package io.vertx.ext.web.handler;

import io.vertx.core.Handler;
import io.vertx.core.http.HttpClientRequest;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.json.JsonArray;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.JWTOptions;
import io.vertx.ext.auth.KeyStoreOptions;
import io.vertx.ext.auth.jwt.JWTAuth;
import io.vertx.ext.auth.jwt.JWTAuthOptions;
import io.vertx.ext.web.WebTestBase;
import java.util.Arrays;
import java.util.function.Consumer;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:io/vertx/ext/web/handler/JWTAuthHandlerTest.class */
public class JWTAuthHandlerTest extends WebTestBase {
    JWTAuth authProvider;

    @Before
    public void setup() throws Exception {
        this.authProvider = JWTAuth.create(this.vertx, new JWTAuthOptions().setKeyStore(new KeyStoreOptions().setType("jceks").setPath("keystore.jceks").setPassword("secret")));
    }

    @Test
    public void testLogin() throws Exception {
        Handler handler = routingContext -> {
            assertNotNull(routingContext.user());
            assertEquals("paulo", routingContext.user().attributes().getJsonObject("accessToken").getString("sub"));
            routingContext.response().end("Welcome to the protected resource!");
        };
        this.router.route("/protected/*").handler(JWTAuthHandler.create(this.authProvider));
        this.router.route("/protected/somepage").handler(handler);
        testRequest(HttpMethod.GET, "/protected/somepage", null, httpClientResponse -> {
        }, 401, "Unauthorized", null);
        testRequest(HttpMethod.GET, "/protected/somepage", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Bearer " + this.authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions()));
        }, 200, "OK", "Welcome to the protected resource!");
    }

    @Test
    public void testLoginFail() throws Exception {
        Handler handler = routingContext -> {
            fail("should not get here");
            routingContext.response().end("Welcome to the protected resource!");
        };
        this.router.route("/protected/*").handler(JWTAuthHandler.create(this.authProvider));
        this.router.route("/protected/somepage").handler(handler);
        testRequest(HttpMethod.GET, "/protected/somepage", (Consumer<HttpClientRequest>) null, 401, "Unauthorized", (String) null);
        String generateToken = this.authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions());
        testRequest(HttpMethod.GET, "/protected/somepage", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Bearer x" + generateToken);
        }, 401, "Unauthorized", (String) null);
        testRequest(HttpMethod.GET, "/protected/somepage", httpClientRequest2 -> {
            httpClientRequest2.putHeader("Authorization", "Basic " + generateToken);
        }, 401, "Unauthorized", (String) null);
    }

    @Test
    public void testLoginWithScopes() throws Exception {
        this.router.route().handler(JWTAuthHandler.create(this.authProvider).withScopes(Arrays.asList("a", "b"))).handler((v0) -> {
            v0.end();
        });
        JsonObject put = new JsonObject().put("sub", "Paulo").put("scope", String.join(" ", Arrays.asList("a", "b")));
        testRequest(HttpMethod.GET, "/", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Bearer " + this.authProvider.generateToken(put));
        }, 200, "OK", (String) null);
        JsonObject put2 = new JsonObject().put("sub", "Paulo").put("scope", new JsonArray().add("a").add("b"));
        testRequest(HttpMethod.GET, "/", httpClientRequest2 -> {
            httpClientRequest2.putHeader("Authorization", "Bearer " + this.authProvider.generateToken(put2));
        }, 200, "OK", (String) null);
    }

    @Test
    public void testLoginWithMissingScopes() throws Exception {
        this.router.route().handler(JWTAuthHandler.create(this.authProvider).withScopes(Arrays.asList("a", "b", "c"))).handler((v0) -> {
            v0.end();
        });
        JsonObject put = new JsonObject().put("sub", "Paulo").put("scope", String.join(" ", Arrays.asList("a", "b")));
        testRequest(HttpMethod.GET, "/", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Bearer " + this.authProvider.generateToken(put));
        }, 403, "Forbidden", (String) null);
        JsonObject put2 = new JsonObject().put("sub", "Paulo").put("scope", new JsonArray().add("a").add("b"));
        testRequest(HttpMethod.GET, "/", httpClientRequest2 -> {
            httpClientRequest2.putHeader("Authorization", "Bearer " + this.authProvider.generateToken(put2));
        }, 403, "Forbidden", (String) null);
    }

    @Test
    public void testLoginWithScopeDelimiter() throws Exception {
        this.router.route().handler(JWTAuthHandler.create(this.authProvider).withScopes(Arrays.asList("a", "b")).scopeDelimiter(",")).handler((v0) -> {
            v0.end();
        });
        JsonObject put = new JsonObject().put("sub", "Paulo").put("scope", String.join(" ", Arrays.asList("a", "b")));
        testRequest(HttpMethod.GET, "/", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Bearer " + this.authProvider.generateToken(put));
        }, 403, "Forbidden", (String) null);
        JsonObject put2 = new JsonObject().put("sub", "Paulo").put("scope", String.join(",", Arrays.asList("a", "b")));
        testRequest(HttpMethod.GET, "/", httpClientRequest2 -> {
            httpClientRequest2.putHeader("Authorization", "Bearer " + this.authProvider.generateToken(put2));
        }, 200, "OK", (String) null);
    }
}
