package io.vertx.ext.auth.test.jwt;

import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.jwt.JWTAuth;
import io.vertx.ext.auth.jwt.JWTOptions;
import io.vertx.test.core.VertxTestBase;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:io/vertx/ext/auth/test/jwt/JWTAuthProviderTest.class */
public class JWTAuthProviderTest extends VertxTestBase {
    protected JWTAuth authProvider;
    private static final String JWT_VALID = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJQYXVsbyIsImV4cCI6MTc0NzA1NTMxMywiaWF0IjoxNDMxNjk1MzEzLCJwZXJtaXNzaW9ucyI6WyJyZWFkIiwid3JpdGUiLCJleGVjdXRlIl0sInJvbGVzIjpbImFkbWluIiwiZGV2ZWxvcGVyIiwidXNlciJdfQ.UdA6oYDn9s_k7uogFFg8jvKmq9RgITBnlq4xV6JGsCY";
    private static final String JWT_INVALID = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJQYXVsbyIsImlhdCI6MTQwMDE1OTQzNCwiZXhwIjoxNDAwMjQ1ODM0LCJyb2xlcyI6WyJhZG1pbiIsImRldmVsb3BlciIsInVzZXIiXSwicGVybWlzc2lvbnMiOlsicmVhZCIsIndyaXRlIiwiZXhlY3V0ZSJdfQ==.NhHul0OFlmUaatFwNeGBbshVNzac2z_3twEEg57x80s=";

    public void setUp() throws Exception {
        super.setUp();
        this.authProvider = JWTAuth.create(this.vertx, getConfig());
    }

    protected JsonObject getConfig() {
        return new JsonObject().put("keyStore", new JsonObject().put("path", "keystore.jceks").put("type", "jceks").put("password", "secret"));
    }

    @Test
    public void testValidJWT() {
        this.authProvider.authenticate(new JsonObject().put("jwt", JWT_VALID), onSuccess(user -> {
            assertNotNull(user);
            testComplete();
        }));
        await();
    }

    @Test
    public void testInvalidJWT() {
        this.authProvider.authenticate(new JsonObject().put("jwt", JWT_INVALID), onFailure(th -> {
            assertNotNull(th);
            testComplete();
        }));
        await();
    }

    @Test
    public void testJWTValidPermission() {
        this.authProvider.authenticate(new JsonObject().put("jwt", JWT_VALID), onSuccess(user -> {
            assertNotNull(user);
            user.isAuthorised("write", onSuccess(bool -> {
                assertNotNull(bool);
                testComplete();
            }));
        }));
        await();
    }

    @Test
    public void testJWTInvalidPermission() {
        this.authProvider.authenticate(new JsonObject().put("jwt", JWT_VALID), onSuccess(user -> {
            assertNotNull(user);
            user.isAuthorised("drop", onSuccess(bool -> {
                assertFalse(bool.booleanValue());
                testComplete();
            }));
        }));
        await();
    }

    @Test
    public void testGenerateNewToken() {
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "Paulo").put("exp", 1747055313).put("iat", 1431695313).put("permissions", new JsonArray().add("read").add("write").add("execute")).put("roles", new JsonArray().add("admin").add("developer").add("user")), new JWTOptions().setSubject("Paulo"));
        assertNotNull(generateToken);
        assertEquals(JWT_VALID, generateToken);
    }

    @Test
    public void testGenerateNewTokenImmutableClaims() {
        JsonObject put = new JsonObject().put("sub", "Paulo");
        Assert.assertNotEquals(this.authProvider.generateToken(put, new JWTOptions().addPermission("user")), this.authProvider.generateToken(put, new JWTOptions().addPermission("admin")));
    }

    @Test
    public void testTokenWithoutTimestamp() {
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "Paulo"), new JWTOptions().setExpiresInMinutes(5L).setNoTimestamp(true));
        assertNotNull(generateToken);
        this.authProvider.authenticate(new JsonObject().put("jwt", generateToken), onSuccess(user -> {
            assertNotNull(user);
            assertTrue(user.principal().containsKey("exp"));
            assertFalse(user.principal().containsKey("iat"));
            testComplete();
        }));
        await();
    }

    @Test
    public void testTokenWithTimestamp() {
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "Paulo"), new JWTOptions());
        assertNotNull(generateToken);
        this.authProvider.authenticate(new JsonObject().put("jwt", generateToken), onSuccess(user -> {
            assertNotNull(user);
            assertTrue(user.principal().containsKey("iat"));
            testComplete();
        }));
        await();
    }

    @Test
    public void testExpiration() {
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "Paulo"), new JWTOptions().setExpiresInMinutes(-5L).setNoTimestamp(true));
        assertNotNull(generateToken);
        this.authProvider.authenticate(new JsonObject().put("jwt", generateToken), onFailure(th -> {
            assertNotNull(th);
            testComplete();
        }));
        await();
    }

