdentity) throws ServletException {
        this.authenticator.setAuth(new MockWindowsAuthProvider());
        SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
        simpleHttpRequest.setContext((Context) this.authenticator.getContainer());
        simpleHttpRequest.login(WindowsAccountImpl.getCurrentUsername(), "");
        Assertions.assertNotNull(new Expectations() { // from class: waffle.apache.MixedAuthenticatorTests.2
            {
                iWindowsIdentity.getFqn();
                this.result = "fqn";
                iWindowsIdentity.getSidString();
                this.result = "S-1234";
            }
        });
        simpleHttpRequest.setUserPrincipal(new GenericWindowsPrincipal(iWindowsIdentity, PrincipalFormat.BOTH, PrincipalFormat.BOTH));
        Assertions.assertTrue(simpleHttpRequest.getUserPrincipal() instanceof GenericWindowsPrincipal);
        Assertions.assertTrue(simpleHttpRequest.getUserPrincipal().getSidString().startsWith("S-"));
    }

    @Test
    public void testProgrammaticSecuritySID(@Mocked final IWindowsIdentity iWindowsIdentity) throws ServletException {
        this.authenticator.setAuth(new MockWindowsAuthProvider());
        SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
        simpleHttpRequest.setContext((Context) this.authenticator.getContainer());
        simpleHttpRequest.login(WindowsAccountImpl.getCurrentUsername(), "");
        Assertions.assertNotNull(new Expectations() { // from class: waffle.apache.MixedAuthenticatorTests.3
            {
                iWindowsIdentity.getSidString();
                this.result = "S-1234";
            }
        });
        simpleHttpRequest.setUserPrincipal(new GenericWindowsPrincipal(iWindowsIdentity, PrincipalFormat.SID, PrincipalFormat.SID));
        Assertions.assertTrue(simpleHttpRequest.getUserPrincipal() instanceof GenericWindowsPrincipal);
        Assertions.assertTrue(simpleHttpRequest.getUserPrincipal().getSidString().startsWith("S-"));
    }

    @Test
    public void testProgrammaticSecurityNone(@Mocked IWindowsIdentity iWindowsIdentity) throws ServletException {
        this.authenticator.setAuth(new MockWindowsAuthProvider());
        SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
        simpleHttpRequest.setContext((Context) this.authenticator.getContainer());
        simpleHttpRequest.login(WindowsAccountImpl.getCurrentUsername(), "");
        simpleHttpRequest.setUserPrincipal(new GenericWindowsPrincipal(iWindowsIdentity, PrincipalFormat.NONE, PrincipalFormat.NONE));
        Assertions.assertTrue(simpleHttpRequest.getUserPrincipal() instanceof GenericWindowsPrincipal);
        Assertions.assertNull(simpleHttpRequest.getUserPrincipal().getSidString());
    }

    @Test
    public void testSecurityCheckParameters() {
        this.authenticator.setAuth(new MockWindowsAuthProvider());
        LoginConfig loginConfig = new LoginConfig();
        loginConfig.setErrorPage("error.html");
        loginConfig.setLoginPage("login.html");
        SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
        simpleHttpRequest.addParameter("j_security_check", "");
        simpleHttpRequest.addParameter("j_username", WindowsAccountImpl.getCurrentUsername());
        simpleHttpRequest.addParameter("j_password", "");
        Assertions.assertTrue(this.authenticator.authenticate(simpleHttpRequest, new SimpleHttpResponse(), loginConfig));
    }

    @Test
    public void testSecurityCheckQueryString() {
        this.authenticator.setAuth(new MockWindowsAuthProvider());
        LoginConfig loginConfig = new LoginConfig();
        loginConfig.setErrorPage("error.html");
        loginConfig.setLoginPage("login.html");
        SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
        simpleHttpRequest.setQueryString("j_security_check");
        simpleHttpRequest.addParameter("j_username", WindowsAccountImpl.getCurrentUsername());
        simpleHttpRequest.addParameter("j_password", "");
        Assertions.assertTrue(this.authenticator.authenticate(simpleHttpRequest, new SimpleHttpResponse(), loginConfig));
    }

    @Test
    public void testCustomPrincipal() throws LifecycleException, IOException {
        final GenericPrincipal genericPrincipal = new GenericPrincipal("my-principal", "my-password", Collections.emptyList());
        MixedAuthenticator mixedAuthenticator = new MixedAuthenticator() { // from class: waffle.apache.MixedAuthenticatorTests.4
            protected GenericPrincipal createPrincipal(IWindowsIdentity iWindowsIdentity) {
                return genericPrincipal;
            }
        };
        try {
            mixedAuthenticator.setContainer(this.context);
            mixedAuthenticator.setAlwaysUseSession(true);
            mixedAuthenticator.start();
            mixedAuthenticator.setAuth(new MockWindowsAuthProvider());
            SimpleHttpRequest simpleHttpRequest = new SimpleHttpRequest();
            simpleHttpRequest.addParameter("j_security_check", "");
            simpleHttpRequest.addParameter("j_username", WindowsAccountImpl.getCurrentUsername());
            simpleHttpRequest.addParameter("j_password", "");
            Assertions.assertTrue(mixedAuthenticator.authenticate(simpleHttpRequest, new SimpleHttpResponse()));
            Assertions.assertEquals(genericPrincipal, simpleHttpRequest.getUserPrincipal());
            mixedAuthenticator.stop();
        } catch (Throwable th) {
            mixedAuthenticator.stop();
            throw th;
        }
    }
}
