package io.confluent.common.security.jetty;

import io.confluent.common.security.jetty.jwt.JwtBuilder;
import javax.security.auth.Subject;
import javax.servlet.ServletRequest;
import org.easymock.EasyMock;
import org.eclipse.jetty.security.LoginService;
import org.eclipse.jetty.server.UserIdentity;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;

/* loaded from: input_file:io/confluent/common/security/jetty/JwtWithFallbackLoginServiceTest.class */
public class JwtWithFallbackLoginServiceTest {
    private static final JwtBuilder JWT_BUILDER = new JwtBuilder();
    private static final String JWT = JWT_BUILDER.buildJwt("lkc-1234");

    @Rule
    public TemporaryFolder tempFolder = new TemporaryFolder();
    private JwtLoginService jwtLoginService;
    private JwtLoginService mockJwtLoginService;
    private LoginService fallbackLoginService;
    private JwtWithFallbackLoginService loginService;

    @Before
    public void setup() throws Exception {
        this.jwtLoginService = new JwtLoginService((String) null, "Confluent", JWT_BUILDER.createJwtPublicKey(this.tempFolder.getRoot().toPath().resolve("public.key")).toString(), "clusters");
        this.jwtLoginService.doStart();
        this.fallbackLoginService = (LoginService) EasyMock.createMock(LoginService.class);
        EasyMock.expect(this.fallbackLoginService.getName()).andReturn((Object) null).anyTimes();
        this.mockJwtLoginService = (JwtLoginService) EasyMock.createMock(JwtLoginService.class);
        EasyMock.expect(this.mockJwtLoginService.getName()).andReturn((Object) null).anyTimes();
    }

    @Test
    public void testValidJwt() {
        this.loginService = new JwtWithFallbackLoginService(this.jwtLoginService, this.fallbackLoginService);
        UserIdentity login = this.loginService.login((String) null, JWT, (ServletRequest) null);
        Assert.assertNotNull(login);
        Assert.assertEquals("franz", login.getUserPrincipal().getName());
    }

    @Test
    public void testFallbackLogin() {
        EasyMock.expect(this.fallbackLoginService.login((String) null, "othercredentials", (ServletRequest) null)).andReturn(EasyMock.createMock(UserIdentity.class)).once();
        EasyMock.replay(new Object[]{this.fallbackLoginService});
        this.loginService = new JwtWithFallbackLoginService(this.jwtLoginService, this.fallbackLoginService);
        this.loginService.login((String) null, "othercredentials", (ServletRequest) null);
        EasyMock.verify(new Object[]{this.fallbackLoginService});
    }

    @Test
    public void testJwtLogout() {
        UserIdentity login = this.jwtLoginService.login((String) null, JWT, (ServletRequest) null);
        this.mockJwtLoginService.logout(login);
        EasyMock.expectLastCall().once();
        EasyMock.replay(new Object[]{this.fallbackLoginService, this.mockJwtLoginService});
        this.loginService = new JwtWithFallbackLoginService(this.mockJwtLoginService, this.fallbackLoginService);
        this.loginService.logout(login);
        EasyMock.verify(new Object[]{this.fallbackLoginService, this.mockJwtLoginService});
    }

    @Test
    public void testFallbackLogout() {
        Subject subject = new Subject();
        subject.getPrincipals().add(() -> {
            return "franz";
        });
        UserIdentity userIdentity = (UserIdentity) EasyMock.createMock(UserIdentity.class);
        EasyMock.expect(userIdentity.getSubject()).andReturn(subject).once();
        this.fallbackLoginService.logout(userIdentity);
        EasyMock.expectLastCall().once();
        EasyMock.replay(new Object[]{this.fallbackLoginService, userIdentity});
        this.loginService = new JwtWithFallbackLoginService(this.jwtLoginService, this.fallbackLoginService);
        this.loginService.logout(userIdentity);
        EasyMock.verify(new Object[]{this.fallbackLoginService, userIdentity});
    }

    @Test
    public void testJwtValidate() {
        UserIdentity login = this.jwtLoginService.login((String) null, JWT, (ServletRequest) null);
        EasyMock.expect(Boolean.valueOf(this.mockJwtLoginService.validate(login))).andReturn(true).once();
        EasyMock.replay(new Object[]{this.fallbackLoginService, this.mockJwtLoginService});
        this.loginService = new JwtWithFallbackLoginService(this.mockJwtLoginService, this.fallbackLoginService);
        this.loginService.validate(login);
        EasyMock.verify(new Object[]{this.fallbackLoginService, this.mockJwtLoginService});
    }

    @Test
    public void testFallbackValidate() {
        Subject subject = new Subject();
        subject.getPrincipals().add(() -> {
            return "franz";
        });
        UserIdentity userIdentity = (UserIdentity) EasyMock.createMock(UserIdentity.class);
        EasyMock.expect(userIdentity.getSubject()).andReturn(subject).once();
        EasyMock.expect(Boolean.valueOf(this.fallbackLoginService.validate(userIdentity))).andReturn(true).once();
        EasyMock.replay(new Object[]{this.fallbackLoginService, userIdentity});
        this.loginService = new JwtWithFallbackLoginService(this.jwtLoginService, this.fallbackLoginService);
        this.loginService.validate(userIdentity);
        EasyMock.verify(new Object[]{this.fallbackLoginService, userIdentity});
    }

    @Test(expected = IllegalArgumentException.class)
    public void testRealmNamesMismatch() {
        LoginService loginService = (LoginService) EasyMock.createMock(LoginService.class);
        EasyMock.expect(loginService.getName()).andReturn("dummyrealm").anyTimes();
        EasyMock.replay(new Object[]{loginService});
        new JwtWithFallbackLoginService(this.jwtLoginService, loginService);
    }

    @Test
    public void testRealmName() {
        LoginService loginService = (LoginService) EasyMock.createMock(LoginService.class);
        EasyMock.expect(loginService.getName()).andReturn("dummyrealm").anyTimes();
        EasyMock.replay(new Object[]{loginService});
        this.loginService = new JwtWithFallbackLoginService(new JwtLoginService("dummyrealm", "Confluent", "/path/to/key", "test"), loginService);
        Assert.assertEquals("dummyrealm", this.loginService.getName());
    }
}
