package org.apache.qpid.server.security.auth.sasl.oauth2;

import org.apache.qpid.server.model.NamedAddressSpace;
import org.apache.qpid.server.security.auth.AuthenticationResult;
import org.apache.qpid.server.security.auth.manager.oauth2.OAuth2AuthenticationProvider;
import org.apache.qpid.test.utils.QpidTestCase;
import org.junit.Assert;
import org.mockito.Matchers;
import org.mockito.Mockito;

/* loaded from: input_file:org/apache/qpid/server/security/auth/sasl/oauth2/OAuth2NegotiatorTest.class */
public class OAuth2NegotiatorTest extends QpidTestCase {
    private static final String VALID_TOKEN = "token";
    private static final byte[] VALID_RESPONSE = "auth=Bearer token\u0001\u0001".getBytes();
    private static final byte[] VALID_TOKEN_WITH_CRUD = "user=xxx\u0001auth=Bearer token\u0001host=localhost\u0001\u0001".getBytes();
    private static final byte[] RESPONSE_WITH_NO_TOKEN = "host=localhost\u0001\u0001".getBytes();
    private static final byte[] RESPONSE_WITH_MALFORMED_AUTH = "auth=wibble\u0001\u0001".getBytes();
    private OAuth2Negotiator _negotiator;
    private OAuth2AuthenticationProvider<?> _authenticationProvider;

    public void setUp() throws Exception {
        super.setUp();
        this._authenticationProvider = (OAuth2AuthenticationProvider) Mockito.mock(OAuth2AuthenticationProvider.class);
        this._negotiator = new OAuth2Negotiator(this._authenticationProvider, (NamedAddressSpace) null);
    }

    public void testHandleResponse_ResponseHasAuthOnly() throws Exception {
        doHandleResponseWithValidResponse(VALID_RESPONSE);
    }

    public void testHandleResponse_ResponseAuthAndOthers() throws Exception {
        doHandleResponseWithValidResponse(VALID_TOKEN_WITH_CRUD);
    }

    public void testHandleResponse_ResponseAuthAbsent() throws Exception {
        AuthenticationResult handleResponse = this._negotiator.handleResponse(RESPONSE_WITH_NO_TOKEN);
        assertEquals("Unexpected result status", AuthenticationResult.AuthenticationStatus.ERROR, handleResponse.getStatus());
        assertNull("Unexpected result principal", handleResponse.getMainPrincipal());
    }

    public void testHandleResponse_ResponseAuthMalformed() throws Exception {
        AuthenticationResult handleResponse = this._negotiator.handleResponse(RESPONSE_WITH_MALFORMED_AUTH);
        assertEquals("Unexpected result status", AuthenticationResult.AuthenticationStatus.ERROR, handleResponse.getStatus());
        assertNull("Unexpected result principal", handleResponse.getMainPrincipal());
    }

    private void doHandleResponseWithValidResponse(byte[] bArr) {
        AuthenticationResult authenticationResult = (AuthenticationResult) Mockito.mock(AuthenticationResult.class);
        Mockito.when(this._authenticationProvider.authenticateViaAccessToken((String) Matchers.eq(VALID_TOKEN), (NamedAddressSpace) Matchers.any())).thenReturn(authenticationResult);
        assertEquals("Unexpected result", authenticationResult, this._negotiator.handleResponse(bArr));
        ((OAuth2AuthenticationProvider) Mockito.verify(this._authenticationProvider)).authenticateViaAccessToken((String) Matchers.eq(VALID_TOKEN), (NamedAddressSpace) Matchers.any());
        assertEquals("Unexpected second result status", AuthenticationResult.AuthenticationStatus.ERROR, this._negotiator.handleResponse(bArr).getStatus());
    }

    public void testHandleNoInitialResponse() throws Exception {
        AuthenticationResult handleResponse = this._negotiator.handleResponse(new byte[0]);
        assertEquals("Unexpected authentication status", AuthenticationResult.AuthenticationStatus.CONTINUE, handleResponse.getStatus());
        Assert.assertArrayEquals("Unexpected authentication challenge", new byte[0], handleResponse.getChallenge());
    }

    public void testHandleNoInitialResponseNull() throws Exception {
        AuthenticationResult handleResponse = this._negotiator.handleResponse((byte[]) null);
        assertEquals("Unexpected authentication status", AuthenticationResult.AuthenticationStatus.CONTINUE, handleResponse.getStatus());
        Assert.assertArrayEquals("Unexpected authentication challenge", new byte[0], handleResponse.getChallenge());
    }
}
