package org.springframework.security.ui.switchuser;

import java.util.ArrayList;
import java.util.List;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.security.AccountExpiredException;
import org.springframework.security.Authentication;
import org.springframework.security.AuthenticationException;
import org.springframework.security.CredentialsExpiredException;
import org.springframework.security.DisabledException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.security.util.FieldUtils;
import org.springframework.security.util.MockFilterChain;

/* loaded from: input_file:org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests.class */
public class SwitchUserProcessingFilterTests {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/springframework/security/ui/switchuser/SwitchUserProcessingFilterTests$MockUserDetailsService.class */
    public class MockUserDetailsService implements UserDetailsService {
        private String password;

        private MockUserDetailsService() {
            this.password = "hawaii50";
        }

        public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException {
            if ("jacklord".equals(str) || "dano".equals(str)) {
                return new User(str, this.password, true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
            }
            if ("mcgarrett".equals(str)) {
                return new User(str, this.password, false, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
            }
            if ("wofat".equals(str)) {
                return new User(str, this.password, true, false, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
            }
            if ("steve".equals(str)) {
                return new User(str, this.password, true, true, false, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")});
            }
            throw new UsernameNotFoundException("Could not find: " + str);
        }

        public void setPassword(String str) {
            this.password = str;
        }
    }

    @Before
    public void authenticateCurrentUser() {
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("dano", "hawaii50"));
    }

    @After
    public void clearContext() {
        SecurityContextHolder.clearContext();
    }

    private MockHttpServletRequest createMockSwitchRequest() {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setScheme("http");
        mockHttpServletRequest.setServerName("localhost");
        mockHttpServletRequest.setRequestURI("/j_spring_security_switch_user");
        return mockHttpServletRequest;
    }

    private Authentication switchToUser(String str) {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("j_username", str);
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        return switchUserProcessingFilter.attemptSwitchUser(mockHttpServletRequest);
    }

    @Test
    public void requiresExitUserMatchesCorrectly() {
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setExitUserUrl("/j_spring_security_my_exit_user");
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setRequestURI("/j_spring_security_my_exit_user");
        Assert.assertTrue(switchUserProcessingFilter.requiresExitUser(mockHttpServletRequest));
    }

    @Test
    public void requiresSwitchMatchesCorrectly() {
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setSwitchUserUrl("/j_spring_security_my_switch_user");
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setRequestURI("/j_spring_security_my_switch_user");
        Assert.assertTrue(switchUserProcessingFilter.requiresSwitchUser(mockHttpServletRequest));
    }

    @Test(expected = UsernameNotFoundException.class)
    public void attemptSwitchToUnknownUserFails() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("j_username", "user-that-doesnt-exist");
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        switchUserProcessingFilter.attemptSwitchUser(mockHttpServletRequest);
    }

    @Test(expected = DisabledException.class)
    public void attemptSwitchToUserThatIsDisabledFails() throws Exception {
        switchToUser("mcgarrett");
    }

    @Test(expected = AccountExpiredException.class)
    public void attemptSwitchToUserWithAccountExpiredFails() throws Exception {
        switchToUser("wofat");
    }

    @Test(expected = CredentialsExpiredException.class)
    public void attemptSwitchToUserWithExpiredCredentialsFails() throws Exception {
        switchToUser("steve");
    }

    @Test(expected = UsernameNotFoundException.class)
    public void switchUserWithNullUsernameThrowsException() throws Exception {
        switchToUser(null);
    }

    @Test
    public void attemptSwitchUserIsSuccessfulWithValidUser() throws Exception {
        Assert.assertNotNull(switchToUser("jacklord"));
    }

    @Test
    public void switchToLockedAccountCausesRedirectToSwitchFailureUrl() throws Exception {
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setRequestURI("/j_spring_security_switch_user");
        mockHttpServletRequest.addParameter("j_username", "mcgarrett");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        switchUserProcessingFilter.doFilterHttp(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain(false));
        Assert.assertEquals("Switch user failed: User is disabled", mockHttpServletResponse.getContentAsString());
        mockHttpServletRequest.setContextPath("/mywebapp");
        mockHttpServletRequest.setRequestURI("/mywebapp/j_spring_security_switch_user");
        switchUserProcessingFilter.setSwitchFailureUrl("/switchfailed");
        MockHttpServletResponse mockHttpServletResponse2 = new MockHttpServletResponse();
        switchUserProcessingFilter.doFilterHttp(mockHttpServletRequest, mockHttpServletResponse2, new MockFilterChain(true));
        Assert.assertEquals("/mywebapp/switchfailed", mockHttpServletResponse2.getRedirectedUrl());
        Assert.assertEquals("/switchfailed", FieldUtils.getFieldValue(switchUserProcessingFilter, "switchFailureUrl"));
    }

    @Test(expected = IllegalArgumentException.class)
    public void configMissingUserDetailsServiceFails() throws Exception {
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setSwitchUserUrl("/j_spring_security_switch_user");
        switchUserProcessingFilter.setExitUserUrl("/j_spring_security_exit_user");
        switchUserProcessingFilter.setTargetUrl("/main.jsp");
        switchUserProcessingFilter.afterPropertiesSet();
    }

    @Test(expected = IllegalArgumentException.class)
    public void testBadConfigMissingTargetUrl() throws Exception {
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        switchUserProcessingFilter.setSwitchUserUrl("/j_spring_security_switch_user");
        switchUserProcessingFilter.setExitUserUrl("/j_spring_security_exit_user");
        switchUserProcessingFilter.afterPropertiesSet();
    }

