package org.geoserver.security;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.servlet.Filter;
import org.custommonkey.xmlunit.SimpleNamespaceContext;
import org.custommonkey.xmlunit.XMLAssert;
import org.custommonkey.xmlunit.XMLUnit;
import org.custommonkey.xmlunit.XpathEngine;
import org.geoserver.config.GeoServer;
import org.geoserver.data.test.CiteTestData;
import org.geoserver.data.test.MockData;
import org.geoserver.data.test.SystemTestData;
import org.geoserver.security.config.SecurityManagerConfig;
import org.geoserver.test.GeoServerSystemTestSupport;
import org.geoserver.wms.WMSInfo;
import org.junit.Assert;
import org.junit.Test;
import org.w3c.dom.Document;

/* loaded from: input_file:org/geoserver/security/AuthencationKeyOWSTest.class */
public class AuthencationKeyOWSTest extends GeoServerSystemTestSupport {
    private static String adminKey;
    private static String citeKey;

    protected void setUpTestData(SystemTestData systemTestData) throws Exception {
        super.setUpTestData(systemTestData);
        File file = new File(systemTestData.getDataDirectoryRoot(), "security");
        new Properties();
        File file2 = new File(file, "layers.properties");
        Properties properties = new Properties();
        properties.put("mode", "hidden");
        properties.put("*.*.r", "NO_ONE");
        properties.put("*.*.w", "NO_ONE");
        properties.put("sf.*.r", "*");
        properties.put("cite.*.r", "cite");
        properties.put("cite.*.w", "cite");
        FileOutputStream fileOutputStream = new FileOutputStream(file2);
        try {
            properties.store(fileOutputStream, "");
            fileOutputStream.close();
        } catch (Throwable th) {
            try {
                fileOutputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    protected void onSetUp(SystemTestData systemTestData) throws Exception {
        super.onSetUp(systemTestData);
        HashMap hashMap = new HashMap();
        hashMap.put("wms", "http://www.opengis.net/wms");
        hashMap.put("ows", "http://www.opengis.net/ows");
        hashMap.put("xlink", "http://www.w3.org/1999/xlink");
        hashMap.put("ogc", "http://www.opengis.net/ogc");
        hashMap.put("", "http://www.opengis.net/ogc");
        hashMap.put("wfs", "http://www.opengis.net/wfs");
        hashMap.put("xsi", "http://www.w3.org/2001/XMLSchema-instance");
        CiteTestData.registerNamespaces(hashMap);
        XMLUnit.setXpathNamespaceContext(new SimpleNamespaceContext(hashMap));
        GeoServer geoServer = getGeoServer();
        WMSInfo service = geoServer.getService(WMSInfo.class);
        service.getSRS().add("EPSG:4326");
        geoServer.save(service);
        GeoServerUserGroupStore createStore = getSecurityManager().loadUserGroupService("default").createStore();
        createStore.load();
        createStore.addUser(createStore.createUserObject("cite", "cite", true));
        createStore.store();
        GeoServerRoleStore createStore2 = getSecurityManager().loadRoleService("default").createStore();
        createStore2.load();
        createStore2.addRole(createStore2.createRoleObject("NO_ONE"));
        createStore2.addRole(createStore2.createRoleObject("cite"));
        createStore2.associateRoleToUser(createStore2.createRoleObject("cite"), "cite");
        createStore2.store();
        AuthenticationKeyFilterConfig authenticationKeyFilterConfig = new AuthenticationKeyFilterConfig();
        authenticationKeyFilterConfig.setClassName(GeoServerAuthenticationKeyFilter.class.getName());
        authenticationKeyFilterConfig.setName("testAuthKeyFilter1");
        authenticationKeyFilterConfig.setUserGroupServiceName("default");
        authenticationKeyFilterConfig.setAuthKeyParamName("authkey");
        authenticationKeyFilterConfig.setAuthKeyMapperName("propertyMapper");
        getSecurityManager().saveFilter(authenticationKeyFilterConfig);
        SecurityManagerConfig securityConfig = getSecurityManager().getSecurityConfig();
        securityConfig.getFilterChain().getRequestChainByName("default").getFilterNames().add(0, "testAuthKeyFilter1");
        getSecurityManager().saveSecurityConfig(securityConfig);
        PropertyAuthenticationKeyMapper mapper = getSecurityManager().loadFilter("testAuthKeyFilter1").getMapper();
        mapper.synchronize();
        for (Map.Entry entry : mapper.authKeyProps.entrySet()) {
            if ("admin".equals(entry.getValue())) {
                adminKey = (String) entry.getKey();
            }
            if ("cite".equals(entry.getValue())) {
                citeKey = (String) entry.getKey();
            }
        }
        if (adminKey == null) {
            throw new RuntimeException("Missing admin key");
        }
        if (citeKey == null) {
            throw new RuntimeException("Missing cite key");
        }
    }

    protected List<Filter> getFilters() {
        VariableFilterChain requestChainByName = getSecurityManager().getSecurityConfig().getFilterChain().getRequestChainByName("default");
        ArrayList arrayList = new ArrayList();
        Iterator it = requestChainByName.getCompiledFilterNames().iterator();
        while (it.hasNext()) {
            try {
                arrayList.add(getSecurityManager().loadFilter((String) it.next()));
            } catch (IOException e) {
                throw new RuntimeException(e);
            }
        }
        return arrayList;
    }

