package org.apache.shindig.social.core.oauth;

import java.io.OutputStream;
import java.io.PrintWriter;
import java.net.URI;
import java.net.URLEncoder;
import java.util.UUID;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.shindig.auth.AuthenticationHandler;
import org.apache.shindig.common.testing.FakeHttpServletRequest;
import org.apache.shindig.social.core.oauth2.OAuth2AuthenticationHandler;
import org.apache.shindig.social.core.oauth2.OAuth2Servlet;
import org.apache.shindig.social.dataservice.integration.AbstractLargeRestfulTests;
import org.easymock.Capture;
import org.easymock.EasyMock;
import org.json.JSONObject;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/shindig/social/core/oauth/OAuth2AuthCodeFlowTest.class */
public class OAuth2AuthCodeFlowTest extends AbstractLargeRestfulTests {
    protected static final String SIMPLE_ACCESS_TOKEN = "TEST_TOKEN";
    protected static final String PUBLIC_CLIENT_ID = "testClient";
    protected static final String PUBLIC_AUTH_CODE = "testClient_authcode_1";
    protected static final String CONF_CLIENT_ID = "advancedAuthorizationCodeClient";
    protected static final String CONF_CLIENT_SECRET = "advancedAuthorizationCodeClient_secret";
    protected static final String CONF_AUTH_CODE = "advancedClient_authcode_1";
    protected static final String PUBLIC_REDIRECT_URI = "http://localhost:8080/oauthclients/AuthorizationCodeClient";
    protected static final String REDIRECT_URI = "http://localhost:8080/oauthclients/AuthorizationCodeClient/friends";
    protected OAuth2Servlet servlet = null;

    @Override // org.apache.shindig.social.dataservice.integration.AbstractLargeRestfulTests
    @Before
    public void abstractLargeRestfulBefore() throws Exception {
        super.abstractLargeRestfulBefore();
        this.servlet = new OAuth2Servlet();
        this.injector.injectMembers(this.servlet);
    }

    /* JADX WARN: Type inference failed for: r0v15, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessToken() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2");
        fakeHttpServletRequest.setContentType("application/x-www-form-urlencoded");
        fakeHttpServletRequest.setPostData("client_id=testClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(PUBLIC_REDIRECT_URI, "UTF-8") + "&code=" + PUBLIC_AUTH_CODE, "UTF-8");
        fakeHttpServletRequest.setMethod("POST");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(200);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        JSONObject jSONObject = new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8"));
        assertEquals("bearer", jSONObject.getString("token_type"));
        assertNotNull(jSONObject.getString("access_token"));
        assertTrue(jSONObject.getLong("expires_in") > 0);
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v17, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAuthorizationCode() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2");
        fakeHttpServletRequest.setContentType("application/x-www-form-urlencoded");
        fakeHttpServletRequest.setPostData("client_id=testClient&response_type=code&redirect_uri=" + URLEncoder.encode(PUBLIC_REDIRECT_URI, "UTF-8"), "UTF-8");
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        Capture capture = new Capture();
        httpServletResponse.setHeader((String) EasyMock.eq("Location"), (String) EasyMock.capture(capture));
        httpServletResponse.setStatus(EasyMock.eq(302));
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        String str = new String(mockServletOutputStream.getBuffer(), "UTF-8");
        assertTrue(str == null || str.equals(""));
        verify();
        assertTrue(((String) capture.getValue()).startsWith("http://localhost:8080/oauthclients/AuthorizationCodeClient?code="));
        assertTrue(UUID.fromString(((String) capture.getValue()).substring(((String) capture.getValue()).indexOf("=") + 1)) != null);
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAuthorizationCodePreserveState() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=testClient&response_type=code&state=PRESERVEME&redirect_uri=" + URLEncoder.encode(PUBLIC_REDIRECT_URI, "UTF-8"));
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        Capture capture = new Capture();
        httpServletResponse.setHeader((String) EasyMock.eq("Location"), (String) EasyMock.capture(capture));
        httpServletResponse.setStatus(EasyMock.eq(302));
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        String str = new String(mockServletOutputStream.getBuffer(), "UTF-8");
        assertTrue(str == null || str.equals(""));
        verify();
        assertTrue(((String) capture.getValue()).startsWith(PUBLIC_REDIRECT_URI));
        URI uri = new URI((String) capture.getValue());
        assertTrue(uri.getQuery().contains("state=PRESERVEME"));
        assertTrue(uri.getQuery().contains("code="));
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAuthorizationCodeConfidential() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&response_type=code&client_secret=advancedAuthorizationCodeClient_secretredirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8"));
