package net.trajano.auth.test;

import com.google.common.collect.ImmutableMap;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.trajano.auth.HttpHeaderAuthModule;
import org.junit.Assert;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:net/trajano/auth/test/HttpHeaderAuthModuleTest.class */
public class HttpHeaderAuthModuleTest {
    private final Map<String, String> options = ImmutableMap.builder().put("username_header", "X-Forwarded-User").build();

    @Test
    public void testNoAuthNeededWithoutSSL() throws Exception {
        HttpHeaderAuthModule httpHeaderAuthModule = new HttpHeaderAuthModule();
        CallbackHandler callbackHandler = (CallbackHandler) Mockito.mock(CallbackHandler.class);
        MessagePolicy messagePolicy = (MessagePolicy) Mockito.mock(MessagePolicy.class);
        Mockito.when(Boolean.valueOf(messagePolicy.isMandatory())).thenReturn(false);
        httpHeaderAuthModule.initialize(messagePolicy, (MessagePolicy) null, callbackHandler, this.options);
        MessageInfo messageInfo = (MessageInfo) Mockito.mock(MessageInfo.class);
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getMethod()).thenReturn("GET");
        Mockito.when(Boolean.valueOf(httpServletRequest.isSecure())).thenReturn(false);
        Mockito.when(messageInfo.getRequestMessage()).thenReturn(httpServletRequest);
        Assert.assertEquals(AuthStatus.SUCCESS, httpHeaderAuthModule.validateRequest(messageInfo, new Subject(), (Subject) null));
        Mockito.verifyZeroInteractions(new Object[]{callbackHandler});
    }

    @Test
    public void testNoAuthNeededWithSSL() throws Exception {
        HttpHeaderAuthModule httpHeaderAuthModule = new HttpHeaderAuthModule();
        MessagePolicy messagePolicy = (MessagePolicy) Mockito.mock(MessagePolicy.class);
        Mockito.when(Boolean.valueOf(messagePolicy.isMandatory())).thenReturn(false);
        CallbackHandler callbackHandler = (CallbackHandler) Mockito.mock(CallbackHandler.class);
        httpHeaderAuthModule.initialize(messagePolicy, (MessagePolicy) null, callbackHandler, this.options);
        MessageInfo messageInfo = (MessageInfo) Mockito.mock(MessageInfo.class);
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getMethod()).thenReturn("GET");
        Mockito.when(Boolean.valueOf(httpServletRequest.isSecure())).thenReturn(true);
        Mockito.when(httpServletRequest.getRequestURI()).thenReturn("/util/ejb2");
        Mockito.when(messageInfo.getRequestMessage()).thenReturn(httpServletRequest);
        Assert.assertEquals(AuthStatus.SUCCESS, httpHeaderAuthModule.validateRequest(messageInfo, new Subject(), (Subject) null));
        Mockito.verifyZeroInteractions(new Object[]{callbackHandler});
    }

    @Test
    public void testSSLRequired() throws Exception {
        HttpHeaderAuthModule httpHeaderAuthModule = new HttpHeaderAuthModule();
        MessagePolicy messagePolicy = (MessagePolicy) Mockito.mock(MessagePolicy.class);
        Mockito.when(Boolean.valueOf(messagePolicy.isMandatory())).thenReturn(true);
        httpHeaderAuthModule.initialize(messagePolicy, (MessagePolicy) null, (CallbackHandler) null, this.options);
        MessageInfo messageInfo = (MessageInfo) Mockito.mock(MessageInfo.class);
        HttpServletRequest httpServletRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        Mockito.when(httpServletRequest.getMethod()).thenReturn("GET");
        Mockito.when(Boolean.valueOf(httpServletRequest.isSecure())).thenReturn(false);
        Mockito.when(messageInfo.getRequestMessage()).thenReturn(httpServletRequest);
        HttpServletResponse httpServletResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        Mockito.when(messageInfo.getResponseMessage()).thenReturn(httpServletResponse);
        Assert.assertEquals(AuthStatus.SEND_FAILURE, httpHeaderAuthModule.validateRequest(messageInfo, new Subject(), (Subject) null));
        ((HttpServletResponse) Mockito.verify(httpServletResponse)).sendError(403, "SSL Required");
    }
}
