package integration.rbacapi.errors;

import io.confluent.rbacapi.retrofit.v1.V1RbacRetrofitFactory;
import io.confluent.security.test.utils.RbacClusters;
import io.confluent.tokenapi.entities.AuthenticationResponse;
import java.util.Arrays;
import java.util.Base64;
import javax.ws.rs.client.Client;
import javax.ws.rs.client.ClientBuilder;
import org.hamcrest.MatcherAssert;
import org.hamcrest.core.Is;
import org.hamcrest.core.IsNull;
import org.testng.Assert;
import org.testng.AssertJUnit;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;
import utils.KafkaConfigTool;
import utils.MdsTestUtil;

@Test(groups = {"tokenTests"})
/* loaded from: input_file:integration/rbacapi/errors/OAuthOrBasicAuthenticatorCornerCaseTest.class */
public class OAuthOrBasicAuthenticatorCornerCaseTest {
    private RbacClusters rbacClusters;
    private int actualMdsPort;
    private final Client client = ClientBuilder.newClient();
    private final String validBasicAuthStr = Base64.getEncoder().encodeToString("mds:mds".getBytes());
    private String validAuthToken = null;

    @BeforeClass
    public void setUp() throws Throwable {
        this.rbacClusters = new RbacClusters(KafkaConfigTool.hashWithTokens("mds", Arrays.asList("mds", "mds")));
        this.actualMdsPort = MdsTestUtil.lookupActualMdsPort(this.rbacClusters);
        this.validAuthToken = ((AuthenticationResponse) V1RbacRetrofitFactory.build(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST, this.actualMdsPort, "mds").issueToken().execute().body()).authenticationToken();
        MatcherAssert.assertThat(this.validAuthToken, Is.is(IsNull.notNullValue()));
        AssertJUnit.assertTrue(this.validAuthToken.length() > 10);
    }

    @AfterClass
    public void tearDown() {
        this.rbacClusters.shutdown();
        MdsTestUtil.releasePort(this.actualMdsPort);
    }

    @Test
    public void sanityTest_justBasicAuth() {
        Assert.assertEquals(this.client.target(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST + ":" + this.actualMdsPort).path("/security/1.0/authenticate").request(new String[]{"application/json"}).header("Authorization", "Basic " + this.validBasicAuthStr).get().getStatus(), 200);
    }

    @Test
    public void sanityTest_AuthCookie() {
        Assert.assertEquals(this.client.target(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST + ":" + this.actualMdsPort).path("/security/1.0/authenticate").request(new String[]{"application/json"}).header("Cookie", "auth_token=" + this.validAuthToken).get().getStatus(), 200);
    }

    @Test
    public void sanityTest_authHeader() {
        Assert.assertEquals(this.client.target(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST + ":" + this.actualMdsPort).path("/security/1.0/authenticate").request(new String[]{"application/json"}).header("Authorization", "Bearer " + this.validAuthToken).get().getStatus(), 200);
    }

    @Test
    public void basic_andAuthQueryParam() {
        Assert.assertEquals(this.client.target(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST + ":" + this.actualMdsPort).path("/security/1.0/authenticate").queryParam("access_token", new Object[]{this.validAuthToken}).request(new String[]{"application/json"}).header("Authorization", "Basic " + this.validBasicAuthStr).get().getStatus(), 401);
    }

    @Test
    public void basicThenAuthHeader() {
        Assert.assertEquals(this.client.target(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST + ":" + this.actualMdsPort).path("/security/1.0/authenticate").request(new String[]{"application/json"}).header("Authorization", "Basic " + this.validBasicAuthStr).header("Authorization", "Bearer " + this.validAuthToken).get().getStatus(), 500);
    }

    @Test
    public void bearerThenAuthHeader() {
        Assert.assertEquals(this.client.target(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST + ":" + this.actualMdsPort).path("/security/1.0/authenticate").request(new String[]{"application/json"}).header("Authorization", "Bearer " + this.validAuthToken).header("Authorization", "Basic " + this.validBasicAuthStr).get().getStatus(), 401);
    }

    @Test
    public void basic_andAuthCookie() {
        Assert.assertEquals(this.client.target(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST + ":" + this.actualMdsPort).path("/security/1.0/authenticate").request(new String[]{"application/json"}).header("Authorization", "Basic " + this.validBasicAuthStr).header("Cookie", "auth_token=" + this.validAuthToken).get().getStatus(), 200);
    }
}
