package pl.edu.icm.unity.engine;

import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import org.junit.Assert;
import org.junit.Test;
import pl.edu.icm.unity.engine.mock.MockEndpoint;
import pl.edu.icm.unity.engine.mock.MockEndpointFactory;
import pl.edu.icm.unity.engine.mock.MockPasswordVerificatorFactory;
import pl.edu.icm.unity.exceptions.IllegalCredentialException;
import pl.edu.icm.unity.types.EntityState;
import pl.edu.icm.unity.types.authn.AuthenticationRealm;
import pl.edu.icm.unity.types.authn.AuthenticatorInstance;
import pl.edu.icm.unity.types.authn.AuthenticatorSet;
import pl.edu.icm.unity.types.authn.AuthenticatorTypeDescription;
import pl.edu.icm.unity.types.authn.CredentialDefinition;
import pl.edu.icm.unity.types.authn.CredentialPublicInformation;
import pl.edu.icm.unity.types.authn.CredentialRequirements;
import pl.edu.icm.unity.types.authn.LocalCredentialState;
import pl.edu.icm.unity.types.basic.Entity;
import pl.edu.icm.unity.types.basic.EntityParam;
import pl.edu.icm.unity.types.basic.Identity;
import pl.edu.icm.unity.types.basic.IdentityParam;
import pl.edu.icm.unity.types.endpoint.EndpointDescription;
import pl.edu.icm.unity.types.endpoint.EndpointTypeDescription;

/* loaded from: input_file:pl/edu/icm/unity/engine/TestAuthentication.class */
public class TestAuthentication extends DBIntegrationTestBase {
    @Test
    public void testAuthentication() throws Exception {
        super.setupMockAuthn();
        AuthenticationRealm authenticationRealm = new AuthenticationRealm("testr", "", 10, 10, -1, 600);
        this.realmsMan.addRealm(authenticationRealm);
        Identity addEntity = this.idsMan.addEntity(new IdentityParam("x500Name", "CN=foo"), "crMock", EntityState.valid, false);
        this.authnMan.createAuthenticator("auth1", ((AuthenticatorTypeDescription) this.authnMan.getAuthenticatorTypes("web").iterator().next()).getId(), "6", "bbb", "credential1");
        this.endpointMan.deploy(MockEndpointFactory.NAME, "endpoint1", "/foo", "desc", Collections.singletonList(new AuthenticatorSet(Collections.singleton("auth1"))), "", authenticationRealm.getName());
        EntityParam entityParam = new EntityParam(addEntity);
        this.idsMan.setEntityCredential(entityParam, "credential1", "password");
        MockEndpoint mockEndpoint = (MockEndpoint) this.httpServer.getDeployedEndpoints().iterator().next();
        try {
            mockEndpoint.authenticate();
            Assert.fail("Authn with wrong cred succeeded");
        } catch (IllegalCredentialException e) {
        }
        this.idsMan.setEntityCredential(entityParam, "credential1", "bar");
        Assert.assertEquals(mockEndpoint.authenticate().longValue(), this.idsMan.getEntity(entityParam).getId().longValue());
    }

    @Test
    public void testAuthnManagement() throws Exception {
        super.setupMockAuthn();
        AuthenticationRealm authenticationRealm = new AuthenticationRealm("testr", "", 10, 10, -1, 600);
        this.realmsMan.addRealm(authenticationRealm);
        Assert.assertEquals(1L, this.authnMan.getAuthenticatorTypes("web").size());
        Collection authenticatorTypes = this.authnMan.getAuthenticatorTypes((String) null);
        Assert.assertEquals(1L, authenticatorTypes.size());
        AuthenticatorTypeDescription authenticatorTypeDescription = (AuthenticatorTypeDescription) authenticatorTypes.iterator().next();
        Assert.assertEquals(true, Boolean.valueOf(authenticatorTypeDescription.isLocal()));
        Assert.assertEquals("mockretrieval", authenticatorTypeDescription.getRetrievalMethod());
        Assert.assertEquals(MockPasswordVerificatorFactory.ID, authenticatorTypeDescription.getVerificationMethod());
        Assert.assertEquals("web", authenticatorTypeDescription.getSupportedBinding());
        AuthenticatorInstance createAuthenticator = this.authnMan.createAuthenticator("auth1", authenticatorTypeDescription.getId(), "8", "bbb", "credential1");
        Collection authenticators = this.authnMan.getAuthenticators("web");
        Assert.assertEquals(1L, authenticators.size());
        AuthenticatorInstance authenticatorInstance = (AuthenticatorInstance) authenticators.iterator().next();
        Assert.assertEquals("auth1", authenticatorInstance.getId());
        Assert.assertEquals("bbb", authenticatorInstance.getRetrievalJsonConfiguration());
        Assert.assertNull(authenticatorInstance.getVerificatorJsonConfiguration());
        this.authnMan.updateAuthenticator("auth1", "9", "b", "credential1");
        Collection authenticators2 = this.authnMan.getAuthenticators("web");
        Assert.assertEquals(1L, authenticators2.size());
