package org.geoserver.security.jdbc;

import org.geoserver.security.GeoServerAuthenticationProvider;
import org.geoserver.security.GeoServerRoleService;
import org.geoserver.security.GeoServerRoleStore;
import org.geoserver.security.GeoServerUserGroupService;
import org.geoserver.security.GeoServerUserGroupStore;
import org.geoserver.security.auth.AbstractAuthenticationProviderTest;
import org.geoserver.security.impl.GeoServerRole;
import org.geoserver.security.impl.GeoServerUser;
import org.geoserver.security.jdbc.config.JDBCConnectAuthProviderConfig;
import org.junit.Assert;
import org.junit.Test;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.RememberMeAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

/* loaded from: input_file:org/geoserver/security/jdbc/JDBCConnectAuthProviderTest.class */
public class JDBCConnectAuthProviderTest extends AbstractAuthenticationProviderTest {
    protected JDBCConnectAuthProviderConfig createAuthConfg(String str, String str2) {
        JDBCConnectAuthProviderConfig jDBCConnectAuthProviderConfig = new JDBCConnectAuthProviderConfig();
        jDBCConnectAuthProviderConfig.setName(str);
        jDBCConnectAuthProviderConfig.setClassName(JDBCConnectAuthProvider.class.getName());
        jDBCConnectAuthProviderConfig.setUserGroupServiceName(str2);
        jDBCConnectAuthProviderConfig.setConnectURL("jdbc:h2:target/h2/security");
        jDBCConnectAuthProviderConfig.setDriverClassName("org.h2.Driver");
        return jDBCConnectAuthProviderConfig;
    }

    @Test
    public void testAuthentificationWithoutUserGroupService() throws Exception {
        getSecurityManager().saveAuthenticationProvider(createAuthConfg("jdbc1", null));
        GeoServerAuthenticationProvider loadAuthenticationProvider = getSecurityManager().loadAuthenticationProvider("jdbc1");
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken("sa", "");
        usernamePasswordAuthenticationToken.setDetails("details");
        Assert.assertTrue(loadAuthenticationProvider.supports(usernamePasswordAuthenticationToken.getClass()));
        Assert.assertTrue(!loadAuthenticationProvider.supports(RememberMeAuthenticationToken.class));
        Authentication authenticate = loadAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken);
        Assert.assertNotNull(authenticate);
        Assert.assertEquals("sa", authenticate.getPrincipal());
        Assert.assertNull(authenticate.getCredentials());
        Assert.assertEquals("details", authenticate.getDetails());
        Assert.assertEquals(1L, authenticate.getAuthorities().size());
        checkForAuthenticatedRole(authenticate);
        boolean z = false;
        try {
            if (loadAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("abc", "def")) == null) {
                z = true;
            }
        } catch (BadCredentialsException e) {
            z = true;
        }
        Assert.assertTrue(z);
    }

    @Test
    public void testAuthentificationWithUserGroupService() throws Exception {
        GeoServerRoleService createRoleService = createRoleService("jdbc2");
        GeoServerUserGroupService createUserGroupService = createUserGroupService("jdbc2");
        getSecurityManager().saveAuthenticationProvider(createAuthConfg("jdbc2", createUserGroupService.getName()));
        GeoServerAuthenticationProvider loadAuthenticationProvider = getSecurityManager().loadAuthenticationProvider("jdbc2");
        GeoServerUserGroupStore createStore = createUserGroupService.createStore();
        GeoServerUser createUserObject = createStore.createUserObject("sa", "", true);
        createStore.addUser(createUserObject);
        createStore.store();
        GeoServerRoleStore createStore2 = createRoleService.createStore();
        createStore2.addRole(GeoServerRole.ADMIN_ROLE);
        createStore2.associateRoleToUser(GeoServerRole.ADMIN_ROLE, createUserObject.getUsername());
        createStore2.store();
        getSecurityManager().setActiveRoleService(createRoleService);
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken("sa", "");
        usernamePasswordAuthenticationToken.setDetails("details");
        Assert.assertTrue(loadAuthenticationProvider.supports(usernamePasswordAuthenticationToken.getClass()));
        Assert.assertFalse(loadAuthenticationProvider.supports(RememberMeAuthenticationToken.class));
        Authentication authenticate = loadAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken);
        Assert.assertNotNull(authenticate);
        Assert.assertEquals("sa", authenticate.getPrincipal());
        Assert.assertNull(authenticate.getCredentials());
        Assert.assertEquals("details", authenticate.getDetails());
        Assert.assertEquals(2L, authenticate.getAuthorities().size());
        checkForAuthenticatedRole(authenticate);
        Assert.assertTrue(authenticate.getAuthorities().contains(GeoServerRole.ADMIN_ROLE));
        GeoServerUserGroupStore createStore3 = createUserGroupService.createStore();
        createUserObject.setEnabled(false);
        createStore3.updateUser(createUserObject);
        createStore3.store();
        Assert.assertNull(loadAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken));
        boolean z = false;
        try {
            if (loadAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("abc", "def")) == null) {
                z = true;
            }
        } catch (BadCredentialsException e) {
            z = true;
        } catch (UsernameNotFoundException e2) {
            z = true;
        }
        Assert.assertTrue(z);
    }

    @Test
    public void testAuthentificationWithRoleAssociation() throws Exception {
        GeoServerRoleService createRoleService = createRoleService("jdbc3");
        getSecurityManager().saveAuthenticationProvider(createAuthConfg("jdbc3", null));
        GeoServerAuthenticationProvider loadAuthenticationProvider = getSecurityManager().loadAuthenticationProvider("jdbc3");
        GeoServerRoleStore createStore = createRoleService.createStore();
        createStore.addRole(GeoServerRole.ADMIN_ROLE);
        createStore.associateRoleToUser(GeoServerRole.ADMIN_ROLE, "sa");
        createStore.store();
        getSecurityManager().setActiveRoleService(createRoleService);
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken("sa", "");
        usernamePasswordAuthenticationToken.setDetails("details");
        Assert.assertTrue(loadAuthenticationProvider.supports(usernamePasswordAuthenticationToken.getClass()));
        Assert.assertFalse(loadAuthenticationProvider.supports(RememberMeAuthenticationToken.class));
        Authentication authenticate = loadAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken);
        Assert.assertNotNull(authenticate);
        Assert.assertEquals("sa", authenticate.getPrincipal());
        Assert.assertNull(authenticate.getCredentials());
        Assert.assertEquals("details", authenticate.getDetails());
        Assert.assertEquals(2L, authenticate.getAuthorities().size());
        checkForAuthenticatedRole(authenticate);
        Assert.assertTrue(authenticate.getAuthorities().contains(GeoServerRole.ADMIN_ROLE));
        boolean z = false;
        try {
            if (loadAuthenticationProvider.authenticate(new UsernamePasswordAuthenticationToken("abc", "def")) == null) {
                z = true;
            }
        } catch (BadCredentialsException e) {
            z = true;
        } catch (UsernameNotFoundException e2) {
            z = true;
        }
        Assert.assertTrue(z);
    }
}
