package org.geoserver.security.rememberme;

import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.Cookie;
import org.geoserver.data.test.SystemTestData;
import org.geoserver.security.GeoServerSecurityFilterChainProxy;
import org.geoserver.security.GeoServerSecurityManager;
import org.geoserver.security.GeoServerSecurityProvider;
import org.geoserver.security.GeoServerSecurityTestSupport;
import org.geoserver.security.config.BaseSecurityNamedServiceConfig;
import org.geoserver.security.config.SecurityManagerConfig;
import org.geoserver.security.config.SecurityNamedServiceConfig;
import org.geoserver.security.filter.GeoServerAuthenticationFilter;
import org.geoserver.security.filter.GeoServerBasicAuthenticationFilterTest;
import org.geoserver.security.filter.GeoServerSecurityFilter;
import org.geoserver.test.SystemTest;
import org.junit.Assert;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.authentication.RememberMeAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;

@Category({SystemTest.class})
/* loaded from: input_file:org/geoserver/security/rememberme/RememberMeTest.class */
public class RememberMeTest extends GeoServerSecurityTestSupport {

    /* loaded from: input_file:org/geoserver/security/rememberme/RememberMeTest$AuthCapturingFilter.class */
    static class AuthCapturingFilter extends GeoServerSecurityFilter implements GeoServerAuthenticationFilter {
        AuthCapturingFilter() {
        }

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
            servletRequest.setAttribute("auth", SecurityContextHolder.getContext().getAuthentication());
            filterChain.doFilter(servletRequest, servletResponse);
        }

        public boolean applicableForHtml() {
            return true;
        }

        public boolean applicableForServices() {
            return true;
        }
    }

    /* loaded from: input_file:org/geoserver/security/rememberme/RememberMeTest$SecurityProvider.class */
    static class SecurityProvider extends GeoServerSecurityProvider {
        SecurityProvider() {
        }

        public Class<? extends GeoServerSecurityFilter> getFilterClass() {
            return AuthCapturingFilter.class;
        }

        public GeoServerSecurityFilter createFilter(SecurityNamedServiceConfig securityNamedServiceConfig) {
            return new AuthCapturingFilter();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.geoserver.test.GeoServerSystemTestSupport
    public void onSetUp(SystemTestData systemTestData) throws Exception {
        BaseSecurityNamedServiceConfig baseSecurityNamedServiceConfig = new BaseSecurityNamedServiceConfig();
        baseSecurityNamedServiceConfig.setName("custom");
        baseSecurityNamedServiceConfig.setClassName(AuthCapturingFilter.class.getName());
        GeoServerSecurityManager securityManager = getSecurityManager();
        securityManager.saveFilter(baseSecurityNamedServiceConfig);
        SecurityManagerConfig securityConfig = securityManager.getSecurityConfig();
        securityConfig.getFilterChain().insertAfter("/web/**", baseSecurityNamedServiceConfig.getName(), "rememberme");
        securityManager.saveSecurityConfig(securityConfig);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.geoserver.test.GeoServerSystemTestSupport
    public void setUpSpring(List<String> list) {
        super.setUpSpring(list);
        list.add(getClass().getResource(getClass().getSimpleName() + "-context.xml").toString());
    }

    @Override // org.geoserver.test.GeoServerSystemTestSupport
    protected List<Filter> getFilters() {
        return Arrays.asList((Filter) applicationContext.getBean(GeoServerSecurityFilterChainProxy.class));
    }

    @Test
    public void testRememberMeLogin() throws Exception {
        MockHttpServletRequest createRequest = createRequest("/login");
        createRequest.addParameter("username", "admin");
        createRequest.addParameter("password", GeoServerBasicAuthenticationFilterTest.PASSWORD);
        createRequest.setMethod("POST");
        assertLoginOk(dispatch(createRequest));
        Assert.assertEquals(0L, r0.getCookies().length);
        MockHttpServletRequest createRequest2 = createRequest("/login");
        createRequest2.addParameter("username", "admin");
        createRequest2.addParameter("password", GeoServerBasicAuthenticationFilterTest.PASSWORD);
        createRequest2.addParameter("_spring_security_remember_me", "yes");
        createRequest2.setMethod("POST");
        MockHttpServletResponse dispatch = dispatch(createRequest2);
        assertLoginOk(dispatch);
        Assert.assertEquals(1L, dispatch.getCookies().length);
        Cookie cookie = dispatch.getCookies()[0];
        MockHttpServletRequest createRequest3 = createRequest("/web/");
        dispatch(createRequest3);
        Assert.assertNull(createRequest3.getAttribute("auth"));
        MockHttpServletRequest createRequest4 = createRequest("/web/");
        createRequest4.setCookies(new Cookie[]{cookie});
        dispatch(createRequest4);
        Assert.assertTrue(createRequest4.getAttribute("auth") instanceof RememberMeAuthenticationToken);
    }

    @Test
    public void testRememberMeOtherUserGroupService() throws Exception {
    }

    void assertLoginOk(MockHttpServletResponse mockHttpServletResponse) {
        Assert.assertEquals("/geoserver/web", mockHttpServletResponse.getHeader("Location"));
    }

    void assertLoginFailed(MockHttpServletResponse mockHttpServletResponse) {
        Assert.assertTrue(mockHttpServletResponse.getHeader("Location").endsWith("GeoServerLoginPage&error=true"));
    }
}