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        Capture capture = new Capture();
        httpServletResponse.setHeader((String) EasyMock.eq("Location"), (String) EasyMock.capture(capture));
        httpServletResponse.setStatus(302);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        String str = new String(mockServletOutputStream.getBuffer(), "UTF-8");
        assertTrue(str == null || str.equals(""));
        verify();
        assertTrue(((String) capture.getValue()).startsWith("http://localhost:8080/oauthclients/AuthorizationCodeClient/friends?code="));
        assertTrue(UUID.fromString(((String) capture.getValue()).substring(((String) capture.getValue()).indexOf("=") + 1)) != null);
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAuthorizationCodeNoRedirect() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&response_type=code");
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        Capture capture = new Capture();
        httpServletResponse.setHeader((String) EasyMock.eq("Location"), (String) EasyMock.capture(capture));
        httpServletResponse.setStatus(302);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        String str = new String(mockServletOutputStream.getBuffer(), "UTF-8");
        assertTrue(str == null || str.equals(""));
        verify();
        assertTrue(((String) capture.getValue()).startsWith("http://localhost:8080/oauthclients/AuthorizationCodeClient/friends?code="));
        assertTrue(UUID.fromString(((String) capture.getValue()).substring(((String) capture.getValue()).indexOf("=") + 1)) != null);
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAuthorizationCodeBadRedirect() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&response_type=code&redirect_uri=" + URLEncoder.encode("http://example.org/redirect/", "UTF-8"));
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(403);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        assertEquals("invalid_request", new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8")).getString("error"));
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v59, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testConfidentialAuthCodeFlow() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&client_secret=advancedAuthorizationCodeClient_secret&response_type=code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8"));
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        Capture capture = new Capture();
        httpServletResponse.setHeader((String) EasyMock.eq("Location"), (String) EasyMock.capture(capture));
        httpServletResponse.setStatus(EasyMock.eq(302));
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        String str = new String(mockServletOutputStream.getBuffer(), "UTF-8");
        assertTrue(str == null || str.equals(""));
        verify();
        assertTrue(((String) capture.getValue()).startsWith("http://localhost:8080/oauthclients/AuthorizationCodeClient/friends?code="));
        String substring = ((String) capture.getValue()).substring(((String) capture.getValue()).indexOf("=") + 1);
        assertTrue(UUID.fromString(substring) != null);
        reset();
        FakeHttpServletRequest fakeHttpServletRequest2 = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=" + substring + "&client_secret=" + CONF_CLIENT_SECRET);
        fakeHttpServletRequest2.setMethod("POST");
        fakeHttpServletRequest2.setServletPath("/oauth2");
        fakeHttpServletRequest2.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse2 = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse2.setStatus(200);
        ?? mockServletOutputStream2 = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse2.getOutputStream()).andReturn((Object) mockServletOutputStream2).anyTimes();
        PrintWriter printWriter2 = new PrintWriter((OutputStream) mockServletOutputStream2);
        EasyMock.expect(httpServletResponse2.getWriter()).andReturn(printWriter2).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest2, httpServletResponse2);
        printWriter2.flush();
        JSONObject jSONObject = new JSONObject(new String(mockServletOutputStream2.getBuffer(), "UTF-8"));
        assertEquals("bearer", jSONObject.getString("token_type"));
        assertNotNull(jSONObject.getString("access_token"));
        assertTrue(jSONObject.getLong("expires_in") > 0);
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessTokenConfidentialClientParams() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=" + CONF_AUTH_CODE + "&client_secret=" + CONF_CLIENT_SECRET);
        fakeHttpServletRequest.setMethod("POST");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(200);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        JSONObject jSONObject = new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8"));
        assertEquals("bearer", jSONObject.getString("token_type"));
        assertNotNull(jSONObject.getString("access_token"));
        assertTrue(jSONObject.getLong("expires_in") > 0);
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessTokenConfidentialClientBasicAuth() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=" + CONF_AUTH_CODE);
