package org.alfresco.rest.api.tests;

import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.rest.api.model.LoginTicket;
import org.alfresco.rest.api.model.LoginTicketResponse;
import org.alfresco.rest.api.sites.SiteEntityResource;
import org.alfresco.rest.api.tests.client.PublicApiClient;
import org.alfresco.rest.api.tests.client.data.Document;
import org.alfresco.rest.api.tests.util.RestApiUtil;
import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PersonService;
import org.apache.commons.codec.binary.Base64;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/alfresco/rest/api/tests/AuthenticationsTest.class */
public class AuthenticationsTest extends AbstractBaseApiTest {
    private static final String TICKETS_URL = "tickets";
    private static final String TICKETS_API_NAME = "authentication";
    private String user1;
    private String user2;
    private List<String> users = new ArrayList();
    private MutableAuthenticationService authenticationService;
    private PersonService personService;

    @Before
    public void setup() throws Exception {
        this.authenticationService = (MutableAuthenticationService) this.applicationContext.getBean("authenticationService", MutableAuthenticationService.class);
        this.personService = (PersonService) this.applicationContext.getBean("personService", PersonService.class);
        this.user1 = createUser("user1" + System.currentTimeMillis(), "user1Password");
        this.user2 = createUser("user2" + System.currentTimeMillis(), "user2Password");
        this.users.add(this.user1);
        this.users.add(this.user2);
        AuthenticationUtil.clearCurrentSecurityContext();
    }

    @After
    public void tearDown() throws Exception {
        AuthenticationUtil.setAdminUserAsFullyAuthenticatedUser();
        for (final String str : this.users) {
            this.transactionHelper.doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() { // from class: org.alfresco.rest.api.tests.AuthenticationsTest.1
                /* renamed from: execute, reason: merged with bridge method [inline-methods] */
                public Void m119execute() throws Throwable {
                    if (!AuthenticationsTest.this.personService.personExists(str)) {
                        return null;
                    }
                    AuthenticationsTest.this.authenticationService.deleteAuthentication(str);
                    AuthenticationsTest.this.personService.deletePerson(str);
                    return null;
                }
            });
        }
        this.users.clear();
        AuthenticationUtil.clearCurrentSecurityContext();
    }

