package org.springframework.security.web.authentication.www;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.AdditionalMatchers;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.authentication.WebAuthenticationDetails;

/* loaded from: input_file:org/springframework/security/web/authentication/www/BasicProcessingFilterTests.class */
public class BasicProcessingFilterTests {
    private BasicProcessingFilter filter;
    private AuthenticationManager manager;

    private MockHttpServletResponse executeFilterInContainerSimulator(Filter filter, ServletRequest servletRequest, boolean z) throws ServletException, IOException {
        filter.init((FilterConfig) Mockito.mock(FilterConfig.class));
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        filter.doFilter(servletRequest, mockHttpServletResponse, filterChain);
        filter.destroy();
        ((FilterChain) Mockito.verify(filterChain, z ? Mockito.times(1) : Mockito.never())).doFilter((ServletRequest) Matchers.any(ServletRequest.class), (ServletResponse) Matchers.any(ServletResponse.class));
        return mockHttpServletResponse;
    }

    @Before
    public void setUp() throws Exception {
        SecurityContextHolder.clearContext();
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken("rod", "koala");
        usernamePasswordAuthenticationToken.setDetails(new WebAuthenticationDetails(new MockHttpServletRequest()));
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken2 = new UsernamePasswordAuthenticationToken("rod", "koala", AuthorityUtils.createAuthorityList(new String[]{"ROLE_1"}));
        this.manager = (AuthenticationManager) Mockito.mock(AuthenticationManager.class);
        Mockito.when(this.manager.authenticate(usernamePasswordAuthenticationToken)).thenReturn(usernamePasswordAuthenticationToken2);
        Mockito.when(this.manager.authenticate((Authentication) AdditionalMatchers.not(Matchers.eq(usernamePasswordAuthenticationToken)))).thenThrow(new Throwable[]{new BadCredentialsException("")});
        this.filter = new BasicProcessingFilter();
        this.filter.setAuthenticationManager(this.manager);
        this.filter.setAuthenticationEntryPoint(new BasicProcessingFilterEntryPoint());
    }

    @After
    public void clearContext() throws Exception {
        SecurityContextHolder.clearContext();
    }

    @Test
    public void testFilterIgnoresRequestsContainingNoAuthorizationHeader() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/some_file.html");
        executeFilterInContainerSimulator(this.filter, mockHttpServletRequest, true);
        Assert.assertNull(SecurityContextHolder.getContext().getAuthentication());
    }

    @Test
    public void testGettersSetters() {
        BasicProcessingFilter basicProcessingFilter = new BasicProcessingFilter();
        basicProcessingFilter.setAuthenticationManager(this.manager);
        Assert.assertTrue(basicProcessingFilter.getAuthenticationManager() != null);
        basicProcessingFilter.setAuthenticationEntryPoint((AuthenticationEntryPoint) Mockito.mock(AuthenticationEntryPoint.class));
        Assert.assertTrue(basicProcessingFilter.getAuthenticationEntryPoint() != null);
    }

    @Test
    public void testInvalidBasicAuthorizationTokenIsIgnored() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64("NOT_A_VALID_TOKEN_AS_MISSING_COLON".getBytes())));
        mockHttpServletRequest.setServletPath("/some_file.html");
        mockHttpServletRequest.setSession(new MockHttpSession());
        executeFilterInContainerSimulator(this.filter, mockHttpServletRequest, false);
        Assert.assertNull(SecurityContextHolder.getContext().getAuthentication());
    }

    @Test
    public void testNormalOperation() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64("rod:koala".getBytes())));
        mockHttpServletRequest.setServletPath("/some_file.html");
        Assert.assertNull(SecurityContextHolder.getContext().getAuthentication());
        executeFilterInContainerSimulator(this.filter, mockHttpServletRequest, true);
        Assert.assertNotNull(SecurityContextHolder.getContext().getAuthentication());
        Assert.assertEquals("rod", SecurityContextHolder.getContext().getAuthentication().getName());
    }

    @Test
    public void testOtherAuthorizationSchemeIsIgnored() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addHeader("Authorization", "SOME_OTHER_AUTHENTICATION_SCHEME");
        mockHttpServletRequest.setServletPath("/some_file.html");
        executeFilterInContainerSimulator(this.filter, mockHttpServletRequest, true);
        Assert.assertNull(SecurityContextHolder.getContext().getAuthentication());
    }

    @Test(expected = IllegalArgumentException.class)
    public void testStartupDetectsMissingAuthenticationEntryPoint() throws Exception {
        BasicProcessingFilter basicProcessingFilter = new BasicProcessingFilter();
        basicProcessingFilter.setAuthenticationManager(this.manager);
        basicProcessingFilter.afterPropertiesSet();
    }

    @Test(expected = IllegalArgumentException.class)
    public void testStartupDetectsMissingAuthenticationManager() throws Exception {
        BasicProcessingFilter basicProcessingFilter = new BasicProcessingFilter();
        basicProcessingFilter.setAuthenticationEntryPoint((AuthenticationEntryPoint) Mockito.mock(AuthenticationEntryPoint.class));
        basicProcessingFilter.afterPropertiesSet();
    }

    @Test
    public void testSuccessLoginThenFailureLoginResultsInSessionLosingToken() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64("rod:koala".getBytes())));
        mockHttpServletRequest.setServletPath("/some_file.html");
        executeFilterInContainerSimulator(this.filter, mockHttpServletRequest, true);
        Assert.assertNotNull(SecurityContextHolder.getContext().getAuthentication());
        Assert.assertEquals("rod", SecurityContextHolder.getContext().getAuthentication().getName());
        MockHttpServletRequest mockHttpServletRequest2 = new MockHttpServletRequest();
        mockHttpServletRequest2.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64("otherUser:WRONG_PASSWORD".getBytes())));
        mockHttpServletRequest2.setServletPath("/some_file.html");
        MockHttpServletResponse executeFilterInContainerSimulator = executeFilterInContainerSimulator(this.filter, mockHttpServletRequest2, false);
        Assert.assertNull(SecurityContextHolder.getContext().getAuthentication());
        Assert.assertEquals(401L, executeFilterInContainerSimulator.getStatus());
    }

    @Test
    public void testWrongPasswordContinuesFilterChainIfIgnoreFailureIsTrue() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64("rod:WRONG_PASSWORD".getBytes())));
        mockHttpServletRequest.setServletPath("/some_file.html");
        mockHttpServletRequest.setSession(new MockHttpSession());
        this.filter.setIgnoreFailure(true);
        Assert.assertTrue(this.filter.isIgnoreFailure());
        executeFilterInContainerSimulator(this.filter, mockHttpServletRequest, true);
        Assert.assertNull(SecurityContextHolder.getContext().getAuthentication());
    }

    @Test
    public void testWrongPasswordReturnsForbiddenIfIgnoreFailureIsFalse() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64("rod:WRONG_PASSWORD".getBytes())));
        mockHttpServletRequest.setServletPath("/some_file.html");
        mockHttpServletRequest.setSession(new MockHttpSession());
        Assert.assertFalse(this.filter.isIgnoreFailure());
        MockHttpServletResponse executeFilterInContainerSimulator = executeFilterInContainerSimulator(this.filter, mockHttpServletRequest, false);
        Assert.assertNull(SecurityContextHolder.getContext().getAuthentication());
        Assert.assertEquals(401L, executeFilterInContainerSimulator.getStatus());
    }
}
