package org.pac4j.core.authorization.checker;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.pac4j.core.authorization.authorizer.Authorizer;
import org.pac4j.core.authorization.authorizer.RequireAnyRoleAuthorizer;
import org.pac4j.core.client.MockDirectClient;
import org.pac4j.core.client.MockIndirectClient;
import org.pac4j.core.client.direct.AnonymousClient;
import org.pac4j.core.context.HttpConstants;
import org.pac4j.core.context.MockWebContext;
import org.pac4j.core.context.WebContext;
import org.pac4j.core.context.session.MockSessionStore;
import org.pac4j.core.context.session.SessionStore;
import org.pac4j.core.exception.TechnicalException;
import org.pac4j.core.matching.matcher.csrf.DefaultCsrfTokenGenerator;
import org.pac4j.core.profile.AnonymousProfile;
import org.pac4j.core.profile.BasicUserProfile;
import org.pac4j.core.profile.UserProfile;
import org.pac4j.core.util.TestsConstants;
import org.pac4j.core.util.TestsHelper;

/* loaded from: input_file:org/pac4j/core/authorization/checker/DefaultAuthorizationCheckerTests.class */
public final class DefaultAuthorizationCheckerTests implements TestsConstants {
    private final DefaultAuthorizationChecker checker = new DefaultAuthorizationChecker();
    private List<UserProfile> profiles;
    private BasicUserProfile profile;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/pac4j/core/authorization/checker/DefaultAuthorizationCheckerTests$IdAuthorizer.class */
    public static class IdAuthorizer implements Authorizer {
        private IdAuthorizer() {
        }

        public boolean isAuthorized(WebContext webContext, SessionStore sessionStore, List<UserProfile> list) {
            return TestsConstants.VALUE.equals(list.get(0).getId());
        }
    }

    @Before
    public void setUp() {
        this.profile = new BasicUserProfile();
        this.profiles = new ArrayList();
        this.profiles.add(this.profile);
    }

    @Test
    public void testBlankAuthorizerNameAProfile() {
        Assert.assertTrue(this.checker.isAuthorized(MockWebContext.create(), new MockSessionStore(), this.profiles, "", new HashMap(), new ArrayList()));
    }

    @Test
    public void testNullAuthorizerNameAProfileGetRequest() {
        Assert.assertTrue(this.checker.isAuthorized(MockWebContext.create(), new MockSessionStore(), this.profiles, (String) null, new HashMap(), new ArrayList()));
    }

    @Test
    public void testNullAuthorizerNameAProfilePostRequestNoIndirectClient() {
        Assert.assertTrue(this.checker.isAuthorized(MockWebContext.create().setRequestMethod("POST"), new MockSessionStore(), this.profiles, (String) null, new HashMap(), new ArrayList()));
    }

    @Test
    public void testNullAuthorizerNameAProfilePostRequestIndirectClient() {
        MockWebContext requestMethod = MockWebContext.create().setRequestMethod("POST");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new MockIndirectClient("test"));
        Assert.assertFalse(this.checker.isAuthorized(requestMethod, new MockSessionStore(), this.profiles, (String) null, new HashMap(), arrayList));
    }

    @Test
    public void testBlankAuthorizerNameAProfilePostRequestNoIndirectClient() {
        Assert.assertTrue(this.checker.isAuthorized(MockWebContext.create().setRequestMethod("POST"), new MockSessionStore(), this.profiles, " ", new HashMap(), new ArrayList()));
    }

    @Test
    public void testBlankAuthorizerNameAProfilePostRequestIndirectClient() {
        MockWebContext requestMethod = MockWebContext.create().setRequestMethod("POST");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new MockIndirectClient("test"));
        Assert.assertFalse(this.checker.isAuthorized(requestMethod, new MockSessionStore(), this.profiles, " ", new HashMap(), arrayList));
    }

    @Test
    public void testNoneAuthorizerNameAProfilePostRequest() {
        Assert.assertTrue(this.checker.isAuthorized(MockWebContext.create().setRequestMethod("POST"), new MockSessionStore(), this.profiles, "noNe", new HashMap(), new ArrayList()));
    }

    @Test
    public void testOneExistingAuthorizerProfileMatch() {
        this.profile.setId(TestsConstants.VALUE);
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, TestsConstants.NAME, hashMap, new ArrayList()));
    }

    @Test
    public void testOneExistingAuthorizerProfileDoesNotMatch() {
        internalTestOneExistingAuthorizerProfileDoesNotMatch(TestsConstants.NAME);
    }

