package org.wildfly.elytron.web.undertow.common;

import io.undertow.util.FlexBase64;
import io.undertow.util.Headers;
import java.util.Collections;
import java.util.HashMap;
import org.apache.http.Header;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpUriRequest;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.wildfly.security.auth.permission.LoginPermission;
import org.wildfly.security.auth.realm.SimpleMapBackedSecurityRealm;
import org.wildfly.security.auth.realm.SimpleRealmEntry;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.interfaces.ClearPassword;
import org.wildfly.security.password.spec.ClearPasswordSpec;
import org.wildfly.security.permission.PermissionVerifier;

/* loaded from: input_file:org/wildfly/elytron/web/undertow/common/BasicAuthenticationBase.class */
public abstract class BasicAuthenticationBase extends AbstractHttpServerMechanismTest {

    @Rule
    public UndertowServer server = createUndertowServer();

    protected BasicAuthenticationBase() throws Exception {
    }

    @Test
    public void testUnauthorized() throws Exception {
        assertUnauthorizedResponse(HttpClientBuilder.create().build().execute((HttpUriRequest) new HttpGet(this.server.createUri())));
    }

    @Test
    public void testSuccessfulAuthentication() throws Exception {
        CloseableHttpClient build = HttpClientBuilder.create().build();
        HttpGet httpGet = new HttpGet(this.server.createUri());
        httpGet.addHeader(Headers.AUTHORIZATION.toString(), Headers.BASIC + " " + FlexBase64.encodeString("elytron:Coleoptera".getBytes(), false));
        HttpResponse execute = build.execute((HttpUriRequest) httpGet);
        Assert.assertEquals(200L, execute.getStatusLine().getStatusCode());
        assertSuccessfulResponse(execute, "elytron");
    }

    @Test
    public void testFailedAuthentication() throws Exception {
        CloseableHttpClient build = HttpClientBuilder.create().build();
        HttpGet httpGet = new HttpGet(this.server.createUri());
        httpGet.addHeader(Headers.AUTHORIZATION.toString(), Headers.BASIC + " " + FlexBase64.encodeString("elytron:bad_password".getBytes(), false));
        assertUnauthorizedResponse(build.execute((HttpUriRequest) httpGet));
    }

    @Test
    public void testUnconstrainedAccessWithCorrectPassword() throws Exception {
        CloseableHttpClient build = HttpClientBuilder.create().build();
        HttpGet httpGet = new HttpGet(this.server.createUri("/unsecure"));
        httpGet.addHeader(Headers.AUTHORIZATION.toString(), Headers.BASIC + " " + FlexBase64.encodeString("elytron:Coleoptera".getBytes(), false));
        HttpResponse execute = build.execute((HttpUriRequest) httpGet);
        Assert.assertEquals(200L, execute.getStatusLine().getStatusCode());
        assertSuccessfulUnconstraintResponse(execute, "elytron");
    }

    @Test
    public void testUnconstrainedAccessWithIncorrectPassword() throws Exception {
        CloseableHttpClient build = HttpClientBuilder.create().build();
        HttpGet httpGet = new HttpGet(this.server.createUri("/unsecure"));
        httpGet.addHeader(Headers.AUTHORIZATION.toString(), Headers.BASIC + " " + FlexBase64.encodeString("elytron:bad_password".getBytes(), false));
        assertUnauthorizedResponse(build.execute((HttpUriRequest) httpGet));
    }

    @Test
    public void testUnconstrainedAccessWithoutPassword() throws Exception {
        HttpResponse execute = HttpClientBuilder.create().build().execute((HttpUriRequest) new HttpGet(this.server.createUri("/unsecure")));
        Assert.assertEquals(200L, execute.getStatusLine().getStatusCode());
        assertSuccessfulUnconstraintResponse(execute, null);
    }

    private void assertUnauthorizedResponse(HttpResponse httpResponse) {
        Assert.assertEquals(401L, httpResponse.getStatusLine().getStatusCode());
        Header firstHeader = httpResponse.getFirstHeader(Headers.WWW_AUTHENTICATE.toString());
        Assert.assertNotNull(firstHeader);
        Assert.assertEquals(Headers.BASIC + " realm=\"Elytron Realm\"", firstHeader.getValue());
    }

    @Override // org.wildfly.elytron.web.undertow.common.AbstractHttpServerMechanismTest
    protected String getMechanismName() {
        return "BASIC";
    }

    @Override // org.wildfly.elytron.web.undertow.common.AbstractHttpServerMechanismTest
    protected SecurityDomain doCreateSecurityDomain() throws Exception {
        PasswordFactory passwordFactory = PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR);
        HashMap hashMap = new HashMap();
        hashMap.put("elytron", new SimpleRealmEntry(Collections.singletonList(new PasswordCredential(passwordFactory.generatePassword(new ClearPasswordSpec("Coleoptera".toCharArray()))))));
        SimpleMapBackedSecurityRealm simpleMapBackedSecurityRealm = new SimpleMapBackedSecurityRealm();
        simpleMapBackedSecurityRealm.setPasswordMap(hashMap);
        SecurityDomain.Builder defaultRealmName = SecurityDomain.builder().setDefaultRealmName("TestRealm");
        defaultRealmName.addRealm("TestRealm", simpleMapBackedSecurityRealm).build();
        defaultRealmName.setPermissionMapper((permissionMappable, roles) -> {
            return PermissionVerifier.from(new LoginPermission());
        });
        return defaultRealmName.build();
    }

    protected abstract UndertowServer createUndertowServer() throws Exception;
}
