package org.apache.jackrabbit.oak.security.authentication;

import java.security.AccessControlContext;
import java.security.Principal;
import java.security.PrivilegedAction;
import java.util.Collections;
import java.util.Set;
import javax.jcr.GuestCredentials;
import javax.jcr.SimpleCredentials;
import javax.security.auth.Subject;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.LoginException;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.api.AuthInfo;
import org.apache.jackrabbit.oak.api.ContentSession;
import org.apache.jackrabbit.oak.spi.security.authentication.AuthInfoImpl;
import org.apache.jackrabbit.oak.spi.security.authentication.SystemSubject;
import org.jetbrains.annotations.Nullable;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/jackrabbit/oak/security/authentication/PreAuthTest.class */
public class PreAuthTest extends AbstractSecurityTest {
    private Set<Principal> principals;

    /* loaded from: input_file:org/apache/jackrabbit/oak/security/authentication/PreAuthTest$TestPrincipal.class */
    private class TestPrincipal implements Principal {
        private TestPrincipal() {
        }

        @Override // java.security.Principal
        public String getName() {
            return "test";
        }
    }

    @Override // org.apache.jackrabbit.oak.AbstractSecurityTest
    public void before() throws Exception {
        super.before();
        this.principals = Collections.singleton(new TestPrincipal());
    }

    @Override // org.apache.jackrabbit.oak.AbstractSecurityTest
    protected Configuration getConfiguration() {
        return new Configuration() { // from class: org.apache.jackrabbit.oak.security.authentication.PreAuthTest.1
            public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
                return new AppConfigurationEntry[0];
            }
        };
    }

    @Test
    public void testValidSubject() throws Exception {
        ContentSession contentSession = (ContentSession) Subject.doAsPrivileged(new Subject(true, this.principals, Collections.emptySet(), Collections.emptySet()), new PrivilegedAction<ContentSession>() { // from class: org.apache.jackrabbit.oak.security.authentication.PreAuthTest.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            @Nullable
            public ContentSession run() {
                try {
                    return PreAuthTest.this.login(null);
                } catch (Exception e) {
                    return null;
                }
            }
        }, (AccessControlContext) null);
        try {
            AuthInfo authInfo = contentSession.getAuthInfo();
            Assert.assertNotSame(AuthInfo.EMPTY, authInfo);
            Assert.assertEquals(this.principals, authInfo.getPrincipals());
            Assert.assertNull(authInfo.getUserID());
            if (contentSession != null) {
                contentSession.close();
            }
        } catch (Throwable th) {
            if (contentSession != null) {
                contentSession.close();
            }
            throw th;
        }
    }

    @Test
    public void testValidSubjectWithCredentials() throws Exception {
        ContentSession contentSession = (ContentSession) Subject.doAsPrivileged(new Subject(false, this.principals, Collections.singleton(new SimpleCredentials("testUserId", new char[0])), Collections.emptySet()), new PrivilegedAction<ContentSession>() { // from class: org.apache.jackrabbit.oak.security.authentication.PreAuthTest.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            @Nullable
            public ContentSession run() {
                try {
                    return PreAuthTest.this.login(null);
                } catch (Exception e) {
                    return null;
                }
            }
        }, (AccessControlContext) null);
        try {
            AuthInfo authInfo = contentSession.getAuthInfo();
            Assert.assertNotSame(AuthInfo.EMPTY, authInfo);
            Assert.assertEquals(this.principals, authInfo.getPrincipals());
            Assert.assertEquals("testUserId", authInfo.getUserID());
            if (contentSession != null) {
                contentSession.close();
            }
        } catch (Throwable th) {
            if (contentSession != null) {
                contentSession.close();
            }
            throw th;
        }
    }

