package org.springframework.security.providers.x509;

import java.security.cert.X509Certificate;
import junit.framework.TestCase;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;

/* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/x509/X509AuthenticationProviderTests.class */
public class X509AuthenticationProviderTests extends TestCase {

    /* loaded from: input_file:spring-security-core-2.0.8.RELEASE-tests.jar:org/springframework/security/providers/x509/X509AuthenticationProviderTests$MockAuthoritiesPopulator.class */
    public static class MockAuthoritiesPopulator implements X509AuthoritiesPopulator {
        private boolean rejectCertificate;

        public MockAuthoritiesPopulator(boolean z) {
            this.rejectCertificate = z;
        }

        @Override // org.springframework.security.providers.x509.X509AuthoritiesPopulator
        public UserDetails getUserDetails(X509Certificate x509Certificate) throws AuthenticationException {
            if (this.rejectCertificate) {
                throw new BadCredentialsException("Invalid Certificate");
            }
            return new User("user", "password", true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_A"), new GrantedAuthorityImpl("ROLE_B")});
        }
    }

    public X509AuthenticationProviderTests() {
    }

    public X509AuthenticationProviderTests(String str) {
        super(str);
    }

    public final void setUp() throws Exception {
        super.setUp();
    }

    public void testAuthenticationIsNullWithUnsupportedToken() {
        assertNull(new X509AuthenticationProvider().authenticate(new UsernamePasswordAuthenticationToken("dummy", "dummy")));
    }

    public void testFailsWithNullCertificate() {
        X509AuthenticationProvider x509AuthenticationProvider = new X509AuthenticationProvider();
        x509AuthenticationProvider.setX509AuthoritiesPopulator(new MockAuthoritiesPopulator(false));
        try {
            x509AuthenticationProvider.authenticate(new X509AuthenticationToken(null));
            fail("Should have thrown BadCredentialsException");
        } catch (BadCredentialsException e) {
        }
    }

    public void testNormalOperation() throws Exception {
        X509AuthenticationProvider x509AuthenticationProvider = new X509AuthenticationProvider();
        x509AuthenticationProvider.setX509AuthoritiesPopulator(new MockAuthoritiesPopulator(false));
        x509AuthenticationProvider.afterPropertiesSet();
        Authentication authenticate = x509AuthenticationProvider.authenticate(X509TestUtils.createToken());
        assertNotNull(authenticate);
        assertNotNull(authenticate.getAuthorities());
    }

    public void testPopulatorRejectionCausesFailure() throws Exception {
        X509AuthenticationProvider x509AuthenticationProvider = new X509AuthenticationProvider();
        x509AuthenticationProvider.setX509AuthoritiesPopulator(new MockAuthoritiesPopulator(true));
        try {
            x509AuthenticationProvider.authenticate(X509TestUtils.createToken());
            fail("Should have thrown BadCredentialsException");
        } catch (BadCredentialsException e) {
        }
    }

    public void testRequiresPopulator() throws Exception {
        try {
            new X509AuthenticationProvider().afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
        }
    }
}
