package fitnesse.authentication;

import fitnesse.authentication.NegotiateAuthenticator;
import fitnesse.http.MockRequest;
import fitnesse.http.SimpleResponse;
import fitnesse.slim.converters.BooleanConverter;
import fitnesse.testutil.FitNesseUtil;
import fitnesse.util.Base64;
import fitnesse.wiki.InMemoryPage;
import java.io.UnsupportedEncodingException;
import java.util.Properties;
import org.ietf.jgss.GSSContext;
import org.ietf.jgss.GSSCredential;
import org.ietf.jgss.GSSException;
import org.ietf.jgss.GSSManager;
import org.ietf.jgss.GSSName;
import org.ietf.jgss.Oid;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
import util.RegexTestCase;

/* loaded from: input_file:fitnesse-target/fitnesse/authentication/NegotiateAuthenticatorTest.class */
public class NegotiateAuthenticatorTest {
    private GSSManager manager;
    private Properties properties;
    private final String TOKEN = "xxxxxxxx";

    @Before
    public void setUp() {
        this.manager = (GSSManager) Mockito.mock(GSSManager.class);
        this.properties = new Properties();
    }

    @Test
    public void credentialsShouldBeNullIfNoServiceName() throws Exception {
        Assert.assertNull(new NegotiateAuthenticator(this.manager, this.properties).getServerCredentials());
        ((GSSManager) Mockito.verify(this.manager, Mockito.never())).createName(Mockito.anyString(), (Oid) Mockito.anyObject(), (Oid) Mockito.anyObject());
    }

    @Test
    public void credentialsShouldBeNonNullIfServiceNamePresent() throws Exception {
        this.properties.setProperty("NegotiateAuthenticator.serviceName", "service");
        this.properties.setProperty("NegotiateAuthenticator.serviceNameType", "1.1");
        this.properties.setProperty("NegotiateAuthenticator.mechanism", "1.2");
        GSSName gSSName = (GSSName) Mockito.mock(GSSName.class);
        GSSCredential gSSCredential = (GSSCredential) Mockito.mock(GSSCredential.class);
        Mockito.when(this.manager.createName(Mockito.anyString(), (Oid) Mockito.anyObject(), (Oid) Mockito.anyObject())).thenReturn(gSSName);
        Mockito.when(this.manager.createCredential((GSSName) Mockito.anyObject(), Mockito.anyInt(), (Oid) Mockito.anyObject(), Mockito.anyInt())).thenReturn(gSSCredential);
        NegotiateAuthenticator negotiateAuthenticator = new NegotiateAuthenticator(this.manager, this.properties);
        Oid serviceNameType = negotiateAuthenticator.getServiceNameType();
        Oid mechanism = negotiateAuthenticator.getMechanism();
        ((GSSManager) Mockito.verify(this.manager)).createName("service", serviceNameType, mechanism);
        Assert.assertEquals("1.1", serviceNameType.toString());
        Assert.assertEquals("1.2", mechanism.toString());
        ((GSSManager) Mockito.verify(this.manager)).createCredential(gSSName, Integer.MAX_VALUE, mechanism, 2);
        Assert.assertEquals(gSSCredential, negotiateAuthenticator.getServerCredentials());
    }

    @Test
    public void negotiationErrorScreenForFailureToComplete() throws Exception {
        SimpleResponse simpleResponse = (SimpleResponse) new NegotiateAuthenticator.UnauthenticatedNegotiateResponder("token").makeResponse(FitNesseUtil.makeTestContext(InMemoryPage.makeRoot("RooT")), new MockRequest());
        Assert.assertEquals("Negotiate token", simpleResponse.getHeader("WWW-Authenticate"));
        String content = simpleResponse.getContent();
        RegexTestCase.assertSubString("Negotiated authentication required", content);
        RegexTestCase.assertSubString("Your client failed to complete required authentication", content);
    }

    @Test
    public void negotiationErrorScreenForNeedingAuthentication() throws Exception {
        RegexTestCase.assertSubString("This request requires authentication", ((SimpleResponse) new NegotiateAuthenticator.UnauthenticatedNegotiateResponder("token").makeResponse(FitNesseUtil.makeTestContext(InMemoryPage.makeRoot("RooT")), null)).getContent());
    }

