package uk.co.spudsoft.jwtvalidatorvertx;

import com.google.common.collect.ImmutableMap;
import io.vertx.core.json.JsonArray;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:uk/co/spudsoft/jwtvalidatorvertx/AbstractTokenValidationTester.class */
public abstract class AbstractTokenValidationTester {
    private static final Logger logger = LoggerFactory.getLogger(AbstractTokenValidationTester.class);
    private static final Map<String, Object> BORING_CLAIMS = ImmutableMap.builder().put("email", "bob@").put("given_name", "tester").build();
    private List<TestResult> results = new ArrayList();

    /* loaded from: input_file:uk/co/spudsoft/jwtvalidatorvertx/AbstractTokenValidationTester$TestFailure.class */
    protected class TestFailure extends Exception {
        public TestFailure(String str) {
            super(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:uk/co/spudsoft/jwtvalidatorvertx/AbstractTokenValidationTester$TestFunction.class */
    public interface TestFunction {
        String test() throws Exception;
    }

    /* loaded from: input_file:uk/co/spudsoft/jwtvalidatorvertx/AbstractTokenValidationTester$TestResult.class */
    public class TestResult {
        public final String testName;
        public final String message;
        public final boolean pass;

        public TestResult(String str, String str2, boolean z) {
            this.testName = str;
            this.message = str2;
            this.pass = z;
        }
    }

    protected abstract TokenBuilder createTokenBuilder();

    protected abstract void useToken(String str);

    protected abstract void prepTest(TokenBuilder tokenBuilder);

    protected abstract String getAud();

    protected abstract String getIssuer();

    protected abstract String getKeyId();

    protected abstract boolean requiresExp();

    protected abstract boolean requiresNbf();

    public List<TestResult> getResults() {
        return this.results;
    }

    protected void performTest(String str, TestFunction testFunction) {
        String str2;
        boolean z = false;
        try {
            str2 = testFunction.test();
            z = true;
        } catch (TestFailure e) {
            str2 = e.getMessage();
        } catch (Throwable th) {
            str2 = th.getClass().getName() + ": " + th.getMessage();
        }
        this.results.add(new TestResult(str, str2, z));
    }

    public void performTests() {
        performTest("Valid token with RS256 signature", this::testValidRs256);
        performTest("Valid token with RS384 signature", this::testValidRs384);
        performTest("Valid token with RS512 signature", this::testValidRs512);
        performTest("Token structure invalid - not three parts", this::testInvalidStructureNotThreeParts);
        performTest("Token structure invalid - first part not base 64", this::testInvalidStructureFirstPartNotBase64);
        performTest("Token structure invalid - second part not base 64", this::testInvalidStructureSecondPartNotBase64);
        performTest("Token structure invalid - third part not base 64", this::testInvalidStructureThirdPartNotBase64);
        performTest("Token structure invalid - first part not JSON", this::testInvalidStructureFirstPartNotJson);
        performTest("Token structure invalid - second part not JSON", this::testInvalidStructureSecondPartNotJson);
        performTest("Token with none algorithm", this::testAlgorithmNone);
        performTest("Token with ES512 algorithm", this::testAlgorithmES512);
        performTest("Token with HS512 algorithm", this::testAlgorithmHS512);
        performTest("Token with invalid signature", this::testInvalidSignature);
        performTest("Key not found in JWKS output", this::testKeyNotInJwksOutput);
        performTest("Token with no exp claim", this::testNoExpPermitted);
        performTest("Token with exp claim in the past", this::testExpInThePast);
        performTest("Token with no nbf claim", this::testNoNbfPermitted);
        performTest("Token with nbf claim in the future", this::testNbfInTheFuture);
        performTest("Token with bad iss", this::testBadIssAccepted);
        performTest("Token with bad aud", this::testBadAudAccepted);
        performTest("Valid token with aud in single element array", this::testAudNotAcceptedAsSingleElementArray);
        performTest("Valid token with aud as string", this::testAudNotAcceptedAsSingleValue);
        performTest("Valid token with aud as first element of array", this::testAudNotAcceptedAsFirstElementOfArray);
        performTest("Valid token with aud as last element of array", this::testAudNotAcceptedAsLastElementOfArray);
        performTest("Token with no sub", this::testNoSubAccepted);
    }

    public String testValidRs256() throws Exception {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, getKeyId(), getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
        return "Passed";
    }

