package com.ibm.ws.webcontainer.security.test.servlets;

import componenttest.topology.impl.LibertyServer;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import java.util.logging.Logger;
import javax.net.ssl.SSLPeerUnverifiedException;
import org.apache.http.Header;
import org.apache.http.HeaderElement;
import org.apache.http.HttpMessage;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.conn.HttpHostConnectException;
import org.apache.http.impl.client.DefaultHttpClient;
import org.junit.Assert;

/* loaded from: input_file:com/ibm/ws/webcontainer/security/test/servlets/ServletClientImpl.class */
public abstract class ServletClientImpl implements ServletClient {
    private static final String AUTH_TYPE_HEADER = "getAuthType: ";
    private static final String REMOTE_USER_HEADER = "getRemoteUser: ";
    private static final String USER_PRINCIPAL_HEADER = "getUserPrincipal: ";
    private static final String USER_PRINCIPAL_NAME_HEADER = "getUserPrincipal().getName(): ";
    private static final String WSPRINCIPAL = "WSPrincipal:";
    private static final String EMPLOYEE_ROLE_HEADER = "isUserInRole(Employee): ";
    private static final String MANAGER_ROLE_HEADER = "isUserInRole(Manager): ";
    protected final String contextRoot;
    protected final String host;
    protected final int port;
    protected final String servletURL;
    protected String authType;
    protected Logger logger;
    protected LibertyServer server;
    protected String ssoCookieName;
    protected String ssoCookie;
    protected DefaultHttpClient client;

    /* JADX INFO: Access modifiers changed from: protected */
    public ServletClientImpl(String str, int i, boolean z, String str2) {
        this.server = null;
        this.ssoCookieName = "LtpaToken2";
        if (str == null || i == 0) {
            throw new IllegalArgumentException("Host (" + str + "is null or port (" + i + ") is zero");
        }
        this.host = str;
        this.port = i;
        this.contextRoot = str2;
        if (z) {
            this.servletURL = "https://" + str + ":" + i + str2;
        } else {
            this.servletURL = "http://" + str + ":" + i + str2;
        }
        this.client = new DefaultHttpClient();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ServletClientImpl(LibertyServer libertyServer, boolean z, String str) {
        this.server = null;
        this.ssoCookieName = "LtpaToken2";
        this.server = libertyServer;
        this.contextRoot = str;
        this.host = libertyServer.getHostname();
        if (z) {
            int httpDefaultSecurePort = libertyServer.getHttpDefaultSecurePort();
            this.port = httpDefaultSecurePort;
            this.servletURL = "https://" + this.host + ":" + httpDefaultSecurePort + str;
        } else {
            this.port = libertyServer.getHttpDefaultPort();
            this.servletURL = "http://" + this.host + ":" + this.port + str;
        }
        this.client = new DefaultHttpClient();
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String getContextRoot() {
        return this.contextRoot;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void failWithMessage(String str) {
        this.logger.severe("FAILURE: " + str);
        Assert.fail(str);
    }

    protected abstract void hookResetClientState();

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public void resetClientState() {
        this.client.getConnectionManager().shutdown();
        this.client = new DefaultHttpClient();
        hookResetClientState();
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public void releaseClient() {
        this.client.getConnectionManager().shutdown();
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessUnprotectedServlet(String str) {
        String str2 = this.servletURL + str;
        this.logger.info("accessUnprotectedServlet: " + str2);
        return access(str2, 200);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessDeniedHttpMethodServlet(String str, String str2, String str3) {
        String str4 = this.servletURL + str;
        this.logger.info("accessDeniedHttpMethodServlet: " + str4 + " user= " + str2 + " password=" + str3);
        return access(str4, 403) == null;
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessUnavailableServlet(String str) {
        String str2 = this.servletURL + str;
        this.logger.info("accessUnavailableServlet: " + str2);
        return accessWithException(str2, HttpHostConnectException.class);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessUnavailableServlet(String str, Class<?> cls) {
        String str2 = this.servletURL + str;
        this.logger.info("accessUnavailableServlet: " + str2);
        return accessWithException(str2, cls);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessPrecludedServlet(String str) {
        String str2 = this.servletURL + str;
        this.logger.info("accessPrecludedServlet: " + str2);
        return access(str2, 403) == null;
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessProtectedServletWithAuthorizedCredentials(String str, String str2, String str3) {
        String str4 = this.servletURL + str;
        this.logger.info("accessProtectedServletWithAuthorizedCredentials: " + str4 + " user=" + str2 + " password=" + str3);
        return accessAndAuthenticate(str4, str2, str3, 200);
    }

