package org.springframework.security.providers.ldap;

import java.util.ArrayList;
import junit.framework.TestCase;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.ldap.core.DirContextOperations;
import org.springframework.ldap.core.DistinguishedName;
import org.springframework.security.Authentication;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.ldap.LdapAuthoritiesPopulator;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.ldap.LdapUserDetailsMapper;

/* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/ldap/LdapAuthenticationProviderTests.class */
public class LdapAuthenticationProviderTests extends TestCase {

    /* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/ldap/LdapAuthenticationProviderTests$MockAuthenticator.class */
    class MockAuthenticator implements LdapAuthenticator {
        MockAuthenticator() {
        }

        @Override // org.springframework.security.providers.ldap.LdapAuthenticator
        public DirContextOperations authenticate(Authentication authentication) {
            DirContextAdapter dirContextAdapter = new DirContextAdapter();
            dirContextAdapter.setAttributeValue("ou", "FROM_ENTRY");
            String name = authentication.getName();
            String str = (String) authentication.getCredentials();
            if (name.equals("ben") && str.equals("benspassword")) {
                dirContextAdapter.setDn(new DistinguishedName("cn=ben,ou=people,dc=springframework,dc=org"));
                dirContextAdapter.setAttributeValue("userPassword", "{SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=");
                return dirContextAdapter;
            }
            if (!name.equals("jen") || !str.equals("")) {
                throw new BadCredentialsException("Authentication failed.");
            }
            dirContextAdapter.setDn(new DistinguishedName("cn=jen,ou=people,dc=springframework,dc=org"));
            return dirContextAdapter;
        }
    }

    /* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/ldap/LdapAuthenticationProviderTests$MockAuthoritiesPopulator.class */
    class MockAuthoritiesPopulator implements LdapAuthoritiesPopulator {
        String username;

        MockAuthoritiesPopulator() {
        }

        @Override // org.springframework.security.ldap.LdapAuthoritiesPopulator
        public GrantedAuthority[] getGrantedAuthorities(DirContextOperations dirContextOperations, String str) {
            this.username = str;
            return new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_FROM_POPULATOR")};
        }

        String getRequestedUsername() {
            return this.username;
        }
    }

    public LdapAuthenticationProviderTests(String str) {
        super(str);
    }

    public LdapAuthenticationProviderTests() {
    }

    public void testSupportsUsernamePasswordAuthenticationToken() {
        assertTrue(new LdapAuthenticationProvider(new MockAuthenticator(), new MockAuthoritiesPopulator()).supports(UsernamePasswordAuthenticationToken.class));
    }

    public void testDefaultMapperIsSet() {
        assertTrue(new LdapAuthenticationProvider(new MockAuthenticator(), new MockAuthoritiesPopulator()).getUserDetailsContextMapper() instanceof LdapUserDetailsMapper);
    }

    public void testEmptyOrNullUserNameThrowsException() {
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(new MockAuthenticator(), new MockAuthoritiesPopulator());
        try {
            ldapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken(null, "password"));
            fail("Expected BadCredentialsException for empty username");
        } catch (BadCredentialsException e) {
        }
        try {
            ldapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("", "bobspassword"));
            fail("Expected BadCredentialsException for null username");
        } catch (BadCredentialsException e2) {
        }
    }

    public void testEmptyPasswordIsRejected() {
        try {
            new LdapAuthenticationProvider(new MockAuthenticator()).authenticate(new UsernamePasswordAuthenticationToken("jen", ""));
            fail("Expected BadCredentialsException for empty password");
        } catch (BadCredentialsException e) {
        }
    }

    public void testNormalUsage() {
        MockAuthoritiesPopulator mockAuthoritiesPopulator = new MockAuthoritiesPopulator();
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(new MockAuthenticator(), mockAuthoritiesPopulator);
        LdapUserDetailsMapper ldapUserDetailsMapper = new LdapUserDetailsMapper();
        ldapUserDetailsMapper.setRoleAttributes(new String[]{"ou"});
        ldapAuthenticationProvider.setUserDetailsContextMapper(ldapUserDetailsMapper);
        assertNotNull(ldapAuthenticationProvider.getAuthoritiesPopulator());
        Authentication authenticate = ldapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"));
        assertEquals("benspassword", authenticate.getCredentials());
        UserDetails userDetails = (UserDetails) authenticate.getPrincipal();
        assertEquals(2, userDetails.getAuthorities().length);
        assertEquals("{SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=", userDetails.getPassword());
        assertEquals("ben", userDetails.getUsername());
        assertEquals("ben", mockAuthoritiesPopulator.getRequestedUsername());
        ArrayList arrayList = new ArrayList();
        arrayList.add(userDetails.getAuthorities()[0].getAuthority());
        arrayList.add(userDetails.getAuthorities()[1].getAuthority());
        assertTrue(arrayList.contains("ROLE_FROM_ENTRY"));
        assertTrue(arrayList.contains("ROLE_FROM_POPULATOR"));
    }

    public void testPasswordIsSetFromUserDataIfUseAuthenticationRequestCredentialsIsFalse() {
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(new MockAuthenticator(), new MockAuthoritiesPopulator());
        ldapAuthenticationProvider.setUseAuthenticationRequestCredentials(false);
        assertEquals("{SHA}nFCebWjxfaLbHHG1Qk5UU4trbvQ=", ldapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword")).getCredentials());
    }

    public void testUseWithNullAuthoritiesPopulatorReturnsCorrectRole() {
        LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(new MockAuthenticator());
        LdapUserDetailsMapper ldapUserDetailsMapper = new LdapUserDetailsMapper();
        ldapUserDetailsMapper.setRoleAttributes(new String[]{"ou"});
        ldapAuthenticationProvider.setUserDetailsContextMapper(ldapUserDetailsMapper);
        UserDetails userDetails = (UserDetails) ldapAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword")).getPrincipal();
        assertEquals(1, userDetails.getAuthorities().length);
        assertEquals("ROLE_FROM_ENTRY", userDetails.getAuthorities()[0].getAuthority());
    }
}
