package org.springframework.security.web.access;

import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.MockPortResolver;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.AuthenticationTrustResolverImpl;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.savedrequest.DefaultSavedRequest;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.security.web.util.ThrowableAnalyzer;

/* loaded from: input_file:org/springframework/security/web/access/ExceptionTranslationFilterTests.class */
public class ExceptionTranslationFilterTests {
    @Before
    @After
    public void clearContext() throws Exception {
        SecurityContextHolder.clearContext();
    }

    private static String getSavedRequestUrl(HttpServletRequest httpServletRequest) {
        HttpSession session = httpServletRequest.getSession(false);
        if (session == null) {
            return null;
        }
        return ((DefaultSavedRequest) session.getAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY")).getRedirectUrl();
    }

    @Test
    public void testAccessDeniedWhenAnonymous() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        mockHttpServletRequest.setServerPort(80);
        mockHttpServletRequest.setScheme("http");
        mockHttpServletRequest.setServerName("www.example.com");
        mockHttpServletRequest.setContextPath("/mycontext");
        mockHttpServletRequest.setRequestURI("/mycontext/secure/page.html");
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        ((FilterChain) Mockito.doThrow(new AccessDeniedException("")).when(filterChain)).doFilter((ServletRequest) Matchers.any(HttpServletRequest.class), (ServletResponse) Matchers.any(HttpServletResponse.class));
        SecurityContextHolder.getContext().setAuthentication(new AnonymousAuthenticationToken("ignored", "ignored", AuthorityUtils.createAuthorityList(new String[]{"IGNORED"})));
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.setAuthenticationTrustResolver(new AuthenticationTrustResolverImpl());
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, filterChain);
        Assert.assertEquals("/mycontext/login.jsp", mockHttpServletResponse.getRedirectedUrl());
        Assert.assertEquals("http://www.example.com/mycontext/secure/page.html", getSavedRequestUrl(mockHttpServletRequest));
    }

    @Test
    public void testAccessDeniedWhenNonAnonymous() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        ((FilterChain) Mockito.doThrow(new AccessDeniedException("")).when(filterChain)).doFilter((ServletRequest) Matchers.any(HttpServletRequest.class), (ServletResponse) Matchers.any(HttpServletResponse.class));
        SecurityContextHolder.clearContext();
        AccessDeniedHandlerImpl accessDeniedHandlerImpl = new AccessDeniedHandlerImpl();
        accessDeniedHandlerImpl.setErrorPage("/error.jsp");
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.setAccessDeniedHandler(accessDeniedHandlerImpl);
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, new MockHttpServletResponse(), filterChain);
        Assert.assertEquals(403L, r0.getStatus());
        Assert.assertEquals(AccessDeniedException.class, mockHttpServletRequest.getAttribute("SPRING_SECURITY_403_EXCEPTION").getClass());
    }

    @Test
    public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWhenAuthenticationException() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        mockHttpServletRequest.setServerPort(80);
        mockHttpServletRequest.setScheme("http");
        mockHttpServletRequest.setServerName("www.example.com");
        mockHttpServletRequest.setContextPath("/mycontext");
        mockHttpServletRequest.setRequestURI("/mycontext/secure/page.html");
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        ((FilterChain) Mockito.doThrow(new BadCredentialsException("")).when(filterChain)).doFilter((ServletRequest) Matchers.any(HttpServletRequest.class), (ServletResponse) Matchers.any(HttpServletResponse.class));
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.afterPropertiesSet();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, filterChain);
        Assert.assertEquals("/mycontext/login.jsp", mockHttpServletResponse.getRedirectedUrl());
        Assert.assertEquals("http://www.example.com/mycontext/secure/page.html", getSavedRequestUrl(mockHttpServletRequest));
    }

