package org.apache.james.jmap;

import com.google.common.collect.ImmutableList;
import java.util.concurrent.TimeUnit;
import javax.servlet.FilterChain;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.james.jmap.api.access.AccessToken;
import org.apache.james.jmap.api.access.AccessTokenRepository;
import org.apache.james.jmap.exceptions.MailboxSessionCreationException;
import org.apache.james.jmap.memory.access.MemoryAccessTokenRepository;
import org.apache.james.mailbox.MailboxSession;
import org.apache.james.metrics.api.NoopMetricFactory;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Matchers;
import org.mockito.Mockito;

/* loaded from: input_file:org/apache/james/jmap/AuthenticationFilterTest.class */
public class AuthenticationFilterTest {
    private static final String TOKEN = "df991d2a-1c5a-4910-a90f-808b6eda133e";
    private HttpServletRequest mockedRequest;
    private HttpServletResponse mockedResponse;
    private AccessTokenRepository accessTokenRepository;
    private AuthenticationFilter testee;
    private FilterChain filterChain;

    /* loaded from: input_file:org/apache/james/jmap/AuthenticationFilterTest$FakeAuthenticationStrategy.class */
    private static class FakeAuthenticationStrategy implements AuthenticationStrategy {
        private final boolean isAuthorized;

        private FakeAuthenticationStrategy(boolean z) {
            this.isAuthorized = z;
        }

        public MailboxSession createMailboxSession(HttpServletRequest httpServletRequest) {
            if (this.isAuthorized) {
                return (MailboxSession) Mockito.mock(MailboxSession.class);
            }
            throw new MailboxSessionCreationException((Exception) null);
        }
    }

    @Before
    public void setup() throws Exception {
        this.mockedRequest = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        this.mockedResponse = (HttpServletResponse) Mockito.mock(HttpServletResponse.class);
        this.accessTokenRepository = new MemoryAccessTokenRepository(TimeUnit.MILLISECONDS.convert(1L, TimeUnit.HOURS));
        Mockito.when(this.mockedRequest.getMethod()).thenReturn("POST");
        this.testee = new AuthenticationFilter(ImmutableList.of(new FakeAuthenticationStrategy(false)), new NoopMetricFactory());
        this.filterChain = (FilterChain) Mockito.mock(FilterChain.class);
    }

    @Test
    public void filterShouldReturnUnauthorizedOnNullAuthorizationHeader() throws Exception {
        Mockito.when(this.mockedRequest.getHeader("Authorization")).thenReturn((Object) null);
        this.testee.doFilter(this.mockedRequest, this.mockedResponse, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.mockedResponse)).sendError(401);
    }

    @Test
    public void filterShouldReturnUnauthorizedOnInvalidAuthorizationHeader() throws Exception {
        Mockito.when(this.mockedRequest.getHeader("Authorization")).thenReturn(TOKEN);
        this.testee.doFilter(this.mockedRequest, this.mockedResponse, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.mockedResponse)).sendError(401);
    }

    @Test
    public void filterShouldChainOnValidAuthorizationHeader() throws Exception {
        AccessToken fromString = AccessToken.fromString(TOKEN);
        Mockito.when(this.mockedRequest.getHeader("Authorization")).thenReturn(TOKEN);
        this.accessTokenRepository.addToken("user@domain.tld", fromString);
        new AuthenticationFilter(ImmutableList.of(new FakeAuthenticationStrategy(true)), new NoopMetricFactory()).doFilter(this.mockedRequest, this.mockedResponse, this.filterChain);
        ((FilterChain) Mockito.verify(this.filterChain)).doFilter((ServletRequest) Matchers.any(ServletRequest.class), (ServletResponse) Matchers.eq(this.mockedResponse));
    }

    @Test
    public void filterShouldChainAuthorizationStrategy() throws Exception {
        AccessToken fromString = AccessToken.fromString(TOKEN);
        Mockito.when(this.mockedRequest.getHeader("Authorization")).thenReturn(TOKEN);
        this.accessTokenRepository.addToken("user@domain.tld", fromString);
        new AuthenticationFilter(ImmutableList.of(new FakeAuthenticationStrategy(false), new FakeAuthenticationStrategy(true)), new NoopMetricFactory()).doFilter(this.mockedRequest, this.mockedResponse, this.filterChain);
        ((FilterChain) Mockito.verify(this.filterChain)).doFilter((ServletRequest) Matchers.any(ServletRequest.class), (ServletResponse) Matchers.eq(this.mockedResponse));
    }

    @Test
    public void filterShouldReturnUnauthorizedOnBadAuthorizationHeader() throws Exception {
        Mockito.when(this.mockedRequest.getHeader("Authorization")).thenReturn("bad");
        this.testee.doFilter(this.mockedRequest, this.mockedResponse, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.mockedResponse)).sendError(401);
    }

    @Test
    public void filterShouldReturnUnauthorizedWhenNoStrategy() throws Exception {
        Mockito.when(this.mockedRequest.getHeader("Authorization")).thenReturn(TOKEN);
        new AuthenticationFilter(ImmutableList.of(), new NoopMetricFactory()).doFilter(this.mockedRequest, this.mockedResponse, this.filterChain);
        ((HttpServletResponse) Mockito.verify(this.mockedResponse)).sendError(401);
    }
}
