package org.springframework.security.web.access;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import junit.framework.TestCase;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.MockPortResolver;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.PortResolver;
import org.springframework.security.web.savedrequest.SavedRequest;

/* loaded from: input_file:org/springframework/security/web/access/ExceptionTranslationFilterTests.class */
public class ExceptionTranslationFilterTests extends TestCase {

    /* loaded from: input_file:org/springframework/security/web/access/ExceptionTranslationFilterTests$MockFilterChain.class */
    private class MockFilterChain implements FilterChain {
        private boolean throwAccessDenied;
        private boolean throwAuthenticationFailure;
        private boolean throwIOException;
        private boolean throwServletException;

        public MockFilterChain(boolean z, boolean z2, boolean z3, boolean z4) {
            this.throwAccessDenied = z;
            this.throwAuthenticationFailure = z2;
            this.throwServletException = z3;
            this.throwIOException = z4;
        }

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
            if (this.throwAccessDenied) {
                throw new AccessDeniedException("As requested");
            }
            if (this.throwAuthenticationFailure) {
                throw new BadCredentialsException("As requested");
            }
            if (this.throwServletException) {
                throw new ServletException("As requested");
            }
            if (this.throwIOException) {
                throw new IOException("As requested");
            }
        }
    }

    protected void tearDown() throws Exception {
        super.tearDown();
        SecurityContextHolder.clearContext();
    }

    private static String getSavedRequestUrl(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            return null;
        }
        return ((SavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY")).getFullRequestUrl();
    }

    public void testAccessDeniedWhenAnonymous() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        mockHttpServletRequest.setServerPort(80);
        mockHttpServletRequest.setScheme("http");
        mockHttpServletRequest.setServerName("www.example.com");
        mockHttpServletRequest.setContextPath("/mycontext");
        mockHttpServletRequest.setRequestURI("/mycontext/secure/page.html");
        MockFilterChain mockFilterChain = new MockFilterChain(true, false, false, false);
        SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("ignored", "ignored", AuthorityUtils.createAuthorityList(new String[]{"IGNORED"})));
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/login.jsp", mockHttpServletResponse.getRedirectedUrl());
        assertEquals("http://www.example.com/mycontext/secure/page.html", getSavedRequestUrl(mockHttpServletRequest));
    }

    public void testAccessDeniedWhenNonAnonymous() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        MockFilterChain mockFilterChain = new MockFilterChain(true, false, false, false);
        SecurityContextHolder.getContext().setAuthentication((Authentication) null);
        AccessDeniedHandlerImpl accessDeniedHandlerImpl = new AccessDeniedHandlerImpl();
        accessDeniedHandlerImpl.setErrorPage("/error.jsp");
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.setAccessDeniedHandler(accessDeniedHandlerImpl);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals(403, mockHttpServletResponse.getStatus());
        assertEquals(AccessDeniedException.class, mockHttpServletRequest.getAttribute("SPRING_SECURITY_403_EXCEPTION").getClass());
    }

    public void testGettersSetters() {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        assertTrue(exceptionTranslationFilter.getAuthenticationEntryPoint() != null);
        exceptionTranslationFilter.setPortResolver(new MockPortResolver(80, 443));
        assertTrue(exceptionTranslationFilter.getPortResolver() != null);
    }

    public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWhenAuthenticationException() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        mockHttpServletRequest.setServerPort(80);
        mockHttpServletRequest.setScheme("http");
        mockHttpServletRequest.setServerName("www.example.com");
        mockHttpServletRequest.setContextPath("/mycontext");
        mockHttpServletRequest.setRequestURI("/mycontext/secure/page.html");
        MockFilterChain mockFilterChain = new MockFilterChain(false, true, false, false);
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.setPortResolver(new MockPortResolver(80, 443));
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/login.jsp", mockHttpServletResponse.getRedirectedUrl());
        assertEquals("http://www.example.com/mycontext/secure/page.html", getSavedRequestUrl(mockHttpServletRequest));
    }

    public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        mockHttpServletRequest.setServerPort(8080);
        mockHttpServletRequest.setScheme("http");
        mockHttpServletRequest.setServerName("www.example.com");
        mockHttpServletRequest.setContextPath("/mycontext");
        mockHttpServletRequest.setRequestURI("/mycontext/secure/page.html");
        MockFilterChain mockFilterChain = new MockFilterChain(false, true, false, false);
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.setPortResolver(new MockPortResolver(8080, 8443));
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals("/mycontext/login.jsp", mockHttpServletResponse.getRedirectedUrl());
        assertEquals("http://www.example.com:8080/mycontext/secure/page.html", getSavedRequestUrl(mockHttpServletRequest));
    }

    public void testSavedRequestIsNotStoredForPostIfJustUseSaveRequestOnGetIsSet() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setJustUseSavedRequestOnGet(true);
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.setPortResolver(new MockPortResolver(8080, 8443));
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockFilterChain mockFilterChain = new MockFilterChain(false, true, false, false);
        mockHttpServletRequest.setMethod("POST");
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, new MockHttpServletResponse(), mockFilterChain);
        assertTrue(mockHttpServletRequest.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY") == null);
    }

    public void testStartupDetectsMissingAuthenticationEntryPoint() throws Exception {
        try {
            new ExceptionTranslationFilter().afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
            assertEquals("authenticationEntryPoint must be specified", e.getMessage());
        }
    }

    public void testStartupDetectsMissingPortResolver() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.setPortResolver((PortResolver) null);
        try {
            exceptionTranslationFilter.afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
            assertEquals("portResolver must be specified", e.getMessage());
        }
    }

    public void testSuccessfulAccessGrant() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        MockFilterChain mockFilterChain = new MockFilterChain(false, false, false, false);
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, new MockHttpServletResponse(), mockFilterChain);
    }

    public void testSuccessfulStartupAndShutdownDown() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.init((FilterConfig) null);
        exceptionTranslationFilter.destroy();
        assertTrue(true);
    }

    public void testThrowIOException() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        try {
            exceptionTranslationFilter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain(false, false, false, true));
            fail("Should have thrown IOException");
        } catch (IOException e) {
            assertNull("The IOException thrown should not have been wrapped", e.getCause());
        }
    }

    public void testThrowServletException() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        try {
            exceptionTranslationFilter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), new MockFilterChain(false, false, true, false));
            fail("Should have thrown ServletException");
        } catch (ServletException e) {
            assertNull("The ServletException thrown should not have been wrapped", e.getCause());
        }
    }

    private AuthenticationEntryPoint mockEntryPoint() {
        return new AuthenticationEntryPoint() { // from class: org.springframework.security.web.access.ExceptionTranslationFilterTests.1
            public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
                httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/login.jsp");
            }
        };
    }
}
