package org.alfresco.repo.web.scripts;

import org.alfresco.model.ContentModel;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.authentication.AuthenticationUtil;
import org.alfresco.rest.api.tests.client.AbstractHttp;
import org.alfresco.rest.api.tests.client.AuthenticatedHttp;
import org.alfresco.rest.api.tests.client.UserData;
import org.alfresco.rest.api.tests.client.data.SiteMember;
import org.alfresco.service.cmr.security.MutableAuthenticationService;
import org.alfresco.service.cmr.security.PersonService;
import org.alfresco.util.PropertyMap;
import org.json.JSONObject;
import org.springframework.extensions.webscripts.TestWebScriptServer;

/* loaded from: input_file:org/alfresco/repo/web/scripts/LoginTest.class */
public class LoginTest extends BaseWebScriptTest {
    private MutableAuthenticationService authenticationService;
    private AuthenticationComponent authenticationComponent;
    private PersonService personService;
    private static final String USER_ONE = "AuthenticationTestOne";

    protected void setUp() throws Exception {
        super.setUp();
        this.authenticationService = (MutableAuthenticationService) getServer().getApplicationContext().getBean("AuthenticationService");
        this.authenticationComponent = (AuthenticationComponent) getServer().getApplicationContext().getBean("authenticationComponent");
        this.personService = (PersonService) getServer().getApplicationContext().getBean("PersonService");
        this.authenticationComponent.setCurrentUser(AuthenticationUtil.getAdminUserName());
        createUser(USER_ONE, USER_ONE);
    }

    protected void tearDown() throws Exception {
        super.tearDown();
    }

    private void createUser(String str, String str2) {
        if (this.authenticationService.authenticationExists(str)) {
            return;
        }
        this.authenticationService.createAuthentication(str, str2.toCharArray());
        PropertyMap propertyMap = new PropertyMap(4);
        propertyMap.put(ContentModel.PROP_USERNAME, str);
        propertyMap.put(ContentModel.PROP_FIRSTNAME, "firstName");
        propertyMap.put(ContentModel.PROP_LASTNAME, "lastName");
        propertyMap.put(ContentModel.PROP_EMAIL, "email@email.com");
        propertyMap.put(ContentModel.PROP_JOBTITLE, "jobTitle");
        this.personService.createPerson(propertyMap);
    }

    private String parseTicket(String str) {
        int indexOf = str.indexOf("<ticket>");
        int indexOf2 = str.indexOf("</ticket>");
        return (indexOf == -1 || indexOf2 == -1) ? "" : str.substring(indexOf + "<ticket>".length(), indexOf2);
    }

    public void testAuthentication() throws Exception {
        String contentAsString = sendRequest(new TestWebScriptServer.GetRequest("/api/login?u=AuthenticationTestOne&pw=AuthenticationTestOne"), 200).getContentAsString();
        assertNotNull("xmlFragment");
        assertTrue("xmlFragment contains ticket", contentAsString.contains("<ticket>"));
        String str = "/api/login/ticket/" + parseTicket(contentAsString);
        setDefaultRunAs(AuthenticationUtil.getAdminUserName());
        sendRequest(new TestWebScriptServer.GetRequest(str), 404);
        setDefaultRunAs(USER_ONE);
        sendRequest(new TestWebScriptServer.GetRequest(str), 200);
        sendRequest(new TestWebScriptServer.DeleteRequest(str), 200);
        sendRequest(new TestWebScriptServer.GetRequest(str), 404);
    }

    public void testAuthenticationGetJSON() throws Exception {
        assertNotNull("ticket is null", new JSONObject(sendRequest(new TestWebScriptServer.GetRequest("/api/login.json?u=AuthenticationTestOne&pw=AuthenticationTestOne"), 200).getContentAsString()).getJSONObject(AbstractHttp.JSON_DATA).getString(UserData.FIELD_TICKET));
        assertNotNull("ticket is null", new JSONObject(sendRequest(new TestWebScriptServer.GetRequest("/api/login?u=AuthenticationTestOne&pw=AuthenticationTestOne&format=json"), 200).getContentAsString()).getJSONObject(AbstractHttp.JSON_DATA).getString(UserData.FIELD_TICKET));
    }

    public void testPostLogin() throws Exception {
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(SiteMember.FIELD_USERNAME, USER_ONE);
        jSONObject.put(UserData.FIELD_PASSWORD, USER_ONE);
        assertNotNull("ticket null", new JSONObject(sendRequest(new TestWebScriptServer.PostRequest("/api/login", jSONObject.toString(), AuthenticatedHttp.MIME_TYPE_JSON), 200).getContentAsString()).getJSONObject(AbstractHttp.JSON_DATA).getString(UserData.FIELD_TICKET));
        JSONObject jSONObject2 = new JSONObject();
        jSONObject2.put(SiteMember.FIELD_USERNAME, USER_ONE);
        jSONObject2.put(UserData.FIELD_PASSWORD, "blurb");
        sendRequest(new TestWebScriptServer.PostRequest("/api/login", jSONObject2.toString(), AuthenticatedHttp.MIME_TYPE_JSON), 403);
        JSONObject jSONObject3 = new JSONObject();
        jSONObject3.put(UserData.FIELD_PASSWORD, USER_ONE);
        sendRequest(new TestWebScriptServer.PostRequest("/api/login", jSONObject3.toString(), AuthenticatedHttp.MIME_TYPE_JSON), 400);
        JSONObject jSONObject4 = new JSONObject();
        jSONObject4.put(SiteMember.FIELD_USERNAME, USER_ONE);
        sendRequest(new TestWebScriptServer.PostRequest("/api/login", jSONObject4.toString(), AuthenticatedHttp.MIME_TYPE_JSON), 400);
    }

    public void testWrongPassword() throws Exception {
        sendRequest(new TestWebScriptServer.GetRequest("/api/login?u=AuthenticationTestOne&pw=crap"), 403);
    }

    public void testMissingParameters() throws Exception {
        sendRequest(new TestWebScriptServer.GetRequest("/api/login?u=AuthenticationTestOne"), 400);
        sendRequest(new TestWebScriptServer.GetRequest("/api/login?&pw=AuthenticationTestOne"), 400);
    }
}
