package org.springframework.security.providers.jaas;

import java.security.Security;
import java.util.Arrays;
import java.util.List;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import junit.framework.TestCase;
import org.springframework.context.ApplicationContext;
import org.springframework.context.support.ClassPathXmlApplicationContext;
import org.springframework.mock.web.MockHttpSession;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.LockedException;
import org.springframework.security.SpringSecurityException;
import org.springframework.security.context.SecurityContextImpl;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.ui.session.HttpSessionDestroyedEvent;

/* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/jaas/JaasAuthenticationProviderTests.class */
public class JaasAuthenticationProviderTests extends TestCase {
    private ApplicationContext context;
    private JaasAuthenticationProvider jaasProvider;
    private JaasEventCheck eventCheck;

    /* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/jaas/JaasAuthenticationProviderTests$MockLoginContext.class */
    private static class MockLoginContext extends LoginContext {
        boolean loggedOut;

        public MockLoginContext(String str) throws LoginException {
            super(str);
            this.loggedOut = false;
        }

        public void logout() throws LoginException {
            this.loggedOut = true;
        }
    }

    protected void setUp() throws Exception {
        this.context = new ClassPathXmlApplicationContext("/" + getClass().getName().replace('.', '/') + ".xml");
        this.eventCheck = (JaasEventCheck) this.context.getBean("eventCheck");
        this.jaasProvider = (JaasAuthenticationProvider) this.context.getBean("jaasAuthenticationProvider");
    }

    public void testBadPassword() {
        try {
            this.jaasProvider.authenticate(new UsernamePasswordAuthenticationToken("user", "asdf"));
            fail("LoginException should have been thrown for the bad password");
        } catch (AuthenticationException e) {
        }
        assertNotNull("Failure event not fired", this.eventCheck.failedEvent);
        assertNotNull("Failure event exception was null", this.eventCheck.failedEvent.getException());
        assertNull("Success event was fired", this.eventCheck.successEvent);
    }

    public void testBadUser() {
        try {
            this.jaasProvider.authenticate(new UsernamePasswordAuthenticationToken("asdf", "password"));
            fail("LoginException should have been thrown for the bad user");
        } catch (AuthenticationException e) {
        }
        assertNotNull("Failure event not fired", this.eventCheck.failedEvent);
        assertNotNull("Failure event exception was null", this.eventCheck.failedEvent.getException());
        assertNull("Success event was fired", this.eventCheck.successEvent);
    }

    public void testConfigurationLoop() throws Exception {
        Security.setProperty("login.config.url.1", getClass().getResource("/" + getClass().getName().replace('.', '/') + ".conf").toString());
        setUp();
        testFull();
    }

    public void testDetectsMissingLoginConfig() throws Exception {
        JaasAuthenticationProvider jaasAuthenticationProvider = new JaasAuthenticationProvider();
        jaasAuthenticationProvider.setApplicationEventPublisher(this.context);
        jaasAuthenticationProvider.setAuthorityGranters(this.jaasProvider.getAuthorityGranters());
        jaasAuthenticationProvider.setCallbackHandlers(this.jaasProvider.getCallbackHandlers());
        jaasAuthenticationProvider.setLoginContextName(this.jaasProvider.getLoginContextName());
        try {
            jaasAuthenticationProvider.afterPropertiesSet();
            fail("Should have thrown ApplicationContextException");
        } catch (IllegalArgumentException e) {
            assertTrue(e.getMessage().startsWith("loginConfig must be set on"));
        }
    }

    public void testDetectsMissingLoginContextName() throws Exception {
        JaasAuthenticationProvider jaasAuthenticationProvider = new JaasAuthenticationProvider();
        jaasAuthenticationProvider.setApplicationEventPublisher(this.context);
        jaasAuthenticationProvider.setAuthorityGranters(this.jaasProvider.getAuthorityGranters());
        jaasAuthenticationProvider.setCallbackHandlers(this.jaasProvider.getCallbackHandlers());
        jaasAuthenticationProvider.setLoginConfig(this.jaasProvider.getLoginConfig());
        jaasAuthenticationProvider.setLoginContextName(null);
        try {
            jaasAuthenticationProvider.afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
            assertTrue(e.getMessage().startsWith("loginContextName must be set on"));
        }
        jaasAuthenticationProvider.setLoginContextName("");
        try {
            jaasAuthenticationProvider.afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e2) {
            assertTrue(e2.getMessage().startsWith("loginContextName must be set on"));
        }
    }