    public String accessProtectedServletWithAuthorizedCredentialsExpectError500(String str, String str2, String str3) {
        String str4 = this.servletURL + str;
        this.logger.info("accessProtectedServletWithAuthorizedCredentialsExpectError500: " + str4 + " user=" + str2 + " password=" + str3);
        return accessAndAuthenticateForError500(str4, str2, str3, 500);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessProtectedServletWithUnauthorizedCredentials(String str, String str2, String str3) {
        String str4 = this.servletURL + str;
        this.logger.info("accessProtectedServletWithUnauthorizedCredentials: " + str4 + " user=" + str2 + " password=" + str3);
        return accessAndAuthenticate(str4, str2, str3, 403) == null;
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessProtectedServletWithInvalidCredentials(String str, String str2, String str3) {
        String str4 = this.servletURL + str;
        this.logger.info("accessProtectedServletWithInvalidCredentials: " + str4 + " user=" + str2 + " password=" + str3);
        return accessAndAuthenticate(str4, str2, str3, 401) == null;
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessProtectedServletWithInvalidRegistry(String str, String str2, String str3) {
        String str4 = this.servletURL + str;
        this.logger.info("accessProtectedServletWithInvalidRegistry: " + str4 + " user=" + str2 + " password=" + str3);
        return accessAndAuthenticate(str4, str2, str3, 401) == null;
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessProtectedServletWithValidHeaders(String str, Map<String, String> map) {
        return accessProtectedServletWithValidHeaders(str, map, true);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessProtectedServletWithValidHeaders(String str, Map<String, String> map, Boolean bool) {
        return accessProtectedServletWithValidHeaders(str, map, bool, null);
    }

    public String accessProtectedServletWithValidHeaders(String str, Map<String, String> map, Boolean bool, Boolean bool2) {
        String str2 = this.servletURL + str;
        Set<String> keySet = map.keySet();
        StringBuilder sb = new StringBuilder();
        sb.append("[");
        for (String str3 : keySet) {
            sb.append(str3 + ": " + map.get(str3) + ", ");
        }
        this.logger.info("accessProtectedServletWithValidHeaders: " + str2 + ", headers=[" + sb.delete(sb.lastIndexOf(","), sb.length()).append("]").toString() + "]");
        return accessWithHeaders(str2, 200, map, bool, bool2);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessProtectedServletWithInvalidHeaders(String str, Map<String, String> map) {
        return accessProtectedServletWithInvalidHeaders(str, map, true);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessProtectedServletWithInvalidHeaders(String str, Map<String, String> map, boolean z) {
        return accessProtectedServletWithInvalidHeaders(str, map, z, 401);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessProtectedServletWithInvalidHeaders(String str, Map<String, String> map, boolean z, int i) {
        String str2 = this.servletURL + str;
        Set<String> keySet = map.keySet();
        StringBuilder sb = new StringBuilder();
        sb.append("[");
        for (String str3 : keySet) {
            sb.append(str3 + ": " + map.get(str3) + ", ");
        }
        this.logger.info("accessProtectedServletWithInvalidHeaders: " + str2 + ", headers=[" + sb.delete(sb.lastIndexOf(","), sb.length()).append("]").toString() + "]");
        return accessWithHeaders(str2, i, map, Boolean.valueOf(z));
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessSSLRequiredSevlet(String str) {
        String str2 = this.servletURL + str;
        this.logger.info("accessSSLRequiredSevlet: " + str2);
        try {
            this.client.execute(new HttpGet(str2));
            failWithMessage("Excepted SSL challenge did not occur");
            return false;
        } catch (SSLPeerUnverifiedException e) {
            return true;
        } catch (Exception e2) {
            failWithMessage("Caught unexpected exception: " + e2);
            return false;
        }
    }

    protected abstract String access(String str, int i);

    protected abstract String accessWithException(String str, Class<?> cls);

    protected abstract String accessAndAuthenticateForError500(String str, String str2, String str3, int i);

    protected abstract String accessAndAuthenticate(String str, String str2, String str3, int i);

    protected abstract String accessAndAuthenticateForExpectedInternalError(String str, String str2, String str3);

