package org.apache.openejb.test.servlet;

import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
import java.lang.reflect.Method;
import java.security.Principal;
import javax.ejb.EJB;
import javax.ejb.EJBAccessException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import junit.framework.Assert;

/* loaded from: input_file:WEB-INF/lib/openejb-itests-servlets-3.1.4.jar:org/apache/openejb/test/servlet/SecureServlet.class */
public class SecureServlet extends HttpServlet {

    @EJB
    private SecureEJBLocal secureEJBLocal;

    protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        httpServletResponse.setContentType("text/plain");
        PrintStream printStream = new PrintStream((OutputStream) httpServletResponse.getOutputStream());
        String parameter = httpServletRequest.getParameter("method");
        if (parameter == null) {
            testAll(httpServletRequest, printStream);
        } else {
            try {
                getClass().getMethod(parameter, HttpServletRequest.class).invoke(this, httpServletRequest);
            } catch (Throwable th) {
                printStream.println("FAILED");
                th.printStackTrace(printStream);
            }
        }
        printStream.flush();
    }

    public void testAll(HttpServletRequest httpServletRequest, PrintStream printStream) {
        for (Method method : EjbServlet.class.getMethods()) {
            if (method.getName().startsWith("invoke")) {
                try {
                    method.invoke(this, new Object[0]);
                    printStream.println(method.getName() + " PASSED");
                } catch (Throwable th) {
                    printStream.println(method.getName() + " FAILED");
                    th.printStackTrace(printStream);
                    printStream.flush();
                }
                printStream.println();
            }
        }
    }

    public void invokeGetCallerPrincipal(HttpServletRequest httpServletRequest) {
        Principal userPrincipal = httpServletRequest.getUserPrincipal();
        Assert.assertNotNull(userPrincipal);
        Assert.assertEquals("user", userPrincipal.getName());
        Principal callerPrincipal = this.secureEJBLocal.getCallerPrincipal();
        Assert.assertNotNull(callerPrincipal);
        Assert.assertEquals("user", callerPrincipal.getName());
    }

    public void invokeIsCallerInRole(HttpServletRequest httpServletRequest) {
        Assert.assertTrue(httpServletRequest.isUserInRole("user"));
        Assert.assertFalse(httpServletRequest.isUserInRole("manager"));
        Assert.assertFalse(httpServletRequest.isUserInRole("UNKNOWN"));
        Assert.assertFalse(httpServletRequest.isUserInRole("runas"));
        Assert.assertTrue(this.secureEJBLocal.isCallerInRole("user"));
        Assert.assertFalse(this.secureEJBLocal.isCallerInRole("manager"));
        Assert.assertFalse(this.secureEJBLocal.isCallerInRole("UNKNOWN"));
        Assert.assertFalse(this.secureEJBLocal.isCallerInRole("runas"));
    }

    public void invokeIsAllowed(HttpServletRequest httpServletRequest) {
        try {
            this.secureEJBLocal.allowUserMethod();
        } catch (EJBAccessException e) {
            Assert.fail("Method allowUserMethod() NOT ALLOWED");
        }
        try {
            this.secureEJBLocal.allowManagerMethod();
            Assert.fail("Method allowManagerMethod() ALLOWED");
        } catch (EJBAccessException e2) {
        }
        try {
            this.secureEJBLocal.allowUnknownMethod();
            Assert.fail("Method allowUnknownMethod() ALLOWED");
        } catch (EJBAccessException e3) {
        }
        try {
            this.secureEJBLocal.allowRunasMethod();
            Assert.fail("Method allowRunasMethod() ALLOWED");
        } catch (EJBAccessException e4) {
        }
        try {
            this.secureEJBLocal.denyAllMethod();
            Assert.fail("Method denyAllMethod() ALLOWED");
        } catch (EJBAccessException e5) {
        }
    }
}
