package org.cibseven.bpm.engine.rest.standalone;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.servlet.Filter;
import javax.servlet.ServletException;
import javax.ws.rs.core.Response;
import org.cibseven.bpm.engine.AuthorizationService;
import org.cibseven.bpm.engine.IdentityService;
import org.cibseven.bpm.engine.ProcessEngine;
import org.cibseven.bpm.engine.RepositoryService;
import org.cibseven.bpm.engine.identity.Group;
import org.cibseven.bpm.engine.identity.GroupQuery;
import org.cibseven.bpm.engine.identity.Tenant;
import org.cibseven.bpm.engine.identity.TenantQuery;
import org.cibseven.bpm.engine.identity.User;
import org.cibseven.bpm.engine.impl.AuthorizationServiceImpl;
import org.cibseven.bpm.engine.impl.IdentityServiceImpl;
import org.cibseven.bpm.engine.impl.digest._apacheCommonsCodec.Base64;
import org.cibseven.bpm.engine.rest.AbstractRestServiceTest;
import org.cibseven.bpm.engine.rest.helper.MockProvider;
import org.cibseven.bpm.engine.rest.security.auth.ProcessEngineAuthenticationFilter;
import org.cibseven.bpm.engine.rest.security.auth.impl.HttpBasicAuthenticationProvider;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.mockito.Mockito;
import org.springframework.mock.web.MockFilterChain;
import org.springframework.mock.web.MockFilterConfig;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;

@RunWith(Parameterized.class)
/* loaded from: input_file:org/cibseven/bpm/engine/rest/standalone/AuthenticationFilterPathMatchingTest.class */
public class AuthenticationFilterPathMatchingTest extends AbstractRestServiceTest {
    protected static final String SERVICE_PATH = "/rest-test";
    protected AuthorizationService authorizationServiceMock;
    protected IdentityService identityServiceMock;
    protected RepositoryService repositoryServiceMock;
    protected User userMock;
    protected List<String> groupIds;
    protected List<String> tenantIds;
    protected Filter authenticationFilter;
    protected String servletPath;
    protected String requestUrl;
    protected String engineName;
    protected boolean authenticationExpected;
    protected ProcessEngine currentEngine;

    public AuthenticationFilterPathMatchingTest(String str, String str2, String str3, boolean z) {
        this.servletPath = str;
        this.requestUrl = str2;
        this.engineName = str3;
        if (str3 == null) {
            this.engineName = MockProvider.EXAMPLE_PROCESS_ENGINE_NAME;
        }
        this.authenticationExpected = z;
    }

    @Parameterized.Parameters
    public static Collection<Object[]> getRequestUrls() {
        return Arrays.asList(new Object[]{"", "/engine/default/process-definition/and/a/longer/path", MockProvider.EXAMPLE_PROCESS_ENGINE_NAME, true}, new Object[]{"", "/engine/default/process-definition/and/a/longer/path", MockProvider.EXAMPLE_PROCESS_ENGINE_NAME, true}, new Object[]{"", "/engine/default/process-definition", MockProvider.EXAMPLE_PROCESS_ENGINE_NAME, true}, new Object[]{"", "/engine/someOtherEngine/process-definition", "someOtherEngine", true}, new Object[]{"", "/engine/default/", MockProvider.EXAMPLE_PROCESS_ENGINE_NAME, true}, new Object[]{"", "/engine/default", MockProvider.EXAMPLE_PROCESS_ENGINE_NAME, true}, new Object[]{"", "/process-definition", MockProvider.EXAMPLE_PROCESS_ENGINE_NAME, true}, new Object[]{"", "/engine", null, false}, new Object[]{"", "/engine/", null, false}, new Object[]{"", "/", MockProvider.EXAMPLE_PROCESS_ENGINE_NAME, true}, new Object[]{"", "", MockProvider.EXAMPLE_PROCESS_ENGINE_NAME, true}, new Object[]{"/someservlet", "/engine/someengine/process-definition", "someengine", true});
    }