        AuthenticatorInstance authenticatorInstance2 = (AuthenticatorInstance) authenticators2.iterator().next();
        Assert.assertEquals("auth1", authenticatorInstance2.getId());
        Assert.assertEquals("b", authenticatorInstance2.getRetrievalJsonConfiguration());
        Assert.assertNull(authenticatorInstance2.getVerificatorJsonConfiguration());
        List endpointTypes = this.endpointMan.getEndpointTypes();
        Assert.assertEquals(1L, endpointTypes.size());
        this.endpointMan.deploy(((EndpointTypeDescription) endpointTypes.get(0)).getName(), "endpoint1", "/foo", "desc", new ArrayList(), "", authenticationRealm.getName());
        List endpoints = this.endpointMan.getEndpoints();
        Assert.assertEquals(1L, endpoints.size());
        this.endpointMan.updateEndpoint(((EndpointDescription) endpoints.get(0)).getId(), "ada", Collections.singletonList(new AuthenticatorSet(Collections.singleton("auth1"))), "", authenticationRealm.getName());
        List authenticatorSets = ((EndpointDescription) this.endpointMan.getEndpoints().get(0)).getAuthenticatorSets();
        Assert.assertEquals(1L, authenticatorSets.size());
        Assert.assertEquals(1L, ((AuthenticatorSet) authenticatorSets.get(0)).getAuthenticators().size());
        try {
            this.authnMan.removeAuthenticator(createAuthenticator.getId());
            Assert.fail("Was able to remove a used authenticator");
        } catch (IllegalArgumentException e) {
        }
        this.endpointMan.updateEndpoint(((EndpointDescription) endpoints.get(0)).getId(), "ada", new ArrayList(), "", authenticationRealm.getName());
        this.authnMan.removeAuthenticator(createAuthenticator.getId());
        Assert.assertEquals(0L, this.authnMan.getAuthenticators((String) null).size());
    }

    @Test
    public void testCredentialsManagement() throws Exception {
        Collection credentialTypes = this.authnMan.getCredentialTypes();
        Assert.assertEquals(credentialTypes.toString(), 1 + 2, credentialTypes.size());
        Assert.assertEquals(MockPasswordVerificatorFactory.ID, getDescObjectByName(credentialTypes, MockPasswordVerificatorFactory.ID).getName());
        CredentialDefinition credentialDefinition = new CredentialDefinition(MockPasswordVerificatorFactory.ID, "credential1", "cred req desc");
        credentialDefinition.setJsonConfiguration("8");
        this.authnMan.addCredentialDefinition(credentialDefinition);
        Collection credentialDefinitions = this.authnMan.getCredentialDefinitions();
        Assert.assertEquals(1 + 1, credentialDefinitions.size());
        CredentialDefinition descObjectByName = getDescObjectByName(credentialDefinitions, "credential1");
        Assert.assertEquals("credential1", descObjectByName.getName());
        Assert.assertEquals("cred req desc", descObjectByName.getDescription());
        Assert.assertEquals(MockPasswordVerificatorFactory.ID, descObjectByName.getTypeId());
        Assert.assertEquals("8", descObjectByName.getJsonConfiguration());
        descObjectByName.setDescription("d2");
        descObjectByName.setJsonConfiguration("9");
        this.authnMan.updateCredentialDefinition(descObjectByName, LocalCredentialState.correct);
        Collection credentialDefinitions2 = this.authnMan.getCredentialDefinitions();
        Assert.assertEquals(1 + 1, credentialDefinitions2.size());
        CredentialDefinition descObjectByName2 = getDescObjectByName(credentialDefinitions2, "credential1");
        Assert.assertEquals("credential1", descObjectByName2.getName());
        Assert.assertEquals("d2", descObjectByName2.getDescription());
        Assert.assertEquals(MockPasswordVerificatorFactory.ID, descObjectByName2.getTypeId());
        Assert.assertEquals("9", descObjectByName2.getJsonConfiguration());
        this.authnMan.removeCredentialDefinition("credential1");
        Assert.assertEquals(1, this.authnMan.getCredentialDefinitions().size());
        this.authnMan.addCredentialDefinition(credentialDefinition);
        AuthenticatorInstance createAuthenticator = this.authnMan.createAuthenticator("auth1", ((AuthenticatorTypeDescription) this.authnMan.getAuthenticatorTypes("web").iterator().next()).getId(), "6", "bbb", "credential1");
        try {
            this.authnMan.removeCredentialDefinition("credential1");
            Assert.fail("Managed to remove credential used by authenticator");
        } catch (IllegalCredentialException e) {
        }
        this.authnMan.removeAuthenticator(createAuthenticator.getId());
        this.authnMan.addCredentialRequirement(new CredentialRequirements("crMock", "mock cred req", Collections.singleton(credentialDefinition.getName())));
