package org.neo4j.server.security.auth;

import java.util.concurrent.TimeUnit;
import junit.framework.TestCase;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Test;
import org.neo4j.helpers.FakeClock;
import org.neo4j.server.security.auth.exception.TooManyAuthenticationAttemptsException;

/* loaded from: input_file:org/neo4j/server/security/auth/AuthenticationTest.class */
public class AuthenticationTest {
    @Test
    public void shouldSetPassword() throws Exception {
        InMemoryUserRepository inMemoryUserRepository = new InMemoryUserRepository();
        Authentication authentication = new Authentication(new FakeClock(), inMemoryUserRepository, 1);
        inMemoryUserRepository.save(new User("jake", Privileges.ADMIN));
        authentication.setPassword("jake", "hello, world!");
        Assert.assertTrue(authentication.authenticate("jake", "hello, world!"));
        junit.framework.Assert.assertFalse(authentication.authenticate("jake", "goodbye, world!"));
    }

    @Test
    public void shouldSlowRequestRateOnMultipleFailedAttempts() throws Exception {
        FakeClock fakeClock = new FakeClock();
        Authentication authentication = new Authentication(fakeClock, new InMemoryUserRepository(), 3);
        authentication.authenticate("wrong", "wrong");
        authentication.authenticate("wrong", "wrong");
        authentication.authenticate("wrong", "wrong");
        try {
            authentication.authenticate("wrong", "wrong");
            TestCase.fail("Shouldn't have been allowed");
        } catch (TooManyAuthenticationAttemptsException e) {
            Assert.assertThat(e.getMessage(), Matchers.equalTo("Too many failed authentication requests. Please try again in 5 seconds."));
        }
        fakeClock.forward(6L, TimeUnit.SECONDS);
        junit.framework.Assert.assertFalse(authentication.authenticate("wrong", "wrong"));
    }

    @Test
    public void handlesMalformedAuthentication() throws Exception {
        InMemoryUserRepository inMemoryUserRepository = new InMemoryUserRepository();
        Authentication authentication = new Authentication(new FakeClock(), inMemoryUserRepository, 50);
        inMemoryUserRepository.save(new User("jake", Privileges.ADMIN));
        authentication.setPassword("jake", "helo");
        junit.framework.Assert.assertFalse(authentication.authenticate("jake", "hello, world!"));
        junit.framework.Assert.assertFalse(authentication.authenticate((String) null, "hello, world!"));
        junit.framework.Assert.assertFalse(authentication.authenticate("jake", (String) null));
        junit.framework.Assert.assertFalse(authentication.authenticate((String) null, (String) null));
        junit.framework.Assert.assertFalse(authentication.authenticate("no such user", (String) null));
    }
}
