package org.finra.herd.app.security;

import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import org.finra.herd.app.AbstractAppTest;
import org.finra.herd.model.dto.ApplicationUser;
import org.finra.herd.model.dto.ConfigurationValue;
import org.finra.herd.model.dto.SecurityUserWrapper;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:org/finra/herd/app/security/SecurityFilterChainTest.class */
public class SecurityFilterChainTest extends AbstractAppTest {
    @Before
    public void before() {
        SecurityContextHolder.clearContext();
    }

    @Test
    public void testFilterAuthenticatedUserOverridesTrustedUser() throws Exception {
        HashMap hashMap = new HashMap();
        assertAuthenticatedUserId("TRUSTED_USER", "TRUSTED_USER_FIRST_NAME", null, executeAuthenticationFilters(false, hashMap));
        hashMap.put("userId", "testUser");
        assertAuthenticatedUserId("testUser", null, null, executeAuthenticationFilters(true, hashMap));
    }

    @Test
    public void testFilterUserIsReauthenticatedWhenUserIdChanges() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("userId", "testUser1");
        assertAuthenticatedUserId("testUser1", null, null, executeAuthenticationFilters(true, hashMap));
        hashMap.put("userId", "testUser2");
        assertAuthenticatedUserId("testUser2", null, null, executeAuthenticationFilters(true, hashMap));
    }

    @Test
    public void testFilterUserIsReauthenticatedWhenSessionInitTimeChanges() throws Exception {
        Date date = new Date(1000L);
        Date date2 = new Date(2000L);
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
        HashMap hashMap = new HashMap();
        hashMap.put("userId", "testUser1");
        hashMap.put("sessionInitTime", simpleDateFormat.format(date));
        assertAuthenticatedUserId("testUser1", null, date, executeAuthenticationFilters(true, hashMap));
        hashMap.put("sessionInitTime", simpleDateFormat.format(date2));
        assertAuthenticatedUserId("testUser1", null, date2, executeAuthenticationFilters(true, hashMap));
    }

    @Test
    public void testFilterUserIsReauthenticatedWhenFirstNameChanges() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("userId", "testUser1");
        hashMap.put("firstName", "firstName1");
        assertAuthenticatedUserId("testUser1", "firstName1", null, executeAuthenticationFilters(true, hashMap));
        hashMap.put("firstName", "differentFirstName");
        assertAuthenticatedUserId("testUser1", "differentFirstName", null, executeAuthenticationFilters(true, hashMap));
    }

    private void assertAuthenticatedUserId(String str, String str2, Date date, Authentication authentication) {
        Assert.assertNotNull("authentication is null", authentication);
        Assert.assertNotNull("authentication principal is null", authentication.getPrincipal());
        Assert.assertEquals("authentication principal type", SecurityUserWrapper.class, authentication.getPrincipal().getClass());
        ApplicationUser applicationUser = ((SecurityUserWrapper) authentication.getPrincipal()).getApplicationUser();
        Assert.assertNotNull("securityUserWrapper applicationUser is null", applicationUser);
        Assert.assertEquals("securityUserWrapper applicationUser userId", str, applicationUser.getUserId());
        Assert.assertEquals("securityUserWrapper applicationUser firstName", str2, applicationUser.getFirstName());
        Assert.assertEquals("securityUserWrapper applicationUser sessionInitTime", date, applicationUser.getSessionInitTime());
    }

    private Authentication executeAuthenticationFilters(Boolean bool, Map<String, Object> map) throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            mockHttpServletRequest.addHeader(entry.getKey(), entry.getValue());
        }
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        Map<String, Object> defaultSecurityEnvironmentVariables = getDefaultSecurityEnvironmentVariables();
        defaultSecurityEnvironmentVariables.put(ConfigurationValue.SECURITY_ENABLED_SPEL_EXPRESSION.getKey(), bool.toString());
        modifyPropertySourceInEnvironment(defaultSecurityEnvironmentVariables);
        try {
            this.trustedUserAuthenticationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
            this.httpHeaderAuthenticationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            restorePropertySourceInEnvironment();
            return authentication;
        } catch (Throwable th) {
            restorePropertySourceInEnvironment();
            throw th;
        }
    }
}
