package org.graylog2.bootstrap.preflight.web;

import jakarta.ws.rs.core.MultivaluedHashMap;
import jakarta.ws.rs.core.Response;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.Collections;
import org.apache.commons.codec.digest.DigestUtils;
import org.assertj.core.api.Assertions;
import org.glassfish.jersey.server.ContainerRequest;
import org.graylog.testing.completebackend.ContainerizedGraylogBackend;
import org.jetbrains.annotations.NotNull;
import org.junit.jupiter.api.Test;
import org.mockito.ArgumentCaptor;
import org.mockito.Mockito;

/* loaded from: input_file:org/graylog2/bootstrap/preflight/web/BasicAuthFilterTest.class */
class BasicAuthFilterTest {
    BasicAuthFilterTest() {
    }

    @Test
    void testInvalidCredentials() throws IOException {
        BasicAuthFilter basicAuthFilter = new BasicAuthFilter(ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT, DigestUtils.sha256Hex(ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT), "junit-test");
        ContainerRequest mockRequest = mockRequest(ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT, "admin1");
        basicAuthFilter.filter(mockRequest);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(Response.class);
        ((ContainerRequest) Mockito.verify(mockRequest, Mockito.times(1))).abortWith((Response) forClass.capture());
        Response response = (Response) forClass.getValue();
        Assertions.assertThat(response.getStatusInfo().getStatusCode()).isEqualTo(401);
        Assertions.assertThat(response.getStatusInfo().getReasonPhrase()).isEqualTo("Unauthorized");
        Assertions.assertThat(response.getEntity()).isEqualTo("You cannot access this resource, invalid username/password combination!");
    }

    @Test
    void testMissingPassword() throws IOException {
        BasicAuthFilter basicAuthFilter = new BasicAuthFilter(ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT, DigestUtils.sha256Hex(ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT), "junit-test");
        ContainerRequest mockRequest = mockRequest(ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT, "");
        basicAuthFilter.filter(mockRequest);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(Response.class);
        ((ContainerRequest) Mockito.verify(mockRequest, Mockito.times(1))).abortWith((Response) forClass.capture());
        Response response = (Response) forClass.getValue();
        Assertions.assertThat(response.getStatusInfo().getStatusCode()).isEqualTo(401);
        Assertions.assertThat(response.getStatusInfo().getReasonPhrase()).isEqualTo("Unauthorized");
        Assertions.assertThat(response.getEntity()).isEqualTo("You cannot access this resource, invalid username/password combination!");
    }

    @Test
    void testCorrectCredentials() throws IOException {
        BasicAuthFilter basicAuthFilter = new BasicAuthFilter(ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT, DigestUtils.sha256Hex(ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT), "junit-test");
        ContainerRequest mockRequest = mockRequest(ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT, ContainerizedGraylogBackend.ROOT_PASSWORD_PLAINTEXT);
        basicAuthFilter.filter(mockRequest);
        ((ContainerRequest) Mockito.verify(mockRequest, Mockito.never())).abortWith((Response) Mockito.any());
    }

    private static ContainerRequest mockRequest(String str, String str2) {
        ContainerRequest containerRequest = (ContainerRequest) Mockito.mock(ContainerRequest.class);
        MultivaluedHashMap multivaluedHashMap = new MultivaluedHashMap();
        multivaluedHashMap.put("Authorization", Collections.singletonList("Basic " + base64(str, str2)));
        Mockito.when(containerRequest.getHeaders()).thenReturn(multivaluedHashMap);
        return containerRequest;
    }

    @NotNull
    private static String base64(String str, String str2) {
        return new String(Base64.getEncoder().encode((str + ":" + str2).getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8);
    }
}