    @Test
    public void testGoodIssuer() {
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "Paulo"), new JWTOptions().setIssuer("https://vertx.io"));
        assertNotNull(generateToken);
        this.authProvider.authenticate(new JsonObject().put("jwt", generateToken).put("options", new JsonObject().put("issuer", "https://vertx.io")), onSuccess(user -> {
            assertNotNull(user);
            testComplete();
        }));
        await();
    }

    @Test
    public void testBadIssuer() {
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "Paulo"), new JWTOptions().setIssuer("https://auth0.io"));
        assertNotNull(generateToken);
        this.authProvider.authenticate(new JsonObject().put("jwt", generateToken).put("options", new JsonObject().put("issuer", "https://vertx.io")), onFailure(th -> {
            assertNotNull(th);
            testComplete();
        }));
        await();
    }

    @Test
    public void testGoodAudience() {
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "Paulo"), new JWTOptions().addAudience("a").addAudience("b").addAudience("c"));
        assertNotNull(generateToken);
        this.authProvider.authenticate(new JsonObject().put("jwt", generateToken).put("options", new JsonObject().put("audience", new JsonArray().add("b").add("d"))), onSuccess(user -> {
            assertNotNull(user);
            testComplete();
        }));
        await();
    }

    @Test
    public void testBadAudience() {
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "Paulo"), new JWTOptions().addAudience("a").addAudience("b").addAudience("c"));
        assertNotNull(generateToken);
        this.authProvider.authenticate(new JsonObject().put("jwt", generateToken).put("options", new JsonObject().put("audience", new JsonArray().add("e").add("d"))), onFailure(th -> {
            assertNotNull(th);
            testComplete();
        }));
        await();
    }

    @Test
    public void testGenerateNewTokenES256() {
        this.authProvider = JWTAuth.create(this.vertx, new JsonObject().put("keyStore", new JsonObject().put("path", "es256-keystore.jceks").put("type", "jceks").put("password", "secret")));
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions().setAlgorithm("ES256"));
        assertNotNull(generateToken);
        this.authProvider.authenticate(new JsonObject().put("jwt", generateToken), asyncResult -> {
            if (asyncResult.failed()) {
                asyncResult.cause().printStackTrace();
                fail();
            }
            assertNotNull(asyncResult.result());
            testComplete();
        });
        await();
    }

    @Test
    public void testGenerateNewTokenForceAlgorithm() {
        this.authProvider = JWTAuth.create(this.vertx, new JsonObject().put("keyStore", new JsonObject().put("path", "gce.jks").put("type", "jks").put("password", "notasecret")));
        String generateToken = this.authProvider.generateToken(new JsonObject(), new JWTOptions().setAlgorithm("RS256"));
        assertNotNull(generateToken);
        this.authProvider.authenticate(new JsonObject().put("jwt", generateToken), onSuccess(user -> {
            assertNotNull(user);
            testComplete();
        }));
        await();
    }

    @Test
    public void testAcceptInvalidJWT() {
        String[] split = JWT_INVALID.split("\\.");
        JsonObject jsonObject = new JsonObject(new String(Base64.getUrlDecoder().decode(split[0].getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8));
        jsonObject.put("alg", "none");
        String encodeToString = Base64.getUrlEncoder().encodeToString(jsonObject.encode().getBytes(StandardCharsets.UTF_8));
        new JsonObject(new String(Base64.getUrlDecoder().decode(split[1].getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8)).put("exp", Long.valueOf(System.currentTimeMillis() + 10000));
        this.authProvider.authenticate(new JsonObject().put("jwt", encodeToString + "." + Base64.getUrlEncoder().encodeToString(jsonObject.encode().getBytes(StandardCharsets.UTF_8)) + "." + split[2]), onFailure(th -> {
            assertNotNull(th);
            testComplete();
        }));
        await();
    }

    @Test
    public void testAlgNone() {
        JWTAuth create = JWTAuth.create(this.vertx, new JsonObject());
        String generateToken = create.generateToken(new JsonObject().put("sub", "UserUnderTest").put("aud", "OrganizationUnderTest").put("iat", 1431695313).put("exp", 1747055313).put("roles", new JsonArray().add("admin").add("developer").add("user")).put("permissions", new JsonArray().add("read").add("write").add("execute")), new JWTOptions().setSubject("UserUnderTest").setAlgorithm("none"));
        assertNotNull(generateToken);
        create.authenticate(new JsonObject().put("jwt", generateToken), onSuccess(user -> {
            assertNotNull(user);
            testComplete();
        }));
        await();
    }
}
