package net.krotscheck.kangaroo.authz.oauth2.authn.authn;

import javax.ws.rs.core.Response;
import net.krotscheck.kangaroo.authz.admin.v1.servlet.FirstRunContainerLifecycleListener;
import net.krotscheck.kangaroo.authz.admin.v1.servlet.ServletConfigFactory;
import net.krotscheck.kangaroo.authz.admin.v1.test.rule.TestDataResource;
import net.krotscheck.kangaroo.authz.common.database.DatabaseFeature;
import net.krotscheck.kangaroo.authz.common.database.entity.ClientType;
import net.krotscheck.kangaroo.authz.common.database.entity.OAuthTokenType;
import net.krotscheck.kangaroo.authz.oauth2.authn.O2AuthDynamicFeature;
import net.krotscheck.kangaroo.common.config.ConfigurationFeature;
import net.krotscheck.kangaroo.common.exception.ExceptionFeature;
import net.krotscheck.kangaroo.common.hibernate.id.IdUtil;
import net.krotscheck.kangaroo.test.jersey.ContainerTest;
import net.krotscheck.kangaroo.util.HttpUtil;
import org.glassfish.jersey.server.ResourceConfig;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.Test;

/* loaded from: input_file:net/krotscheck/kangaroo/authz/oauth2/authn/authn/O2BearerTokenFilterTest.class */
public final class O2BearerTokenFilterTest extends ContainerTest {

    @ClassRule
    public static final TestDataResource TEST_DATA_RESOURCE = new TestDataResource(HIBERNATE_RESOURCE);

    protected ResourceConfig createApplication() {
        ResourceConfig resourceConfig = new ResourceConfig();
        resourceConfig.register(ConfigurationFeature.class);
        resourceConfig.register(DatabaseFeature.class);
        resourceConfig.register(ExceptionFeature.class);
        resourceConfig.register(new ServletConfigFactory.Binder());
        resourceConfig.register(new FirstRunContainerLifecycleListener.Binder());
        resourceConfig.register(O2AuthDynamicFeature.class);
        resourceConfig.register(O2TestResource.class);
        return resourceConfig;
    }

    @Test
    public void testNoAuthorization() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token").request().get().getStatus());
    }

    @Test
    public void testInvalidAuthorizationHeader() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token").request().header("Authorization", "Not A Valid header").get().getStatus());
    }

    @Test
    public void testInvalidBearerHeader() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token").request().header("Authorization", "Bearer some_secluded_rendezvous").get().getStatus());
    }

    @Test
    public void testMalformedCredentialsHeader() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token").request().header("Authorization", HttpUtil.authHeaderBearer("malformed_token")).get().getStatus());
    }

    @Test
    public void testNonexistentCredentialsHeader() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token").request().header("Authorization", HttpUtil.authHeaderBearer(IdUtil.next())).get().getStatus());
    }

    @Test
    public void testBadPasswordHeader() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token").request().header("Authorization", HttpUtil.authHeaderBearer(TEST_DATA_RESOURCE.getSecondaryApplication().getBuilder().client(ClientType.AuthorizationGrant, (Boolean) true).build().getClient().getId())).get().getStatus());
    }

    @Test
    public void testPublicClientHeader() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token").request().header("Authorization", HttpUtil.authHeaderBearer(TEST_DATA_RESOURCE.getSecondaryApplication().getBuilder().client(ClientType.AuthorizationGrant, (Boolean) false).build().getClient().getId())).get().getStatus());
    }

    @Test
    public void testValidRequestHeaderPrivate() {
        Assert.assertEquals(Response.Status.OK.getStatusCode(), target("/token/private").request().header("Authorization", HttpUtil.authHeaderBearer(TEST_DATA_RESOURCE.getSecondaryApplication().getBuilder().client(ClientType.AuthorizationGrant, (Boolean) true).bearerToken().build().getToken().getId())).get().getStatus());
    }

    @Test
    public void testValidRequestHeaderPrivateNotPermitted() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token/public").request().header("Authorization", HttpUtil.authHeaderBearer(TEST_DATA_RESOURCE.getSecondaryApplication().getBuilder().client(ClientType.AuthorizationGrant, (Boolean) true).bearerToken().build().getToken().getId())).get().getStatus());
    }

    @Test
    public void testValidRequestHeaderPublic() {
        Assert.assertEquals(Response.Status.OK.getStatusCode(), target("/token/public").request().header("Authorization", HttpUtil.authHeaderBearer(TEST_DATA_RESOURCE.getSecondaryApplication().getBuilder().client(ClientType.AuthorizationGrant, (Boolean) false).bearerToken().build().getToken().getId())).get().getStatus());
    }

    @Test
    public void testValidRequestHeaderPublicNotPermitted() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token/private").request().header("Authorization", HttpUtil.authHeaderBearer(TEST_DATA_RESOURCE.getSecondaryApplication().getBuilder().client(ClientType.Implicit, (Boolean) false).bearerToken().build().getToken().getId())).get().getStatus());
    }

    @Test
    public void testExpiredToken() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token/private").request().header("Authorization", HttpUtil.authHeaderBearer(TEST_DATA_RESOURCE.getSecondaryApplication().getBuilder().client(ClientType.AuthorizationGrant, (Boolean) true).token(OAuthTokenType.Bearer, true, null, null, null).build().getToken().getId())).get().getStatus());
    }

    @Test
    public void testRefreshToken() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token/private").request().header("Authorization", HttpUtil.authHeaderBearer(TEST_DATA_RESOURCE.getSecondaryApplication().getBuilder().client(ClientType.AuthorizationGrant, (Boolean) true).bearerToken().refreshToken().build().getToken().getId())).get().getStatus());
    }

    @Test
    public void testAuthorizationCode() {
        Assert.assertEquals(Response.Status.UNAUTHORIZED.getStatusCode(), target("/token/private").request().header("Authorization", HttpUtil.authHeaderBearer(TEST_DATA_RESOURCE.getSecondaryApplication().getBuilder().client(ClientType.AuthorizationGrant, (Boolean) true).authToken().build().getToken().getId())).get().getStatus());
    }
}
