package org.springframework.security.ui.portlet;

import java.util.ArrayList;
import java.util.HashMap;
import junit.framework.TestCase;
import org.springframework.mock.web.portlet.MockActionRequest;
import org.springframework.mock.web.portlet.MockActionResponse;
import org.springframework.mock.web.portlet.MockRenderRequest;
import org.springframework.mock.web.portlet.MockRenderResponse;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationManager;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.TestingAuthenticationToken;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.providers.portlet.PortletTestUtils;
import org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.userdetails.User;
import org.springframework.web.portlet.ModelAndView;

/* loaded from: input_file:org/springframework/security/ui/portlet/PortletProcessingInterceptorTests.class */
public class PortletProcessingInterceptorTests extends TestCase {

    /* loaded from: input_file:org/springframework/security/ui/portlet/PortletProcessingInterceptorTests$MockPortletAuthenticationManager.class */
    private static class MockPortletAuthenticationManager implements AuthenticationManager {
        private MockPortletAuthenticationManager() {
        }

        public Authentication authenticate(Authentication authentication) {
            if (!(authentication instanceof PreAuthenticatedAuthenticationToken)) {
                TestCase.fail("Expected PreAuthenticatedAuthenticationToken object-- got: " + authentication);
            }
            if (authentication.getPrincipal() == null) {
                throw new BadCredentialsException("Mock authentication manager rejecting null principal");
            }
            if (authentication.getCredentials() == null) {
                throw new BadCredentialsException("Mock authentication manager rejecting null credentials");
            }
            User user = new User(authentication.getName(), authentication.getCredentials().toString(), true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl(PortletTestUtils.TESTROLE1), new GrantedAuthorityImpl(PortletTestUtils.TESTROLE2)});
            PreAuthenticatedAuthenticationToken preAuthenticatedAuthenticationToken = new PreAuthenticatedAuthenticationToken(user, user.getPassword(), user.getAuthorities());
            preAuthenticatedAuthenticationToken.setAuthenticated(true);
            return preAuthenticatedAuthenticationToken;
        }
    }

    public PortletProcessingInterceptorTests() {
    }

    public PortletProcessingInterceptorTests(String str) {
        super(str);
    }

    public void setUp() throws Exception {
        super.setUp();
        SecurityContextHolder.clearContext();
    }

    public void tearDown() throws Exception {
        super.tearDown();
        SecurityContextHolder.clearContext();
    }

    public void testRequiresAuthenticationManager() throws Exception {
        try {
            new PortletProcessingInterceptor().afterPropertiesSet();
            fail("Expected IllegalArgumentException");
        } catch (IllegalArgumentException e) {
        }
    }

    public void testNormalRenderRequestProcessing() throws Exception {
        MockRenderRequest createRenderRequest = PortletTestUtils.createRenderRequest();
        MockRenderResponse createRenderResponse = PortletTestUtils.createRenderResponse();
        PortletProcessingInterceptor portletProcessingInterceptor = new PortletProcessingInterceptor();
        portletProcessingInterceptor.setAuthenticationManager(new MockPortletAuthenticationManager());
        portletProcessingInterceptor.afterPropertiesSet();
        portletProcessingInterceptor.preHandleRender(createRenderRequest, createRenderResponse, (Object) null);
        assertEquals(PortletTestUtils.createAuthenticatedToken(), SecurityContextHolder.getContext().getAuthentication());
        portletProcessingInterceptor.postHandleRender(createRenderRequest, createRenderResponse, (Object) null, (ModelAndView) null);
        assertEquals(PortletTestUtils.createAuthenticatedToken(), SecurityContextHolder.getContext().getAuthentication());
        portletProcessingInterceptor.afterRenderCompletion(createRenderRequest, createRenderResponse, (Object) null, (Exception) null);
        assertEquals(PortletTestUtils.createAuthenticatedToken(), SecurityContextHolder.getContext().getAuthentication());
    }

    public void testNormalActionRequestProcessing() throws Exception {
        MockActionRequest createActionRequest = PortletTestUtils.createActionRequest();
        MockActionResponse createActionResponse = PortletTestUtils.createActionResponse();
        PortletProcessingInterceptor portletProcessingInterceptor = new PortletProcessingInterceptor();
        portletProcessingInterceptor.setAuthenticationManager(new MockPortletAuthenticationManager());
        portletProcessingInterceptor.afterPropertiesSet();
        portletProcessingInterceptor.preHandleAction(createActionRequest, createActionResponse, (Object) null);
        assertEquals(PortletTestUtils.createAuthenticatedToken(), SecurityContextHolder.getContext().getAuthentication());
        portletProcessingInterceptor.afterActionCompletion(createActionRequest, createActionResponse, (Object) null, (Exception) null);
        assertEquals(PortletTestUtils.createAuthenticatedToken(), SecurityContextHolder.getContext().getAuthentication());
    }

