package org.springframework.security.web.authentication.rememberme;

import java.util.Date;
import javax.servlet.http.Cookie;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServicesTests;

/* loaded from: input_file:org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests.class */
public class PersistentTokenBasedRememberMeServicesTests {
    private PersistentTokenBasedRememberMeServices services;

    /* loaded from: input_file:org/springframework/security/web/authentication/rememberme/PersistentTokenBasedRememberMeServicesTests$MockTokenRepository.class */
    private class MockTokenRepository implements PersistentTokenRepository {
        private PersistentRememberMeToken storedToken;

        private MockTokenRepository(PersistentRememberMeToken persistentRememberMeToken) {
            this.storedToken = persistentRememberMeToken;
        }

        public void createNewToken(PersistentRememberMeToken persistentRememberMeToken) {
            this.storedToken = persistentRememberMeToken;
        }

        public void updateToken(String str, String str2, Date date) {
            this.storedToken = new PersistentRememberMeToken(this.storedToken.getUsername(), this.storedToken.getSeries(), str2, date);
        }

        public PersistentRememberMeToken getTokenForSeries(String str) {
            return this.storedToken;
        }

        public void removeUserTokens(String str) {
        }

        PersistentRememberMeToken getStoredToken() {
            return this.storedToken;
        }
    }

    @Before
    public void setUpData() throws Exception {
        this.services = new PersistentTokenBasedRememberMeServices();
        this.services.setCookieName("mycookiename");
        this.services.setTokenValiditySeconds(8640000);
        this.services.setUserDetailsService(new AbstractRememberMeServicesTests.MockUserDetailsService(AbstractRememberMeServicesTests.joe, false));
    }

    @Test(expected = InvalidCookieException.class)
    public void loginIsRejectedWithWrongNumberOfCookieTokens() {
        this.services.processAutoLoginCookie(new String[]{"series", "token", "extra"}, new MockHttpServletRequest(), new MockHttpServletResponse());
    }

    @Test(expected = RememberMeAuthenticationException.class)
    public void loginIsRejectedWhenNoTokenMatchingSeriesIsFound() {
        this.services.setTokenRepository(new MockTokenRepository(null));
        this.services.processAutoLoginCookie(new String[]{"series", "token"}, new MockHttpServletRequest(), new MockHttpServletResponse());
    }

    @Test(expected = RememberMeAuthenticationException.class)
    public void loginIsRejectedWhenTokenIsExpired() {
        MockTokenRepository mockTokenRepository = new MockTokenRepository(new PersistentRememberMeToken("joe", "series", "token", new Date()));
        this.services.setTokenRepository(mockTokenRepository);
        this.services.setTokenValiditySeconds(1);
        try {
            Thread.sleep(1100L);
        } catch (InterruptedException e) {
        }
        this.services.setTokenRepository(mockTokenRepository);
        this.services.processAutoLoginCookie(new String[]{"series", "token"}, new MockHttpServletRequest(), new MockHttpServletResponse());
    }

    @Test(expected = CookieTheftException.class)
    public void cookieTheftIsDetectedWhenSeriesAndTokenDontMatch() {
        this.services.setTokenRepository(new MockTokenRepository(new PersistentRememberMeToken("joe", "series", "wrongtoken", new Date())));
        this.services.processAutoLoginCookie(new String[]{"series", "token"}, new MockHttpServletRequest(), new MockHttpServletResponse());
    }

    @Test
    public void successfulAutoLoginCreatesNewTokenAndCookieWithSameSeries() {
        MockTokenRepository mockTokenRepository = new MockTokenRepository(new PersistentRememberMeToken("joe", "series", "token", new Date()));
        this.services.setTokenRepository(mockTokenRepository);
        this.services.setTokenLength(12);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        this.services.processAutoLoginCookie(new String[]{"series", "token"}, new MockHttpServletRequest(), mockHttpServletResponse);
        Assert.assertEquals("series", mockTokenRepository.getStoredToken().getSeries());
        Assert.assertEquals(16L, mockTokenRepository.getStoredToken().getTokenValue().length());
        String[] decodeCookie = this.services.decodeCookie(mockHttpServletResponse.getCookie("mycookiename").getValue());
        Assert.assertEquals("series", decodeCookie[0]);
        Assert.assertEquals(mockTokenRepository.getStoredToken().getTokenValue(), decodeCookie[1]);
    }

    @Test
    public void loginSuccessCreatesNewTokenAndCookieWithNewSeries() {
        this.services.setAlwaysRemember(true);
        MockTokenRepository mockTokenRepository = new MockTokenRepository(null);
        this.services.setTokenRepository(mockTokenRepository);
        this.services.setTokenLength(12);
        this.services.setSeriesLength(12);
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        this.services.loginSuccess(new MockHttpServletRequest(), mockHttpServletResponse, new UsernamePasswordAuthenticationToken("joe", "password"));
        Assert.assertEquals(16L, mockTokenRepository.getStoredToken().getSeries().length());
        Assert.assertEquals(16L, mockTokenRepository.getStoredToken().getTokenValue().length());
        String[] decodeCookie = this.services.decodeCookie(mockHttpServletResponse.getCookie("mycookiename").getValue());
        Assert.assertEquals(mockTokenRepository.getStoredToken().getSeries(), decodeCookie[0]);
        Assert.assertEquals(mockTokenRepository.getStoredToken().getTokenValue(), decodeCookie[1]);
    }

    @Test
    public void logoutClearsUsersTokenAndCookie() throws Exception {
        Cookie cookie = new Cookie("mycookiename", "somevalue");
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setCookies(new Cookie[]{cookie});
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        this.services.setTokenRepository(new MockTokenRepository(new PersistentRememberMeToken("joe", "series", "token", new Date())));
        this.services.logout(mockHttpServletRequest, mockHttpServletResponse, new TestingAuthenticationToken("joe", "somepass", new String[]{"SOME_AUTH"}));
        Assert.assertNotNull(mockHttpServletResponse.getCookie("mycookiename"));
        Assert.assertEquals(0L, r0.getMaxAge());
        this.services.logout(mockHttpServletRequest, mockHttpServletResponse, (Authentication) null);
    }
}
