package org.geoserver.security.validation;

import java.net.URL;
import org.geoserver.security.filter.GeoServerBasicAuthenticationFilterTest;
import org.geoserver.security.password.MasterPasswordChangeRequest;
import org.geoserver.security.password.MasterPasswordProviderException;
import org.geoserver.security.password.URLMasterPasswordProvider;
import org.geoserver.security.password.URLMasterPasswordProviderConfig;
import org.geoserver.security.password.URLMasterPasswordProviderException;
import org.geoserver.test.GeoServerMockTestSupport;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/geoserver/security/validation/MasterPasswordChangeValidatorTest.class */
public class MasterPasswordChangeValidatorTest extends GeoServerMockTestSupport {
    MasterPasswordChangeValidator validator;

    @Before
    public void setValidator() {
        this.validator = new MasterPasswordChangeValidator(getSecurityManager());
    }

    protected void checkCurrentPassword(MasterPasswordChangeRequest masterPasswordChangeRequest) throws Exception {
        try {
            this.validator.validateChangeRequest(masterPasswordChangeRequest);
            Assert.fail();
        } catch (MasterPasswordChangeException e) {
            assertSecurityException(e, "CURRENT_PASSWORD_REQUIRED", new Object[0]);
        }
        masterPasswordChangeRequest.setCurrentPassword("blabalb".toCharArray());
        try {
            this.validator.validateChangeRequest(masterPasswordChangeRequest);
            Assert.fail();
        } catch (MasterPasswordChangeException e2) {
            assertSecurityException(e2, "CURRENT_PASSWORD_ERROR", new Object[0]);
        }
    }

    protected void checkConfirmationPassword(MasterPasswordChangeRequest masterPasswordChangeRequest) throws Exception {
        try {
            this.validator.validateChangeRequest(masterPasswordChangeRequest);
            Assert.fail();
        } catch (MasterPasswordChangeException e) {
            assertSecurityException(e, "CONFIRMATION_PASSWORD_REQUIRED", new Object[0]);
        }
    }

    protected void checkNewPassword(MasterPasswordChangeRequest masterPasswordChangeRequest) throws Exception {
        boolean z = false;
        try {
            this.validator.validateChangeRequest(masterPasswordChangeRequest);
        } catch (MasterPasswordChangeException e) {
            z = true;
            assertSecurityException(e, "NEW_PASSWORD_REQUIRED", new Object[0]);
        }
        Assert.assertTrue(z);
    }

    protected void checkConfirmationEqualsNewPassword(MasterPasswordChangeRequest masterPasswordChangeRequest) throws Exception {
        boolean z = false;
        try {
            this.validator.validateChangeRequest(masterPasswordChangeRequest);
        } catch (MasterPasswordChangeException e) {
            z = true;
            assertSecurityException(e, "PASSWORD_AND_CONFIRMATION_NOT_EQUAL", new Object[0]);
        }
        Assert.assertTrue(z);
    }

    protected void checkCurrentEqualsNewPassword(MasterPasswordChangeRequest masterPasswordChangeRequest) throws Exception {
        try {
            this.validator.validateChangeRequest(masterPasswordChangeRequest);
            Assert.fail();
        } catch (MasterPasswordChangeException e) {
            assertSecurityException(e, "NEW_EQUALS_CURRENT", new Object[0]);
        }
    }

    protected void validateAgainstPolicy(MasterPasswordChangeRequest masterPasswordChangeRequest) throws Exception {
        try {
            this.validator.validateChangeRequest(masterPasswordChangeRequest);
            Assert.fail();
        } catch (PasswordPolicyException e) {
        }
    }

    @Test
    public void testUrlConfig() throws Exception {
        URLMasterPasswordProvider.URLMasterPasswordProviderValidator uRLMasterPasswordProviderValidator = new URLMasterPasswordProvider.URLMasterPasswordProviderValidator(getSecurityManager());
        URLMasterPasswordProviderConfig uRLMasterPasswordProviderConfig = new URLMasterPasswordProviderConfig();
        uRLMasterPasswordProviderConfig.setName("foo");
        uRLMasterPasswordProviderConfig.setClassName(URLMasterPasswordProvider.class.getCanonicalName());
        try {
            uRLMasterPasswordProviderValidator.validateAddMasterPasswordProvider(uRLMasterPasswordProviderConfig);
            Assert.fail();
        } catch (URLMasterPasswordProviderException e) {
            assertSecurityException((MasterPasswordProviderException) e, "URL_REQUIRED", new Object[0]);
        }
        uRLMasterPasswordProviderConfig.setURL(new URL("file:ABC"));
        uRLMasterPasswordProviderConfig.setReadOnly(true);
        try {
            uRLMasterPasswordProviderValidator.validateAddMasterPasswordProvider(uRLMasterPasswordProviderConfig);
            Assert.fail();
        } catch (URLMasterPasswordProviderException e2) {
            assertSecurityException((MasterPasswordProviderException) e2, "URL_LOCATION_NOT_READABLE", new URL("file:ABC"));
        }
    }

    @Test
    public void testValidator() throws Exception {
        MasterPasswordChangeRequest masterPasswordChangeRequest = new MasterPasswordChangeRequest();
        checkCurrentPassword(masterPasswordChangeRequest);
        masterPasswordChangeRequest.setCurrentPassword(GeoServerBasicAuthenticationFilterTest.PASSWORD.toCharArray());
        checkConfirmationPassword(masterPasswordChangeRequest);
        masterPasswordChangeRequest.setConfirmPassword("abc".toCharArray());
        checkNewPassword(masterPasswordChangeRequest);
        masterPasswordChangeRequest.setNewPassword("def".toCharArray());
        checkConfirmationEqualsNewPassword(masterPasswordChangeRequest);
        masterPasswordChangeRequest.setNewPassword("abc".toCharArray());
        validateAgainstPolicy(masterPasswordChangeRequest);
        masterPasswordChangeRequest.setConfirmPassword(masterPasswordChangeRequest.getCurrentPassword());
        masterPasswordChangeRequest.setNewPassword(masterPasswordChangeRequest.getCurrentPassword());
        checkCurrentEqualsNewPassword(masterPasswordChangeRequest);
        masterPasswordChangeRequest.setConfirmPassword((String.valueOf(masterPasswordChangeRequest.getCurrentPassword()) + "1").toCharArray());
        masterPasswordChangeRequest.setNewPassword((String.valueOf(masterPasswordChangeRequest.getCurrentPassword()) + "1").toCharArray());
        this.validator.validateChangeRequest(masterPasswordChangeRequest);
    }

    protected void assertSecurityException(MasterPasswordChangeException masterPasswordChangeException, String str, Object... objArr) {
        Assert.assertEquals(str, masterPasswordChangeException.getId());
        Assert.assertEquals(objArr.length, masterPasswordChangeException.getArgs().length);
        for (int i = 0; i < objArr.length; i++) {
            Assert.assertEquals(objArr[i], masterPasswordChangeException.getArgs()[i]);
        }
    }

    protected void assertSecurityException(MasterPasswordProviderException masterPasswordProviderException, String str, Object... objArr) {
        Assert.assertEquals(str, masterPasswordProviderException.getId());
        Assert.assertEquals(objArr.length, masterPasswordProviderException.getArgs().length);
        for (int i = 0; i < objArr.length; i++) {
            Assert.assertEquals(objArr[i], masterPasswordProviderException.getArgs()[i]);
        }
    }
}
