package org.apache.james.jmap.http;

import com.google.common.collect.ImmutableList;
import io.netty.handler.codec.http.HttpHeaders;
import java.util.Optional;
import org.apache.james.core.Username;
import org.apache.james.domainlist.api.DomainList;
import org.apache.james.jmap.exceptions.UnauthorizedException;
import org.apache.james.jmap.mailet.filter.JMAPFilteringFixture;
import org.apache.james.jwt.JwtTokenVerifier;
import org.apache.james.mailbox.MailboxManager;
import org.apache.james.mailbox.MailboxSession;
import org.apache.james.user.memory.MemoryUsersRepository;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Test;
import org.mockito.ArgumentMatchers;
import org.mockito.Mockito;
import reactor.netty.http.server.HttpServerRequest;

/* loaded from: input_file:org/apache/james/jmap/http/JWTAuthenticationStrategyTest.class */
public class JWTAuthenticationStrategyTest {
    private static final String AUTHORIZATION_HEADERS = "Authorization";
    private static final DomainList NO_DOMAIN_LIST = null;
    private JWTAuthenticationStrategy testee;
    private MailboxManager mockedMailboxManager;
    private JwtTokenVerifier stubTokenVerifier;
    private HttpServerRequest mockedRequest;
    private HttpHeaders mockedHeaders;

    @Before
    public void setup() {
        this.stubTokenVerifier = (JwtTokenVerifier) Mockito.mock(JwtTokenVerifier.class);
        this.mockedMailboxManager = (MailboxManager) Mockito.mock(MailboxManager.class);
        this.mockedRequest = (HttpServerRequest) Mockito.mock(HttpServerRequest.class);
        this.mockedHeaders = (HttpHeaders) Mockito.mock(HttpHeaders.class);
        MemoryUsersRepository withoutVirtualHosting = MemoryUsersRepository.withoutVirtualHosting(NO_DOMAIN_LIST);
        Mockito.when(this.mockedRequest.requestHeaders()).thenReturn(this.mockedHeaders);
        this.testee = new JWTAuthenticationStrategy(this.stubTokenVerifier, this.mockedMailboxManager, withoutVirtualHosting);
    }

    @Test
    public void createMailboxSessionShouldReturnEmptyWhenAuthHeaderIsEmpty() {
        Mockito.when(this.mockedHeaders.get(AUTHORIZATION_HEADERS)).thenReturn(JMAPFilteringFixture.EMPTY);
        Assertions.assertThat(this.testee.createMailboxSession(this.mockedRequest).blockOptional()).isEmpty();
    }

    @Test
    public void createMailboxSessionShouldThrowWhenAuthHeadersIsInvalid() {
        MailboxSession mailboxSession = (MailboxSession) Mockito.mock(MailboxSession.class);
        Mockito.when(this.stubTokenVerifier.verifyAndExtractLogin("valid")).thenReturn(Optional.empty());
        Mockito.when(this.mockedMailboxManager.createSystemSession((Username) ArgumentMatchers.eq(Username.of("123456789")))).thenReturn(mailboxSession);
        Mockito.when(this.mockedHeaders.get(AUTHORIZATION_HEADERS)).thenReturn("Bearer " + "valid");
        Assertions.assertThatThrownBy(() -> {
            this.testee.createMailboxSession(this.mockedRequest).blockOptional();
        }).isInstanceOf(UnauthorizedException.class);
    }

    @Test
    public void createMailboxSessionShouldReturnEmptyWhenAuthHeaderIsInvalid() {
        Mockito.when(this.mockedHeaders.get(AUTHORIZATION_HEADERS)).thenReturn("bad");
        Assertions.assertThat(this.testee.createMailboxSession(this.mockedRequest).blockOptional()).isEmpty();
    }

    @Test
    public void createMailboxSessionShouldThrowWhenMultipleHeaders() {
        Mockito.when(this.mockedHeaders.getAll(AUTHORIZATION_HEADERS)).thenReturn(ImmutableList.of("Bearer token1", "Bearer token2"));
        Assertions.assertThatThrownBy(() -> {
            this.testee.createMailboxSession(this.mockedRequest).blockOptional();
        }).isInstanceOf(IllegalArgumentException.class);
    }

    @Test
    public void createMailboxSessionShouldReturnWhenAuthHeadersAreValid() {
        MailboxSession mailboxSession = (MailboxSession) Mockito.mock(MailboxSession.class);
        Mockito.when(this.stubTokenVerifier.verifyAndExtractLogin("valid")).thenReturn(Optional.of("123456789"));
        Mockito.when(this.mockedMailboxManager.createSystemSession((Username) ArgumentMatchers.eq(Username.of("123456789")))).thenReturn(mailboxSession);
        Mockito.when(this.mockedHeaders.get(AUTHORIZATION_HEADERS)).thenReturn("Bearer " + "valid");
        Assertions.assertThat((MailboxSession) this.testee.createMailboxSession(this.mockedRequest).block()).isEqualTo(mailboxSession);
    }

    @Test
    public void createMailboxSessionShouldThrowUponInvalidVirtualHosting() {
        MailboxSession mailboxSession = (MailboxSession) Mockito.mock(MailboxSession.class);
        Mockito.when(this.stubTokenVerifier.verifyAndExtractLogin("valid")).thenReturn(Optional.of("123456789@domain.tld"));
        Mockito.when(this.mockedMailboxManager.createSystemSession((Username) ArgumentMatchers.eq(Username.of("123456789@domain.tld")))).thenReturn(mailboxSession);
        Mockito.when(this.mockedHeaders.get(AUTHORIZATION_HEADERS)).thenReturn("Bearer " + "valid");
        Assertions.assertThatThrownBy(() -> {
            this.testee.createMailboxSession(this.mockedRequest).block();
        }).isInstanceOf(UnauthorizedException.class);
    }
}