    @Test
    public void defaultProcessesFilterUrlMatchesUrlWithPathParameter() {
        MockHttpServletRequest createMockSwitchRequest = createMockSwitchRequest();
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setSwitchUserUrl("/j_spring_security_switch_user");
        createMockSwitchRequest.setRequestURI("/webapp/j_spring_security_switch_user;jsessionid=8JHDUD723J8");
        Assert.assertTrue(switchUserProcessingFilter.requiresSwitchUser(createMockSwitchRequest));
    }

    @Test
    public void exitUserJackLordToDanoSucceeds() throws Exception {
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("jacklord", "hawaii50", new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO"), new SwitchUserGrantedAuthority("PREVIOUS_ADMINISTRATOR", new UsernamePasswordAuthenticationToken("dano", "hawaii50", new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE"), new GrantedAuthorityImpl("ROLE_TWO")}))}));
        MockHttpServletRequest createMockSwitchRequest = createMockSwitchRequest();
        createMockSwitchRequest.setRequestURI("/j_spring_security_exit_user");
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        switchUserProcessingFilter.setExitUserUrl("/j_spring_security_exit_user");
        switchUserProcessingFilter.setTargetUrl("/webapp/someOtherUrl");
        switchUserProcessingFilter.doFilter(createMockSwitchRequest, new MockHttpServletResponse(), new MockFilterChain(false));
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        Assert.assertNotNull(authentication);
        Assert.assertEquals("dano", authentication.getPrincipal());
    }

    @Test(expected = AuthenticationException.class)
    public void exitUserWithNoCurrentUserFails() throws Exception {
        SecurityContextHolder.clearContext();
        MockHttpServletRequest createMockSwitchRequest = createMockSwitchRequest();
        createMockSwitchRequest.setRequestURI("/j_spring_security_exit_user");
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        switchUserProcessingFilter.setExitUserUrl("/j_spring_security_exit_user");
        switchUserProcessingFilter.doFilter(createMockSwitchRequest, new MockHttpServletResponse(), new MockFilterChain(false));
    }

    @Test
    public void redirectToTargetUrlIsCorrect() throws Exception {
        MockHttpServletRequest createMockSwitchRequest = createMockSwitchRequest();
        createMockSwitchRequest.setContextPath("/webapp");
        createMockSwitchRequest.addParameter("j_username", "jacklord");
        createMockSwitchRequest.setRequestURI("/webapp/j_spring_security_switch_user");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setSwitchUserUrl("/j_spring_security_switch_user");
        switchUserProcessingFilter.setTargetUrl("/someOtherUrl");
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        switchUserProcessingFilter.doFilter(createMockSwitchRequest, mockHttpServletResponse, new MockFilterChain(false));
        Assert.assertEquals("/webapp/someOtherUrl", mockHttpServletResponse.getRedirectedUrl());
    }

    @Test
    public void redirectOmitsContextPathIfUseRelativeContextSet() throws Exception {
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("dano", "hawaii50"));
        MockHttpServletRequest createMockSwitchRequest = createMockSwitchRequest();
        createMockSwitchRequest.setContextPath("/webapp");
        createMockSwitchRequest.addParameter("j_username", "jacklord");
        createMockSwitchRequest.setRequestURI("/webapp/j_spring_security_switch_user");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setSwitchUserUrl("/j_spring_security_switch_user");
        switchUserProcessingFilter.setTargetUrl("/someOtherUrl");
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        switchUserProcessingFilter.setUseRelativeContext(true);
        switchUserProcessingFilter.doFilter(createMockSwitchRequest, mockHttpServletResponse, new MockFilterChain(false));
        Assert.assertEquals("/someOtherUrl", mockHttpServletResponse.getRedirectedUrl());
    }

    @Test
    public void testSwitchRequestFromDanoToJackLord() throws Exception {
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("dano", "hawaii50"));
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setRequestURI("/webapp/j_spring_security_switch_user");
        mockHttpServletRequest.addParameter("j_username", "jacklord");
        MockHttpServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        switchUserProcessingFilter.setSwitchUserUrl("/j_spring_security_switch_user");
        switchUserProcessingFilter.setTargetUrl("/webapp/someOtherUrl");
        switchUserProcessingFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, new MockFilterChain(true));
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        Assert.assertNotNull(authentication);
        Assert.assertTrue(authentication.getPrincipal() instanceof UserDetails);
        Assert.assertEquals("jacklord", ((User) authentication.getPrincipal()).getUsername());
    }

    @Test
    public void modificationOfAuthoritiesWorks() {
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("dano", "hawaii50"));
        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.addParameter("j_username", "jacklord");
        SwitchUserProcessingFilter switchUserProcessingFilter = new SwitchUserProcessingFilter();
        switchUserProcessingFilter.setUserDetailsService(new MockUserDetailsService());
        switchUserProcessingFilter.setSwitchUserAuthorityChanger(new SwitchUserAuthorityChanger() { // from class: org.springframework.security.ui.switchuser.SwitchUserProcessingFilterTests.1
            public List modifyGrantedAuthorities(UserDetails userDetails, Authentication authentication, List list) {
                ArrayList arrayList = new ArrayList();
                arrayList.add(new GrantedAuthorityImpl("ROLE_NEW"));
                return arrayList;
            }
        });
        Authentication attemptSwitchUser = switchUserProcessingFilter.attemptSwitchUser(mockHttpServletRequest);
        Assert.assertTrue(attemptSwitchUser != null);
        Assert.assertEquals(2L, attemptSwitchUser.getAuthorities().length);
        Assert.assertEquals("ROLE_NEW", attemptSwitchUser.getAuthorities()[0].getAuthority());
    }
}