    @Test
    public void testValidReadSubjectWithCredentials() throws Exception {
        ContentSession contentSession = (ContentSession) Subject.doAsPrivileged(new Subject(true, this.principals, Collections.singleton(new SimpleCredentials("testUserId", new char[0])), Collections.emptySet()), new PrivilegedAction<ContentSession>() { // from class: org.apache.jackrabbit.oak.security.authentication.PreAuthTest.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            @Nullable
            public ContentSession run() {
                try {
                    return PreAuthTest.this.login(null);
                } catch (Exception e) {
                    return null;
                }
            }
        }, (AccessControlContext) null);
        try {
            AuthInfo authInfo = contentSession.getAuthInfo();
            Assert.assertNotSame(AuthInfo.EMPTY, authInfo);
            Assert.assertEquals(this.principals, authInfo.getPrincipals());
            Assert.assertEquals("testUserId", authInfo.getUserID());
            if (contentSession != null) {
                contentSession.close();
            }
        } catch (Throwable th) {
            if (contentSession != null) {
                contentSession.close();
            }
            throw th;
        }
    }

    @Test
    public void testValidSubjectWithAuthInfo() throws Exception {
        AuthInfoImpl authInfoImpl = new AuthInfoImpl("testUserId", Collections.emptyMap(), Collections.emptySet());
        ContentSession contentSession = (ContentSession) Subject.doAsPrivileged(new Subject(false, Collections.singleton(new TestPrincipal()), Collections.singleton(authInfoImpl), Collections.emptySet()), new PrivilegedAction<ContentSession>() { // from class: org.apache.jackrabbit.oak.security.authentication.PreAuthTest.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            @Nullable
            public ContentSession run() {
                try {
                    return PreAuthTest.this.login(null);
                } catch (Exception e) {
                    return null;
                }
            }
        }, (AccessControlContext) null);
        try {
            Assert.assertSame(authInfoImpl, contentSession.getAuthInfo());
            if (contentSession != null) {
                contentSession.close();
            }
        } catch (Throwable th) {
            if (contentSession != null) {
                contentSession.close();
            }
            throw th;
        }
    }

    @Test
    public void testSubjectAndCredentials() throws Exception {
        Assert.assertNull("Login should have failed.", (ContentSession) Subject.doAsPrivileged(new Subject(true, this.principals, Collections.emptySet(), Collections.emptySet()), new PrivilegedAction<ContentSession>() { // from class: org.apache.jackrabbit.oak.security.authentication.PreAuthTest.6
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            @Nullable
            public ContentSession run() {
                try {
                    return PreAuthTest.this.login(new GuestCredentials());
                } catch (Exception e) {
                    return null;
                }
            }
        }, (AccessControlContext) null));
    }

    @Test
    public void testNullLogin() throws Exception {
        ContentSession contentSession = null;
        try {
            contentSession = login(null);
            Assert.fail("Null login without pre-auth subject should fail");
            if (contentSession != null) {
                contentSession.close();
            }
        } catch (LoginException e) {
            if (contentSession != null) {
                contentSession.close();
            }
        } catch (Throwable th) {
            if (contentSession != null) {
                contentSession.close();
            }
            throw th;
        }
    }

    @Test
    public void testSystemSubject() throws Exception {
        ContentSession contentSession = (ContentSession) Subject.doAsPrivileged(SystemSubject.INSTANCE, new PrivilegedAction<ContentSession>() { // from class: org.apache.jackrabbit.oak.security.authentication.PreAuthTest.7
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            @Nullable
            public ContentSession run() {
                try {
                    return PreAuthTest.this.login(null);
                } catch (Exception e) {
                    return null;
                }
            }
        }, (AccessControlContext) null);
        try {
            AuthInfo authInfo = contentSession.getAuthInfo();
            Assert.assertNotSame(AuthInfo.EMPTY, authInfo);
            Assert.assertEquals(SystemSubject.INSTANCE.getPrincipals(), authInfo.getPrincipals());
            Assert.assertEquals((Object) null, authInfo.getUserID());
            if (contentSession != null) {
                contentSession.close();
            }
        } catch (Throwable th) {
            if (contentSession != null) {
                contentSession.close();
            }
            throw th;
        }
    }
}