    @Test
    public void testOneExistingAuthorizerProfileDoesNotMatchCasTrim() {
        internalTestOneExistingAuthorizerProfileDoesNotMatch("   NaME       ");
    }

    private void internalTestOneExistingAuthorizerProfileDoesNotMatch(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        Assert.assertFalse(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, str, hashMap, new ArrayList()));
    }

    @Test
    public void testOneAuthorizerDoesNotExist() {
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        TestsHelper.expectException(() -> {
            this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, TestsConstants.VALUE, hashMap, new ArrayList());
        }, TechnicalException.class, "The authorizer 'value' must be defined in the security configuration");
    }

    @Test
    public void testTwoExistingAuthorizerProfileMatch() {
        this.profile.setId(TestsConstants.VALUE);
        this.profile.addRole(TestsConstants.ROLE);
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        hashMap.put(TestsConstants.VALUE, new RequireAnyRoleAuthorizer(new String[]{TestsConstants.ROLE}));
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, "name,value", hashMap, new ArrayList()));
    }

    @Test
    public void testTwoExistingAuthorizerProfileDoesNotMatch() {
        this.profile.addRole(TestsConstants.ROLE);
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        hashMap.put(TestsConstants.VALUE, new RequireAnyRoleAuthorizer(new String[]{TestsConstants.ROLE}));
        Assert.assertFalse(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, "name,value", hashMap, new ArrayList()));
    }

    @Test(expected = TechnicalException.class)
    public void testTwoAuthorizerOneDoesNotExist() {
        HashMap hashMap = new HashMap();
        hashMap.put(TestsConstants.NAME, new IdAuthorizer());
        this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, "name,value", hashMap, new ArrayList());
    }

    @Test(expected = TechnicalException.class)
    public void testNullAuthorizers() {
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, (List) null));
        this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, "auth1", (Map) null, new ArrayList());
    }

    @Test
    public void testZeroAuthorizers() {
        Assert.assertTrue(this.checker.isAuthorized(MockWebContext.create(), new MockSessionStore(), this.profiles, new ArrayList()));
        Assert.assertTrue(this.checker.isAuthorized(MockWebContext.create(), new MockSessionStore(), this.profiles, "", new HashMap(), new ArrayList()));
    }

    @Test
    public void testOneExistingAuthorizerProfileMatch2() {
        this.profile.setId(TestsConstants.VALUE);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new IdAuthorizer());
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, arrayList));
    }

    @Test
    public void testOneExistingAuthorizerProfileDoesNotMatch2() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new IdAuthorizer());
        Assert.assertFalse(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, arrayList));
    }

    @Test
    public void testTwoExistingAuthorizerProfileMatch2() {
        this.profile.setId(TestsConstants.VALUE);
        this.profile.addRole(TestsConstants.ROLE);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new IdAuthorizer());
        arrayList.add(new RequireAnyRoleAuthorizer(new String[]{TestsConstants.ROLE}));
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, arrayList));
    }

    @Test
    public void testTwoExistingAuthorizerProfileDoesNotMatch2() {
        this.profile.addRole(TestsConstants.ROLE);
        ArrayList arrayList = new ArrayList();
        arrayList.add(new IdAuthorizer());
        arrayList.add(new RequireAnyRoleAuthorizer(new String[]{TestsConstants.ROLE}));
        Assert.assertFalse(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, arrayList));
    }

    @Test(expected = TechnicalException.class)
    public void testNullProfile() {
        this.checker.isAuthorized((WebContext) null, new MockSessionStore(), (List) null, new ArrayList());
    }

    @Test
    public void testCsrfCheckPost() {
        MockWebContext requestMethod = MockWebContext.create().setRequestMethod(HttpConstants.HTTP_METHOD.POST.name());
        DefaultCsrfTokenGenerator defaultCsrfTokenGenerator = new DefaultCsrfTokenGenerator();
        MockSessionStore mockSessionStore = new MockSessionStore();
        defaultCsrfTokenGenerator.get(requestMethod, mockSessionStore);
        Assert.assertFalse(this.checker.isAuthorized(requestMethod, mockSessionStore, this.profiles, "csrfCheck", new HashMap(), new ArrayList()));
    }

