package org.apache.shiro.mgt;

import java.io.Serializable;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.config.Ini;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.shiro.session.ExpiredSessionException;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/apache/shiro/mgt/DefaultSecurityManagerTest.class */
public class DefaultSecurityManagerTest extends AbstractSecurityManagerTest {
    DefaultSecurityManager sm = null;

    @Before
    public void setup() {
        this.sm = new DefaultSecurityManager();
        Ini ini = new Ini();
        Ini.Section addSection = ini.addSection("users");
        addSection.put("guest", "guest, guest");
        addSection.put("lonestarr", "vespa, goodguy");
        this.sm.setRealm(new IniRealm(ini));
        SecurityUtils.setSecurityManager(this.sm);
    }

    @Override // org.apache.shiro.mgt.AbstractSecurityManagerTest
    @After
    public void tearDown() {
        SecurityUtils.setSecurityManager((SecurityManager) null);
        this.sm.destroy();
        super.tearDown();
    }

    @Test
    public void testDefaultConfig() {
        Subject subject = SecurityUtils.getSubject();
        subject.login(new UsernamePasswordToken("guest", "guest"));
        Assert.assertTrue(subject.isAuthenticated());
        Assert.assertTrue("guest".equals(subject.getPrincipal()));
        Assert.assertTrue(subject.hasRole("guest"));
        Session session = subject.getSession();
        session.setAttribute("key", "value");
        Assert.assertEquals(session.getAttribute("key"), "value");
        subject.logout();
        Assert.assertNull(subject.getSession(false));
        Assert.assertNull(subject.getPrincipal());
        Assert.assertNull(subject.getPrincipals());
    }

    @Test
    public void testAutoCreateSessionAfterInvalidation() {
        Session session = SecurityUtils.getSubject().getSession();
        session.getId();
        session.setAttribute("foo", "bar");
        Assert.assertEquals("bar", session.getAttribute("foo"));
        session.setTimeout(50L);
        try {
            Thread.sleep(150L);
        } catch (InterruptedException e) {
        }
        try {
            session.setTimeout(1800000L);
            Assert.fail("Session should have expired.");
        } catch (ExpiredSessionException e2) {
        }
    }

    @Test
    public void testSubjectReuseAfterLogout() {
        Subject subject = SecurityUtils.getSubject();
        subject.login(new UsernamePasswordToken("guest", "guest"));
        Assert.assertTrue(subject.isAuthenticated());
        Assert.assertTrue("guest".equals(subject.getPrincipal()));
        Assert.assertTrue(subject.hasRole("guest"));
        Session session = subject.getSession();
        Serializable id = session.getId();
        session.setAttribute("key", "value");
        Assert.assertEquals(session.getAttribute("key"), "value");
        subject.logout();
        Assert.assertNull(subject.getSession(false));
        Assert.assertNull(subject.getPrincipal());
        Assert.assertNull(subject.getPrincipals());
        subject.login(new UsernamePasswordToken("lonestarr", "vespa"));
        Assert.assertTrue(subject.isAuthenticated());
        Assert.assertTrue("lonestarr".equals(subject.getPrincipal()));
        Assert.assertTrue(subject.hasRole("goodguy"));
        Assert.assertNotNull(subject.getSession());
        Assert.assertFalse(id.equals(subject.getSession().getId()));
        subject.logout();
        Assert.assertNull(subject.getSession(false));
        Assert.assertNull(subject.getPrincipal());
        Assert.assertNull(subject.getPrincipals());
    }
}
