package org.springframework.security.context;

import java.io.IOException;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import junit.framework.Assert;
import junit.framework.TestCase;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.Authentication;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.MockFilterConfig;
import org.springframework.security.adapters.PrincipalSpringSecurityUserToken;

/* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/context/HttpSessionContextIntegrationFilterTests.class */
public class HttpSessionContextIntegrationFilterTests extends TestCase {

    /* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/context/HttpSessionContextIntegrationFilterTests$MockFilterChain.class */
    private class MockFilterChain extends TestCase implements FilterChain {
        private Authentication changeContextHolder;
        private Authentication expectedOnContextHolder;
        private IOException toThrowDuringChain;

        public MockFilterChain(Authentication authentication, Authentication authentication2, IOException iOException) {
            this.expectedOnContextHolder = authentication;
            this.changeContextHolder = authentication2;
            this.toThrowDuringChain = iOException;
        }

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse) throws IOException, ServletException {
            if (this.expectedOnContextHolder != null) {
                assertEquals(this.expectedOnContextHolder, SecurityContextHolder.getContext().getAuthentication());
            }
            if (this.changeContextHolder != null) {
                SecurityContext context = SecurityContextHolder.getContext();
                context.setAuthentication(this.changeContextHolder);
                SecurityContextHolder.setContext(context);
            }
            if (this.toThrowDuringChain != null) {
                throw this.toThrowDuringChain;
            }
        }
    }

    /* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/context/HttpSessionContextIntegrationFilterTests$ThreadRunner.class */
    private static class ThreadRunner extends Thread {
        private MockHttpServletRequest request;
        private MockHttpServletResponse response;
        private HttpSessionContextIntegrationFilter filter;
        private MockFilterChain chain;

        public ThreadRunner(MockHttpServletRequest mockHttpServletRequest, MockHttpServletResponse mockHttpServletResponse, HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter, MockFilterChain mockFilterChain) {
            this.request = mockHttpServletRequest;
            this.response = mockHttpServletResponse;
            this.filter = httpSessionContextIntegrationFilter;
            this.chain = mockFilterChain;
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            try {
                HttpSessionContextIntegrationFilterTests.executeFilterInContainerSimulator(new MockFilterConfig(), this.filter, this.request, this.response, this.chain);
                Assert.assertNotNull(this.request.getSession(false));
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    }

    public HttpSessionContextIntegrationFilterTests() {
    }

    public HttpSessionContextIntegrationFilterTests(String str) {
        super(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void executeFilterInContainerSimulator(FilterConfig filterConfig, Filter filter, ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws ServletException, IOException {
        filter.init(filterConfig);
        filter.doFilter(servletRequest, servletResponse, filterChain);
        filter.destroy();
    }

    public void testDetectsIncompatibleSessionProperties() throws Exception {
        HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter = new HttpSessionContextIntegrationFilter();
        try {
            httpSessionContextIntegrationFilter.setAllowSessionCreation(false);
            httpSessionContextIntegrationFilter.setForceEagerSessionCreation(true);
            httpSessionContextIntegrationFilter.afterPropertiesSet();
            fail("Shown have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
            assertTrue(true);
        }
        httpSessionContextIntegrationFilter.setAllowSessionCreation(true);
        httpSessionContextIntegrationFilter.afterPropertiesSet();
        assertTrue(true);
    }

    public void testDetectsMissingOrInvalidContext() throws Exception {
        HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter = new HttpSessionContextIntegrationFilter();
        try {
            httpSessionContextIntegrationFilter.setContextClass(null);
            httpSessionContextIntegrationFilter.afterPropertiesSet();
            fail("Shown have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
            assertTrue(true);
        }
        try {
            httpSessionContextIntegrationFilter.setContextClass(Integer.class);
            assertEquals(Integer.class, httpSessionContextIntegrationFilter.getContextClass());
            httpSessionContextIntegrationFilter.afterPropertiesSet();
            fail("Shown have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e2) {
            assertTrue(true);
        }
    }

    public void testExceptionWithinFilterChainStillClearsSecurityContextHolder() throws Exception {
        PrincipalSpringSecurityUserToken principalSpringSecurityUserToken = new PrincipalSpringSecurityUserToken("key", "someone", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("SOME_ROLE")}, null);
        SecurityContextImpl securityContextImpl = new SecurityContextImpl();
        securityContextImpl.setAuthentication(principalSpringSecurityUserToken);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.getSession().setAttribute("SPRING_SECURITY_CONTEXT", securityContextImpl);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockFilterChain mockFilterChain = new MockFilterChain(principalSpringSecurityUserToken, null, new IOException());
        HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter = new HttpSessionContextIntegrationFilter();
        httpSessionContextIntegrationFilter.setContextClass(SecurityContextImpl.class);
        httpSessionContextIntegrationFilter.afterPropertiesSet();
        try {
            executeFilterInContainerSimulator(new MockFilterConfig(), httpSessionContextIntegrationFilter, mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
            fail("We should have received the IOException thrown inside the filter chain here");
        } catch (IOException e) {
            assertTrue(true);
        }
        assertEquals(new SecurityContextImpl(), SecurityContextHolder.getContext());
        assertNull("Should have cleared FILTER_APPLIED", mockHttpServletRequest.getAttribute("__spring_security_session_integration_filter_applied"));
    }