    @Test
    public void testCreateValidateDeleteTicket() throws Exception {
        PublicApiClient.Paging paging = getPaging(0, 100);
        getAll(SiteEntityResource.class, (String) null, paging, (Map<String, String>) null, 401);
        LoginTicket loginTicket = new LoginTicket();
        post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginTicket), null, null, TICKETS_API_NAME, 400);
        loginTicket.setUserId((String) null);
        loginTicket.setPassword("user1Password");
        post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginTicket), null, null, TICKETS_API_NAME, 400);
        loginTicket.setUserId(this.user1);
        loginTicket.setPassword((String) null);
        post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginTicket), null, null, TICKETS_API_NAME, 400);
        loginTicket.setUserId(this.user1);
        loginTicket.setPassword("user1Password");
        LoginTicketResponse loginTicketResponse = (LoginTicketResponse) RestApiUtil.parseRestApiEntry(post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginTicket), null, null, TICKETS_API_NAME, 201).getJsonResponse(), LoginTicketResponse.class);
        Assert.assertNotNull(loginTicketResponse.getId());
        Assert.assertNotNull(loginTicketResponse.getUserId());
        Map<String, String> singletonMap = Collections.singletonMap("alf_ticket", loginTicketResponse.getId());
        getAll(SiteEntityResource.class, (String) null, paging, singletonMap, 200);
        getAll(SiteEntityResource.class, (String) null, paging, Collections.singletonMap("alf_ticket", "TICKET_" + System.currentTimeMillis()), 401);
        getSingle(TICKETS_URL, null, loginTicketResponse.getId(), singletonMap, null, TICKETS_API_NAME, 400);
        Assert.assertEquals(loginTicketResponse.getId(), ((LoginTicketResponse) RestApiUtil.parseRestApiEntry(getSingle(TICKETS_URL, null, "-me-", singletonMap, null, TICKETS_API_NAME, 200).getJsonResponse(), LoginTicketResponse.class)).getId());
        getSingle(TICKETS_URL, null, loginTicketResponse.getId(), singletonMap, null, TICKETS_API_NAME, 400);
        delete(TICKETS_URL, null, "-me-", singletonMap, null, TICKETS_API_NAME, 204);
        getSingle(TICKETS_URL, null, "-me-", singletonMap, null, TICKETS_API_NAME, 401);
        getSingle(TICKETS_URL, this.user1, "-me-", singletonMap, null, TICKETS_API_NAME, 404);
        delete(TICKETS_URL, this.user1, "-me-", singletonMap, null, TICKETS_API_NAME, 404);
        getAll(SiteEntityResource.class, (String) null, paging, singletonMap, 401);
        Assert.assertNotNull(createFolder(this.user2, "-my-", "F2", null).getId());
        getAll(getNodeChildrenUrl("-my-"), null, paging, 401);
        LoginTicket loginTicket2 = new LoginTicket();
        loginTicket2.setUserId(this.user2);
        loginTicket2.setPassword("wrongPassword");
        post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginTicket2), null, null, TICKETS_API_NAME, 403);
        loginTicket2.setUserId(this.user1);
        loginTicket2.setPassword("user2Password");
        post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginTicket2), null, null, TICKETS_API_NAME, 403);
        loginTicket2.setUserId(this.user2);
        loginTicket2.setPassword("user2Password");
        LoginTicketResponse loginTicketResponse2 = (LoginTicketResponse) RestApiUtil.parseRestApiEntry(post(TICKETS_URL, null, RestApiUtil.toJsonAsString(loginTicket2), null, null, TICKETS_API_NAME, 201).getJsonResponse(), LoginTicketResponse.class);
        Assert.assertNotNull(loginTicketResponse2.getId());
        Assert.assertNotNull(loginTicketResponse2.getUserId());
        Map<String, String> singletonMap2 = Collections.singletonMap("Authorization", "Basic " + encodeB64(loginTicketResponse2.getId()));
        Assert.assertEquals(1L, RestApiUtil.parseRestApiEntries(getAll(getNodeChildrenUrl("-my-"), null, paging, null, singletonMap2, 200).getJsonResponse(), Document.class).size());
        getSingle(TICKETS_URL, null, loginTicketResponse2.getId(), null, singletonMap2, TICKETS_API_NAME, 400);
        Assert.assertEquals(loginTicketResponse2.getId(), ((LoginTicketResponse) RestApiUtil.parseRestApiEntry(getSingle(TICKETS_URL, null, "-me-", null, singletonMap2, TICKETS_API_NAME, 200).getJsonResponse(), LoginTicketResponse.class)).getId());
        String encodeB64 = encodeB64("ROLE_TICKET:" + loginTicketResponse2.getId());
        Assert.assertEquals(1L, RestApiUtil.parseRestApiEntries(getAll(getNodeChildrenUrl("-my-"), null, paging, null, Collections.singletonMap("Authorization", "Basic " + encodeB64), 200).getJsonResponse(), Document.class).size());
        Assert.assertEquals(1L, RestApiUtil.parseRestApiEntries(getAll(getNodeChildrenUrl("-my-"), (String) null, paging, Collections.singletonMap("alf_ticket", loginTicketResponse2.getId()), 200).getJsonResponse(), Document.class).size());
        getSingle(TICKETS_URL, this.user2, "-me-", null, null, TICKETS_API_NAME, 400);
        Map<String, String> singletonMap3 = Collections.singletonMap("Authorization", "Basic " + encodeB64);
        delete(TICKETS_URL, null, loginTicketResponse2.getId(), null, singletonMap3, TICKETS_API_NAME, 400);
        delete(TICKETS_URL, null, "-me-", null, singletonMap3, TICKETS_API_NAME, 204);
        getAll(getNodeChildrenUrl("-my-"), null, paging, null, singletonMap3, 401);
    }

    private String encodeB64(String str) {
        return Base64.encodeBase64String(str.getBytes());
    }

    @Override // org.alfresco.rest.api.tests.AbstractBaseApiTest
    public String getScope() {
        return "public";
    }
}
