package org.sonar.server.authentication;

import java.util.Optional;
import javax.servlet.http.HttpServletRequest;
import org.assertj.core.api.Assertions;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.mockito.Mockito;
import org.sonar.api.utils.System2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserTesting;
import org.sonar.server.authentication.event.AuthenticationEvent;
import org.sonar.server.authentication.event.AuthenticationExceptionMatcher;

/* loaded from: input_file:org/sonar/server/authentication/CredentialsAuthenticatorTest.class */
public class CredentialsAuthenticatorTest {
    private static final String LOGIN = "LOGIN";
    private static final String PASSWORD = "PASSWORD";
    private static final String SALT = "0242b0b4c0a93ddfe09dd886de50bc25ba000b51";
    private static final String CRYPTED_PASSWORD = "540e4fc4be4e047db995bc76d18374a5b5db08cc";

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Rule
    public DbTester dbTester = DbTester.create(System2.INSTANCE);
    private DbClient dbClient = this.dbTester.getDbClient();
    private DbSession dbSession = this.dbTester.getSession();
    private RealmAuthenticator externalAuthenticator = (RealmAuthenticator) Mockito.mock(RealmAuthenticator.class);
    private HttpServletRequest request = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
    private AuthenticationEvent authenticationEvent = (AuthenticationEvent) Mockito.mock(AuthenticationEvent.class);
    private CredentialsAuthenticator underTest = new CredentialsAuthenticator(this.dbClient, this.externalAuthenticator, this.authenticationEvent);

    @Test
    public void authenticate_local_user() throws Exception {
        insertUser(UserTesting.newUserDto().setLogin(LOGIN).setCryptedPassword(CRYPTED_PASSWORD).setSalt(SALT).setLocal(true));
        Assertions.assertThat(executeAuthenticate(AuthenticationEvent.Method.BASIC).getLogin()).isEqualTo(LOGIN);
        ((AuthenticationEvent) Mockito.verify(this.authenticationEvent)).login(this.request, LOGIN, AuthenticationEvent.Source.local(AuthenticationEvent.Method.BASIC));
    }

    @Test
    public void fail_to_authenticate_local_user_when_password_is_wrong() throws Exception {
        insertUser(UserTesting.newUserDto().setLogin(LOGIN).setCryptedPassword("Wrong password").setSalt("Wrong salt").setLocal(true));
        this.expectedException.expect(AuthenticationExceptionMatcher.authenticationException().from(AuthenticationEvent.Source.local(AuthenticationEvent.Method.BASIC)).withLogin(LOGIN).andNoPublicMessage());
        this.expectedException.expectMessage("wrong password");
        try {
            executeAuthenticate(AuthenticationEvent.Method.BASIC);
            Mockito.verifyZeroInteractions(new Object[]{this.authenticationEvent});
        } catch (Throwable th) {
            Mockito.verifyZeroInteractions(new Object[]{this.authenticationEvent});
            throw th;
        }
    }

    @Test
    public void authenticate_external_user() throws Exception {
        Mockito.when(this.externalAuthenticator.authenticate(LOGIN, PASSWORD, this.request, AuthenticationEvent.Method.BASIC)).thenReturn(Optional.of(UserTesting.newUserDto()));
        insertUser(UserTesting.newUserDto().setLogin(LOGIN).setLocal(false));
        executeAuthenticate(AuthenticationEvent.Method.BASIC);
        ((RealmAuthenticator) Mockito.verify(this.externalAuthenticator)).authenticate(LOGIN, PASSWORD, this.request, AuthenticationEvent.Method.BASIC);
        Mockito.verifyZeroInteractions(new Object[]{this.authenticationEvent});
    }

    @Test
    public void fail_to_authenticate_authenticate_external_user_when_no_external_authentication() throws Exception {
        Mockito.when(this.externalAuthenticator.authenticate(LOGIN, PASSWORD, this.request, AuthenticationEvent.Method.BASIC_TOKEN)).thenReturn(Optional.empty());
        insertUser(UserTesting.newUserDto().setLogin(LOGIN).setLocal(false));
        this.expectedException.expect(AuthenticationExceptionMatcher.authenticationException().from(AuthenticationEvent.Source.local(AuthenticationEvent.Method.BASIC_TOKEN)).withLogin(LOGIN).andNoPublicMessage());
        this.expectedException.expectMessage("User is not local");
        try {
            executeAuthenticate(AuthenticationEvent.Method.BASIC_TOKEN);
            Mockito.verifyZeroInteractions(new Object[]{this.authenticationEvent});
        } catch (Throwable th) {
            Mockito.verifyZeroInteractions(new Object[]{this.authenticationEvent});
            throw th;
        }
    }

    @Test
    public void fail_to_authenticate_local_user_that_have_no_password() throws Exception {
        insertUser(UserTesting.newUserDto().setLogin(LOGIN).setCryptedPassword((String) null).setSalt(SALT).setLocal(true));
        this.expectedException.expect(AuthenticationExceptionMatcher.authenticationException().from(AuthenticationEvent.Source.local(AuthenticationEvent.Method.BASIC)).withLogin(LOGIN).andNoPublicMessage());
        this.expectedException.expectMessage("null password in DB");
        try {
            executeAuthenticate(AuthenticationEvent.Method.BASIC);
            Mockito.verifyZeroInteractions(new Object[]{this.authenticationEvent});
        } catch (Throwable th) {
            Mockito.verifyZeroInteractions(new Object[]{this.authenticationEvent});
            throw th;
        }
    }

    @Test
    public void fail_to_authenticate_local_user_that_have_no_salt() throws Exception {
        insertUser(UserTesting.newUserDto().setLogin(LOGIN).setCryptedPassword(CRYPTED_PASSWORD).setSalt((String) null).setLocal(true));
        this.expectedException.expect(AuthenticationExceptionMatcher.authenticationException().from(AuthenticationEvent.Source.local(AuthenticationEvent.Method.BASIC_TOKEN)).withLogin(LOGIN).andNoPublicMessage());
        this.expectedException.expectMessage("null salt");
        try {
            executeAuthenticate(AuthenticationEvent.Method.BASIC_TOKEN);
            Mockito.verifyZeroInteractions(new Object[]{this.authenticationEvent});
        } catch (Throwable th) {
            Mockito.verifyZeroInteractions(new Object[]{this.authenticationEvent});
            throw th;
        }
    }

    private UserDto executeAuthenticate(AuthenticationEvent.Method method) {
        return this.underTest.authenticate(LOGIN, PASSWORD, this.request, method);
    }

    private UserDto insertUser(UserDto userDto) {
        this.dbClient.userDao().insert(this.dbSession, userDto);
        this.dbSession.commit();
        return userDto;
    }
}
