package org.springframework.security.providers.cas;

import java.util.HashMap;
import java.util.Map;
import org.jasig.cas.client.validation.Assertion;
import org.jasig.cas.client.validation.AssertionImpl;
import org.jasig.cas.client.validation.TicketValidationException;
import org.jasig.cas.client.validation.TicketValidator;
import org.junit.Assert;
import org.junit.Test;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.portlet.PortletTestUtils;
import org.springframework.security.ui.cas.CasProcessingFilter;
import org.springframework.security.ui.cas.ServiceProperties;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;

/* loaded from: input_file:spring-security-cas-client-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/cas/CasAuthenticationProviderTests.class */
public class CasAuthenticationProviderTests {

    /* loaded from: input_file:spring-security-cas-client-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/cas/CasAuthenticationProviderTests$MockAuthoritiesPopulator.class */
    private class MockAuthoritiesPopulator implements UserDetailsService {
        private MockAuthoritiesPopulator() {
        }

        @Override // org.springframework.security.userdetails.UserDetailsService
        public UserDetails loadUserByUsername(String str) throws AuthenticationException {
            return CasAuthenticationProviderTests.this.makeUserDetailsFromAuthoritiesPopulator();
        }
    }

    /* loaded from: input_file:spring-security-cas-client-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/cas/CasAuthenticationProviderTests$MockStatelessTicketCache.class */
    private class MockStatelessTicketCache implements StatelessTicketCache {
        private Map cache;

        private MockStatelessTicketCache() {
            this.cache = new HashMap();
        }

        @Override // org.springframework.security.providers.cas.StatelessTicketCache
        public CasAuthenticationToken getByTicketId(String str) {
            return (CasAuthenticationToken) this.cache.get(str);
        }

        @Override // org.springframework.security.providers.cas.StatelessTicketCache
        public void putTicketInCache(CasAuthenticationToken casAuthenticationToken) {
            this.cache.put(casAuthenticationToken.getCredentials().toString(), casAuthenticationToken);
        }

        @Override // org.springframework.security.providers.cas.StatelessTicketCache
        public void removeTicketFromCache(CasAuthenticationToken casAuthenticationToken) {
            throw new UnsupportedOperationException("mock method not implemented");
        }

        @Override // org.springframework.security.providers.cas.StatelessTicketCache
        public void removeTicketFromCache(String str) {
            throw new UnsupportedOperationException("mock method not implemented");
        }
    }

    /* loaded from: input_file:spring-security-cas-client-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/cas/CasAuthenticationProviderTests$MockTicketValidator.class */
    private class MockTicketValidator implements TicketValidator {
        private boolean returnTicket;

        public MockTicketValidator(boolean z) {
            this.returnTicket = z;
        }

        public Assertion validate(String str, String str2) throws TicketValidationException {
            if (this.returnTicket) {
                return new AssertionImpl("rod");
            }
            throw new BadCredentialsException("As requested from mock");
        }
    }

    private UserDetails makeUserDetails() {
        return new User("user", "password", true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl(PortletTestUtils.TESTROLE1), new GrantedAuthorityImpl(PortletTestUtils.TESTROLE2)});
    }

    /* JADX INFO: Access modifiers changed from: private */
    public UserDetails makeUserDetailsFromAuthoritiesPopulator() {
        return new User("user", "password", true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_A"), new GrantedAuthorityImpl("ROLE_B")});
    }

    private ServiceProperties makeServiceProperties() {
        ServiceProperties serviceProperties = new ServiceProperties();
        serviceProperties.setSendRenew(false);
        serviceProperties.setService("http://test.com");
        return serviceProperties;
    }

    @Test
    public void statefulAuthenticationIsSuccessful() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setKey("qwerty");
        MockStatelessTicketCache mockStatelessTicketCache = new MockStatelessTicketCache();
        casAuthenticationProvider.setStatelessTicketCache(mockStatelessTicketCache);
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.afterPropertiesSet();
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(CasProcessingFilter.CAS_STATEFUL_IDENTIFIER, "ST-123");
        usernamePasswordAuthenticationToken.setDetails("details");
        Authentication authenticate = casAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken);
        Assert.assertTrue(mockStatelessTicketCache.getByTicketId("ST-456") == null);
        if (!(authenticate instanceof CasAuthenticationToken)) {
            Assert.fail("Should have returned a CasAuthenticationToken");
        }
        CasAuthenticationToken casAuthenticationToken = (CasAuthenticationToken) authenticate;
        Assert.assertEquals(makeUserDetailsFromAuthoritiesPopulator(), casAuthenticationToken.getPrincipal());
        Assert.assertEquals("ST-123", casAuthenticationToken.getCredentials());
        Assert.assertEquals(new GrantedAuthorityImpl("ROLE_A"), casAuthenticationToken.getAuthorities()[0]);
        Assert.assertEquals(new GrantedAuthorityImpl("ROLE_B"), casAuthenticationToken.getAuthorities()[1]);
        Assert.assertEquals(casAuthenticationProvider.getKey().hashCode(), casAuthenticationToken.getKeyHash());
        Assert.assertEquals("details", casAuthenticationToken.getDetails());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(false));
        Assert.assertEquals(authenticate, casAuthenticationProvider.authenticate(authenticate));
    }

