package com.ibm.ws.security.javaeesec.fat;

import com.ibm.websphere.simplicity.log.Log;
import com.ibm.ws.security.javaeesec.fat_helper.Constants;
import com.ibm.ws.security.javaeesec.fat_helper.JavaEESecTestBase;
import com.ibm.ws.security.javaeesec.fat_helper.ServerHelper;
import com.ibm.ws.security.javaeesec.fat_helper.WCApplicationHelper;
import componenttest.custom.junit.runner.FATRunner;
import componenttest.custom.junit.runner.Mode;
import componenttest.topology.impl.LibertyServer;
import componenttest.topology.impl.LibertyServerFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TestName;
import org.junit.runner.RunWith;

@RunWith(FATRunner.class)
/* loaded from: input_file:com/ibm/ws/security/javaeesec/fat/SecurityContextTest.class */
public class SecurityContextTest extends JavaEESecTestBase {
    protected String queryString;
    protected static String urlBase;
    protected DefaultHttpClient httpclient;

    @Rule
    public TestName name;
    protected static LibertyServer myServer = LibertyServerFactory.getLibertyServer("com.ibm.ws.security.javaeesec.fat");
    protected static Class<?> logClass = SecurityContextTest.class;
    protected static String[] warList = {"JavaEESecBasicAuthServlet.war"};
    protected static String JAR_NAME = "JavaEESecBase.jar";

    public SecurityContextTest() {
        super(myServer, logClass);
        this.queryString = "/JavaEESecBasicAuthServlet";
        this.name = new TestName();
    }

    @BeforeClass
    public static void setUp() throws Exception {
        ServerHelper.setupldapServer();
        WCApplicationHelper.addWarToServerApps(myServer, "JavaEESecBasicAuthServlet.war", true, JAR_NAME, false, "web.jar.base", "web.war.basic");
        myServer.setServerConfigurationFile("securityContext.xml");
        myServer.startServer(true);
        urlBase = "http://" + myServer.getHostname() + ":" + myServer.getHttpDefaultPort();
    }

    @AfterClass
    public static void tearDown() throws Exception {
        ServerHelper.commonStopServer(myServer, true);
    }

    @Before
    public void setupConnection() {
        this.httpclient = new DefaultHttpClient();
    }

    @After
    public void cleanupConnection() {
        this.httpclient.getConnectionManager().shutdown();
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_getCallerPrincipal_protectedServlet() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/JavaEESecBasic";
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, "jaspiuser1", "s3cur1ty", 200), "securityContext.getCallerPrincipal().getName(): jaspiuser1");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_getCallerPrincipal_unprotectedServlet() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/JavaEESecUnprotected";
        verifySecurityContextResponse(executeGetRequestNoAuthCreds(this.httpclient, urlBase + this.queryString, 200), Constants.secContextGetPrincipalNull);
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_isCallerInRole_inRole() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/JavaEESecBasic?role=" + Constants.BasicRole;
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, "jaspiuser1", "s3cur1ty", 200), "securityContext.isCallerInRole(javaeesec_basic): true");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_isCallerInRole_groupInRole() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/JavaEESecBasic?role=" + Constants.BasicRole;
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, "jaspiuser1", "s3cur1ty", 200), "securityContext.isCallerInRole(javaeesec_basic): true");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_isCallerInRole_notInRole() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/JavaEESecBasic?role=" + Constants.FormRole;
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, "jaspiuser1", "s3cur1ty", 200), "securityContext.isCallerInRole(javaeesec_form): false");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_getPrincipalsByType() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/JavaEESecBasic?type=Principal";
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, "jaspiuser1", "s3cur1ty", 200), "securityContext.GetPrincipalsByType number of principals: 2");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_hasAccessToWebResource_hasAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/JavaEESecBasic?resource=/Protected&methods=GET";
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, "jaspiuser1", "s3cur1ty", 200), "securityContext.hasAccessToWebResource(/Protected,GET): true");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_hasAccessToWebResource_noAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/Unprotected?resource=/Protected&methods=GET";
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, Constants.javaeesec_basicRoleGroupUser, "s3cur1ty", 200), "securityContext.hasAccessToWebResource(/Protected,GET): false");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_hasAccessToWebResource_multipleMethods_hasAccess() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/Unprotected?resource=/Protected&methods=GET,POST";
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, Constants.javaeesec_basicRoleGroupUser, "s3cur1ty", 200), "securityContext.hasAccessToWebResource(/Protected,GET,POST): true");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_hasAccessToWebResource_nullMethods() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/Unprotected?resource=/Protected&methods=";
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, "jaspiuser1", "s3cur1ty", 200), "securityContext.hasAccessToWebResource(/Protected,): true");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_hasAccessToWebResource_custom() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/Unprotected?resource=/CustomBasicAuth&methods=CUSTOM";
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, Constants.javaeesec_basicRoleGroupUser, "s3cur1ty", 200), "securityContext.hasAccessToWebResource(/CustomBasicAuth,CUSTOM): false");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Mode(Mode.TestMode.LITE)
    public void testSecurityContext_hasAccessToWebResource_nullMethods_custom() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        this.queryString += "/Protected?resource=/CustomBasicAuth&methods=";
        verifySecurityContextResponse(executeGetRequestBasicAuthCreds(this.httpclient, urlBase + this.queryString, "jaspiuser1", "s3cur1ty", 200), "securityContext.hasAccessToWebResource(/CustomBasicAuth,): true");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }
}
