package org.geoserver.security.oauth2;

import java.util.logging.Logger;
import org.geoserver.security.config.PreAuthenticatedUserNameFilterConfig;
import org.geoserver.security.validation.FilterConfigException;
import org.geoserver.test.GeoServerMockTestSupport;
import org.geotools.util.logging.Logging;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/geoserver/security/oauth2/OAuth2FilterConfigValidatorTest.class */
public class OAuth2FilterConfigValidatorTest extends GeoServerMockTestSupport {
    protected static Logger LOGGER = Logging.getLogger("org.geoserver.security");
    OAuth2FilterConfigValidator validator;

    @Before
    public void setValidator() {
        this.validator = new OAuth2FilterConfigValidator(getSecurityManager());
    }

    @Test
    public void testOAuth2FilterConfigValidation() throws Exception {
        GoogleOAuth2FilterConfig googleOAuth2FilterConfig = new GoogleOAuth2FilterConfig();
        googleOAuth2FilterConfig.setClassName(GeoServerOAuthAuthenticationFilter.class.getName());
        googleOAuth2FilterConfig.setName("testOAuth2");
        check(googleOAuth2FilterConfig);
        this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
    }

    public void check(GoogleOAuth2FilterConfig googleOAuth2FilterConfig) throws Exception {
        boolean z = false;
        try {
            this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
        } catch (FilterConfigException e) {
            Assert.assertEquals("OAUTH2_CLIENT_ID_REQUIRED", e.getId());
            Assert.assertEquals(0L, e.getArgs().length);
            LOGGER.info(e.getMessage());
            z = true;
        }
        Assert.assertTrue(z);
        googleOAuth2FilterConfig.setRoleSource(PreAuthenticatedUserNameFilterConfig.PreAuthenticatedUserNameRoleSource.UserGroupService);
        boolean z2 = false;
        try {
            this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
        } catch (FilterConfigException e2) {
            Assert.assertEquals("OAUTH2_CLIENT_ID_REQUIRED", e2.getId());
            Assert.assertEquals(0L, e2.getArgs().length);
            LOGGER.info(e2.getMessage());
            z2 = true;
        }
        Assert.assertTrue(z2);
        googleOAuth2FilterConfig.setUserGroupServiceName("blabla");
        boolean z3 = false;
        try {
            this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
        } catch (FilterConfigException e3) {
            Assert.assertEquals("OAUTH2_CLIENT_ID_REQUIRED", e3.getId());
            Assert.assertEquals(0L, e3.getArgs().length);
            LOGGER.info(e3.getMessage());
            z3 = true;
        }
        Assert.assertTrue(z3);
        googleOAuth2FilterConfig.setRoleConverterName((String) null);
        googleOAuth2FilterConfig.setCheckTokenEndpointUrl((String) null);
        boolean z4 = false;
        try {
            this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
        } catch (OAuth2FilterConfigException e4) {
            Assert.assertEquals("OAUTH2_CHECKTOKENENDPOINT_URL_REQUIRED", e4.getId());
            Assert.assertEquals(0L, e4.getArgs().length);
            LOGGER.info(e4.getMessage());
            z4 = true;
        }
        Assert.assertTrue(z4);
        googleOAuth2FilterConfig.setCheckTokenEndpointUrl("http://localhost/callback");
        googleOAuth2FilterConfig.setAccessTokenUri("blabal");
        boolean z5 = false;
        try {
            this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
        } catch (OAuth2FilterConfigException e5) {
            Assert.assertEquals("OAUTH2_ACCESSTOKENURI_MALFORMED", e5.getId());
            Assert.assertEquals(0L, e5.getArgs().length);
            LOGGER.info(e5.getMessage());
            z5 = true;
        }
        Assert.assertTrue(z5);
        googleOAuth2FilterConfig.setAccessTokenUri("http://localhost/callback");
        boolean z6 = false;
        try {
            this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
        } catch (OAuth2FilterConfigException e6) {
            Assert.assertEquals("OAUTH2_ACCESSTOKENURI_NOT_HTTPS", e6.getId());
            Assert.assertEquals(0L, e6.getArgs().length);
            LOGGER.info(e6.getMessage());
            z6 = true;
        }
        Assert.assertTrue(z6);
        googleOAuth2FilterConfig.setAccessTokenUri("https://localhost/callback");
        googleOAuth2FilterConfig.setUserAuthorizationUri("blabal");
        boolean z7 = false;
        try {
            this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
        } catch (OAuth2FilterConfigException e7) {
            Assert.assertEquals("OAUTH2_USERAUTHURI_MALFORMED", e7.getId());
            Assert.assertEquals(0L, e7.getArgs().length);
            LOGGER.info(e7.getMessage());
            z7 = true;
        }
        Assert.assertTrue(z7);
        googleOAuth2FilterConfig.setUserAuthorizationUri("https://oauth2server/case");
        googleOAuth2FilterConfig.setLogoutUri("blbla");
        boolean z8 = false;
        try {
            this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
        } catch (OAuth2FilterConfigException e8) {
            Assert.assertEquals("OAUTH2_URL_IN_LOGOUT_URI_MALFORMED", e8.getId());
            Assert.assertEquals(0L, e8.getArgs().length);
            LOGGER.info(e8.getMessage());
            z8 = true;
        }
        Assert.assertTrue(z8);
        googleOAuth2FilterConfig.setLogoutUri("http://localhost/gesoerver");
        googleOAuth2FilterConfig.setCliendId("oauth2clientid");
        googleOAuth2FilterConfig.setClientSecret("oauth2clientsecret");
        googleOAuth2FilterConfig.setScopes("email,profile");
        this.validator.validateOAuth2FilterConfig(googleOAuth2FilterConfig);
    }
}
