package org.sonar.server.authentication;

import javax.servlet.http.HttpSession;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.mockito.ArgumentCaptor;
import org.mockito.Matchers;
import org.mockito.Mockito;
import org.sonar.api.server.authentication.UserIdentity;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDao;
import org.sonar.db.user.UserDto;
import org.sonar.server.user.NewUser;
import org.sonar.server.user.UpdateUser;
import org.sonar.server.user.UserUpdater;

/* loaded from: input_file:org/sonar/server/authentication/UserIdentityAuthenticatorTest.class */
public class UserIdentityAuthenticatorTest {
    static String USER_LOGIN = "github-johndoo";
    static UserDto ACTIVE_USER = new UserDto().setId(10L).setLogin(USER_LOGIN).setActive(true);
    static UserDto UNACTIVE_USER = new UserDto().setId(11L).setLogin("UNACTIVE").setActive(false);
    static UserIdentity USER_IDENTITY = UserIdentity.builder().setProviderLogin("johndoo").setLogin(USER_LOGIN).setName("John").setEmail("john@email.com").build();
    static TestIdentityProvider IDENTITY_PROVIDER = new TestIdentityProvider().setKey("github").setEnabled(true).setAllowsUsersToSignUp(true);

    @Rule
    public ExpectedException thrown = ExpectedException.none();
    DbClient dbClient = (DbClient) Mockito.mock(DbClient.class);
    DbSession dbSession = (DbSession) Mockito.mock(DbSession.class);
    UserDao userDao = (UserDao) Mockito.mock(UserDao.class);
    HttpSession httpSession = (HttpSession) Mockito.mock(HttpSession.class);
    UserUpdater userUpdater = (UserUpdater) Mockito.mock(UserUpdater.class);
    UserIdentityAuthenticator underTest = new UserIdentityAuthenticator(this.dbClient, this.userUpdater);

    @Before
    public void setUp() throws Exception {
        Mockito.when(this.dbClient.openSession(false)).thenReturn(this.dbSession);
        Mockito.when(this.dbClient.userDao()).thenReturn(this.userDao);
    }

    @Test
    public void authenticate_new_user() throws Exception {
        Mockito.when(this.userDao.selectByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn((Object) null);
        Mockito.when(this.userDao.selectOrFailByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn(ACTIVE_USER);
        this.underTest.authenticate(USER_IDENTITY, IDENTITY_PROVIDER, this.httpSession);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(NewUser.class);
        ((UserUpdater) Mockito.verify(this.userUpdater)).create((DbSession) Matchers.eq(this.dbSession), (NewUser) forClass.capture());
        NewUser newUser = (NewUser) forClass.getValue();
        Assertions.assertThat(newUser.login()).isEqualTo(USER_LOGIN);
        Assertions.assertThat(newUser.name()).isEqualTo("John");
        Assertions.assertThat(newUser.email()).isEqualTo("john@email.com");
        Assertions.assertThat(newUser.externalIdentity().getProvider()).isEqualTo("github");
        Assertions.assertThat(newUser.externalIdentity().getId()).isEqualTo("johndoo");
    }

    @Test
    public void authenticate_existing_user() throws Exception {
        Mockito.when(this.userDao.selectByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn(ACTIVE_USER);
        this.underTest.authenticate(USER_IDENTITY, IDENTITY_PROVIDER, this.httpSession);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(UpdateUser.class);
        ((UserUpdater) Mockito.verify(this.userUpdater)).update((DbSession) Matchers.eq(this.dbSession), (UpdateUser) forClass.capture());
        UpdateUser updateUser = (UpdateUser) forClass.getValue();
        Assertions.assertThat(updateUser.login()).isEqualTo(USER_LOGIN);
        Assertions.assertThat(updateUser.name()).isEqualTo("John");
        Assertions.assertThat(updateUser.email()).isEqualTo("john@email.com");
        Assertions.assertThat(updateUser.externalIdentity().getProvider()).isEqualTo("github");
        Assertions.assertThat(updateUser.externalIdentity().getId()).isEqualTo("johndoo");
        Assertions.assertThat(updateUser.isPasswordChanged()).isTrue();
        Assertions.assertThat(updateUser.password()).isNull();
    }

    @Test
    public void authenticate_existing_disabled_user() throws Exception {
        Mockito.when(this.userDao.selectByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn(UNACTIVE_USER);
        Mockito.when(this.userDao.selectOrFailByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn(UNACTIVE_USER);
        this.underTest.authenticate(USER_IDENTITY, IDENTITY_PROVIDER, this.httpSession);
        ((UserUpdater) Mockito.verify(this.userUpdater)).create((DbSession) Matchers.eq(this.dbSession), (NewUser) ArgumentCaptor.forClass(NewUser.class).capture());
    }

    @Test
    public void update_session_for_rails() throws Exception {
        Mockito.when(this.userDao.selectByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn(ACTIVE_USER);
        this.underTest.authenticate(USER_IDENTITY, IDENTITY_PROVIDER, this.httpSession);
        ((HttpSession) Mockito.verify(this.httpSession)).setAttribute("user_id", ACTIVE_USER.getId());
    }

    @Test
    public void fail_to_authenticate_new_user_when_allow_users_to_signup_is_false() throws Exception {
        Mockito.when(this.userDao.selectByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn((Object) null);
        Mockito.when(this.userDao.selectOrFailByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn(ACTIVE_USER);
        TestIdentityProvider allowsUsersToSignUp = new TestIdentityProvider().setKey("github").setName("Github").setEnabled(true).setAllowsUsersToSignUp(false);
        this.thrown.expect(NotAllowUserToSignUpException.class);
        this.underTest.authenticate(USER_IDENTITY, allowsUsersToSignUp, this.httpSession);
    }

    @Test
    public void fail_to_authenticate_new_user_when_email_already_exists() throws Exception {
        Mockito.when(this.userDao.selectByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn((Object) null);
        Mockito.when(this.userDao.selectOrFailByLogin(this.dbSession, USER_IDENTITY.getLogin())).thenReturn(ACTIVE_USER);
        Mockito.when(Boolean.valueOf(this.userDao.doesEmailExist(this.dbSession, USER_IDENTITY.getEmail()))).thenReturn(true);
        this.thrown.expect(EmailAlreadyExistsException.class);
        this.underTest.authenticate(USER_IDENTITY, IDENTITY_PROVIDER, this.httpSession);
    }
}
