package it.geosolutions.geostore.rest.security;

import it.geosolutions.geostore.core.model.User;
import it.geosolutions.geostore.core.model.enums.Role;
import it.geosolutions.geostore.services.InMemoryUserSessionServiceImpl;
import it.geosolutions.geostore.services.dto.UserSessionImpl;
import it.geosolutions.geostore.services.exception.BadRequestServiceEx;
import it.geosolutions.geostore.services.exception.NotFoundServiceEx;
import it.geosolutions.geostore.services.rest.security.SessionTokenAuthenticationFilter;
import it.geosolutions.geostore.services.rest.utils.MockedUserService;
import java.io.IOException;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;

/* loaded from: input_file:it/geosolutions/geostore/rest/security/SessionTokenAuthenticationFilterTest.class */
public class SessionTokenAuthenticationFilterTest {
    private static final String DEFAULT_PREFIX = "Bearer ";
    private static final String DEFAULT_HEADER = "Authorization";
    HttpServletRequest request = null;
    HttpServletResponse response = null;
    FilterChain chain = null;
    private SessionTokenAuthenticationFilter filter;
    private Map<String, Authentication> tokens;
    private static final String SAMPLE_TOKEN = UUID.randomUUID().toString();
    private static final String WRONG_TOKEN = UUID.randomUUID().toString();
    private static final String SAMPLE_USER = "user";
    private static final Authentication SAMPLE_AUTH = new UsernamePasswordAuthenticationToken(SAMPLE_USER, "");

    @Before
    public void setUp() {
        this.tokens = new HashMap();
        this.tokens.put(SAMPLE_TOKEN, SAMPLE_AUTH);
        this.filter = new SessionTokenAuthenticationFilter();
        this.filter.setUserService(new MockedUserService());
        this.filter.setUserSessionService(new InMemoryUserSessionServiceImpl());
        this.request = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        this.response = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        this.chain = (FilterChain) Mockito.mock(FilterChain.class);
    }

    @After
    public void tearDown() {
        SecurityContextHolder.getContext().setAuthentication((Authentication) null);
    }

    @Test
    public void userWorksWithNameOnlyTest() throws IOException, ServletException, BadRequestServiceEx, NotFoundServiceEx {
        User user = new User();
        user.setName(SAMPLE_USER);
        user.setRole(Role.USER);
        this.filter.setCacheExpiration(1);
        User user2 = new User();
        user2.setName(SAMPLE_USER);
        user2.setRole(Role.USER);
        this.filter.getUserService().insert(user);
        Mockito.when(this.request.getHeader(DEFAULT_HEADER)).thenReturn("Bearer " + SAMPLE_TOKEN);
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.add(13, 1296000);
        this.filter.getUserSessionService().registerNewSession(SAMPLE_TOKEN, new UserSessionImpl(user2, gregorianCalendar));
        this.filter.doFilter(this.request, this.response, this.chain);
        Assert.assertNotNull(SecurityContextHolder.getContext().getAuthentication());
        User user3 = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        Assert.assertEquals(SAMPLE_USER, user3.getName());
        Assert.assertNotNull(user3.getId());
    }

    @Test
    public void userWorksWithFakeIdTest() throws IOException, ServletException, BadRequestServiceEx, NotFoundServiceEx {
        User user = new User();
        user.setName(SAMPLE_USER);
        user.setRole(Role.USER);
        this.filter.setCacheExpiration(1);
        User user2 = new User();
        user2.setId(-1L);
        user2.setName(SAMPLE_USER);
        user2.setRole(Role.USER);
        this.filter.getUserService().insert(user);
        Mockito.when(this.request.getHeader(DEFAULT_HEADER)).thenReturn("Bearer " + SAMPLE_TOKEN);
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.add(13, 1296000);
        this.filter.getUserSessionService().registerNewSession(SAMPLE_TOKEN, new UserSessionImpl(user2, gregorianCalendar));
        this.filter.doFilter(this.request, this.response, this.chain);
        Assert.assertNotNull(SecurityContextHolder.getContext().getAuthentication());
        User user3 = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        Assert.assertEquals(SAMPLE_USER, user3.getName());
        Assert.assertNotNull(user3.getId());
    }
}
