package org.apache.jackrabbit.oak.security.authentication.token;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.UUID;
import javax.jcr.AccessDeniedException;
import javax.jcr.Credentials;
import javax.jcr.GuestCredentials;
import javax.jcr.SimpleCredentials;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.jackrabbit.oak.api.AuthInfo;
import org.apache.jackrabbit.oak.api.PropertyState;
import org.apache.jackrabbit.oak.api.Tree;
import org.apache.jackrabbit.oak.api.Type;
import org.apache.jackrabbit.oak.plugins.identifier.IdentifierManager;
import org.apache.jackrabbit.oak.plugins.identifier.IdentifierManagerTest;
import org.apache.jackrabbit.oak.spi.security.authentication.ImpersonationCredentials;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
import org.apache.jackrabbit.oak.util.NodeUtil;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/jackrabbit/oak/security/authentication/token/TokenProviderImplTest.class */
public class TokenProviderImplTest extends AbstractTokenTest {
    private String userId;

    @Override // org.apache.jackrabbit.oak.security.authentication.token.AbstractTokenTest, org.apache.jackrabbit.oak.AbstractSecurityTest
    @Before
    public void before() throws Exception {
        super.before();
        this.userId = getTestUser().getID();
    }

    @Test
    public void testDoCreateToken() throws Exception {
        Assert.assertFalse(this.tokenProvider.doCreateToken(new GuestCredentials()));
        Assert.assertFalse(this.tokenProvider.doCreateToken(new TokenCredentials("token")));
        Assert.assertFalse(this.tokenProvider.doCreateToken(getAdminCredentials()));
        SimpleCredentials simpleCredentials = new SimpleCredentials("uid", "pw".toCharArray());
        Assert.assertFalse(this.tokenProvider.doCreateToken(simpleCredentials));
        simpleCredentials.setAttribute("any_attribute", "value");
        Assert.assertFalse(this.tokenProvider.doCreateToken(simpleCredentials));
        simpleCredentials.setAttribute("rep:token_key", "value");
        Assert.assertFalse(this.tokenProvider.doCreateToken(simpleCredentials));
        simpleCredentials.setAttribute(".token", "existing");
        Assert.assertFalse(this.tokenProvider.doCreateToken(simpleCredentials));
        simpleCredentials.setAttribute(".token", "");
        Assert.assertTrue(this.tokenProvider.doCreateToken(simpleCredentials));
    }

    @Test
    public void testCreateTokenFromInvalidCredentials() throws Exception {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new GuestCredentials());
        arrayList.add(new TokenCredentials("sometoken"));
        arrayList.add(new ImpersonationCredentials(new GuestCredentials(), (AuthInfo) null));
        arrayList.add(new SimpleCredentials("unknownUserId", new char[0]));
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            Assert.assertNull(this.tokenProvider.createToken((Credentials) it.next()));
        }
    }

    @Test
    public void testCreateTokenFromCredentials() throws Exception {
        SimpleCredentials simpleCredentials = new SimpleCredentials(this.userId, new char[0]);
        ArrayList arrayList = new ArrayList();
        arrayList.add(simpleCredentials);
        arrayList.add(new ImpersonationCredentials(simpleCredentials, (AuthInfo) null));
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            assertTokenInfo(this.tokenProvider.createToken((Credentials) it.next()), this.userId);
        }
    }

    @Test
    public void testCreateTokenFromInvalidUserId() throws Exception {
        Assert.assertNull(this.tokenProvider.createToken("unknownUserId", Collections.emptyMap()));
    }

    @Test
    public void testCreateTokenFromUserId() throws Exception {
        assertTokenInfo(this.tokenProvider.createToken(this.userId, Collections.emptyMap()), this.userId);
    }

