package org.apache.jackrabbit.oak.spi.security.authentication.external;

import java.util.HashMap;
import java.util.Map;
import javax.jcr.GuestCredentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.api.ContentSession;
import org.apache.jackrabbit.oak.security.authentication.user.LoginModuleImpl;
import org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext;
import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalLoginModule;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/jackrabbit/oak/spi/security/authentication/external/PreAuthDefaultExternalLoginTest.class */
public class PreAuthDefaultExternalLoginTest extends ExternalLoginTestBase {
    private final Map<String, Object> preAuthOptions = new HashMap();

    @Override // org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalLoginTestBase, org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest
    @Before
    public void before() throws Exception {
        super.before();
    }

    @Override // org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalLoginTestBase, org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest
    @After
    public void after() throws Exception {
        super.after();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalLoginTestBase
    public Configuration getConfiguration() {
        return new Configuration() { // from class: org.apache.jackrabbit.oak.spi.security.authentication.external.PreAuthDefaultExternalLoginTest.1
            public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
                return new AppConfigurationEntry[]{new AppConfigurationEntry(PreAuthLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, PreAuthDefaultExternalLoginTest.this.preAuthOptions), new AppConfigurationEntry(ExternalLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT, PreAuthDefaultExternalLoginTest.this.options), new AppConfigurationEntry(LoginModuleImpl.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT, new HashMap())};
            }
        };
    }

    @Test(expected = LoginException.class)
    public void testNonExistingUser() throws Exception {
        PreAuthCredentials preAuthCredentials = new PreAuthCredentials("nonExisting");
        try {
            ContentSession login = login(preAuthCredentials);
            if (login != null) {
                login.close();
            }
            Assert.assertEquals("pre_auth_done", preAuthCredentials.getMessage());
            this.root.refresh();
            Assert.assertNull(getUserManager(this.root).getAuthorizable(TestIdentityProvider.ID_TEST_USER));
        } catch (Throwable th) {
            Assert.assertEquals("pre_auth_done", preAuthCredentials.getMessage());
            this.root.refresh();
            Assert.assertNull(getUserManager(this.root).getAuthorizable(TestIdentityProvider.ID_TEST_USER));
            throw th;
        }
    }

