package org.alfresco.repo.security.authentication.identityservice;

import java.util.function.Supplier;
import org.alfresco.repo.security.authentication.identityservice.IdentityServiceAuthenticationComponent;
import org.alfresco.repo.security.authentication.identityservice.OAuth2ClientFactoryBean;
import org.assertj.core.api.Assertions;
import org.junit.Test;
import org.mockito.ArgumentMatchers;
import org.mockito.Mockito;
import org.springframework.security.oauth2.client.OAuth2AuthorizeRequest;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClient;
import org.springframework.security.oauth2.client.OAuth2AuthorizedClientManager;
import org.springframework.security.oauth2.core.OAuth2AccessToken;

/* loaded from: input_file:org/alfresco/repo/security/authentication/identityservice/SpringOAuth2ClientUnitTest.class */
public class SpringOAuth2ClientUnitTest {
    private static final String USER_NAME = "user";
    private static final String PASSWORD = "password";

    @Test
    public void shouldRecoverFromInitialAuthorizationServerUnavailability() {
        OAuth2AuthorizedClient oAuth2AuthorizedClient = (OAuth2AuthorizedClient) Mockito.mock(OAuth2AuthorizedClient.class);
        Mockito.when(oAuth2AuthorizedClient.getAccessToken()).thenReturn((OAuth2AccessToken) Mockito.mock(OAuth2AccessToken.class));
        OAuth2AuthorizedClientManager oAuth2AuthorizedClientManager = (OAuth2AuthorizedClientManager) Mockito.mock(OAuth2AuthorizedClientManager.class);
        Mockito.when(oAuth2AuthorizedClientManager.authorize((OAuth2AuthorizeRequest) ArgumentMatchers.any())).thenReturn(oAuth2AuthorizedClient);
        OAuth2ClientFactoryBean.SpringOAuth2Client springOAuth2Client = new OAuth2ClientFactoryBean.SpringOAuth2Client(faultySupplier(3, oAuth2AuthorizedClientManager));
        Assertions.assertThatExceptionOfType(IdentityServiceAuthenticationComponent.OAuth2Client.CredentialsVerificationException.class).isThrownBy(() -> {
            springOAuth2Client.verifyCredentials(USER_NAME, "password");
        }).havingCause().withNoCause().withMessage("Expected failure #1");
        Mockito.verifyNoInteractions(new Object[]{oAuth2AuthorizedClientManager});
        Assertions.assertThatExceptionOfType(IdentityServiceAuthenticationComponent.OAuth2Client.CredentialsVerificationException.class).isThrownBy(() -> {
            springOAuth2Client.verifyCredentials(USER_NAME, "password");
        }).havingCause().withNoCause().withMessage("Expected failure #2");
        Mockito.verifyNoInteractions(new Object[]{oAuth2AuthorizedClientManager});
        Assertions.assertThatExceptionOfType(IdentityServiceAuthenticationComponent.OAuth2Client.CredentialsVerificationException.class).isThrownBy(() -> {
            springOAuth2Client.verifyCredentials(USER_NAME, "password");
        }).havingCause().withNoCause().withMessage("Expected failure #3");
        Mockito.verifyNoInteractions(new Object[]{oAuth2AuthorizedClientManager});
        springOAuth2Client.verifyCredentials(USER_NAME, "password");
        ((OAuth2AuthorizedClientManager) Mockito.verify(oAuth2AuthorizedClientManager)).authorize((OAuth2AuthorizeRequest) ArgumentMatchers.argThat(oAuth2AuthorizeRequest -> {
            return oAuth2AuthorizeRequest.getPrincipal() != null && USER_NAME.equals(oAuth2AuthorizeRequest.getPrincipal().getPrincipal());
        }));
    }

    @Test
    public void shouldThrowVerificationExceptionOnFailure() {
        OAuth2AuthorizedClientManager oAuth2AuthorizedClientManager = (OAuth2AuthorizedClientManager) Mockito.mock(OAuth2AuthorizedClientManager.class);
        Mockito.when(oAuth2AuthorizedClientManager.authorize((OAuth2AuthorizeRequest) ArgumentMatchers.any())).thenThrow(new Throwable[]{new RuntimeException("Expected")});
        OAuth2ClientFactoryBean.SpringOAuth2Client springOAuth2Client = new OAuth2ClientFactoryBean.SpringOAuth2Client(() -> {
            return oAuth2AuthorizedClientManager;
        });
        Assertions.assertThatExceptionOfType(IdentityServiceAuthenticationComponent.OAuth2Client.CredentialsVerificationException.class).isThrownBy(() -> {
            springOAuth2Client.verifyCredentials(USER_NAME, "password");
        }).havingCause().withNoCause().withMessage("Expected");
    }

    @Test
    public void shouldAvoidCreatingMultipleInstanceOfOAuth2AuthorizedClientManager() {
        OAuth2AuthorizedClient oAuth2AuthorizedClient = (OAuth2AuthorizedClient) Mockito.mock(OAuth2AuthorizedClient.class);
        Mockito.when(oAuth2AuthorizedClient.getAccessToken()).thenReturn((OAuth2AccessToken) Mockito.mock(OAuth2AccessToken.class));
        OAuth2AuthorizedClientManager oAuth2AuthorizedClientManager = (OAuth2AuthorizedClientManager) Mockito.mock(OAuth2AuthorizedClientManager.class);
        Mockito.when(oAuth2AuthorizedClientManager.authorize((OAuth2AuthorizeRequest) ArgumentMatchers.any())).thenReturn(oAuth2AuthorizedClient);
        Supplier supplier = (Supplier) Mockito.mock(Supplier.class);
        Mockito.when((OAuth2AuthorizedClientManager) supplier.get()).thenReturn(oAuth2AuthorizedClientManager);
        OAuth2ClientFactoryBean.SpringOAuth2Client springOAuth2Client = new OAuth2ClientFactoryBean.SpringOAuth2Client(supplier);
        springOAuth2Client.verifyCredentials(USER_NAME, "password");
        springOAuth2Client.verifyCredentials(USER_NAME, "password");
        springOAuth2Client.verifyCredentials(USER_NAME, "password");
        ((Supplier) Mockito.verify(supplier, Mockito.times(1))).get();
        ((OAuth2AuthorizedClientManager) Mockito.verify(oAuth2AuthorizedClientManager, Mockito.times(3))).authorize((OAuth2AuthorizeRequest) ArgumentMatchers.any());
    }

    private Supplier<OAuth2AuthorizedClientManager> faultySupplier(int i, OAuth2AuthorizedClientManager oAuth2AuthorizedClientManager) {
        int[] iArr = new int[1];
        return () -> {
            int i2 = iArr[0];
            iArr[0] = i2 + 1;
            if (i2 < i) {
                throw new RuntimeException("Expected failure #" + iArr[0]);
            }
            return oAuth2AuthorizedClientManager;
        };
    }
}