        Collection credentialRequirements = this.authnMan.getCredentialRequirements();
        Assert.assertEquals(1 + 1, credentialRequirements.size());
        CredentialRequirements descObjectByName3 = getDescObjectByName(credentialRequirements, "crMock");
        Assert.assertEquals("crMock", descObjectByName3.getName());
        Assert.assertEquals("mock cred req", descObjectByName3.getDescription());
        Assert.assertEquals(1L, descObjectByName3.getRequiredCredentials().size());
        descObjectByName3.setDescription("changed");
        this.authnMan.updateCredentialRequirement(descObjectByName3);
        Collection credentialRequirements2 = this.authnMan.getCredentialRequirements();
        Assert.assertEquals(1 + 1, credentialRequirements2.size());
        CredentialRequirements descObjectByName4 = getDescObjectByName(credentialRequirements2, "crMock");
        Assert.assertEquals("crMock", descObjectByName4.getName());
        Assert.assertEquals("changed", descObjectByName4.getDescription());
        try {
            this.authnMan.removeCredentialDefinition("credential1");
            Assert.fail("Managed to remove credential used by cred req");
        } catch (IllegalCredentialException e2) {
        }
        EntityParam entityParam = new EntityParam(this.idsMan.addEntity(new IdentityParam("x500Name", "CN=test"), "crMock", EntityState.valid, false));
        Assert.assertEquals(LocalCredentialState.notSet, ((CredentialPublicInformation) this.idsMan.getEntity(entityParam).getCredentialInfo().getCredentialsState().get("credential1")).getState());
        this.idsMan.setEntityCredential(entityParam, "credential1", "password");
        Assert.assertEquals(LocalCredentialState.correct, ((CredentialPublicInformation) this.idsMan.getEntity(entityParam).getCredentialInfo().getCredentialsState().get("credential1")).getState());
        descObjectByName4.setDescription("changed2");
        this.authnMan.updateCredentialRequirement(descObjectByName4);
        Assert.assertEquals(LocalCredentialState.correct, ((CredentialPublicInformation) this.idsMan.getEntity(entityParam).getCredentialInfo().getCredentialsState().get("credential1")).getState());
        descObjectByName2.setDescription("d3");
        descObjectByName2.setJsonConfiguration("119");
        this.authnMan.updateCredentialDefinition(descObjectByName2, LocalCredentialState.correct);
        Assert.assertEquals(LocalCredentialState.correct, ((CredentialPublicInformation) this.idsMan.getEntity(entityParam).getCredentialInfo().getCredentialsState().get("credential1")).getState());
        try {
            this.authnMan.removeCredentialRequirement(descObjectByName4.getName(), (String) null);
            Assert.fail("Managed to remove used requirements without replacement");
        } catch (IllegalCredentialException e3) {
        }
        CredentialDefinition credentialDefinition2 = new CredentialDefinition(MockPasswordVerificatorFactory.ID, "credential2", "cred2 desc");
        credentialDefinition2.setJsonConfiguration("10");
        this.authnMan.addCredentialDefinition(credentialDefinition2);
        HashSet hashSet = new HashSet();
        Collections.addAll(hashSet, credentialDefinition.getName(), credentialDefinition2.getName());
        this.authnMan.addCredentialRequirement(new CredentialRequirements("crMock2", "mock cred req2", hashSet));
        this.idsMan.setEntityCredentialRequirements(entityParam, "crMock2");
        Entity entity = this.idsMan.getEntity(entityParam);
        Assert.assertEquals(LocalCredentialState.correct, ((CredentialPublicInformation) entity.getCredentialInfo().getCredentialsState().get("credential1")).getState());
        Assert.assertEquals(LocalCredentialState.notSet, ((CredentialPublicInformation) entity.getCredentialInfo().getCredentialsState().get("credential2")).getState());
        this.idsMan.setEntityCredential(entityParam, "credential2", "password2");
        Entity entity2 = this.idsMan.getEntity(entityParam);
        Assert.assertEquals(LocalCredentialState.correct, ((CredentialPublicInformation) entity2.getCredentialInfo().getCredentialsState().get("credential1")).getState());
        Assert.assertEquals(LocalCredentialState.correct, ((CredentialPublicInformation) entity2.getCredentialInfo().getCredentialsState().get("credential2")).getState());
        this.authnMan.removeCredentialRequirement("crMock2", "crMock");
        Assert.assertEquals(1 + 1, this.authnMan.getCredentialRequirements().size());
        Assert.assertEquals(LocalCredentialState.correct, ((CredentialPublicInformation) this.idsMan.getEntity(entityParam).getCredentialInfo().getCredentialsState().get("credential1")).getState());
    }
}
