package org.apache.shindig.social.core.oauth;

import com.google.inject.Guice;
import com.google.inject.Module;
import org.apache.shindig.auth.AuthenticationHandler;
import org.apache.shindig.common.EasyMockTestCase;
import org.apache.shindig.common.testing.FakeHttpServletRequest;
import org.apache.shindig.social.SocialApiTestsGuiceModule;
import org.apache.shindig.social.core.oauth2.OAuth2AuthenticationHandler;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/shindig/social/core/oauth/OAuth2AuthenticationHandlerTest.class */
public class OAuth2AuthenticationHandlerTest extends EasyMockTestCase {
    private final String ACCESS_TOKEN = "testClient_accesstoken_1";
    protected OAuth2AuthenticationHandler handler = null;

    @Before
    public void setUp() {
        this.handler = (OAuth2AuthenticationHandler) Guice.createInjector(new Module[]{new SocialApiTestsGuiceModule()}).getInstance(OAuth2AuthenticationHandler.class);
    }

    @Test
    public void testValidAccessTokenViaURL() throws AuthenticationHandler.InvalidAuthenticationException {
        replay();
        this.handler.getSecurityTokenFromRequest(new FakeHttpServletRequest("http://localhost:8080/oauth2", "/some_protected_uri", "access_token=testClient_accesstoken_1"));
    }

    @Test
    public void testInvalidAccessTokenViaURL() {
        replay();
        try {
            this.handler.getSecurityTokenFromRequest(new FakeHttpServletRequest("http://localhost:8080/oauth2", "/some_protected_uri", "access_token=BADTOKEN"));
            fail("Handler allowed invalid token without throwing exception");
        } catch (AuthenticationHandler.InvalidAuthenticationException e) {
        }
    }

    @Test
    public void testValidAccessTokenViaHeader() throws AuthenticationHandler.InvalidAuthenticationException {
        replay();
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2", "/some_protected_uri", "");
        fakeHttpServletRequest.setHeader("Authorization", "Bearer testClient_accesstoken_1");
        this.handler.getSecurityTokenFromRequest(fakeHttpServletRequest);
    }

    @Test
    public void testInvalidAccessTokenViaHeader() {
        replay();
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2", "/some_protected_uri", "");
        fakeHttpServletRequest.setHeader("Authorization", "Bearer BADVALUEK");
        try {
            this.handler.getSecurityTokenFromRequest(fakeHttpServletRequest);
            fail("Handler allowed invalid token without throwing exception");
        } catch (AuthenticationHandler.InvalidAuthenticationException e) {
        }
    }
}
