package no.nav.apiapp.security;

import java.util.Collections;
import java.util.HashMap;
import javax.servlet.http.HttpServletRequest;
import no.nav.brukerdialog.security.domain.IdentType;
import no.nav.common.auth.SecurityLevel;
import no.nav.common.auth.SsoToken;
import no.nav.common.auth.Subject;
import org.assertj.core.api.Assertions;
import org.junit.Test;

/* loaded from: input_file:no/nav/apiapp/security/SecurityLevelAuthorizationModuleTest.class */
public class SecurityLevelAuthorizationModuleTest {
    private SecurityLevelAuthorizationModule securityLevelAuthorizationModule = new SecurityLevelAuthorizationModule(SecurityLevel.Level3);

    @Test
    public void authorized__no_subject() {
        Assertions.assertThat(this.securityLevelAuthorizationModule.authorized((Subject) null, (HttpServletRequest) null)).isFalse();
    }

    @Test
    public void authorized__unrelated_subject() {
        Assertions.assertThat(this.securityLevelAuthorizationModule.authorized(createSubject(SsoToken.saml("test-saml", Collections.emptyMap())), (HttpServletRequest) null)).isFalse();
    }

    @Test
    public void authorized__too_low_level() {
        HashMap hashMap = new HashMap();
        hashMap.put("acr", "Level1");
        Assertions.assertThat(this.securityLevelAuthorizationModule.authorized(createSubject(SsoToken.oidcToken("oidc-token", hashMap)), (HttpServletRequest) null)).isFalse();
    }

    @Test
    public void authorized__oidc() {
        HashMap hashMap = new HashMap();
        hashMap.put("acr", "Level3");
        Assertions.assertThat(this.securityLevelAuthorizationModule.authorized(createSubject(SsoToken.oidcToken("oidc-token", hashMap)), (HttpServletRequest) null)).isTrue();
    }

    @Test
    public void authorized__openam() {
        HashMap hashMap = new HashMap();
        hashMap.put("SecurityLevel", "3");
        Assertions.assertThat(this.securityLevelAuthorizationModule.authorized(createSubject(SsoToken.eksternOpenAM("openam-token", hashMap)), (HttpServletRequest) null)).isTrue();
    }

    private Subject createSubject(SsoToken ssoToken) {
        return new Subject("test-ident", IdentType.EksternBruker, ssoToken);
    }
}
