package org.sonar.server.authentication.ws;

import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.Optional;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
import org.sonar.api.config.Settings;
import org.sonar.db.user.UserTesting;
import org.sonar.server.authentication.BasicAuthenticator;
import org.sonar.server.authentication.JwtHttpHandler;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.test.JsonAssert;

/* loaded from: input_file:org/sonar/server/authentication/ws/ValidateActionTest.class */
public class ValidateActionTest {
    StringWriter stringWriter = new StringWriter();
    HttpServletRequest request = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
    HttpServletResponse response = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
    FilterChain chain = (FilterChain) Mockito.mock(FilterChain.class);
    BasicAuthenticator basicAuthenticator = (BasicAuthenticator) Mockito.mock(BasicAuthenticator.class);
    JwtHttpHandler jwtHttpHandler = (JwtHttpHandler) Mockito.mock(JwtHttpHandler.class);
    Settings settings = new Settings();
    ValidateAction underTest = new ValidateAction(this.settings, this.basicAuthenticator, this.jwtHttpHandler);

    @Before
    public void setUp() throws Exception {
        Mockito.when(this.response.getWriter()).thenReturn(new PrintWriter(this.stringWriter));
    }

    @Test
    public void return_true_when_jwt_token_is_set() throws Exception {
        Mockito.when(this.jwtHttpHandler.validateToken(this.request, this.response)).thenReturn(Optional.of(UserTesting.newUserDto()));
        Mockito.when(this.basicAuthenticator.authenticate(this.request)).thenReturn(Optional.empty());
        this.underTest.doFilter(this.request, this.response, this.chain);
        ((HttpServletResponse) Mockito.verify(this.response)).setContentType("application/json");
        JsonAssert.assertJson(this.stringWriter.toString()).isSimilarTo("{\"valid\":true}");
    }

    @Test
    public void return_true_when_basic_auth() throws Exception {
        Mockito.when(this.jwtHttpHandler.validateToken(this.request, this.response)).thenReturn(Optional.empty());
        Mockito.when(this.basicAuthenticator.authenticate(this.request)).thenReturn(Optional.of(UserTesting.newUserDto()));
        this.underTest.doFilter(this.request, this.response, this.chain);
        ((HttpServletResponse) Mockito.verify(this.response)).setContentType("application/json");
        JsonAssert.assertJson(this.stringWriter.toString()).isSimilarTo("{\"valid\":true}");
    }

    @Test
    public void return_true_when_no_jwt_nor_basic_auth_and_no_force_authentication() throws Exception {
        this.settings.setProperty("sonar.forceAuthentication", "false");
        Mockito.when(this.jwtHttpHandler.validateToken(this.request, this.response)).thenReturn(Optional.empty());
        Mockito.when(this.basicAuthenticator.authenticate(this.request)).thenReturn(Optional.empty());
        this.underTest.doFilter(this.request, this.response, this.chain);
        ((HttpServletResponse) Mockito.verify(this.response)).setContentType("application/json");
        JsonAssert.assertJson(this.stringWriter.toString()).isSimilarTo("{\"valid\":true}");
    }

    @Test
    public void return_false_when_no_jwt_nor_basic_auth_and_force_authentication_is_true() throws Exception {
        this.settings.setProperty("sonar.forceAuthentication", "true");
        Mockito.when(this.jwtHttpHandler.validateToken(this.request, this.response)).thenReturn(Optional.empty());
        Mockito.when(this.basicAuthenticator.authenticate(this.request)).thenReturn(Optional.empty());
        this.underTest.doFilter(this.request, this.response, this.chain);
        ((HttpServletResponse) Mockito.verify(this.response)).setContentType("application/json");
        JsonAssert.assertJson(this.stringWriter.toString()).isSimilarTo("{\"valid\":false}");
    }

    @Test
    public void return_false_when_jwt_throws_unauthorized_exception() throws Exception {
        ((JwtHttpHandler) Mockito.doThrow(UnauthorizedException.class).when(this.jwtHttpHandler)).validateToken(this.request, this.response);
        Mockito.when(this.basicAuthenticator.authenticate(this.request)).thenReturn(Optional.empty());
        this.underTest.doFilter(this.request, this.response, this.chain);
        ((HttpServletResponse) Mockito.verify(this.response)).setContentType("application/json");
        JsonAssert.assertJson(this.stringWriter.toString()).isSimilarTo("{\"valid\":false}");
    }

    @Test
    public void return_false_when_basic_authenticator_throws_unauthorized_exception() throws Exception {
        Mockito.when(this.jwtHttpHandler.validateToken(this.request, this.response)).thenReturn(Optional.empty());
        ((BasicAuthenticator) Mockito.doThrow(UnauthorizedException.class).when(this.basicAuthenticator)).authenticate(this.request);
        this.underTest.doFilter(this.request, this.response, this.chain);
        ((HttpServletResponse) Mockito.verify(this.response)).setContentType("application/json");
        JsonAssert.assertJson(this.stringWriter.toString()).isSimilarTo("{\"valid\":false}");
    }
}