    public void testAuthenticationFailsWithNoCredentials() throws Exception {
        MockActionRequest mockActionRequest = new MockActionRequest();
        MockActionResponse mockActionResponse = new MockActionResponse();
        PortletProcessingInterceptor portletProcessingInterceptor = new PortletProcessingInterceptor();
        portletProcessingInterceptor.setAuthenticationManager(new MockPortletAuthenticationManager());
        portletProcessingInterceptor.afterPropertiesSet();
        portletProcessingInterceptor.preHandleAction(mockActionRequest, mockActionResponse, (Object) null);
        assertNull(SecurityContextHolder.getContext().getAuthentication());
        assertTrue(mockActionRequest.getPortletSession().getAttribute("SPRING_SECURITY_LAST_EXCEPTION", 1) instanceof BadCredentialsException);
    }

    public void testExistingAuthenticationIsLeftAlone() throws Exception {
        MockActionRequest createActionRequest = PortletTestUtils.createActionRequest();
        MockActionResponse createActionResponse = PortletTestUtils.createActionResponse();
        PortletProcessingInterceptor portletProcessingInterceptor = new PortletProcessingInterceptor();
        portletProcessingInterceptor.setAuthenticationManager(new MockPortletAuthenticationManager());
        portletProcessingInterceptor.afterPropertiesSet();
        Authentication usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken("dummy", "dummy", (GrantedAuthority[]) null);
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken2 = new UsernamePasswordAuthenticationToken("dummy", "dummy", (GrantedAuthority[]) null);
        SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
        portletProcessingInterceptor.preHandleAction(createActionRequest, createActionResponse, (Object) null);
        assertTrue(SecurityContextHolder.getContext().getAuthentication() == usernamePasswordAuthenticationToken);
        assertEquals(usernamePasswordAuthenticationToken2, SecurityContextHolder.getContext().getAuthentication());
        portletProcessingInterceptor.afterActionCompletion(createActionRequest, createActionResponse, (Object) null, (Exception) null);
        assertTrue(SecurityContextHolder.getContext().getAuthentication() == usernamePasswordAuthenticationToken);
        assertEquals(usernamePasswordAuthenticationToken2, SecurityContextHolder.getContext().getAuthentication());
    }

    public void testUsernameFromRemoteUser() throws Exception {
        MockActionRequest mockActionRequest = new MockActionRequest();
        MockActionResponse mockActionResponse = new MockActionResponse();
        mockActionRequest.setRemoteUser(PortletTestUtils.TESTUSER);
        mockActionRequest.setAuthType(PortletTestUtils.TESTCRED);
        PortletProcessingInterceptor portletProcessingInterceptor = new PortletProcessingInterceptor();
        portletProcessingInterceptor.setAuthenticationManager(new MockPortletAuthenticationManager());
        portletProcessingInterceptor.afterPropertiesSet();
        portletProcessingInterceptor.preHandleAction(mockActionRequest, mockActionResponse, (Object) null);
        assertEquals(PortletTestUtils.TESTUSER, SecurityContextHolder.getContext().getAuthentication().getName());
    }

    public void testUsernameFromPrincipal() throws Exception {
        MockActionRequest mockActionRequest = new MockActionRequest();
        MockActionResponse mockActionResponse = new MockActionResponse();
        mockActionRequest.setUserPrincipal(new TestingAuthenticationToken(PortletTestUtils.TESTUSER, PortletTestUtils.TESTCRED, (GrantedAuthority[]) null));
        mockActionRequest.setAuthType(PortletTestUtils.TESTCRED);
        PortletProcessingInterceptor portletProcessingInterceptor = new PortletProcessingInterceptor();
        portletProcessingInterceptor.setAuthenticationManager(new MockPortletAuthenticationManager());
        portletProcessingInterceptor.afterPropertiesSet();
        portletProcessingInterceptor.preHandleAction(mockActionRequest, mockActionResponse, (Object) null);
        assertEquals(PortletTestUtils.TESTUSER, SecurityContextHolder.getContext().getAuthentication().getName());
    }

    public void testUsernameFromUserInfo() throws Exception {
        MockActionRequest mockActionRequest = new MockActionRequest();
        MockActionResponse mockActionResponse = new MockActionResponse();
        HashMap hashMap = new HashMap();
        hashMap.put("user.name.given", "Test");
        hashMap.put("user.name.family", "User");
        hashMap.put("user.id", "mytestuser");
        mockActionRequest.setAttribute("javax.portlet.userinfo", hashMap);
        mockActionRequest.setAuthType(PortletTestUtils.TESTCRED);
        PortletProcessingInterceptor portletProcessingInterceptor = new PortletProcessingInterceptor();
        portletProcessingInterceptor.setAuthenticationManager(new MockPortletAuthenticationManager());
        ArrayList arrayList = new ArrayList();
        arrayList.add("user.name");
        arrayList.add("user.id");
        portletProcessingInterceptor.setUserNameAttributes(arrayList);
        portletProcessingInterceptor.afterPropertiesSet();
        portletProcessingInterceptor.preHandleAction(mockActionRequest, mockActionResponse, (Object) null);
        assertEquals("mytestuser", SecurityContextHolder.getContext().getAuthentication().getName());
    }
}
