package org.pac4j.core.authorization.checker;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.pac4j.core.authorization.authorizer.Authorizer;
import org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer;
import org.pac4j.core.authorization.authorizer.csrf.DefaultCsrfTokenGenerator;
import org.pac4j.core.context.ContextHelper;
import org.pac4j.core.context.MockWebContext;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.exception.HttpAction;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.profile.AnonymousProfile;
import org.pac4j.core.profile.CommonProfile;
import org.pac4j.core.util.TestsConstants;

/* loaded from: input_file:org/pac4j/core/authorization/checker/DefaultAuthorizationCheckerTests.class */
public final class DefaultAuthorizationCheckerTests implements TestsConstants {
    private final DefaultAuthorizationChecker checker = new DefaultAuthorizationChecker();
    private List<CommonProfile> profiles;
    private CommonProfile profile;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/pac4j/core/authorization/checker/DefaultAuthorizationCheckerTests$IdAuthorizer.class */
    public static class IdAuthorizer implements Authorizer<CommonProfile> {
        private IdAuthorizer() {
        }

        public boolean isAuthorized(WebContext webContext, List<CommonProfile> list) {
            return TestsConstants.VALUE.equals(list.get(0).getId());
        }
    }

    @Before
    public void setUp() {
        this.profile = new CommonProfile();
        this.profiles = new ArrayList();
        this.profiles.add(this.profile);
    }

    @Test
    public void testBlankAuthorizerNameAProfile() throws HttpAction {
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, (String) null, (Map) null));
    }

    @Test
    public void testOneExistingAuthorizerProfileMatch() throws HttpAction {
        this.profile.setId(TestsConstants.VALUE);
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, TestsConstants.NAME, hashMap));
    }

    @Test
    public void testOneExistingAuthorizerProfileDoesNotMatch() throws HttpAction {
        internalTestOneExistingAuthorizerProfileDoesNotMatch(TestsConstants.NAME);
    }

    @Test
    public void testOneExistingAuthorizerProfileDoesNotMatchCasTrim() throws HttpAction {
        internalTestOneExistingAuthorizerProfileDoesNotMatch("   NaME       ");
    }

    private void internalTestOneExistingAuthorizerProfileDoesNotMatch(String str) throws HttpAction {
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        Assert.assertFalse(this.checker.isAuthorized((WebContext) null, this.profiles, str, hashMap));
    }

    @Test(expected = TechnicalException.class)
    public void testOneAuthorizerDoesNotExist() throws HttpAction {
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        this.checker.isAuthorized((WebContext) null, this.profiles, TestsConstants.VALUE, hashMap);
    }

    @Test
    public void testTwoExistingAuthorizerProfileMatch() throws HttpAction {
        this.profile.setId(TestsConstants.VALUE);
        this.profile.addRole(TestsConstants.ROLE);
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        hashMap.put(TestsConstants.VALUE, new RequireAnyRoleAuthorizer(new String[]{TestsConstants.ROLE}));
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, "name,value", hashMap));
    }

    @Test
    public void testTwoExistingAuthorizerProfileDoesNotMatch() throws HttpAction {
        this.profile.addRole(TestsConstants.ROLE);
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        hashMap.put(TestsConstants.VALUE, new RequireAnyRoleAuthorizer(new String[]{TestsConstants.ROLE}));
        Assert.assertFalse(this.checker.isAuthorized((WebContext) null, this.profiles, "name,value", hashMap));
    }

    @Test(expected = TechnicalException.class)
    public void testTwoAuthorizerOneDoesNotExist() throws HttpAction {
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        this.checker.isAuthorized((WebContext) null, this.profiles, "name,value", hashMap);
    }

    @Test(expected = TechnicalException.class)
    public void testNullAuthorizers() throws HttpAction {
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, (List) null));
        this.checker.isAuthorized((WebContext) null, this.profiles, "auth1", (Map) null);
    }

    @Test
    public void testZeroAuthorizers() throws HttpAction {
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, new ArrayList()));
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, "", new HashMap()));
    }

    @Test
    public void testOneExistingAuthorizerProfileMatch2() throws HttpAction {
        this.profile.setId(TestsConstants.VALUE);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new IdAuthorizer());
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, arrayList));
    }

