package org.apache.shindig.social.core.oauth;

import java.io.OutputStream;
import java.io.PrintWriter;
import java.net.URLEncoder;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;
import org.apache.shindig.common.testing.FakeHttpServletRequest;
import org.apache.shindig.common.uri.UriBuilder;
import org.apache.shindig.social.core.oauth2.OAuth2Servlet;
import org.apache.shindig.social.dataservice.integration.AbstractLargeRestfulTests;
import org.easymock.Capture;
import org.easymock.EasyMock;
import org.json.JSONObject;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/shindig/social/core/oauth/OAuth2ImplicitFlowTest.class */
public class OAuth2ImplicitFlowTest extends AbstractLargeRestfulTests {
    protected OAuth2Servlet servlet = null;
    public static final String IMPLICIT_CLIENT_ID = "advancedImplicitClient";
    protected static final String REDIRECT_URI = "http://localhost:8080/oauthclients/ImplicitClientHelper.html";

    @Override // org.apache.shindig.social.dataservice.integration.AbstractLargeRestfulTests
    @Before
    public void abstractLargeRestfulBefore() throws Exception {
        super.abstractLargeRestfulBefore();
        this.servlet = new OAuth2Servlet();
        this.injector.injectMembers(this.servlet);
    }

    @Test
    public void testGetAccessTokenWithRedirectParamAndState() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2");
        fakeHttpServletRequest.setContentType("application/x-www-form-urlencoded");
        fakeHttpServletRequest.setPostData("client_id=advancedImplicitClient&response_type=token&state=PRESERVEME&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8"), "UTF-8");
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        Capture capture = new Capture();
        httpServletResponse.setHeader((String) EasyMock.eq("Location"), (String) EasyMock.capture(capture));
        httpServletResponse.setStatus(302);
        ServletOutputStream mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn(mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        String fragment = UriBuilder.parse((String) capture.getValue()).getFragment();
        assertTrue(((String) capture.getValue()).startsWith(REDIRECT_URI));
        assertTrue(fragment.contains("token_type=bearer"));
        assertTrue(fragment.contains("access_token="));
        assertTrue(fragment.contains("expires_in="));
        assertTrue(fragment.contains("state=PRESERVEME"));
        verify();
    }

    @Test
    public void testGetAccessTokenNoRedirectParam() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2");
        fakeHttpServletRequest.setContentType("application/x-www-form-urlencoded");
        fakeHttpServletRequest.setPostData("client_id=advancedImplicitClient&response_type=token", "UTF-8");
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        Capture capture = new Capture();
        httpServletResponse.setHeader((String) EasyMock.eq("Location"), (String) EasyMock.capture(capture));
        httpServletResponse.setStatus(302);
        ServletOutputStream mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn(mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        String fragment = UriBuilder.parse((String) capture.getValue()).getFragment();
        assertTrue(((String) capture.getValue()).startsWith(REDIRECT_URI));
        assertTrue(fragment.contains("token_type=bearer"));
        assertTrue(fragment.contains("access_token="));
        assertTrue(fragment.contains("expires_in="));
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v15, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessTokenWithBadRedirect() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2");
        fakeHttpServletRequest.setContentType("application/x-www-form-urlencoded");
        fakeHttpServletRequest.setPostData("client_id=advancedImplicitClient&response_type=token&redirect_uri=" + URLEncoder.encode("BAD_REDIRECT", "UTF-8"), "UTF-8");
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(EasyMock.eq(403));
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        verify();
        assertTrue(new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8")).has("error"));
    }

    /* JADX WARN: Type inference failed for: r0v15, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessTokenWithBadClientID() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2");
        fakeHttpServletRequest.setContentType("application/x-www-form-urlencoded");
        fakeHttpServletRequest.setPostData("client_id=BAD-ID&response_type=token&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8"), "UTF-8");
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(EasyMock.eq(403));
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        verify();
        assertTrue(new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8")).has("error"));
    }
}