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public void setSSOCookieName(String str) {
        this.ssoCookieName = str;
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String getCookieFromLastLogin() {
        return this.ssoCookie;
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public String accessProtectedServletWithAuthorizedCookie(String str, String str2) {
        String str3 = this.servletURL + str;
        this.logger.info("accessProtectedServletWithAuthorizedCookie: " + str3 + " cookie=" + str2);
        return accessWithCookie(str3, str2, 200);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessProtectedServletWithUnauthorizedCookie(String str, String str2) {
        String str3 = this.servletURL + str;
        this.logger.info("accessProtectedServletWithUnauthorizedCookie: " + str3 + " cookie=" + str2);
        return accessWithCookie(str3, str2, 403) == null;
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean accessProtectedServletWithInvalidCookie(String str, String str2) {
        String str3 = this.servletURL + str;
        this.logger.info("accessProtectedServletWithInvalidCookie: " + str3);
        return accessWithCookie(str3, str2, 401) == null;
    }

    protected abstract String accessWithCookie(String str, String str2, int i);

    public String accessWithHeaders(String str, int i, Map<String, String> map, Boolean bool) {
        return accessWithHeaders(str, i, map, bool, null);
    }

    protected abstract String accessWithHeaders(String str, int i, Map<String, String> map, Boolean bool, Boolean bool2);

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public void checkForPasswordsInLogsAndTrace(String str) throws Exception {
        if (this.server != null) {
            Assert.assertEquals("Should not find password in the log file", Collections.emptyList(), this.server.findStringsInLogsAndTrace(str));
        }
    }

    public void validateNoSSOCookie(HttpMessage httpMessage) {
        this.logger.info("validateNoSSOCookie");
        Header[] headers = httpMessage.getHeaders("Set-Cookie");
        if (headers != null) {
            for (Header header : headers) {
                this.logger.info("header: " + header);
                for (HeaderElement headerElement : header.getElements()) {
                    if (headerElement.getName().equals(this.ssoCookieName)) {
                        failWithMessage("Found unexpected Set-Cookie for SSO cookie. Expecting NO sso cookie to be set");
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSSOCookieForLastLogin(HttpMessage httpMessage) {
        this.logger.info("setSSOCookieForLastLogin");
        Header[] headers = httpMessage.getHeaders("Set-Cookie");
        if (headers == null) {
            failWithMessage("setCookieHeaders was null and should not be");
        }
        for (Header header : headers) {
            this.logger.info("header: " + header);
            for (HeaderElement headerElement : header.getElements()) {
                if (headerElement.getName().equals(this.ssoCookieName)) {
                    this.ssoCookie = headerElement.getValue();
                    return;
                }
            }
        }
        Assert.fail("Set-Cookie for " + this.ssoCookieName + " not found in the cookieHeader after login");
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean verifyUnauthenticatedResponse(String str) {
        return verifyResponse(str, null, null, false, false, null, false);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean verifyResponse(String str, String str2, boolean z, boolean z2) {
        return verifyResponse(str, this.authType, str2, z, z2, null, false);
    }

    @Override // com.ibm.ws.webcontainer.security.test.servlets.ServletClient
    public boolean verifyResponse(String str, String str2, boolean z, boolean z2, String str3, boolean z3) {
        return verifyResponse(str, this.authType, str2, z, z2, str3, z3);
    }

    private boolean verifyResponse(String str, String str2, String str3, boolean z, boolean z2, String str4, boolean z3) {
        Assert.assertNotNull("The response should not be null", str);
        Assert.assertTrue("The response did not contain the expected remoteUser", str.contains(REMOTE_USER_HEADER + str3));
        if (str2 != null) {
            Assert.assertTrue("The response did not contain the expected authType", str.contains(AUTH_TYPE_HEADER + str2));
        } else {
            Assert.assertTrue("The response did not contain the expected authType", str.contains("getAuthType: null"));
        }
        if (str3 != null) {
            Assert.assertTrue("The response did not contain the expected userPrincipal", str.contains("getUserPrincipal: WSPrincipal:" + str3));
            Assert.assertTrue("The response did not contain the expected Principal name", str.contains(USER_PRINCIPAL_NAME_HEADER + str3));
        } else {
            Assert.assertTrue("The response did not contain the expected userPrincipal", str.contains("getUserPrincipal: null"));
        }
        Assert.assertTrue("The response did not contain the expected isUserInRole(Employee)", str.contains(EMPLOYEE_ROLE_HEADER + z));
        Assert.assertTrue("The response did not contain the expected isUserInRole(Manager)", str.contains(MANAGER_ROLE_HEADER + z2));
        Assert.assertTrue("The response did not contain the expected isUserInRole(" + str4 + ")", str.contains("isUserInRole(" + str4 + "): " + z3));
        return true;
    }
}
