package org.apache.jackrabbit.oak.security.authentication.token;

import com.google.common.collect.ImmutableMap;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.UUID;
import javax.annotation.Nonnull;
import javax.jcr.Credentials;
import javax.jcr.GuestCredentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.api.security.authentication.token.TokenCredentials;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.spi.security.ConfigurationParameters;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenInfo;
import org.apache.jackrabbit.oak.spi.security.authentication.token.TokenProvider;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/jackrabbit/oak/security/authentication/token/TokenAuthenticationTest.class */
public class TokenAuthenticationTest extends AbstractSecurityTest {
    TokenAuthentication authentication;
    TokenProviderImpl tokenProvider;
    String userId;

    @Override // org.apache.jackrabbit.oak.AbstractSecurityTest
    @Before
    public void before() throws Exception {
        super.before();
        this.tokenProvider = new TokenProviderImpl(this.root, ConfigurationParameters.EMPTY, getUserConfiguration());
        this.root.commit();
        this.authentication = new TokenAuthentication(this.tokenProvider);
        this.userId = getTestUser().getID();
    }

    @Test
    public void testAuthenticateWithoutTokenProvider() throws Exception {
        Assert.assertFalse(new TokenAuthentication((TokenProvider) null).authenticate(new TokenCredentials("token")));
    }

    @Test
    public void testAuthenticateWithInvalidCredentials() throws Exception {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new GuestCredentials());
        arrayList.add(new SimpleCredentials(this.userId, new char[0]));
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            Assert.assertFalse(this.authentication.authenticate((Credentials) it.next()));
        }
    }

    @Test
    public void testAuthenticateWithInvalidTokenCredentials() throws Exception {
        try {
            this.authentication.authenticate(new TokenCredentials(UUID.randomUUID().toString()));
            Assert.fail("LoginException expected");
        } catch (LoginException e) {
        }
    }

    @Test
    public void testAuthenticate() throws Exception {
        Assert.assertTrue(this.authentication.authenticate(new TokenCredentials(this.tokenProvider.createToken(this.userId, Collections.emptyMap()).getToken())));
    }

    @Test
    public void testGetTokenInfoBeforeAuthenticate() {
        try {
            this.authentication.getTokenInfo();
            Assert.fail("IllegalStateException expected");
        } catch (IllegalStateException e) {
        }
    }

    @Test
    public void testGetTokenInfoAfterAuthenticate() throws Exception {
        TokenInfo createToken = this.tokenProvider.createToken(this.userId, Collections.emptyMap());
        this.authentication.authenticate(new TokenCredentials(createToken.getToken()));
        TokenInfo tokenInfo = this.authentication.getTokenInfo();
        Assert.assertNotNull(tokenInfo);
        Assert.assertEquals(createToken.getUserId(), tokenInfo.getUserId());
    }

    @Test
    public void testAuthenticateNotMatchingToken() throws Exception {
        try {
            this.authentication.authenticate(new TokenCredentials(this.tokenProvider.createToken(this.userId, ImmutableMap.of(".token_mandatory", "val")).getToken()));
            Assert.fail("LoginException expected");
        } catch (LoginException e) {
        }
    }

    @Test
    public void testAuthenticateExpiredToken() throws Exception {
        TokenProviderImpl tokenProviderImpl = new TokenProviderImpl(this.root, ConfigurationParameters.of("tokenExpiration", 1), getUserConfiguration());
        TokenInfo createToken = tokenProviderImpl.createToken(this.userId, Collections.emptyMap());
        waitUntilExpired(createToken);
        try {
            new TokenAuthentication(tokenProviderImpl).authenticate(new TokenCredentials(createToken.getToken()));
            Assert.fail("LoginException expected");
        } catch (LoginException e) {
        }
        Assert.assertNull(tokenProviderImpl.getTokenInfo(createToken.getToken()));
    }

    private void waitUntilExpired(@Nonnull TokenInfo tokenInfo) {
        long currentTimeMillis = System.currentTimeMillis();
        while (true) {
            long j = currentTimeMillis;
            if (tokenInfo.isExpired(j)) {
                return;
            } else {
                currentTimeMillis = waitForSystemTimeIncrement(j);
            }
        }
    }

    @Test(expected = IllegalStateException.class)
    public void testGetUserIdBeforeLogin() {
        this.authentication.getUserId();
    }

    @Test
    public void testGetUserId() throws LoginException {
        Assert.assertTrue(this.authentication.authenticate(new TokenCredentials(this.tokenProvider.createToken(this.userId, Collections.emptyMap()).getToken())));
        Assert.assertEquals(this.userId, this.authentication.getUserId());
    }

    @Test(expected = IllegalStateException.class)
    public void testGetUserPrincipalBeforeLogin() {
        this.authentication.getUserPrincipal();
    }

    @Test
    public void testGetUserPrincipal() throws Exception {
        Assert.assertTrue(this.authentication.authenticate(new TokenCredentials(this.tokenProvider.createToken(this.userId, Collections.emptyMap()).getToken())));
        Assert.assertEquals(getTestUser().getPrincipal(), this.authentication.getUserPrincipal());
    }
}
