package org.apache.activemq.artemis.core.security.jaas;

import java.io.IOException;
import java.security.Principal;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.Vector;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginException;
import org.apache.activemq.artemis.spi.core.protocol.RemotingConnection;
import org.apache.activemq.artemis.spi.core.security.jaas.JaasCallbackHandler;
import org.apache.activemq.artemis.spi.core.security.jaas.RolePrincipal;
import org.apache.activemq.artemis.spi.core.security.jaas.UserPrincipal;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/activemq/artemis/core/security/jaas/CertificateLoginModuleTest.class */
public class CertificateLoginModuleTest extends Assert {
    private static final String USER_NAME = "testUser";
    private static final List<String> ROLE_NAMES = new Vector();
    private StubCertificateLoginModule loginModule;
    private Subject subject;

    public CertificateLoginModuleTest() {
        ROLE_NAMES.add("testRole1");
        ROLE_NAMES.add("testRole2");
        ROLE_NAMES.add("testRole3");
        ROLE_NAMES.add("testRole4");
    }

    @Before
    public void setUp() throws Exception {
        this.subject = new Subject();
    }

    private void loginWithCredentials(String str, Set<String> set) throws LoginException {
        this.loginModule = new StubCertificateLoginModule(str, new HashSet(set));
        this.loginModule.initialize(this.subject, new JaasCallbackHandler((String) null, (String) null, (RemotingConnection) null), null, new HashMap());
        this.loginModule.login();
        this.loginModule.commit();
    }

    private void checkPrincipalsMatch(Subject subject) {
        boolean z = false;
        boolean[] zArr = new boolean[ROLE_NAMES.size()];
        for (int i = 0; i < zArr.length; i++) {
            zArr[i] = false;
        }
        Iterator<Principal> it = subject.getPrincipals().iterator();
        while (it.hasNext()) {
            RolePrincipal rolePrincipal = (Principal) it.next();
            if (rolePrincipal instanceof UserPrincipal) {
                if (!rolePrincipal.getName().equals(USER_NAME)) {
                    fail("Unknown UserPrincipal found.");
                } else if (z) {
                    fail("UserPrincipal found twice.");
                } else {
                    z = true;
                }
            } else if (rolePrincipal instanceof RolePrincipal) {
                int indexOf = ROLE_NAMES.indexOf(rolePrincipal.getName());
                if (indexOf < 0) {
                    fail("Unknown RolePrincipal found.");
                }
                if (zArr[indexOf]) {
                    fail("RolePrincipal found twice.");
                } else {
                    zArr[indexOf] = true;
                }
            } else {
                fail("Unknown Principal type found.");
            }
        }
    }

    @Test
    public void testLoginSuccess() throws IOException {
        try {
            loginWithCredentials(USER_NAME, new HashSet(ROLE_NAMES));
        } catch (Exception e) {
            fail("Unable to login: " + e.getMessage());
        }
        checkPrincipalsMatch(this.subject);
    }

    @Test
    public void testLoginFailure() throws IOException {
        boolean z = false;
        try {
            loginWithCredentials(null, new HashSet());
        } catch (LoginException e) {
            z = true;
        }
        if (z) {
            return;
        }
        fail("Logged in with unknown certificate.");
    }

    @Test
    public void testLogOut() throws IOException {
        try {
            loginWithCredentials(USER_NAME, new HashSet(ROLE_NAMES));
        } catch (Exception e) {
            fail("Unable to login: " + e.getMessage());
        }
        this.loginModule.logout();
        assertEquals("logout should have cleared Subject principals.", 0L, this.subject.getPrincipals().size());
    }
}