    @Test
    public void statelessAuthenticationIsSuccessful() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setKey("qwerty");
        MockStatelessTicketCache mockStatelessTicketCache = new MockStatelessTicketCache();
        casAuthenticationProvider.setStatelessTicketCache(mockStatelessTicketCache);
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(CasProcessingFilter.CAS_STATELESS_IDENTIFIER, "ST-456");
        usernamePasswordAuthenticationToken.setDetails("details");
        Authentication authenticate = casAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken);
        Assert.assertTrue(mockStatelessTicketCache.getByTicketId("ST-456") != null);
        if (!(authenticate instanceof CasAuthenticationToken)) {
            Assert.fail("Should have returned a CasAuthenticationToken");
        }
        Assert.assertEquals(makeUserDetailsFromAuthoritiesPopulator(), authenticate.getPrincipal());
        Assert.assertEquals("ST-456", authenticate.getCredentials());
        Assert.assertEquals("details", authenticate.getDetails());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(false));
        Authentication authenticate2 = casAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken);
        Assert.assertEquals(makeUserDetailsFromAuthoritiesPopulator(), authenticate2.getPrincipal());
        Assert.assertEquals("ST-456", authenticate2.getCredentials());
    }

    @Test(expected = BadCredentialsException.class)
    public void missingTicketIdIsDetected() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setKey("qwerty");
        casAuthenticationProvider.setStatelessTicketCache(new MockStatelessTicketCache());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
        casAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken(CasProcessingFilter.CAS_STATEFUL_IDENTIFIER, ""));
    }

    @Test(expected = BadCredentialsException.class)
    public void invalidKeyIsDetected() throws Exception {
        AssertionImpl assertionImpl = new AssertionImpl("test");
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setKey("qwerty");
        casAuthenticationProvider.setStatelessTicketCache(new MockStatelessTicketCache());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
        casAuthenticationProvider.authenticate(new CasAuthenticationToken("WRONG_KEY", makeUserDetails(), "credentials", new GrantedAuthority[]{new GrantedAuthorityImpl("XX")}, makeUserDetails(), assertionImpl));
    }

    @Test(expected = IllegalArgumentException.class)
    public void detectsMissingAuthoritiesPopulator() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setKey("qwerty");
        casAuthenticationProvider.setStatelessTicketCache(new MockStatelessTicketCache());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
    }

    @Test(expected = IllegalArgumentException.class)
    public void detectsMissingKey() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setStatelessTicketCache(new MockStatelessTicketCache());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
    }

    @Test(expected = IllegalArgumentException.class)
    public void detectsMissingStatelessTicketCache() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setStatelessTicketCache(null);
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setKey("qwerty");
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
    }

    @Test(expected = IllegalArgumentException.class)
    public void detectsMissingTicketValidator() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setKey("qwerty");
        casAuthenticationProvider.setStatelessTicketCache(new MockStatelessTicketCache());
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
    }

    @Test
    public void gettersAndSettersMatch() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setKey("qwerty");
        casAuthenticationProvider.setStatelessTicketCache(new MockStatelessTicketCache());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
        Assert.assertTrue(casAuthenticationProvider.getUserDetailsService() != null);
        Assert.assertEquals("qwerty", casAuthenticationProvider.getKey());
        Assert.assertTrue(casAuthenticationProvider.getStatelessTicketCache() != null);
        Assert.assertTrue(casAuthenticationProvider.getTicketValidator() != null);
    }

    @Test
    public void ignoresClassesItDoesNotSupport() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setKey("qwerty");
        casAuthenticationProvider.setStatelessTicketCache(new MockStatelessTicketCache());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
        TestingAuthenticationToken testingAuthenticationToken = new TestingAuthenticationToken("user", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_A")});
        Assert.assertFalse(casAuthenticationProvider.supports(TestingAuthenticationToken.class));
        Assert.assertEquals((Object) null, casAuthenticationProvider.authenticate(testingAuthenticationToken));
    }

    @Test
    public void ignoresUsernamePasswordAuthenticationTokensWithoutCasIdentifiersAsPrincipal() throws Exception {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        casAuthenticationProvider.setUserDetailsService(new MockAuthoritiesPopulator());
        casAuthenticationProvider.setKey("qwerty");
        casAuthenticationProvider.setStatelessTicketCache(new MockStatelessTicketCache());
        casAuthenticationProvider.setTicketValidator(new MockTicketValidator(true));
        casAuthenticationProvider.setServiceProperties(makeServiceProperties());
        casAuthenticationProvider.afterPropertiesSet();
        Assert.assertEquals((Object) null, casAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("some_normal_user", "password", new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_A")})));
    }

    @Test
    public void supportsRequiredTokens() {
        CasAuthenticationProvider casAuthenticationProvider = new CasAuthenticationProvider();
        Assert.assertTrue(casAuthenticationProvider.supports(UsernamePasswordAuthenticationToken.class));
        Assert.assertTrue(casAuthenticationProvider.supports(CasAuthenticationToken.class));
    }
}
