package org.alfresco.repo.security.authentication;

import java.io.Serializable;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.util.test.junitrules.AlfrescoTenant;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:org/alfresco/repo/security/authentication/AuthenticationServiceImplTest.class */
public class AuthenticationServiceImplTest {
    private SimpleCache<String, ProtectedUser> cache;
    private AuthenticationServiceImpl authService;
    private static final String USERNAME = "username";
    private static final char[] PASSWORD = AlfrescoTenant.ADMIN_PASSWORD.toCharArray();
    private AuthenticationComponent authenticationComponent = (AuthenticationComponent) Mockito.mock(AuthenticationComponent.class);
    private TicketComponent ticketComponent = (TicketComponent) Mockito.mock(TicketComponent.class);

    /* loaded from: input_file:org/alfresco/repo/security/authentication/AuthenticationServiceImplTest$MockCache.class */
    private class MockCache<K extends Serializable, V> implements SimpleCache<K, V> {
        private Map<K, V> internalCache = new HashMap();

        MockCache() {
        }

        public boolean contains(K k) {
            return this.internalCache.containsKey(k);
        }

        public Collection<K> getKeys() {
            return this.internalCache.keySet();
        }

        public V get(K k) {
            return this.internalCache.get(k);
        }

        public void put(K k, V v) {
            this.internalCache.put(k, v);
        }

        public void remove(K k) {
            this.internalCache.remove(k);
        }

        public void clear() {
            this.internalCache.clear();
        }
    }

    @Before
    public void beforeTest() {
        this.authService = new AuthenticationServiceImpl();
        this.authService.setAuthenticationComponent(this.authenticationComponent);
        this.authService.setTicketComponent(this.ticketComponent);
        this.cache = new MockCache();
        this.authService.setProtectedUsersCache(this.cache);
    }

    @Test
    public void testProtectedUserBadPassword() {
        int i = 3 + 3;
        this.authService.setProtectionPeriodSeconds(99999);
        this.authService.setProtectionLimit(3);
        this.authService.setProtectionEnabled(true);
        AuthenticationException authenticationException = new AuthenticationException("Bad password");
        ((AuthenticationComponent) Mockito.doThrow(authenticationException).when(this.authenticationComponent)).authenticate(USERNAME, PASSWORD);
        for (int i2 = 0; i2 < i; i2++) {
            try {
                this.authService.authenticate(USERNAME, PASSWORD);
                Assert.fail("The " + AuthenticationException.class.getName() + " should have been thrown.");
            } catch (AuthenticationException e) {
                if (i2 < 3) {
                    Assert.assertTrue("Expected failure from AuthenticationComponent", e == authenticationException);
                } else {
                    Assert.assertFalse("Expected failure from protection code", e == authenticationException);
                }
            }
        }
        ((AuthenticationComponent) Mockito.verify(this.authenticationComponent, Mockito.times(3))).authenticate(USERNAME, PASSWORD);
        Assert.assertTrue("The user should be protected.", this.authService.isUserProtected(USERNAME));
        Assert.assertEquals("The number of recorded logins did not match.", i, ((ProtectedUser) this.cache.get(USERNAME)).getNumLogins());
        ((AuthenticationComponent) Mockito.doNothing().when(this.authenticationComponent)).authenticate(USERNAME, PASSWORD);
        try {
            this.authService.authenticate(USERNAME, PASSWORD);
            Assert.fail("The " + AuthenticationException.class.getName() + " should have been thrown.");
        } catch (AuthenticationException unused) {
        }
        ((AuthenticationComponent) Mockito.verify(this.authenticationComponent, Mockito.times(3))).authenticate(USERNAME, PASSWORD);
        Assert.assertEquals("The number of recorded logins did not match.", i + 1, ((ProtectedUser) this.cache.get(USERNAME)).getNumLogins());
    }

    @Test
    public void testProtectedUserCanLoginAfterProtection() throws Exception {
        this.authService.setProtectionPeriodSeconds(1);
        this.authService.setProtectionLimit(2);
        this.authService.setProtectionEnabled(true);
        ((AuthenticationComponent) Mockito.doThrow(new AuthenticationException("Bad password")).when(this.authenticationComponent)).authenticate(USERNAME, PASSWORD);
        for (int i = 0; i < 2; i++) {
            try {
                this.authService.authenticate(USERNAME, PASSWORD);
                Assert.fail("An " + AuthenticationException.class.getName() + " should be thrown.");
            } catch (AuthenticationException unused) {
            }
        }
        Assert.assertTrue("The user should be protected.", this.authService.isUserProtected(USERNAME));
        Assert.assertEquals("The number of recorded logins did not match.", 2, ((ProtectedUser) this.cache.get(USERNAME)).getNumLogins());
        Thread.sleep((1 * 1000) + 1);
        Assert.assertFalse("The user should not be protected any more.", this.authService.isUserProtected(USERNAME));
        Assert.assertEquals("The number of recorded logins should stay the same after protection period ends.", 2, ((ProtectedUser) this.cache.get(USERNAME)).getNumLogins());
        ((AuthenticationComponent) Mockito.doNothing().when(this.authenticationComponent)).authenticate(USERNAME, PASSWORD);
        try {
            this.authService.authenticate(USERNAME, PASSWORD);
        } catch (AuthenticationException unused2) {
            Assert.fail("An " + AuthenticationException.class.getName() + " should not be thrown.");
        }
        Assert.assertNull("The user should be removed from the cache after successful login.", this.cache.get(USERNAME));
    }

    @Test
    public void testProtectionDisabledBadPassword() {
        int i = 3 + 2;
        this.authService.setProtectionPeriodSeconds(99999);
        this.authService.setProtectionLimit(3);
        this.authService.setProtectionEnabled(false);
        AuthenticationException authenticationException = new AuthenticationException("Bad password");
        ((AuthenticationComponent) Mockito.doThrow(authenticationException).when(this.authenticationComponent)).authenticate(USERNAME, PASSWORD);
        for (int i2 = 0; i2 < i; i2++) {
            try {
                this.authService.authenticate(USERNAME, PASSWORD);
                Assert.fail("The " + AuthenticationException.class.getName() + " should have been thrown.");
            } catch (AuthenticationException e) {
                Assert.assertTrue("Expected failure from AuthenticationComponent", e == authenticationException);
            }
        }
        ((AuthenticationComponent) Mockito.verify(this.authenticationComponent, Mockito.times(i))).authenticate(USERNAME, PASSWORD);
        Assert.assertNull("The user should not be in the cache.", this.cache.get(USERNAME));
    }
}