    @Test
    public void testCsrfCheckPostTokenParameter() {
        MockWebContext requestMethod = MockWebContext.create().setRequestMethod(HttpConstants.HTTP_METHOD.POST.name());
        DefaultCsrfTokenGenerator defaultCsrfTokenGenerator = new DefaultCsrfTokenGenerator();
        MockSessionStore mockSessionStore = new MockSessionStore();
        String str = defaultCsrfTokenGenerator.get(requestMethod, mockSessionStore);
        requestMethod.addRequestParameter("pac4jCsrfToken", str);
        mockSessionStore.set(requestMethod, "pac4jCsrfToken", str);
        mockSessionStore.set(requestMethod, "pac4jCsrfTokenExpirationDate", Long.valueOf(new Date().getTime() + (1000 * defaultCsrfTokenGenerator.getTtlInSeconds())));
        Assert.assertTrue(this.checker.isAuthorized(requestMethod, mockSessionStore, this.profiles, "csrfCheck", new HashMap(), new ArrayList()));
    }

    @Test
    public void testIsAnonymous() {
        this.profiles.clear();
        this.profiles.add(new AnonymousProfile());
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, "isAnonymous", new HashMap(), new ArrayList()));
    }

    @Test
    public void testIsAuthenticated() {
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, "isAuthenticated", new HashMap(), new ArrayList()));
    }

    @Test
    public void testIsFullyAuthenticated() {
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, "isFullyAuthenticated", new HashMap(), new ArrayList()));
    }

    @Test
    public void testIsRemembered() {
        this.profile.setRemembered(true);
        Assert.assertTrue(this.checker.isAuthorized((WebContext) null, new MockSessionStore(), this.profiles, "isRemembered", new HashMap(), new ArrayList()));
    }

    @Test
    public void testDefaultAuthorizersNoClient() {
        Assert.assertEquals(Arrays.asList(DefaultAuthorizationChecker.IS_AUTHENTICATED_AUTHORIZER), this.checker.computeDefaultAuthorizers(MockWebContext.create(), new ArrayList(), new ArrayList(), new HashMap()));
    }

    @Test
    public void testDefaultAuthorizersAnonymousClient() {
        Assert.assertEquals(0L, this.checker.computeDefaultAuthorizers(MockWebContext.create(), new ArrayList(), Arrays.asList(AnonymousClient.INSTANCE), new HashMap()).size());
    }

    @Test
    public void testDefaultAuthorizersDirectClient() {
        Assert.assertEquals(Arrays.asList(DefaultAuthorizationChecker.IS_AUTHENTICATED_AUTHORIZER), this.checker.computeDefaultAuthorizers(MockWebContext.create(), new ArrayList(), Arrays.asList(new MockDirectClient("test")), new HashMap()));
    }

    @Test
    public void testDefaultAuthorizersIndirectClient() {
        Assert.assertEquals(Arrays.asList(DefaultAuthorizationChecker.CSRF_AUTHORIZER, DefaultAuthorizationChecker.IS_AUTHENTICATED_AUTHORIZER), this.checker.computeDefaultAuthorizers(MockWebContext.create(), new ArrayList(), Arrays.asList(new MockIndirectClient("test")), new HashMap()));
    }

    @Test
    public void testDefaultAuthorizersIndirectAndAnonymousClients() {
        Assert.assertEquals(Arrays.asList(DefaultAuthorizationChecker.CSRF_AUTHORIZER), this.checker.computeDefaultAuthorizers(MockWebContext.create(), new ArrayList(), Arrays.asList(new MockIndirectClient("test"), AnonymousClient.INSTANCE), new HashMap()));
    }

    @Test
    public void testComputeAuthorizerNoClientIsFullyAuthenticated() {
        Assert.assertEquals(Arrays.asList(DefaultAuthorizationChecker.IS_FULLY_AUTHENTICATED_AUTHORIZER), this.checker.computeAuthorizers(MockWebContext.create(), new ArrayList(), "isFullyAuthenticated", new HashMap(), new ArrayList()));
    }

    @Test
    public void testComputeAuthorizerNoClientPlusIsFullyAuthenticated() {
        Assert.assertEquals(Arrays.asList(DefaultAuthorizationChecker.IS_AUTHENTICATED_AUTHORIZER, DefaultAuthorizationChecker.IS_FULLY_AUTHENTICATED_AUTHORIZER), this.checker.computeAuthorizers(MockWebContext.create(), new ArrayList(), "+isFullyAuthenticated", new HashMap(), new ArrayList()));
    }

    @Test
    public void testComputeAuthorizersOverrideDefault() {
        HashMap hashMap = new HashMap();
        hashMap.put("isAuthenticated", DefaultAuthorizationChecker.IS_FULLY_AUTHENTICATED_AUTHORIZER);
        Assert.assertEquals(Arrays.asList(DefaultAuthorizationChecker.IS_FULLY_AUTHENTICATED_AUTHORIZER), this.checker.computeAuthorizers(MockWebContext.create(), new ArrayList(), "isAuthenticated", hashMap, new ArrayList()));
    }
}