        fakeHttpServletRequest.setHeader("Authorization", "Basic " + Base64.encodeBase64String("advancedAuthorizationCodeClient:advancedAuthorizationCodeClient_secret".getBytes("UTF-8")));
        fakeHttpServletRequest.setMethod("POST");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(200);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        JSONObject jSONObject = new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8"));
        assertEquals("bearer", jSONObject.getString("token_type"));
        assertNotNull(jSONObject.getString("access_token"));
        assertTrue(jSONObject.getLong("expires_in") > 0);
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v13, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessTokenConfClientBasicAuthBadID() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=" + CONF_AUTH_CODE);
        fakeHttpServletRequest.setHeader("Authorization", "Basic " + Base64.encodeBase64String("BAD_ID:advancedAuthorizationCodeClient_secret".getBytes("UTF-8")));
        fakeHttpServletRequest.setMethod("POST");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(403);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        String str = new String(mockServletOutputStream.getBuffer(), "UTF-8");
        assertTrue(str == null || str.equals(""));
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v15, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessTokenBadConfidentialClientParams() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2");
        fakeHttpServletRequest.setContentType("application/x-www-form-urlencoded");
        fakeHttpServletRequest.setPostData("client_id=advancedAuthorizationCodeClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=" + CONF_AUTH_CODE + "&client_secret=BAD_SECRET", "UTF-8");
        fakeHttpServletRequest.setMethod("POST");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(400);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        assertEquals("unauthorized_client", new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8")).getString("error"));
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessTokenBadClient() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=BAD_CLIENT&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=" + PUBLIC_AUTH_CODE);
        fakeHttpServletRequest.setMethod("POST");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(400);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        assertEquals("invalid_client", new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8")).getString("error"));
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessTokenBadGrantType() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=testClient&grant_type=BAD_GRANT&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=" + PUBLIC_AUTH_CODE);
        fakeHttpServletRequest.setMethod("POST");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(400);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        assertEquals("unsupported_grant_type", new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8")).getString("error"));
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testGetAccessTokenBadAuthCode() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=testClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=BAD-CODE-OMG");
        fakeHttpServletRequest.setMethod("POST");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.setStatus(400);
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        assertEquals("invalid_grant", new JSONObject(new String(mockServletOutputStream.getBuffer(), "UTF-8")).getString("error"));
        verify();
    }

    /* JADX WARN: Type inference failed for: r0v112, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v13, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r0v60, types: [java.io.OutputStream, org.apache.shindig.social.core.oauth.MockServletOutputStream, java.lang.Object] */
    @Test
    public void testReuseAuthorizationCode() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&client_secret=advancedAuthorizationCodeClient_secret&response_type=code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8"));
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/authorize");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        Capture capture = new Capture();
        httpServletResponse.setHeader((String) EasyMock.eq("Location"), (String) EasyMock.capture(capture));
        httpServletResponse.setStatus(EasyMock.eq(302));
        ?? mockServletOutputStream = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse.getOutputStream()).andReturn((Object) mockServletOutputStream).anyTimes();
        PrintWriter printWriter = new PrintWriter((OutputStream) mockServletOutputStream);
        EasyMock.expect(httpServletResponse.getWriter()).andReturn(printWriter).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        printWriter.flush();
        String str = new String(mockServletOutputStream.getBuffer(), "UTF-8");
        assertTrue(str == null || str.equals(""));
        verify();