    @Test
    public void testOneExistingAuthorizerProfileDoesNotMatch2() throws HttpAction {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new IdAuthorizer());
        Assert.assertFalse(this.checker.isAuthorized((WebContext) null, this.profiles, arrayList));
    }

    @Test
    public void testTwoExistingAuthorizerProfileMatch2() throws HttpAction {
        this.profile.setId(TestsConstants.VALUE);
        this.profile.addRole(TestsConstants.ROLE);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new IdAuthorizer());
        arrayList.add(new RequireAnyRoleAuthorizer(new String[]{TestsConstants.ROLE}));
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, arrayList));
    }

    @Test
    public void testTwoExistingAuthorizerProfileDoesNotMatch2() throws HttpAction {
        this.profile.addRole(TestsConstants.ROLE);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new IdAuthorizer());
        arrayList.add(new RequireAnyRoleAuthorizer(new String[]{TestsConstants.ROLE}));
        Assert.assertFalse(this.checker.isAuthorized((WebContext) null, this.profiles, arrayList));
    }

    @Test(expected = TechnicalException.class)
    public void testNullProfile() throws HttpAction {
        this.checker.isAuthorized((WebContext) null, (List) null, new ArrayList());
    }

    @Test
    public void testHsts() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        create.setScheme("HTTPS");
        this.checker.isAuthorized(create, this.profiles, "hsts", (Map) null);
        Assert.assertNotNull(create.getResponseHeaders().get("Strict-Transport-Security"));
    }

    @Test
    public void testHstsCaseTrim() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        create.setScheme("HTTPS");
        this.checker.isAuthorized(create, this.profiles, "  HSTS ", (Map) null);
        Assert.assertNotNull(create.getResponseHeaders().get("Strict-Transport-Security"));
    }

    @Test
    public void testNosniff() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        this.checker.isAuthorized(create, this.profiles, "nosniff", (Map) null);
        Assert.assertNotNull(create.getResponseHeaders().get("X-Content-Type-Options"));
    }

    @Test
    public void testNoframe() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        this.checker.isAuthorized(create, this.profiles, "noframe", (Map) null);
        Assert.assertNotNull(create.getResponseHeaders().get("X-Frame-Options"));
    }

    @Test
    public void testXssprotection() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        this.checker.isAuthorized(create, this.profiles, "xssprotection", (Map) null);
        Assert.assertNotNull(create.getResponseHeaders().get("X-XSS-Protection"));
    }

    @Test
    public void testNocache() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        this.checker.isAuthorized(create, this.profiles, "nocache", (Map) null);
        Assert.assertNotNull(create.getResponseHeaders().get("Cache-Control"));
        Assert.assertNotNull(create.getResponseHeaders().get("Pragma"));
        Assert.assertNotNull(create.getResponseHeaders().get("Expires"));
    }

    @Test
    public void testAllowAjaxRequests() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        this.checker.isAuthorized(create, this.profiles, "allowAjaxRequests", (Map) null);
        Assert.assertEquals("*", create.getResponseHeaders().get("Access-Control-Allow-Origin"));
        Assert.assertEquals("true", create.getResponseHeaders().get("Access-Control-Allow-Credentials"));
        List list = (List) Arrays.asList(create.getResponseHeaders().get("Access-Control-Allow-Methods").split(",")).stream().map((v0) -> {
            return v0.trim();
        }).collect(Collectors.toList());
        Assert.assertTrue(list.contains("POST"));
        Assert.assertTrue(list.contains("PUT"));
        Assert.assertTrue(list.contains("DELETE"));
        Assert.assertTrue(list.contains("OPTIONS"));
        Assert.assertTrue(list.contains("GET"));
    }

    @Test
    public void testSecurityHeaders() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        create.setScheme("HTTPS");
        this.checker.isAuthorized(create, this.profiles, "securityHeaders", (Map) null);
        Assert.assertNotNull(create.getResponseHeaders().get("Strict-Transport-Security"));
        Assert.assertNotNull(create.getResponseHeaders().get("X-Content-Type-Options"));
        Assert.assertNotNull(create.getResponseHeaders().get("X-Content-Type-Options"));
        Assert.assertNotNull(create.getResponseHeaders().get("X-XSS-Protection"));
        Assert.assertNotNull(create.getResponseHeaders().get("Cache-Control"));
        Assert.assertNotNull(create.getResponseHeaders().get("Pragma"));
        Assert.assertNotNull(create.getResponseHeaders().get("Expires"));
    }

