package org.apache.submarine.server.security.oidc;

import com.github.tomakehurst.wiremock.client.WireMock;
import com.github.tomakehurst.wiremock.junit.WireMockRule;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.reflect.TypeToken;
import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.Map;
import java.util.Objects;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.core.Response;
import org.apache.submarine.commons.utils.SubmarineConfVars;
import org.apache.submarine.commons.utils.SubmarineConfiguration;
import org.apache.submarine.server.api.environment.EnvironmentId;
import org.apache.submarine.server.api.workbench.UserInfo;
import org.apache.submarine.server.rest.workbench.SysUserRestApi;
import org.apache.submarine.server.security.SecurityFactory;
import org.apache.submarine.server.security.SecurityProvider;
import org.apache.submarine.server.security.common.RegistryUserActionAdapter;
import org.apache.submarine.server.utils.gson.EnvironmentIdDeserializer;
import org.apache.submarine.server.utils.gson.EnvironmentIdSerializer;
import org.apache.submarine.server.utils.response.JsonResponse;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.mockito.Mockito;
import org.pac4j.core.config.Config;
import org.pac4j.core.profile.UserProfile;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/submarine/server/security/oidc/SubmarineAuthOidcTest.class */
public class SubmarineAuthOidcTest {
    private SysUserRestApi sysUserRestApi;
    private RegistryUserActionAdapter userActionAdapter;

    @Rule
    public final WireMockRule wireMockRule = new WireMockRule(8080);
    private static final Logger LOG = LoggerFactory.getLogger(SubmarineAuthOidcTest.class);
    private static final SubmarineConfiguration conf = SubmarineConfiguration.getInstance();
    private static final GsonBuilder gsonBuilder = new GsonBuilder().registerTypeAdapter(EnvironmentId.class, new EnvironmentIdSerializer()).registerTypeAdapter(EnvironmentId.class, new EnvironmentIdDeserializer());
    private static final Gson gson = gsonBuilder.setDateFormat("yyyy-MM-dd HH:mm:ss").create();

    @Before
    public void before() {
        conf.updateConfiguration("submarine.auth.type", "oidc");
        conf.updateConfiguration("submarine.auth.oidc.client.id", "test");
        conf.updateConfiguration("submarine.auth.oidc.client.secret", "secret");
        conf.updateConfiguration("submarine.auth.oidc.discover.uri", "http://localhost:8080/auth/realms/test-login/.well-known/openid-configuration");
        conf.setJdbcUrl("jdbc:mysql://127.0.0.1:3306/submarine_test?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&failOverReadOnly=false&zeroDateTimeBehavior=convertToNull&useSSL=false");
        conf.setJdbcUserName("submarine_test");
        conf.setJdbcPassword("password_test");
        this.sysUserRestApi = new SysUserRestApi();
        this.userActionAdapter = new RegistryUserActionAdapter();
        this.wireMockRule.stubFor(WireMock.get(WireMock.urlEqualTo("/auth/realms/test-login/.well-known/openid-configuration")).willReturn(WireMock.aResponse().withHeader("Content-Type", new String[]{"application/json"}).withBody(getResourceFileContent("security/openid-configuration.json"))));
        this.wireMockRule.stubFor(WireMock.get(WireMock.urlEqualTo("/auth/realms/test-login/protocol/openid-connect/userinfo")).willReturn(WireMock.aResponse().withHeader("Content-Type", new String[]{"application/json"}).withBody(getResourceFileContent("security/user-info.json"))));
    }

    public static String getResourceFileContent(String str) {
        try {
            return new String(Files.readAllBytes(Paths.get(new File(((URL) Objects.requireNonNull(SubmarineAuthOidcTest.class.getClassLoader().getResource(str))).getPath()).toString(), new String[0])));
        } catch (IOException e) {
            LOG.error("Can not find file: " + str, e);
            return null;
        }
    }

    /* JADX WARN: Type inference failed for: r0v64, types: [org.apache.submarine.server.security.oidc.SubmarineAuthOidcTest$1] */
    @Test
    public void testOidcType() throws ServletException, IOException {
        Assert.assertEquals(conf.getString(SubmarineConfVars.ConfVars.SUBMARINE_AUTH_TYPE), "oidc");
        SecurityProvider securityProvider = (SecurityProvider) SecurityFactory.getSecurityProvider().get();
        Assert.assertNotNull(securityProvider);
        Assert.assertEquals(securityProvider.getFilterClass(), OidcFilter.class);
        Config config = securityProvider.getConfig();
        Assert.assertTrue(config.getClients().findClient("headerClient").isPresent());
        Assert.assertTrue(config.getClients().findClient("oidcClient").isPresent());
        OidcFilter oidcFilter = new OidcFilter();
        oidcFilter.init((FilterConfig) null);
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        MockOidcHttpServletRequest mockOidcHttpServletRequest = new MockOidcHttpServletRequest();
        mockOidcHttpServletRequest.setRequestURL(new StringBuffer("/api/sys/user/info"));
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(new PrintWriter(new StringWriter()));
        oidcFilter.doFilter(mockOidcHttpServletRequest, httpServletResponse, filterChain);
        ((HttpServletResponse) Mockito.verify(httpServletResponse)).sendError(401, "The token/session is not valid.");
        mockOidcHttpServletRequest.setHeader("Authorization", "Bearer XXX");
        oidcFilter.doFilter(mockOidcHttpServletRequest, httpServletResponse, filterChain);
        ((FilterChain) Mockito.verify(filterChain)).doFilter(mockOidcHttpServletRequest, httpServletResponse);
        Assert.assertNotNull(mockOidcHttpServletRequest.getAttribute("pac4jUserProfiles"));
        this.userActionAdapter.createUndefinedUser((UserProfile) ((Map) mockOidcHttpServletRequest.getAttribute("pac4jUserProfiles")).get("HeaderClient"));
        Response info = this.sysUserRestApi.info(mockOidcHttpServletRequest, httpServletResponse);
        Assert.assertEquals(info.getStatus(), Response.Status.OK.getStatusCode());
        Assert.assertEquals(((UserInfo) ((JsonResponse) gson.fromJson((String) info.getEntity(), new TypeToken<JsonResponse<UserInfo>>() { // from class: org.apache.submarine.server.security.oidc.SubmarineAuthOidcTest.1
        }.getType())).getResult()).getName(), "oidc_test");
    }

    @After
    public void after() {
        conf.updateConfiguration("submarine.auth.type", "none");
    }
}