    public void testFull() throws Exception {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken("user", "password");
        assertTrue(this.jaasProvider.supports(UsernamePasswordAuthenticationToken.class));
        Authentication authenticate = this.jaasProvider.authenticate(usernamePasswordAuthenticationToken);
        assertNotNull(this.jaasProvider.getAuthorityGranters());
        assertNotNull(this.jaasProvider.getCallbackHandlers());
        assertNotNull(this.jaasProvider.getLoginConfig());
        assertNotNull(this.jaasProvider.getLoginContextName());
        List asList = Arrays.asList(authenticate.getAuthorities());
        assertTrue("GrantedAuthorities should contain ROLE_TEST1", asList.contains(new GrantedAuthorityImpl("ROLE_TEST1")));
        assertTrue("GrantedAuthorities should contain ROLE_TEST2", asList.contains(new GrantedAuthorityImpl("ROLE_TEST2")));
        boolean z = false;
        for (int i = 0; i < asList.size(); i++) {
            Object obj = asList.get(i);
            if (obj instanceof JaasGrantedAuthority) {
                assertNotNull("Principal was null on JaasGrantedAuthority", ((JaasGrantedAuthority) obj).getPrincipal());
                z = true;
            }
        }
        assertTrue("Could not find a JaasGrantedAuthority", z);
        assertNotNull("Success event not fired", this.eventCheck.successEvent);
        assertEquals("Auth objects are not equal", authenticate, this.eventCheck.successEvent.getAuthentication());
        assertNull("Failure event was fired", this.eventCheck.failedEvent);
    }

    public void testGetApplicationEventPublisher() throws Exception {
        assertNotNull(this.jaasProvider.getApplicationEventPublisher());
    }

    public void testLoginExceptionResolver() {
        assertNotNull(this.jaasProvider.getLoginExceptionResolver());
        this.jaasProvider.setLoginExceptionResolver(new LoginExceptionResolver() { // from class: org.springframework.security.providers.jaas.JaasAuthenticationProviderTests.1
            @Override // org.springframework.security.providers.jaas.LoginExceptionResolver
            public SpringSecurityException resolveException(LoginException loginException) {
                return new LockedException("This is just a test!");
            }
        });
        try {
            this.jaasProvider.authenticate(new UsernamePasswordAuthenticationToken("user", "password"));
        } catch (Exception e) {
            fail("LockedException should have been thrown and caught");
        } catch (LockedException e2) {
        }
    }

    public void testLogout() throws Exception {
        MockLoginContext mockLoginContext = new MockLoginContext(this.jaasProvider.getLoginContextName());
        JaasAuthenticationToken jaasAuthenticationToken = new JaasAuthenticationToken(null, null, mockLoginContext);
        SecurityContextImpl securityContextImpl = new SecurityContextImpl();
        securityContextImpl.setAuthentication(jaasAuthenticationToken);
        MockHttpSession mockHttpSession = new MockHttpSession();
        mockHttpSession.setAttribute("SPRING_SECURITY_CONTEXT", securityContextImpl);
        this.jaasProvider.onApplicationEvent(new HttpSessionDestroyedEvent(mockHttpSession));
        assertTrue(mockLoginContext.loggedOut);
    }

    public void testNullDefaultAuthorities() {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken("user", "password", null);
        assertTrue(this.jaasProvider.supports(UsernamePasswordAuthenticationToken.class));
        assertTrue("Only ROLE_TEST1 and ROLE_TEST2 should have been returned", this.jaasProvider.authenticate(usernamePasswordAuthenticationToken).getAuthorities().length == 2);
    }

    public void testUnsupportedAuthenticationObjectReturnsNull() {
        assertNull(this.jaasProvider.authenticate(new TestingAuthenticationToken("foo", "bar", new GrantedAuthority[0])));
    }
}