    @Test
    public void testRedirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        mockHttpServletRequest.setServerPort(8080);
        mockHttpServletRequest.setScheme("http");
        mockHttpServletRequest.setServerName("www.example.com");
        mockHttpServletRequest.setContextPath("/mycontext");
        mockHttpServletRequest.setRequestURI("/mycontext/secure/page.html");
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        ((FilterChain) Mockito.doThrow(new BadCredentialsException("")).when(filterChain)).doFilter((ServletRequest) Matchers.any(HttpServletRequest.class), (ServletResponse) Matchers.any(HttpServletResponse.class));
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        HttpSessionRequestCache httpSessionRequestCache = new HttpSessionRequestCache();
        httpSessionRequestCache.setPortResolver(new MockPortResolver(8080, 8443));
        exceptionTranslationFilter.setRequestCache(httpSessionRequestCache);
        exceptionTranslationFilter.afterPropertiesSet();
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, filterChain);
        Assert.assertEquals("/mycontext/login.jsp", mockHttpServletResponse.getRedirectedUrl());
        Assert.assertEquals("http://www.example.com:8080/mycontext/secure/page.html", getSavedRequestUrl(mockHttpServletRequest));
    }

    @Test
    public void testSavedRequestIsNotStoredForPostIfJustUseSaveRequestOnGetIsSet() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        HttpSessionRequestCache httpSessionRequestCache = new HttpSessionRequestCache();
        httpSessionRequestCache.setPortResolver(new MockPortResolver(8080, 8443));
        httpSessionRequestCache.setJustUseSavedRequestOnGet(true);
        exceptionTranslationFilter.setRequestCache(httpSessionRequestCache);
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        ((FilterChain) Mockito.doThrow(new BadCredentialsException("")).when(filterChain)).doFilter((ServletRequest) Matchers.any(HttpServletRequest.class), (ServletResponse) Matchers.any(HttpServletResponse.class));
        mockHttpServletRequest.setMethod("POST");
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, new MockHttpServletResponse(), filterChain);
        Assert.assertTrue(mockHttpServletRequest.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST_KEY") == null);
    }

    @Test(expected = IllegalArgumentException.class)
    public void testStartupDetectsMissingAuthenticationEntryPoint() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setThrowableAnalyzer((ThrowableAnalyzer) Mockito.mock(ThrowableAnalyzer.class));
        exceptionTranslationFilter.afterPropertiesSet();
    }

    @Test(expected = IllegalArgumentException.class)
    public void testStartupDetectsMissingRequestCache() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.setRequestCache((RequestCache) null);
    }

    public void testSuccessfulAccessGrant() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setServletPath("/secure/page.html");
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.doFilter(mockHttpServletRequest, new MockHttpServletResponse(), (FilterChain) Mockito.mock(FilterChain.class));
    }

    @Test
    public void testThrowIOException() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.afterPropertiesSet();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        ((FilterChain) Mockito.doThrow(new IOException()).when(filterChain)).doFilter((ServletRequest) Matchers.any(HttpServletRequest.class), (ServletResponse) Matchers.any(HttpServletResponse.class));
        try {
            exceptionTranslationFilter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), filterChain);
            Assert.fail("Should have thrown IOException");
        } catch (IOException e) {
            Assert.assertNull("The IOException thrown should not have been wrapped", e.getCause());
        }
    }

    @Test
    public void testThrowServletException() throws Exception {
        ExceptionTranslationFilter exceptionTranslationFilter = new ExceptionTranslationFilter();
        exceptionTranslationFilter.setAuthenticationEntryPoint(mockEntryPoint());
        exceptionTranslationFilter.afterPropertiesSet();
        FilterChain filterChain = (FilterChain) Mockito.mock(FilterChain.class);
        ((FilterChain) Mockito.doThrow(new ServletException()).when(filterChain)).doFilter((ServletRequest) Matchers.any(HttpServletRequest.class), (ServletResponse) Matchers.any(HttpServletResponse.class));
        try {
            exceptionTranslationFilter.doFilter(new MockHttpServletRequest(), new MockHttpServletResponse(), filterChain);
            Assert.fail("Should have thrown ServletException");
        } catch (ServletException e) {
            Assert.assertNull("The ServletException thrown should not have been wrapped", e.getCause());
        }
    }

    private AuthenticationEntryPoint mockEntryPoint() {
        return new AuthenticationEntryPoint() { // from class: org.springframework.security.web.access.ExceptionTranslationFilterTests.1
            public void commence(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, AuthenticationException authenticationException) throws IOException, ServletException {
                httpServletResponse.sendRedirect(httpServletRequest.getContextPath() + "/login.jsp");
            }
        };
    }
}
