package org.springframework.security.providers.x509.populator;

import java.security.cert.X509Certificate;
import junit.framework.TestCase;
import org.springframework.dao.DataAccessException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.providers.x509.X509TestUtils;
import org.springframework.security.userdetails.User;
import org.springframework.security.userdetails.UserDetails;
import org.springframework.security.userdetails.UserDetailsService;
import org.springframework.security.userdetails.UsernameNotFoundException;

/* loaded from: input_file:org/springframework/security/providers/x509/populator/DaoX509AuthoritiesPopulatorTests.class */
public class DaoX509AuthoritiesPopulatorTests extends TestCase {

    /* loaded from: input_file:org/springframework/security/providers/x509/populator/DaoX509AuthoritiesPopulatorTests$MockAuthenticationDaoMatchesNameOrEmail.class */
    private class MockAuthenticationDaoMatchesNameOrEmail implements UserDetailsService {
        private MockAuthenticationDaoMatchesNameOrEmail() {
        }

        public UserDetails loadUserByUsername(String str) throws UsernameNotFoundException, DataAccessException {
            if ("Luke Taylor".equals(str) || "luke@monkeymachine".equals(str)) {
                return new User("luke", "monkey", true, true, true, true, new GrantedAuthority[]{new GrantedAuthorityImpl("ROLE_ONE")});
            }
            throw new UsernameNotFoundException("Could not find: " + str);
        }
    }

    public DaoX509AuthoritiesPopulatorTests() {
    }

    public DaoX509AuthoritiesPopulatorTests(String str) {
        super(str);
    }

    public final void setUp() throws Exception {
        super.setUp();
    }

    public void testDefaultCNPatternMatch() throws Exception {
        X509Certificate buildTestCertificate = X509TestUtils.buildTestCertificate();
        DaoX509AuthoritiesPopulator daoX509AuthoritiesPopulator = new DaoX509AuthoritiesPopulator();
        daoX509AuthoritiesPopulator.setUserDetailsService(new MockAuthenticationDaoMatchesNameOrEmail());
        daoX509AuthoritiesPopulator.afterPropertiesSet();
        daoX509AuthoritiesPopulator.getUserDetails(buildTestCertificate);
    }

    public void testEmailPatternMatch() throws Exception {
        X509Certificate buildTestCertificate = X509TestUtils.buildTestCertificate();
        DaoX509AuthoritiesPopulator daoX509AuthoritiesPopulator = new DaoX509AuthoritiesPopulator();
        daoX509AuthoritiesPopulator.setUserDetailsService(new MockAuthenticationDaoMatchesNameOrEmail());
        daoX509AuthoritiesPopulator.setSubjectDNRegex("emailAddress=(.*?),");
        daoX509AuthoritiesPopulator.afterPropertiesSet();
        daoX509AuthoritiesPopulator.getUserDetails(buildTestCertificate);
    }

    public void testInvalidRegexFails() throws Exception {
        DaoX509AuthoritiesPopulator daoX509AuthoritiesPopulator = new DaoX509AuthoritiesPopulator();
        daoX509AuthoritiesPopulator.setUserDetailsService(new MockAuthenticationDaoMatchesNameOrEmail());
        daoX509AuthoritiesPopulator.setSubjectDNRegex("CN=(.*?,");
        try {
            daoX509AuthoritiesPopulator.afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
        }
    }

    public void testMatchOnShoeSizeFieldInDNFails() throws Exception {
        X509Certificate buildTestCertificate = X509TestUtils.buildTestCertificate();
        DaoX509AuthoritiesPopulator daoX509AuthoritiesPopulator = new DaoX509AuthoritiesPopulator();
        daoX509AuthoritiesPopulator.setUserDetailsService(new MockAuthenticationDaoMatchesNameOrEmail());
        daoX509AuthoritiesPopulator.setSubjectDNRegex("shoeSize=(.*?),");
        daoX509AuthoritiesPopulator.afterPropertiesSet();
        try {
            daoX509AuthoritiesPopulator.getUserDetails(buildTestCertificate);
            fail("Should have thrown BadCredentialsException.");
        } catch (BadCredentialsException e) {
        }
    }

    public void testPatternWithNoGroupFails() throws Exception {
        X509Certificate buildTestCertificate = X509TestUtils.buildTestCertificate();
        DaoX509AuthoritiesPopulator daoX509AuthoritiesPopulator = new DaoX509AuthoritiesPopulator();
        daoX509AuthoritiesPopulator.setUserDetailsService(new MockAuthenticationDaoMatchesNameOrEmail());
        daoX509AuthoritiesPopulator.setSubjectDNRegex("CN=.*?,");
        daoX509AuthoritiesPopulator.afterPropertiesSet();
        try {
            daoX509AuthoritiesPopulator.getUserDetails(buildTestCertificate);
            fail("Should have thrown IllegalArgumentException for regexp without group");
        } catch (IllegalArgumentException e) {
        }
    }

    public void testRequiresDao() throws Exception {
        try {
            new DaoX509AuthoritiesPopulator().afterPropertiesSet();
            fail("Should have thrown IllegalArgumentException");
        } catch (IllegalArgumentException e) {
        }
    }
}