        assertTrue(((String) capture.getValue()).startsWith("http://localhost:8080/oauthclients/AuthorizationCodeClient/friends?code="));
        String substring = ((String) capture.getValue()).substring(((String) capture.getValue()).indexOf("=") + 1);
        assertTrue(UUID.fromString(substring) != null);
        System.out.println("Retrieved authorization code: " + substring);
        reset();
        FakeHttpServletRequest fakeHttpServletRequest2 = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=" + substring + "&client_secret=" + CONF_CLIENT_SECRET);
        fakeHttpServletRequest2.setMethod("POST");
        fakeHttpServletRequest2.setServletPath("/oauth2");
        fakeHttpServletRequest2.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse2 = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse2.setStatus(200);
        ?? mockServletOutputStream2 = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse2.getOutputStream()).andReturn((Object) mockServletOutputStream2).anyTimes();
        PrintWriter printWriter2 = new PrintWriter((OutputStream) mockServletOutputStream2);
        EasyMock.expect(httpServletResponse2.getWriter()).andReturn(printWriter2).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest2, httpServletResponse2);
        printWriter2.flush();
        JSONObject jSONObject = new JSONObject(new String(mockServletOutputStream2.getBuffer(), "UTF-8"));
        assertEquals("bearer", jSONObject.getString("token_type"));
        assertNotNull(jSONObject.getString("access_token"));
        assertTrue(jSONObject.getLong("expires_in") > 0);
        verify();
        String string = jSONObject.getString("access_token");
        System.out.println("Retrieved access token: " + string);
        reset();
        OAuth2AuthenticationHandler oAuth2AuthenticationHandler = (OAuth2AuthenticationHandler) this.injector.getInstance(OAuth2AuthenticationHandler.class);
        FakeHttpServletRequest fakeHttpServletRequest3 = new FakeHttpServletRequest("http://localhost:8080", "/social/rest/activitystreams/john.doe/@self/1/object1", "access_token=" + string);
        fakeHttpServletRequest3.setMethod("GET");
        assertNotNull(oAuth2AuthenticationHandler.getSecurityTokenFromRequest(fakeHttpServletRequest3));
        reset();
        FakeHttpServletRequest fakeHttpServletRequest4 = new FakeHttpServletRequest("http://localhost:8080", "/oauth2", "client_id=advancedAuthorizationCodeClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(REDIRECT_URI, "UTF-8") + "&code=" + substring + "&client_secret=" + CONF_CLIENT_SECRET);
        fakeHttpServletRequest4.setMethod("POST");
        fakeHttpServletRequest4.setServletPath("/oauth2");
        fakeHttpServletRequest4.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse3 = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse3.setStatus(403);
        ?? mockServletOutputStream3 = new MockServletOutputStream();
        EasyMock.expect(httpServletResponse3.getOutputStream()).andReturn((Object) mockServletOutputStream3).anyTimes();
        PrintWriter printWriter3 = new PrintWriter((OutputStream) mockServletOutputStream3);
        EasyMock.expect(httpServletResponse3.getWriter()).andReturn(printWriter3).anyTimes();
        replay();
        this.servlet.service(fakeHttpServletRequest4, httpServletResponse3);
        printWriter3.flush();
        JSONObject jSONObject2 = new JSONObject(new String(mockServletOutputStream3.getBuffer(), "UTF-8"));
        System.out.println("Rejection response: " + jSONObject2.toString());
        assertEquals("invalid_grant", jSONObject2.getString("error"));
        verify();
        FakeHttpServletRequest fakeHttpServletRequest5 = new FakeHttpServletRequest("http://localhost:8080", "/social/rest/activitystreams/john.doe/@self/1/object1", "access_token=" + string);
        fakeHttpServletRequest5.setMethod("GET");
        try {
            oAuth2AuthenticationHandler.getSecurityTokenFromRequest(fakeHttpServletRequest5);
            fail("Should have thrown InvalidAuthenticationException");
        } catch (AuthenticationHandler.InvalidAuthenticationException e) {
        }
    }

    @Test
    public void testGetAccessTokenBadMethodType() throws Exception {
        FakeHttpServletRequest fakeHttpServletRequest = new FakeHttpServletRequest("http://localhost:8080/oauth2");
        fakeHttpServletRequest.setContentType("application/x-www-form-urlencoded");
        fakeHttpServletRequest.setPostData("client_id=testClient&grant_type=authorization_code&redirect_uri=" + URLEncoder.encode(PUBLIC_REDIRECT_URI, "UTF-8") + "&code=" + PUBLIC_AUTH_CODE, "UTF-8");
        fakeHttpServletRequest.setMethod("GET");
        fakeHttpServletRequest.setServletPath("/oauth2");
        fakeHttpServletRequest.setPathInfo("/access_token");
        HttpServletResponse httpServletResponse = (HttpServletResponse) mock(HttpServletResponse.class);
        httpServletResponse.sendError(405, "The client MUST use the HTTP \"POST\" method when making access token requests.");
        replay();
        this.servlet.service(fakeHttpServletRequest, httpServletResponse);
        verify();
    }
}
