package org.neo4j.server.security.auth;

import org.hamcrest.CoreMatchers;
import org.junit.Assert;
import org.junit.Test;
import org.neo4j.helpers.FakeClock;
import org.neo4j.server.security.auth.exception.IllegalTokenException;

/* loaded from: input_file:org/neo4j/server/security/auth/SecurityCentralTest.class */
public class SecurityCentralTest {
    @Test
    public void shouldKeepPersistentToken() throws Exception {
        SecurityCentral securityCentral = new SecurityCentral(new FakeClock(), new InMemoryUserRepository());
        securityCentral.newUser("neo4j", Privileges.ADMIN);
        securityCentral.regenerateToken("neo4j");
        Assert.assertThat(securityCentral.userForToken(securityCentral.userForName("neo4j").token()).name(), CoreMatchers.equalTo("neo4j"));
    }

    @Test
    public void shouldRegenerateToken() throws Exception {
        SecurityCentral securityCentral = new SecurityCentral(new FakeClock(), new InMemoryUserRepository());
        securityCentral.newUser("neo4j", Privileges.ADMIN);
        String str = securityCentral.userForName("neo4j").token();
        securityCentral.userForToken(str);
        String regenerateToken = securityCentral.regenerateToken("neo4j");
        Assert.assertThat(securityCentral.userForName("neo4j").token(), CoreMatchers.equalTo(regenerateToken));
        Assert.assertThat(securityCentral.userForToken(regenerateToken).name(), CoreMatchers.equalTo("neo4j"));
        Assert.assertThat(securityCentral.userForToken(str).name(), CoreMatchers.equalTo(SecurityCentral.UNAUTHENTICATED.name()));
    }

    @Test
    public void shouldNotAllowSettingDuplicateTokens() throws Exception {
        SecurityCentral securityCentral = new SecurityCentral(new FakeClock(), new InMemoryUserRepository());
        securityCentral.newUser("neo4j", Privileges.ADMIN);
        securityCentral.newUser("other", Privileges.ADMIN);
        securityCentral.regenerateToken("neo4j");
        try {
            securityCentral.setToken("other", securityCentral.userForName("neo4j").token());
            Assert.fail("Should not have been allowed.");
        } catch (IllegalTokenException e) {
            Assert.assertThat(e.getMessage(), CoreMatchers.equalTo("Unable to set token, because the chosen token is already in use."));
        }
    }

    @Test
    public void shouldRegenerateTokenOnRequiredPasswordChange() throws Exception {
        SecurityCentral securityCentral = new SecurityCentral(new FakeClock(), new InMemoryUserRepository());
        securityCentral.newUser("neo4j", Privileges.ADMIN);
        securityCentral.setPassword("neo4j", "secret");
        Assert.assertThat(Boolean.valueOf(securityCentral.userForName("neo4j").passwordChangeRequired()), CoreMatchers.equalTo(false));
        Assert.assertThat(securityCentral.userForName("neo4j").token(), CoreMatchers.notNullValue());
    }
}