    public String testValidRs384() throws Exception {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS384, getKeyId(), getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
        return "Passed";
    }

    public String testValidRs512() throws Exception {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS512, getKeyId(), getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
        return "Passed";
    }

    public String testInvalidStructureNotThreeParts() throws TestFailure {
        try {
            useToken("a.b");
            throw new TestFailure("Fail, accepted \"a.b\")");
        } catch (IllegalArgumentException e) {
            try {
                useToken("a.b.c.d");
                throw new TestFailure("Fail, accepted \"a.b.c.d\")");
            } catch (IllegalArgumentException e2) {
                try {
                    useToken("a.b.c.d.e");
                    throw new TestFailure("Fail, accepted \"a.b.c.d.e\")");
                } catch (IllegalArgumentException e3) {
                    try {
                        useToken("a.b.c.d.e.f");
                        throw new TestFailure("Fail, accepted \"a.b.c.d.e.f\")");
                    } catch (IllegalArgumentException e4) {
                        return "Passed";
                    }
                }
            }
        }
    }

    public String testInvalidStructureFirstPartNotBase64() throws Exception, TestFailure {
        TokenBuilder breakHeader = createTokenBuilder().setBreakHeader(true);
        prepTest(breakHeader);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(breakHeader.buildToken(JsonWebAlgorithm.RS256, getKeyId(), getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with non-base64 header");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testInvalidStructureSecondPartNotBase64() throws Exception, TestFailure {
        TokenBuilder breakPayload = createTokenBuilder().setBreakPayload(true);
        prepTest(breakPayload);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(breakPayload.buildToken(JsonWebAlgorithm.RS256, getKeyId(), getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with non-base64 claims");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testInvalidStructureThirdPartNotBase64() throws Exception, TestFailure {
        TokenBuilder breakSignature = createTokenBuilder().setBreakSignature(true);
        prepTest(breakSignature);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(breakSignature.buildToken(JsonWebAlgorithm.RS256, getKeyId(), getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with non-base64 structure");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testInvalidStructureFirstPartNotJson() throws Exception, TestFailure {
        TokenBuilder headerNotJson = createTokenBuilder().setHeaderNotJson(true);
        prepTest(headerNotJson);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(headerNotJson.buildToken(JsonWebAlgorithm.RS256, getKeyId(), getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with non-JSON header");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testInvalidStructureSecondPartNotJson() throws Exception, TestFailure {
        TokenBuilder payloadNotJson = createTokenBuilder().setPayloadNotJson(true);
        prepTest(payloadNotJson);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(payloadNotJson.buildToken(JsonWebAlgorithm.RS256, getKeyId(), getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with non-JSON claims");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testAlgorithmNone() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.none, null, getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with no algorithm");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testAlgorithmES512() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.ES512, uuid, getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with no ES512 algorithm");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testAlgorithmHS512() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.HS512, uuid, getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with no ES512 algorithm");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testInvalidSignature() throws Exception, TestFailure {
        TokenBuilder invalidSignature = createTokenBuilder().setInvalidSignature(true);
        prepTest(invalidSignature);
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(invalidSignature.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with invalid signature");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testKeyNotInJwksOutput() throws Exception, TestFailure {
        TokenBuilder invalidKid = createTokenBuilder().setInvalidKid(true);
        prepTest(invalidKid);
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(invalidKid.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with key that isn't in JWKS");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    private int inc(int i) {
        if (i < 10) {
            return 1;
        }
        return i < 100 ? 10 : 100;
    }

    public String testNoExpPermitted() throws Exception, TestFailure {
        if (!requiresExp()) {
            return "Skipped";
        }
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, UUID.randomUUID().toString(), getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(System.currentTimeMillis() / 1000), null, BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with no exp");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testExpInThePast() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        String uuid = UUID.randomUUID().toString();
        int i = 0;
        int i2 = 0;
        while (true) {
            int i3 = i2;
            if (i3 >= 4000) {
                break;
            }
            try {
                long currentTimeMillis = System.currentTimeMillis() / 1000;
                useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis - i3), BORING_CLAIMS));
                i = i3;
                i2 = i3 + inc(i3);
            } catch (IllegalArgumentException e) {
                logger.debug(e.getMessage());
            }
        }
        if (i > 60) {
            throw new TestFailure("Fail, accepted tokens " + i + " seconds past their exp time");
        }
        return i == 0 ? "Passed" : "Passed, accepted tokens " + i + " seconds past their exp time";
    }