    public void testExistingContextContentsCopiedIntoContextHolderFromSessionAndChangesToContextCopiedBackToSession() throws Exception {
        PrincipalSpringSecurityUserToken principalSpringSecurityUserToken = new PrincipalSpringSecurityUserToken("key", "someone", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("SOME_ROLE")}, null);
        PrincipalSpringSecurityUserToken principalSpringSecurityUserToken2 = new PrincipalSpringSecurityUserToken("key", "someone", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("SOME_DIFFERENT_ROLE")}, null);
        SecurityContextImpl securityContextImpl = new SecurityContextImpl();
        securityContextImpl.setAuthentication(principalSpringSecurityUserToken);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.getSession().setAttribute("SPRING_SECURITY_CONTEXT", securityContextImpl);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockFilterChain mockFilterChain = new MockFilterChain(principalSpringSecurityUserToken, principalSpringSecurityUserToken2, null);
        HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter = new HttpSessionContextIntegrationFilter();
        httpSessionContextIntegrationFilter.setContextClass(SecurityContextImpl.class);
        httpSessionContextIntegrationFilter.afterPropertiesSet();
        executeFilterInContainerSimulator(new MockFilterConfig(), httpSessionContextIntegrationFilter, mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals(principalSpringSecurityUserToken2, ((SecurityContext) mockHttpServletRequest.getSession().getAttribute("SPRING_SECURITY_CONTEXT")).getAuthentication());
    }

    public void testHttpSessionCreatedWhenContextHolderChanges() throws Exception {
        PrincipalSpringSecurityUserToken principalSpringSecurityUserToken = new PrincipalSpringSecurityUserToken("key", "someone", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("SOME_DIFFERENT_ROLE")}, null);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockFilterChain mockFilterChain = new MockFilterChain(null, principalSpringSecurityUserToken, null);
        HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter = new HttpSessionContextIntegrationFilter();
        httpSessionContextIntegrationFilter.setContextClass(SecurityContextImpl.class);
        executeFilterInContainerSimulator(new MockFilterConfig(), httpSessionContextIntegrationFilter, mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals(principalSpringSecurityUserToken, ((SecurityContext) mockHttpServletRequest.getSession(false).getAttribute("SPRING_SECURITY_CONTEXT")).getAuthentication());
    }

    public void testHttpSessionEagerlyCreatedWhenDirected() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest((String) null, (String) null);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockFilterChain mockFilterChain = new MockFilterChain(null, null, null);
        HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter = new HttpSessionContextIntegrationFilter();
        httpSessionContextIntegrationFilter.setContextClass(SecurityContextImpl.class);
        httpSessionContextIntegrationFilter.setForceEagerSessionCreation(true);
        httpSessionContextIntegrationFilter.afterPropertiesSet();
        executeFilterInContainerSimulator(new MockFilterConfig(), httpSessionContextIntegrationFilter, mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
        assertNotNull(mockHttpServletRequest.getSession(false));
    }

    public void testHttpSessionNotCreatedUnlessContextHolderChanges() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest((String) null, (String) null);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockFilterChain mockFilterChain = new MockFilterChain(null, null, null);
        HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter = new HttpSessionContextIntegrationFilter();
        httpSessionContextIntegrationFilter.setContextClass(SecurityContextImpl.class);
        httpSessionContextIntegrationFilter.afterPropertiesSet();
        executeFilterInContainerSimulator(new MockFilterConfig(), httpSessionContextIntegrationFilter, mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
        assertNull(mockHttpServletRequest.getSession(false));
    }

    public void testHttpSessionWithNonContextInWellKnownLocationIsOverwritten() throws Exception {
        PrincipalSpringSecurityUserToken principalSpringSecurityUserToken = new PrincipalSpringSecurityUserToken("key", "someone", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("SOME_DIFFERENT_ROLE")}, null);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.getSession().setAttribute("SPRING_SECURITY_CONTEXT", "NOT_A_CONTEXT_OBJECT");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockFilterChain mockFilterChain = new MockFilterChain(null, principalSpringSecurityUserToken, null);
        HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter = new HttpSessionContextIntegrationFilter();
        httpSessionContextIntegrationFilter.setContextClass(SecurityContextImpl.class);
        httpSessionContextIntegrationFilter.afterPropertiesSet();
        executeFilterInContainerSimulator(new MockFilterConfig(), httpSessionContextIntegrationFilter, mockHttpServletRequest, mockHttpServletResponse, mockFilterChain);
        assertEquals(principalSpringSecurityUserToken, ((SecurityContext) mockHttpServletRequest.getSession().getAttribute("SPRING_SECURITY_CONTEXT")).getAuthentication());
    }

    public void testConcurrentThreadsLazilyChangeFilterAppliedValueToTrue() throws Exception {
        PrincipalSpringSecurityUserToken principalSpringSecurityUserToken = new PrincipalSpringSecurityUserToken("key", "someone", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("SOME_ROLE")}, null);
        SecurityContextImpl securityContextImpl = new SecurityContextImpl();
        securityContextImpl.setAuthentication(principalSpringSecurityUserToken);
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.getSession().setAttribute("SPRING_SECURITY_CONTEXT", securityContextImpl);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        HttpSessionContextIntegrationFilter httpSessionContextIntegrationFilter = new HttpSessionContextIntegrationFilter();
        httpSessionContextIntegrationFilter.setContextClass(SecurityContextImpl.class);
        httpSessionContextIntegrationFilter.afterPropertiesSet();
        for (int i = 0; i < 3; i++) {
            new ThreadRunner(mockHttpServletRequest, mockHttpServletResponse, httpSessionContextIntegrationFilter, new MockFilterChain(principalSpringSecurityUserToken, null, null)).start();
        }
    }
}