    @Before
    public void setup() throws ServletException {
        this.currentEngine = getProcessEngine(this.engineName);
        this.authorizationServiceMock = (AuthorizationService) Mockito.mock(AuthorizationServiceImpl.class);
        this.identityServiceMock = (IdentityService) Mockito.mock(IdentityServiceImpl.class);
        this.repositoryServiceMock = (RepositoryService) Mockito.mock(RepositoryService.class);
        Mockito.when(this.currentEngine.getAuthorizationService()).thenReturn(this.authorizationServiceMock);
        Mockito.when(this.currentEngine.getIdentityService()).thenReturn(this.identityServiceMock);
        this.userMock = MockProvider.createMockUser();
        List<Group> createMockGroups = MockProvider.createMockGroups();
        this.groupIds = setupGroupQueryMock(createMockGroups);
        this.tenantIds = setupTenantQueryMock(Collections.singletonList(MockProvider.createMockTenant()));
        GroupQuery groupQuery = (GroupQuery) Mockito.mock(GroupQuery.class);
        Mockito.when(this.identityServiceMock.createGroupQuery()).thenReturn(groupQuery);
        Mockito.when(groupQuery.groupMember(Mockito.anyString())).thenReturn(groupQuery);
        Mockito.when(groupQuery.list()).thenReturn(createMockGroups);
        setupFilter();
    }

    protected List<String> setupGroupQueryMock(List<Group> list) {
        GroupQuery groupQuery = (GroupQuery) Mockito.mock(GroupQuery.class);
        Mockito.when(this.identityServiceMock.createGroupQuery()).thenReturn(groupQuery);
        Mockito.when(groupQuery.groupMember(Mockito.anyString())).thenReturn(groupQuery);
        Mockito.when(groupQuery.list()).thenReturn(list);
        ArrayList arrayList = new ArrayList();
        Iterator<Group> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getId());
        }
        return arrayList;
    }

    protected List<String> setupTenantQueryMock(List<Tenant> list) {
        TenantQuery tenantQuery = (TenantQuery) Mockito.mock(TenantQuery.class);
        Mockito.when(this.identityServiceMock.createTenantQuery()).thenReturn(tenantQuery);
        Mockito.when(tenantQuery.userMember(Mockito.anyString())).thenReturn(tenantQuery);
        Mockito.when(tenantQuery.includingGroupsOfUser(Mockito.anyBoolean())).thenReturn(tenantQuery);
        Mockito.when(tenantQuery.list()).thenReturn(list);
        ArrayList arrayList = new ArrayList();
        Iterator<Tenant> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getId());
        }
        return arrayList;
    }

    protected void setupFilter() throws ServletException {
        MockFilterConfig mockFilterConfig = new MockFilterConfig();
        mockFilterConfig.addInitParameter("authentication-provider", HttpBasicAuthenticationProvider.class.getName());
        this.authenticationFilter = new ProcessEngineAuthenticationFilter();
        this.authenticationFilter.init(mockFilterConfig);
    }

    protected void applyFilter(MockHttpServletRequest mockHttpServletRequest, MockHttpServletResponse mockHttpServletResponse, String str, String str2) throws IOException, ServletException {
        mockHttpServletRequest.addHeader("Authorization", "Basic " + new String(Base64.encodeBase64((str + ":" + str2).getBytes())));
        this.authenticationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain());
    }

    @Test
    public void testHttpBasicAuthenticationCheck() throws IOException, ServletException {
        if (this.authenticationExpected) {
            Mockito.when(Boolean.valueOf(this.identityServiceMock.checkPassword(MockProvider.EXAMPLE_USER_ID, MockProvider.EXAMPLE_USER_PASSWORD))).thenReturn(true);
        }
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setRequestURI("/rest-test" + this.servletPath + this.requestUrl);
        mockHttpServletRequest.setContextPath(SERVICE_PATH);
        mockHttpServletRequest.setServletPath(this.servletPath);
        applyFilter(mockHttpServletRequest, mockHttpServletResponse, MockProvider.EXAMPLE_USER_ID, MockProvider.EXAMPLE_USER_PASSWORD);
        Assert.assertEquals(Response.Status.OK.getStatusCode(), mockHttpServletResponse.getStatus());
        if (this.authenticationExpected) {
            ((IdentityService) Mockito.verify(this.identityServiceMock)).setAuthentication(MockProvider.EXAMPLE_USER_ID, this.groupIds, this.tenantIds);
            ((IdentityService) Mockito.verify(this.identityServiceMock)).clearAuthentication();
        } else {
            ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.never())).setAuthentication((String) Mockito.any(String.class), Mockito.anyList(), Mockito.anyList());
            ((IdentityService) Mockito.verify(this.identityServiceMock, Mockito.never())).clearAuthentication();
        }
    }
}