    @Test
    public void testAnonymousCapabilities() throws Exception {
        Document asDOM = getAsDOM("wms?request=GetCapabilities&version=1.1.0");
        Assert.assertTrue(XMLUnit.newXpathEngine().getMatchingNodes("//Layer/Name[starts-with(text(), 'sf:')]", asDOM).getLength() > 1);
        Assert.assertEquals(0L, r0.getMatchingNodes("//Layer/Name[starts-with(text(), 'cite:')]", asDOM).getLength());
        Assert.assertEquals(0L, r0.getMatchingNodes("//Layer/Name[starts-with(text(), 'cdf:')]", asDOM).getLength());
    }

    @Test
    public void testAdminCapabilities() throws Exception {
        Document asDOM = getAsDOM("wms?request=GetCapabilities&version=1.1.0&authkey=" + adminKey);
        XpathEngine newXpathEngine = XMLUnit.newXpathEngine();
        Assert.assertTrue(newXpathEngine.getMatchingNodes("//Layer/Name[starts-with(text(), 'sf:')]", asDOM).getLength() > 1);
        Assert.assertTrue(newXpathEngine.getMatchingNodes("//Layer/Name[starts-with(text(), 'cdf:')]", asDOM).getLength() > 1);
        Assert.assertTrue(newXpathEngine.getMatchingNodes("//Layer/Name[starts-with(text(), 'cite:')]", asDOM).getLength() > 1);
        Assert.assertTrue(newXpathEngine.evaluate("//GetMap/DCPType/HTTP/Get/OnlineResource/@xlink:href", asDOM).contains("&authkey=" + adminKey));
    }

    @Test
    public void testCiteCapabilities() throws Exception {
        Document asDOM = getAsDOM("wms?request=GetCapabilities&version=1.1.0&authkey=" + citeKey);
        XpathEngine newXpathEngine = XMLUnit.newXpathEngine();
        Assert.assertTrue(newXpathEngine.getMatchingNodes("//Layer/Name[starts-with(text(), 'sf:')]", asDOM).getLength() > 1);
        Assert.assertTrue(newXpathEngine.getMatchingNodes("//Layer/Name[starts-with(text(), 'cite:')]", asDOM).getLength() > 1);
        Assert.assertEquals(0L, newXpathEngine.getMatchingNodes("//Layer/Name[starts-with(text(), 'cdf:')]", asDOM).getLength());
        Assert.assertTrue(newXpathEngine.evaluate("//GetMap/DCPType/HTTP/Get/OnlineResource/@xlink:href", asDOM).contains("&authkey=" + citeKey));
    }

    @Test
    public void testAnonymousGetFeature() throws Exception {
        Assert.assertEquals("ServiceExceptionReport", getAsDOM("wfs?service=WFS&version=1.0.0&request=GetFeature&typeName=" + getLayerId(MockData.PONDS)).getDocumentElement().getLocalName());
    }

    @Test
    public void testAdminGetFeature() throws Exception {
        Document asDOM = getAsDOM("wfs?service=WFS&version=1.0.0&request=GetFeature&typeName=" + getLayerId(MockData.PONDS) + "&authkey=" + adminKey);
        XMLAssert.assertXpathEvaluatesTo("1", "count(//wfs:FeatureCollection)", asDOM);
        Assert.assertTrue(XMLUnit.newXpathEngine().evaluate("//wfs:FeatureCollection/@xsi:schemaLocation", asDOM).contains("&authkey=" + adminKey));
    }

    @Test
    public void testCiteGetFeature() throws Exception {
        Document asDOM = getAsDOM("wfs?service=WFS&version=1.0.0&request=GetFeature&typeName=" + getLayerId(MockData.PONDS) + "&authkey=" + citeKey);
        XMLAssert.assertXpathEvaluatesTo("1", "count(//wfs:FeatureCollection)", asDOM);
        Assert.assertTrue(XMLUnit.newXpathEngine().evaluate("//wfs:FeatureCollection/@xsi:schemaLocation", asDOM).contains("&authkey=" + citeKey));
    }

    @Test
    public void testCiteGetFeatureCaseInsensitive() throws Exception {
        Document asDOM = getAsDOM("wfs?service=WFS&version=1.0.0&request=GetFeature&typeName=" + getLayerId(MockData.PONDS) + "&AUTHKEY=" + citeKey);
        XMLAssert.assertXpathEvaluatesTo("1", "count(//wfs:FeatureCollection)", asDOM);
        Assert.assertTrue(XMLUnit.newXpathEngine().evaluate("//wfs:FeatureCollection/@xsi:schemaLocation", asDOM).contains("&authkey=" + citeKey));
    }

    @Test
    public void testOpenLayersMapOutput() throws Exception {
        Assert.assertTrue(new String(getBinary(getAsServletResponse(new StringBuilder().append("cite/wms?service=WMS&version=1.1.0&request=GetMap&bbox=-2.0,2.0,-1.0,6.0&layers=").append(MockData.BASIC_POLYGONS.getPrefix()).append(":").append(MockData.BASIC_POLYGONS.getLocalPart()).append("&width=300&height=300&srs=EPSG:4326&format=application/openlayers&authkey=").append(citeKey).toString())), "UTF-8").indexOf(new StringBuilder().append("http://localhost:8080/geoserver/cite/wms?authkey=").append(citeKey).toString()) > 0);
    }
}