    @Test
    public void testLocalUser() throws Exception {
        User testUser = getTestUser();
        PreAuthCredentials preAuthCredentials = new PreAuthCredentials(testUser.getID());
        ContentSession login = login(preAuthCredentials);
        try {
            Assert.assertEquals("pre_auth_done", preAuthCredentials.getMessage());
            Assert.assertEquals(testUser.getID(), login.getAuthInfo().getUserID());
            if (login != null) {
                login.close();
            }
        } catch (Throwable th) {
            if (login != null) {
                try {
                    login.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void testExternalUser() throws Exception {
        PreAuthCredentials preAuthCredentials = new PreAuthCredentials(TestIdentityProvider.ID_TEST_USER);
        ContentSession login = login(preAuthCredentials);
        try {
            Assert.assertEquals("pre_auth_done", preAuthCredentials.getMessage());
            Assert.assertEquals(TestIdentityProvider.ID_TEST_USER, login.getAuthInfo().getUserID());
            this.root.refresh();
            Assert.assertNotNull(getUserManager(this.root).getAuthorizable(TestIdentityProvider.ID_TEST_USER));
            if (login != null) {
                login.close();
            }
        } catch (Throwable th) {
            if (login != null) {
                try {
                    login.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void testExistingExternalReSync() throws Exception {
        UserManager userManager = getUserManager(this.root);
        long lastSynced = new DefaultSyncContext(this.syncConfig, this.idp, userManager, getValueFactory(this.root)).sync(this.idp.getUser(TestIdentityProvider.ID_TEST_USER)).getIdentity().lastSynced();
        this.root.commit();
        waitUntilExpired(userManager.getAuthorizable(TestIdentityProvider.ID_TEST_USER, User.class), this.root, this.syncConfig.user().getExpirationTime());
        PreAuthCredentials preAuthCredentials = new PreAuthCredentials(TestIdentityProvider.ID_TEST_USER);
        ContentSession login = login(preAuthCredentials);
        try {
            Assert.assertEquals("pre_auth_done", preAuthCredentials.getMessage());
            Assert.assertEquals(TestIdentityProvider.ID_TEST_USER, login.getAuthInfo().getUserID());
            this.root.refresh();
            User authorizable = getUserManager(this.root).getAuthorizable(TestIdentityProvider.ID_TEST_USER, User.class);
            Assert.assertNotNull(authorizable);
            Assert.assertNotEquals(lastSynced, DefaultSyncContext.createSyncedIdentity(authorizable).lastSynced());
            if (login != null) {
                login.close();
            }
        } catch (Throwable th) {
            if (login != null) {
                try {
                    login.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void testExistingExternalNoSync() throws Exception {
        this.syncConfig.user().setExpirationTime(Long.MAX_VALUE);
        long lastSynced = new DefaultSyncContext(this.syncConfig, this.idp, getUserManager(this.root), getValueFactory(this.root)).sync(this.idp.getUser(TestIdentityProvider.ID_TEST_USER)).getIdentity().lastSynced();
        this.root.commit();
        PreAuthCredentials preAuthCredentials = new PreAuthCredentials(TestIdentityProvider.ID_TEST_USER);
        ContentSession login = login(preAuthCredentials);
        try {
            Assert.assertEquals("pre_auth_done", preAuthCredentials.getMessage());
            Assert.assertEquals(TestIdentityProvider.ID_TEST_USER, login.getAuthInfo().getUserID());
            this.root.refresh();
            User authorizable = getUserManager(this.root).getAuthorizable(TestIdentityProvider.ID_TEST_USER, User.class);
            Assert.assertNotNull(authorizable);
            Assert.assertEquals(lastSynced, DefaultSyncContext.createSyncedIdentity(authorizable).lastSynced());
            if (login != null) {
                login.close();
            }
        } catch (Throwable th) {
            if (login != null) {
                try {
                    login.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void testForeign() throws Exception {
        TestIdentityProvider testIdentityProvider = new TestIdentityProvider("foreign");
        long lastSynced = new DefaultSyncContext(this.syncConfig, testIdentityProvider, getUserManager(this.root), getValueFactory(this.root)).sync(testIdentityProvider.getUser(TestIdentityProvider.ID_TEST_USER)).getIdentity().lastSynced();
        this.root.commit();
        PreAuthCredentials preAuthCredentials = new PreAuthCredentials(TestIdentityProvider.ID_TEST_USER);
        ContentSession login = login(preAuthCredentials);
        try {
            Assert.assertEquals("pre_auth_done", preAuthCredentials.getMessage());
            this.root.refresh();
            User authorizable = getUserManager(this.root).getAuthorizable(TestIdentityProvider.ID_TEST_USER, User.class);
            Assert.assertNotNull(authorizable);
            Assert.assertEquals(lastSynced, DefaultSyncContext.createSyncedIdentity(authorizable).lastSynced());
            if (login != null) {
                login.close();
            }
        } catch (Throwable th) {
            if (login != null) {
                try {
                    login.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test(expected = LoginException.class)
    public void testInvalidPreAuthCreds() throws Exception {
        PreAuthCredentials preAuthCredentials = new PreAuthCredentials(null);
        try {
            ContentSession login = login(preAuthCredentials);
            if (login != null) {
                login.close();
            }
            Assert.assertEquals("pre_auth_fail", preAuthCredentials.getMessage());
            this.root.refresh();
            Assert.assertNull(getUserManager(this.root).getAuthorizable(TestIdentityProvider.ID_TEST_USER));
        } catch (Throwable th) {
            Assert.assertEquals("pre_auth_fail", preAuthCredentials.getMessage());
            this.root.refresh();
            Assert.assertNull(getUserManager(this.root).getAuthorizable(TestIdentityProvider.ID_TEST_USER));
            throw th;
        }
    }

    @Test
    public void testGuest() throws Exception {
        ContentSession login = login(new GuestCredentials());
        try {
            Assert.assertEquals("anonymous", login.getAuthInfo().getUserID());
            if (login != null) {
                login.close();
            }
        } catch (Throwable th) {
            if (login != null) {
                try {
                    login.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void testSimpleLocal() throws Exception {
        User testUser = getTestUser();
        ContentSession login = login(new SimpleCredentials(testUser.getID(), testUser.getID().toCharArray()));
        try {
            Assert.assertEquals(testUser.getID(), login.getAuthInfo().getUserID());
            if (login != null) {
                login.close();
            }
        } catch (Throwable th) {
            if (login != null) {
                try {
                    login.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test(expected = LoginException.class)
    public void testSimpleLocalDisabled() throws Exception {
        User testUser = getTestUser();
        testUser.disable("disable");
        this.root.commit();
        ContentSession login = login(new SimpleCredentials(testUser.getID(), testUser.getID().toCharArray()));
        if (login != null) {
            login.close();
        }
    }

    @Test(expected = LoginException.class)
    public void testSimpleNonExisting() throws Exception {
        ContentSession login = login(new SimpleCredentials("nonExisting", new char[0]));
        if (login != null) {
            login.close();
        }
    }

    @Test
    public void testSimpleExternal() throws Exception {
        SimpleCredentials simpleCredentials = new SimpleCredentials(TestIdentityProvider.ID_TEST_USER, new char[0]);
        ExternalUser authenticate = this.idp.authenticate(simpleCredentials);
        Assert.assertNotNull(authenticate);
        Assert.assertEquals(TestIdentityProvider.ID_TEST_USER, authenticate.getId());
        ContentSession login = login(simpleCredentials);
        try {
            Assert.assertEquals(TestIdentityProvider.ID_TEST_USER, login.getAuthInfo().getUserID());
            this.root.refresh();
            Assert.assertNotNull(getUserManager(this.root).getAuthorizable(TestIdentityProvider.ID_TEST_USER, User.class));
            if (login != null) {
                login.close();
            }
        } catch (Throwable th) {
            if (login != null) {
                try {
                    login.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }
}