    @Test
    public void noAuthorizationHeaderShouldProduceNullCredentials() throws Exception {
        MockRequest mockRequest = new MockRequest();
        new NegotiateAuthenticator(this.manager, this.properties).negotiateCredentials(mockRequest);
        Assert.assertNull(mockRequest.getAuthorizationUsername());
        Assert.assertNull(mockRequest.getAuthorizationPassword());
    }

    @Test
    public void invalidAuthorizationHeaderShouldProduceNullCredentials() throws Exception {
        MockRequest mockRequest = new MockRequest();
        mockRequest.addHeader("Authorization", "blah");
        new NegotiateAuthenticator(this.manager, this.properties).negotiateCredentials(mockRequest);
        Assert.assertNull(mockRequest.getAuthorizationUsername());
        Assert.assertNull(mockRequest.getAuthorizationPassword());
    }

    @Test
    public void validAuthorizationHeaderAndEstablishedContextShouldProduceUserAndPassword() throws Exception {
        String base64Encode = base64Encode("password");
        Mockito.when(Boolean.valueOf(makeMockGssContext("username", "password").isEstablished())).thenReturn(true);
        MockRequest mockRequest = new MockRequest();
        doNegotiation(mockRequest);
        Assert.assertEquals("username", mockRequest.getAuthorizationUsername());
        Assert.assertEquals(base64Encode, mockRequest.getAuthorizationPassword());
    }

    private void doNegotiation(MockRequest mockRequest) throws Exception {
        mockRequest.addHeader("Authorization", "Negotiate xxxxxxxx");
        new NegotiateAuthenticator(this.manager, this.properties).negotiateCredentials(mockRequest);
    }

    private GSSContext makeMockGssContext(String str, String str2) throws GSSException {
        GSSContext gSSContext = (GSSContext) Mockito.mock(GSSContext.class);
        Mockito.when(this.manager.createContext((GSSCredential) Mockito.anyObject())).thenReturn(gSSContext);
        Mockito.when(gSSContext.acceptSecContext((byte[]) Mockito.anyObject(), Mockito.anyInt(), Mockito.anyInt())).thenReturn(str2.getBytes());
        GSSName gSSName = (GSSName) Mockito.mock(GSSName.class);
        Mockito.when(gSSName.toString()).thenReturn(str);
        Mockito.when(gSSContext.getSrcName()).thenReturn(gSSName);
        return gSSContext;
    }

    @Test
    public void validAuthorizationHeaderAndNoEstablishedContextShouldProducePasswordButNoUser() throws Exception {
        String base64Encode = base64Encode("password");
        Mockito.when(Boolean.valueOf(makeMockGssContext("username", "password").isEstablished())).thenReturn(false);
        MockRequest mockRequest = new MockRequest();
        doNegotiation(mockRequest);
        Assert.assertNull(mockRequest.getAuthorizationUsername());
        Assert.assertEquals(base64Encode, mockRequest.getAuthorizationPassword());
    }

    @Test
    public void realmIsStrippedIfRequested() throws Exception {
        this.properties.setProperty("NegotiateAuthenticator.stripRealm", BooleanConverter.TRUE);
        String base64Encode = base64Encode("password");
        Mockito.when(Boolean.valueOf(makeMockGssContext("username@realm", "password").isEstablished())).thenReturn(true);
        MockRequest mockRequest = new MockRequest();
        doNegotiation(mockRequest);
        Assert.assertEquals("username", mockRequest.getAuthorizationUsername());
        Assert.assertEquals(base64Encode, mockRequest.getAuthorizationPassword());
    }

    private String base64Encode(String str) throws UnsupportedEncodingException {
        return new String(Base64.encode(str.getBytes("UTF-8")));
    }

    @Test
    public void getTokenShouldReturnDecodedToken() throws Exception {
        Assert.assertArrayEquals(Base64.decode("xxxxxxxx".getBytes("UTF-8")), NegotiateAuthenticator.getToken("Negotiate xxxxxxxx"));
    }
}
