package org.apache.jackrabbit.oak.spi.security.authentication.external.impl;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Maps;
import java.util.Collections;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import javax.jcr.Credentials;
import javax.jcr.GuestCredentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.oak.api.AuthInfo;
import org.apache.jackrabbit.oak.api.ContentSession;
import org.apache.jackrabbit.oak.spi.security.authentication.credentials.CredentialsSupport;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalLoginModuleTestBase;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser;
import org.apache.jackrabbit.oak.spi.security.authentication.external.TestIdentityProvider;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/jackrabbit/oak/spi/security/authentication/external/impl/CustomCredentialsSupportTest.class */
public class CustomCredentialsSupportTest extends ExternalLoginModuleTestBase {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/apache/jackrabbit/oak/spi/security/authentication/external/impl/CustomCredentialsSupportTest$IDP.class */
    public static final class IDP implements ExternalIdentityProvider, CredentialsSupport {
        private final Map attributes = Maps.newHashMap(ImmutableMap.of("a", "a"));

        IDP() {
        }

        @NotNull
        public String getName() {
            return "creds_test";
        }

        @Nullable
        public ExternalIdentity getIdentity(@NotNull ExternalIdentityRef externalIdentityRef) {
            throw new UnsupportedOperationException();
        }

        @Nullable
        public ExternalUser getUser(@NotNull String str) {
            throw new UnsupportedOperationException();
        }

        @Nullable
        public ExternalUser authenticate(@NotNull Credentials credentials) {
            if (!(credentials instanceof TestCredentials)) {
                return null;
            }
            final String str = ((TestCredentials) credentials).uid;
            return new ExternalUser() { // from class: org.apache.jackrabbit.oak.spi.security.authentication.external.impl.CustomCredentialsSupportTest.IDP.1
                @NotNull
                public ExternalIdentityRef getExternalId() {
                    return new ExternalIdentityRef(str, IDP.this.getName());
                }

                @NotNull
                public String getId() {
                    return str;
                }

                @NotNull
                public String getPrincipalName() {
                    return "principal" + str;
                }

                @Nullable
                public String getIntermediatePath() {
                    return null;
                }

                @NotNull
                public Iterable<ExternalIdentityRef> getDeclaredGroups() {
                    return Collections.emptySet();
                }

                @NotNull
                public Map<String, ?> getProperties() {
                    return Collections.emptyMap();
                }
            };
        }

        @Nullable
        public ExternalGroup getGroup(@NotNull String str) {
            throw new UnsupportedOperationException();
        }

        @NotNull
        public Iterator<ExternalUser> listUsers() {
            throw new UnsupportedOperationException();
        }

        @NotNull
        public Iterator<ExternalGroup> listGroups() {
            throw new UnsupportedOperationException();
        }

        @NotNull
        public Set<Class> getCredentialClasses() {
            return ImmutableSet.of(TestCredentials.class);
        }

        @Nullable
        public String getUserId(@NotNull Credentials credentials) {
            if (credentials instanceof TestCredentials) {
                return ((TestCredentials) credentials).uid;
            }
            return null;
        }

        @NotNull
        public Map<String, ?> getAttributes(@NotNull Credentials credentials) {
            return credentials instanceof TestCredentials ? this.attributes : ImmutableMap.of();
        }

        public boolean setAttributes(@NotNull Credentials credentials, @NotNull Map<String, ?> map) {
            if (!(credentials instanceof TestCredentials)) {
                return false;
            }
            this.attributes.putAll(map);
            return true;
        }
    }

    /* loaded from: input_file:org/apache/jackrabbit/oak/spi/security/authentication/external/impl/CustomCredentialsSupportTest$TestCredentials.class */
    private static final class TestCredentials implements Credentials {
        private final String uid;

        private TestCredentials(@NotNull String str) {
            this.uid = str;
        }
    }

    private static void assertAttributes(@NotNull Map<String, ?> map, @NotNull AuthInfo authInfo) {
        Assert.assertEquals(map.size(), authInfo.getAttributeNames().length);
        for (String str : authInfo.getAttributeNames()) {
            Assert.assertEquals(map.get(str), authInfo.getAttribute(str));
        }
    }

    @Test
    public void testLogin() throws Exception {
        TestCredentials testCredentials = new TestCredentials(TestIdentityProvider.ID_TEST_USER);
        ContentSession login = login(testCredentials);
        try {
            AuthInfo authInfo = login.getAuthInfo();
            Assert.assertEquals(TestIdentityProvider.ID_TEST_USER, authInfo.getUserID());
            assertAttributes(getCredentialsSupport().getAttributes(testCredentials), authInfo);
            login.close();
        } catch (Throwable th) {
            login.close();
            throw th;
        }
    }

    @Test
    public void testLoginWithUnsupportedCredentials() throws Exception {
        for (Credentials credentials : ImmutableList.of(new SimpleCredentials(TestIdentityProvider.ID_TEST_USER, new char[0]), new GuestCredentials())) {
            try {
                login(credentials).close();
                Assert.fail("login must fail for credentials " + credentials);
            } catch (LoginException e) {
            }
        }
    }

    @Override // org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest
    protected ExternalIdentityProvider createIDP() {
        return new IDP();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Credentials createTestCredentials() {
        return new TestCredentials(TestIdentityProvider.ID_TEST_USER);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public CredentialsSupport getCredentialsSupport() {
        return (IDP) this.idp;
    }
}