    @Test
    public void testTokenNode() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put(".token", "value");
        hashMap.put("rep:token.key", "value");
        hashMap.put("rep:token.exp", "value");
        HashMap hashMap2 = new HashMap();
        hashMap2.put(".token_exp", "value");
        hashMap2.put(".tokenTest", "value");
        hashMap2.put(".token_something", "value");
        HashMap hashMap3 = new HashMap();
        hashMap3.put("any", "value");
        hashMap3.put("another", "value");
        HashMap hashMap4 = new HashMap();
        hashMap4.putAll(hashMap);
        hashMap4.putAll(hashMap3);
        hashMap4.putAll(hashMap2);
        Tree tokenTree = getTokenTree(this.tokenProvider.createToken(this.userId, hashMap4));
        PropertyState property = tokenTree.getProperty("rep:token.key");
        Assert.assertNotNull(property);
        Assert.assertEquals(Type.STRING, property.getType());
        PropertyState property2 = tokenTree.getProperty("rep:token.exp");
        Assert.assertNotNull(property2);
        Assert.assertEquals(Type.DATE, property2.getType());
        for (String str : hashMap.keySet()) {
            PropertyState property3 = tokenTree.getProperty(str);
            if (property3 != null) {
                Assert.assertFalse(((String) hashMap.get(str)).equals(property3.getValue(Type.STRING)));
            }
        }
        for (String str2 : hashMap2.keySet()) {
            Assert.assertEquals(hashMap2.get(str2), tokenTree.getProperty(str2).getValue(Type.STRING));
        }
        for (String str3 : hashMap3.keySet()) {
            Assert.assertEquals(hashMap3.get(str3), tokenTree.getProperty(str3).getValue(Type.STRING));
        }
    }

    @Test
    public void testGetTokenInfoFromInvalidToken() throws Exception {
        ArrayList arrayList = new ArrayList();
        arrayList.add("/invalid");
        arrayList.add(UUID.randomUUID().toString());
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            Assert.assertNull(this.tokenProvider.getTokenInfo((String) it.next()));
        }
        try {
            Assert.assertNull(this.tokenProvider.getTokenInfo("invalidToken"));
        } catch (Exception e) {
        }
    }

    @Test
    public void testGetTokenInfoFromInvalidLocation() throws Exception {
        TokenInfo createToken = this.tokenProvider.createToken(this.userId, Collections.emptyMap());
        Tree tokenTree = getTokenTree(createToken);
        Assert.assertNotNull(this.tokenProvider.getTokenInfo(createToken.getToken()));
        NodeUtil addChild = new NodeUtil(this.root.getTree(IdentifierManagerTest.ID_ROOT)).addChild("testNode", "nt:unstructured");
        try {
            createTokenTree(createToken, addChild, "rep:Token");
            tokenTree.remove();
            this.root.commit();
            Assert.assertNull(this.tokenProvider.getTokenInfo(createToken.getToken()));
            addChild.getTree().remove();
            this.root.commit();
        } catch (Throwable th) {
            addChild.getTree().remove();
            this.root.commit();
            throw th;
        }
    }

    @Test
    public void testGetTokenInfoFromInvalidLocation2() throws Exception {
        TokenInfo createToken = this.tokenProvider.createToken(this.userId, Collections.emptyMap());
        Tree tokenTree = getTokenTree(createToken);
        Assert.assertNotNull(this.tokenProvider.getTokenInfo(createToken.getToken()));
        NodeUtil addChild = new NodeUtil(this.root.getTree(getUserManager(this.root).getAuthorizable(this.userId).getPath())).addChild("testNode", "nt:unstructured");
        try {
            createTokenTree(createToken, addChild, "rep:Token");
            tokenTree.remove();
            this.root.commit();
            Assert.assertNull(this.tokenProvider.getTokenInfo(createToken.getToken()));
            addChild.getTree().remove();
            this.root.commit();
        } catch (Throwable th) {
            addChild.getTree().remove();
            this.root.commit();
            throw th;
        }
    }

    @Test
    public void testGetTokenInfoFromInvalidLocation3() throws Exception {
        TokenInfo createToken = this.tokenProvider.createToken(this.userId, Collections.emptyMap());
        Tree tokenTree = getTokenTree(createToken);
        Assert.assertNotNull(this.tokenProvider.getTokenInfo(createToken.getToken()));
        NodeUtil nodeUtil = new NodeUtil(this.root.getTree(getUserManager(this.root).getAuthorizable(this.userId).getPath()).getChild(".tokens"));
        try {
            createTokenTree(createToken, nodeUtil, "nt:unstructured");
            tokenTree.remove();
            this.root.commit();
            Assert.assertNull(this.tokenProvider.getTokenInfo(createToken.getToken()));
            nodeUtil.getTree().remove();
            this.root.commit();
        } catch (Throwable th) {
            nodeUtil.getTree().remove();
            this.root.commit();
            throw th;
        }
    }