    public String testNoNbfPermitted() throws Exception, TestFailure {
        if (!requiresNbf()) {
            return "Skipped";
        }
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, UUID.randomUUID().toString(), getIssuer(), "sub", Arrays.asList(getAud()), null, Long.valueOf((System.currentTimeMillis() / 1000) + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with no nbf");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testNbfInTheFuture() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        String uuid = UUID.randomUUID().toString();
        int i = 0;
        int i2 = 0;
        while (true) {
            int i3 = i2;
            if (i3 >= 4000) {
                break;
            }
            try {
                long currentTimeMillis = System.currentTimeMillis() / 1000;
                useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis + i3), Long.valueOf(currentTimeMillis), BORING_CLAIMS));
                i = i3;
                i2 = i3 + inc(i3);
            } catch (IllegalArgumentException e) {
                logger.debug(e.getMessage());
            }
        }
        if (i > 60) {
            throw new TestFailure("Fail, accepted tokens " + i + " seconds before their nbf time");
        }
        return i == 0 ? "Passed" : "Passed, accepted tokens " + i + " seconds before their nbf time";
    }

    public String testBadIssAccepted() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, uuid, "http://www.microsoft.com/", "sub", Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with invalid issuer");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testBadAudAccepted() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), "sub", Arrays.asList("bad"), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with bad audience");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }

    public String testAudNotAcceptedAsSingleElementArray() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        JsonArray jsonArray = new JsonArray();
        jsonArray.add(getAud());
        ImmutableMap build = ImmutableMap.builder().put("aud", jsonArray).put("email", "bob@").put("given_name", "tester").build();
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), "sub", null, Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), build));
            return "Passed";
        } catch (IllegalArgumentException e) {
            throw new TestFailure("Fail, did not accept token with aud = " + String.valueOf(jsonArray));
        }
    }

    public String testAudNotAcceptedAsSingleValue() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        ImmutableMap build = ImmutableMap.builder().put("aud", getAud()).put("email", "bob@").put("given_name", "tester").build();
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), "sub", null, Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), build));
            return "Passed";
        } catch (IllegalArgumentException e) {
            throw new TestFailure("Fail, did not accept token with aud = \"aud\"");
        }
    }

    public String testAudNotAcceptedAsFirstElementOfArray() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        JsonArray jsonArray = new JsonArray();
        jsonArray.add(getAud());
        jsonArray.add("bob");
        jsonArray.add("carol");
        jsonArray.add("ted");
        jsonArray.add("ringo");
        ImmutableMap build = ImmutableMap.builder().put(getAud(), jsonArray).put("email", "bob@").put("given_name", "tester").build();
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), "sub", null, Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), build));
            return "Passed";
        } catch (IllegalArgumentException e) {
            throw new TestFailure("Fail, did not accept token with aud = " + String.valueOf(jsonArray));
        }
    }

    public String testAudNotAcceptedAsLastElementOfArray() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        JsonArray jsonArray = new JsonArray();
        jsonArray.add("bob");
        jsonArray.add("carol");
        jsonArray.add("ted");
        jsonArray.add("ringo");
        jsonArray.add(getAud());
        ImmutableMap build = ImmutableMap.builder().put(getAud(), jsonArray).put("email", "bob@").put("given_name", "tester").build();
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), "sub", null, Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), build));
            return "Passed";
        } catch (IllegalArgumentException e) {
            throw new TestFailure("Fail, did not accept token with aud = " + String.valueOf(jsonArray));
        }
    }

    public String testNoSubAccepted() throws Exception, TestFailure {
        TokenBuilder createTokenBuilder = createTokenBuilder();
        prepTest(createTokenBuilder);
        String uuid = UUID.randomUUID().toString();
        long currentTimeMillis = System.currentTimeMillis() / 1000;
        try {
            useToken(createTokenBuilder.buildToken(JsonWebAlgorithm.RS256, uuid, getIssuer(), null, Arrays.asList(getAud()), Long.valueOf(currentTimeMillis), Long.valueOf(currentTimeMillis + 100), BORING_CLAIMS));
            throw new TestFailure("Fail, accepted token with no sub");
        } catch (IllegalArgumentException e) {
            return "Passed";
        }
    }
}
