package org.apache.qpid.server.security.auth.sasl.external;

import java.security.Principal;
import javax.security.auth.x500.X500Principal;
import org.apache.qpid.server.security.auth.AuthenticationResult;
import org.apache.qpid.server.security.auth.manager.ExternalAuthenticationManager;
import org.apache.qpid.test.utils.QpidTestCase;
import org.mockito.Mockito;

/* loaded from: input_file:org/apache/qpid/server/security/auth/sasl/external/ExternalNegotiatorTest.class */
public class ExternalNegotiatorTest extends QpidTestCase {
    private static final String VALID_USER_DN = "cn=test,dc=example,dc=com";
    private static final String VALID_USER_NAME = "test@example.com";
    private static final String USERNAME_NO_CN_DC = "ou=test,o=example,o=com";

    public void testHandleResponseUseFullDNValidExternalPrincipal() throws Exception {
        ExternalAuthenticationManager externalAuthenticationManager = (ExternalAuthenticationManager) Mockito.mock(ExternalAuthenticationManager.class);
        Mockito.when(Boolean.valueOf(externalAuthenticationManager.getUseFullDN())).thenReturn(true);
        ExternalNegotiator externalNegotiator = new ExternalNegotiator(externalAuthenticationManager, new X500Principal(VALID_USER_DN));
        AuthenticationResult handleResponse = externalNegotiator.handleResponse(new byte[0]);
        assertEquals("Unexpected first result status", AuthenticationResult.AuthenticationStatus.SUCCESS, handleResponse.getStatus());
        String name = handleResponse.getMainPrincipal().getName();
        assertTrue(String.format("Unexpected first result principal '%s'", name), VALID_USER_DN.equalsIgnoreCase(name));
        assertEquals("Unexpected second result status", AuthenticationResult.AuthenticationStatus.ERROR, externalNegotiator.handleResponse(new byte[0]).getStatus());
    }

    public void testHandleResponseNotUseFullDNValidExternalPrincipal() throws Exception {
        ExternalAuthenticationManager externalAuthenticationManager = (ExternalAuthenticationManager) Mockito.mock(ExternalAuthenticationManager.class);
        Mockito.when(Boolean.valueOf(externalAuthenticationManager.getUseFullDN())).thenReturn(false);
        ExternalNegotiator externalNegotiator = new ExternalNegotiator(externalAuthenticationManager, new X500Principal(VALID_USER_DN));
        AuthenticationResult handleResponse = externalNegotiator.handleResponse(new byte[0]);
        assertEquals("Unexpected first result status", AuthenticationResult.AuthenticationStatus.SUCCESS, handleResponse.getStatus());
        assertEquals("Unexpected first result principal", VALID_USER_NAME, handleResponse.getMainPrincipal().getName());
        assertEquals("Unexpected second result status", AuthenticationResult.AuthenticationStatus.ERROR, externalNegotiator.handleResponse(new byte[0]).getStatus());
    }

    public void testHandleResponseNotUseFullDN_No_CN_DC_In_ExternalPrincipal() throws Exception {
        ExternalAuthenticationManager externalAuthenticationManager = (ExternalAuthenticationManager) Mockito.mock(ExternalAuthenticationManager.class);
        Mockito.when(Boolean.valueOf(externalAuthenticationManager.getUseFullDN())).thenReturn(false);
        AuthenticationResult handleResponse = new ExternalNegotiator(externalAuthenticationManager, new X500Principal(USERNAME_NO_CN_DC)).handleResponse(new byte[0]);
        assertEquals("Unexpected first result status", AuthenticationResult.AuthenticationStatus.ERROR, handleResponse.getStatus());
        assertNull("Unexpected first result principal", handleResponse.getMainPrincipal());
    }

    public void testHandleResponseUseFullDN_No_CN_DC_In_ExternalPrincipal() throws Exception {
        ExternalAuthenticationManager externalAuthenticationManager = (ExternalAuthenticationManager) Mockito.mock(ExternalAuthenticationManager.class);
        Mockito.when(Boolean.valueOf(externalAuthenticationManager.getUseFullDN())).thenReturn(true);
        ExternalNegotiator externalNegotiator = new ExternalNegotiator(externalAuthenticationManager, new X500Principal(USERNAME_NO_CN_DC));
        AuthenticationResult handleResponse = externalNegotiator.handleResponse(new byte[0]);
        assertEquals("Unexpected first result status", AuthenticationResult.AuthenticationStatus.SUCCESS, handleResponse.getStatus());
        String name = handleResponse.getMainPrincipal().getName();
        assertTrue(String.format("Unexpected first result principal '%s'", name), USERNAME_NO_CN_DC.equalsIgnoreCase(name));
        assertEquals("Unexpected second result status", AuthenticationResult.AuthenticationStatus.ERROR, externalNegotiator.handleResponse(new byte[0]).getStatus());
    }

    public void testHandleResponseFailsWithoutExternalPrincipal() throws Exception {
        ExternalAuthenticationManager externalAuthenticationManager = (ExternalAuthenticationManager) Mockito.mock(ExternalAuthenticationManager.class);
        Mockito.when(Boolean.valueOf(externalAuthenticationManager.getUseFullDN())).thenReturn(true);
        AuthenticationResult handleResponse = new ExternalNegotiator(externalAuthenticationManager, (Principal) null).handleResponse(new byte[0]);
        assertEquals("Unexpected first result status", AuthenticationResult.AuthenticationStatus.ERROR, handleResponse.getStatus());
        assertNull("Unexpected first result principal", handleResponse.getMainPrincipal());
    }

    public void testHandleResponseSucceedsForNonX500Principal() throws Exception {
        ExternalAuthenticationManager externalAuthenticationManager = (ExternalAuthenticationManager) Mockito.mock(ExternalAuthenticationManager.class);
        Mockito.when(Boolean.valueOf(externalAuthenticationManager.getUseFullDN())).thenReturn(true);
        Principal principal = (Principal) Mockito.mock(Principal.class);
        ExternalNegotiator externalNegotiator = new ExternalNegotiator(externalAuthenticationManager, principal);
        AuthenticationResult handleResponse = externalNegotiator.handleResponse(new byte[0]);
        assertEquals("Unexpected first result status", AuthenticationResult.AuthenticationStatus.SUCCESS, handleResponse.getStatus());
        assertEquals("Unexpected first result principal", principal, handleResponse.getMainPrincipal());
        assertEquals("Unexpected second result status", AuthenticationResult.AuthenticationStatus.ERROR, externalNegotiator.handleResponse(new byte[0]).getStatus());
    }
}