    @Test
    public void testGetTokenInfoFromInvalidLocation4() throws Exception {
        TokenInfo createToken = this.tokenProvider.createToken(this.userId, Collections.emptyMap());
        Tree tokenTree = getTokenTree(createToken);
        Assert.assertNotNull(this.tokenProvider.getTokenInfo(createToken.getToken()));
        TokenInfo tokenInfo = null;
        try {
            Assert.assertTrue(this.root.move(tokenTree.getPath(), new NodeUtil(this.root.getTree(getUserManager(this.root).getAuthorizable(this.adminSession.getAuthInfo().getUserID()).getPath())).getOrAddChild(".tokens", "nt:unstructured").getTree().getPath() + IdentifierManagerTest.ID_ROOT + tokenTree.getName()));
            this.root.commit();
            tokenInfo = this.tokenProvider.getTokenInfo(createToken.getToken());
            Assert.assertNotNull(tokenInfo);
            Assert.assertFalse(tokenInfo.matches(new TokenCredentials(createToken.getToken())));
            getTokenTree(tokenInfo).remove();
            this.root.commit();
        } catch (Throwable th) {
            getTokenTree(tokenInfo).remove();
            this.root.commit();
            throw th;
        }
    }

    @Test
    public void testGetTokenInfo() throws Exception {
        assertTokenInfo(this.tokenProvider.getTokenInfo(this.tokenProvider.createToken(this.userId, Collections.emptyMap()).getToken()), this.userId);
    }

    @Test
    public void testCreateTokenWithExpirationParam() throws Exception {
        SimpleCredentials simpleCredentials = new SimpleCredentials(this.userId, new char[0]);
        simpleCredentials.setAttribute("tokenExpiration", 100000);
        TokenInfo createToken = this.tokenProvider.createToken(simpleCredentials);
        assertTokenInfo(createToken, this.userId);
        Tree tokenTree = getTokenTree(createToken);
        Assert.assertNotNull(tokenTree);
        Assert.assertTrue(tokenTree.exists());
        Assert.assertTrue(tokenTree.hasProperty("tokenExpiration"));
        Assert.assertEquals(100000L, ((Long) tokenTree.getProperty("tokenExpiration").getValue(Type.LONG)).longValue());
    }

    @Test
    public void testCreateTokenWithInvalidExpirationParam() throws Exception {
        SimpleCredentials simpleCredentials = new SimpleCredentials(this.userId, new char[0]);
        simpleCredentials.setAttribute("tokenExpiration", IdentifierManagerTest.ID_INVALID);
        try {
            this.tokenProvider.createToken(simpleCredentials);
            Assert.fail();
        } catch (NumberFormatException e) {
        }
    }

    private static void assertTokenInfo(TokenInfo tokenInfo, String str) {
        Assert.assertNotNull(tokenInfo);
        Assert.assertNotNull(tokenInfo.getToken());
        Assert.assertEquals(str, tokenInfo.getUserId());
        Assert.assertFalse(tokenInfo.isExpired(new Date().getTime()));
    }

    private Tree getTokenTree(TokenInfo tokenInfo) {
        String token = tokenInfo.getToken();
        int indexOf = token.indexOf(95);
        return new IdentifierManager(this.root).getTree(indexOf == -1 ? token : token.substring(0, indexOf));
    }

    private void createTokenTree(TokenInfo tokenInfo, NodeUtil nodeUtil, String str) throws AccessDeniedException {
        Tree tokenTree = getTokenTree(tokenInfo);
        Tree tree = nodeUtil.addChild("token", str).getTree();
        tree.setProperty(tokenTree.getProperty("jcr:uuid"));
        tree.setProperty(tokenTree.getProperty("rep:token.key"));
        tree.setProperty(tokenTree.getProperty("rep:token.exp"));
    }
}