    @Test
    public void testCsrf() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        Assert.assertTrue(this.checker.isAuthorized(create, this.profiles, "csrf", (Map) null));
        Assert.assertNotNull(create.getRequestAttribute("pac4jCsrfToken"));
        Assert.assertNotNull(ContextHelper.getCookie(create.getResponseCookies(), "pac4jCsrfToken"));
    }

    @Test
    public void testCsrfToken() throws HttpAction {
        MockWebContext create = MockWebContext.create();
        Assert.assertTrue(this.checker.isAuthorized(create, this.profiles, "csrfToken", (Map) null));
        Assert.assertNotNull(create.getRequestAttribute("pac4jCsrfToken"));
        Assert.assertNotNull(ContextHelper.getCookie(create.getResponseCookies(), "pac4jCsrfToken"));
    }

    @Test
    public void testCsrfPost() throws HttpAction {
        MockWebContext requestMethod = MockWebContext.create().setRequestMethod("post");
        Assert.assertFalse(this.checker.isAuthorized(requestMethod, this.profiles, "csrf", (Map) null));
        Assert.assertNotNull(requestMethod.getRequestAttribute("pac4jCsrfToken"));
        Assert.assertNotNull(ContextHelper.getCookie(requestMethod.getResponseCookies(), "pac4jCsrfToken"));
    }

    @Test
    public void testCsrfTokenPost() throws HttpAction {
        MockWebContext requestMethod = MockWebContext.create().setRequestMethod("post");
        Assert.assertTrue(this.checker.isAuthorized(requestMethod, this.profiles, "csrfToken", (Map) null));
        Assert.assertNotNull(requestMethod.getRequestAttribute("pac4jCsrfToken"));
        Assert.assertNotNull(ContextHelper.getCookie(requestMethod.getResponseCookies(), "pac4jCsrfToken"));
    }

    @Test
    public void testCsrfPostTokenParameter() throws HttpAction {
        MockWebContext requestMethod = MockWebContext.create().setRequestMethod("post");
        requestMethod.addRequestParameter("pac4jCsrfToken", new DefaultCsrfTokenGenerator().get(requestMethod));
        Assert.assertTrue(this.checker.isAuthorized(requestMethod, this.profiles, "csrf", (Map) null));
        Assert.assertNotNull(requestMethod.getRequestAttribute("pac4jCsrfToken"));
        Assert.assertNotNull(ContextHelper.getCookie(requestMethod.getResponseCookies(), "pac4jCsrfToken"));
    }

    @Test
    public void testCsrfCheckPost() throws HttpAction {
        MockWebContext requestMethod = MockWebContext.create().setRequestMethod("post");
        new DefaultCsrfTokenGenerator().get(requestMethod);
        Assert.assertFalse(this.checker.isAuthorized(requestMethod, this.profiles, "csrfCheck", (Map) null));
    }

    @Test
    public void testCsrfCheckPostTokenParameter() throws HttpAction {
        MockWebContext requestMethod = MockWebContext.create().setRequestMethod("post");
        requestMethod.addRequestParameter("pac4jCsrfToken", new DefaultCsrfTokenGenerator().get(requestMethod));
        Assert.assertTrue(this.checker.isAuthorized(requestMethod, this.profiles, "csrfCheck", (Map) null));
    }

    @Test
    public void testIsAnonymous() throws HttpAction {
        this.profiles.clear();
        this.profiles.add(new AnonymousProfile());
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, "isAnonymous", (Map) null));
    }

    @Test
    public void testIsAuthenticated() throws HttpAction {
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, "isAuthenticated", (Map) null));
    }

    @Test
    public void testIsFullyAuthenticated() throws HttpAction {
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, "isFullyAuthenticated", (Map) null));
    }

    @Test
    public void testIsRemembered() throws HttpAction {
        this.profile.setRemembered(true);
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, this.profiles, "isRemembered", (Map) null));
    }
}
