package org.geoserver.security;

import com.mockrunner.mock.web.MockFilterChain;
import com.mockrunner.mock.web.MockHttpServletRequest;
import com.mockrunner.mock.web.MockHttpServletResponse;
import java.io.IOException;
import java.util.Arrays;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import junit.framework.Assert;
import org.geoserver.platform.GeoServerExtensions;
import org.geoserver.security.config.SecurityManagerConfig;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.ProviderNotFoundException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.GrantedAuthorityImpl;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:org/geoserver/security/GeoServerAnonymousAuthTest.class */
public class GeoServerAnonymousAuthTest extends GeoServerSecurityTestSupport {

    /* loaded from: input_file:org/geoserver/security/GeoServerAnonymousAuthTest$DummyFilter.class */
    class DummyFilter implements Filter {
        DummyFilter() {
        }

        public void init(FilterConfig filterConfig) throws ServletException {
        }

        public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        }

        public void destroy() {
        }
    }

    public void testFilterChainWithEnabled() throws Exception {
        MockHttpServletRequest createRequest = createRequest("/foo");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockFilterChain mockFilterChain = new MockFilterChain();
        GeoServerSecurityFilterChainProxy geoServerSecurityFilterChainProxy = (GeoServerSecurityFilterChainProxy) GeoServerExtensions.bean(GeoServerSecurityFilterChainProxy.class);
        geoServerSecurityFilterChainProxy.doFilter(createRequest, mockHttpServletResponse, mockFilterChain);
        mockFilterChain.addFilter(geoServerSecurityFilterChainProxy);
        mockFilterChain.addFilter(new DummyFilter() { // from class: org.geoserver.security.GeoServerAnonymousAuthTest.1
            @Override // org.geoserver.security.GeoServerAnonymousAuthTest.DummyFilter
            public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
                Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
                Assert.assertNotNull(authentication);
                Assert.assertTrue(authentication instanceof AnonymousAuthenticationToken);
            }
        });
        mockFilterChain.doFilter(createRequest, mockHttpServletResponse);
    }

    public void testFilterChainWithDisabled() throws Exception {
        disableAnonymousAuth();
        MockHttpServletRequest createRequest = createRequest("/foo");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockFilterChain mockFilterChain = new MockFilterChain();
        GeoServerSecurityFilterChainProxy geoServerSecurityFilterChainProxy = (GeoServerSecurityFilterChainProxy) GeoServerExtensions.bean(GeoServerSecurityFilterChainProxy.class);
        geoServerSecurityFilterChainProxy.doFilter(createRequest, mockHttpServletResponse, mockFilterChain);
        mockFilterChain.addFilter(geoServerSecurityFilterChainProxy);
        mockFilterChain.addFilter(new DummyFilter() { // from class: org.geoserver.security.GeoServerAnonymousAuthTest.2
            @Override // org.geoserver.security.GeoServerAnonymousAuthTest.DummyFilter
            public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
                Assert.assertNull(SecurityContextHolder.getContext().getAuthentication());
            }
        });
        mockFilterChain.doFilter(createRequest, mockHttpServletResponse);
    }

    public void testAuthProviderWithDisabledEnabled() throws Exception {
        disableAnonymousAuth();
        try {
            getSecurityManager().authenticate(new AnonymousAuthenticationToken("geoserver", "anonymousUser", Arrays.asList(new GrantedAuthorityImpl("ROLE_ANONYMOUS"))));
            fail();
        } catch (ProviderNotFoundException e) {
        }
    }

    void disableAnonymousAuth() throws Exception {
        GeoServerSecurityManager securityManager = getSecurityManager();
        SecurityManagerConfig securityConfig = securityManager.getSecurityConfig();
        securityConfig.setAnonymousAuth(false);
        securityConfig.setConfigPasswordEncrypterName(getPlainTextPasswordEncoder().getName());
        securityManager.saveSecurityConfig(securityConfig);
    }
}
