package secureAsyncEventsApp.web;

import com.ibm.websphere.security.auth.WSSubject;
import componenttest.app.FATServlet;
import componenttest.custom.junit.runner.Mode;
import java.io.IOException;
import java.security.Principal;
import java.util.List;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import javax.annotation.Resource;
import javax.enterprise.concurrent.ManagedExecutorService;
import javax.enterprise.event.Event;
import javax.enterprise.event.NotificationOptions;
import javax.inject.Inject;
import javax.security.auth.Subject;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.Assert;
import org.junit.Test;

@WebServlet(urlPatterns = {"/secureasyncevents"})
@Mode(Mode.TestMode.FULL)
/* loaded from: input_file:secureAsyncEventsApp/web/SecureAsyncEventsServlet.class */
public class SecureAsyncEventsServlet extends FATServlet {

    @Inject
    private MultiThreadCDIBean multiThreadCDIBean;

    @Inject
    private SecureApprenticeChef secureApprentice;

    @Inject
    private SecureApprenticeChef secureChef;

    @Inject
    Event<CakeArrival> cakeEvent;

    @Resource
    ManagedExecutorService threadPool;
    private static final long serialVersionUID = 8549700799591343964L;

    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String queryString = httpServletRequest.getQueryString();
        if (queryString.contains("testSecureAsyncObserverUsingRunAsWithAuthority")) {
            System.out.println("Login as Basil");
            httpServletRequest.login("Basil", "Basilpwd");
        } else if (queryString.contains("testSecureAsyncObserverUsingRunAsWithNOAuthority")) {
            System.out.println("Login as Sybil");
            httpServletRequest.login("Sybil", "Sybilpwd");
        } else {
            System.out.println("Login as Faulty");
            httpServletRequest.login("Faulty", "faultypwd");
        }
        super.doGet(httpServletRequest, httpServletResponse);
    }

    @Test
    public void testSecureSyncObserver() throws Exception {
        Thread.currentThread().getId();
        try {
            WSSubject.getRunAsSubject();
        } catch (Exception e) {
            e.printStackTrace();
        }
        CakeArrival cakeArrival = new CakeArrival();
        this.cakeEvent.fire(cakeArrival);
        List<SecureCakeReport> cakeReports = cakeArrival.getCakeReports();
        SecureCakeReport secureCakeReport = null;
        if (!cakeReports.isEmpty()) {
            if (cakeReports.size() == 1) {
                secureCakeReport = cakeReports.get(0);
            } else {
                Assert.fail("Unexpected number of cake reports - " + cakeReports.size());
            }
        }
        Assert.assertNotNull("No cake report from sync observer", secureCakeReport);
        Assert.assertTrue("Unexpected cake observer - " + secureCakeReport.getCakeObserver(), secureCakeReport.getCakeObserver().equals("syncCakeObserver"));
        String nameFromSubject = getNameFromSubject(secureCakeReport.getCakeSubject());
        Assert.assertTrue("Unexpected observer principal - " + nameFromSubject, nameFromSubject.equals("Faulty"));
    }

    @Test
    public void testSecureAsyncObserver() throws Exception {
        long id = Thread.currentThread().getId();
        try {
            WSSubject.getRunAsSubject();
        } catch (Exception e) {
            e.printStackTrace();
        }
        List<SecureCakeReport> cakeReports = ((CakeArrival) this.cakeEvent.fireAsync(new CakeArrival()).toCompletableFuture().get(60000L, TimeUnit.MILLISECONDS)).getCakeReports();
        SecureCakeReport secureCakeReport = null;
        if (!cakeReports.isEmpty()) {
            if (cakeReports.size() == 1) {
                secureCakeReport = cakeReports.get(0);
            } else {
                Assert.fail("Unexpected number of cake reports - " + cakeReports.size());
            }
        }
        Assert.assertNotNull("No cake report from async observer", secureCakeReport);
        Assert.assertTrue("Unexpected cake observer - " + secureCakeReport.getCakeObserver(), secureCakeReport.getCakeObserver().equals("asyncCakeObserver"));
        Assert.assertFalse("async thread id is not different", id == secureCakeReport.getTid());
        String nameFromSubject = getNameFromSubject(secureCakeReport.getCakeSubject());
        Assert.assertTrue("Unexpected observer principal - " + nameFromSubject, nameFromSubject.equals("Faulty"));
    }

    @Test
    public void testSecureAsyncObserverWithExecutor() throws Exception {
        long id = Thread.currentThread().getId();
        try {
            WSSubject.getRunAsSubject();
        } catch (Exception e) {
            e.printStackTrace();
        }
        List<SecureCakeReport> cakeReports = ((CakeArrival) this.cakeEvent.fireAsync(new CakeArrival(), NotificationOptions.ofExecutor(this.threadPool)).toCompletableFuture().get(3000L, TimeUnit.MILLISECONDS)).getCakeReports();
        SecureCakeReport secureCakeReport = null;
        if (!cakeReports.isEmpty()) {
            if (cakeReports.size() == 1) {
                secureCakeReport = cakeReports.get(0);
            } else {
                Assert.fail("Unexpected number of cake reports - " + cakeReports.size());
            }
        }
        Assert.assertNotNull("No cake report from async observer", secureCakeReport);
        Assert.assertTrue("Unexpected cake observer - " + secureCakeReport.getCakeObserver(), secureCakeReport.getCakeObserver().equals("asyncCakeObserver"));
        Assert.assertFalse("async thread id is not different", id == secureCakeReport.getTid());
        String nameFromSubject = getNameFromSubject(secureCakeReport.getCakeSubject());
        Assert.assertTrue("Unexpected observer principal - " + nameFromSubject, nameFromSubject.equals("Faulty"));
    }

    @Test
    public void testMultiThreadSecurityContext() throws Exception {
        String name = this.multiThreadCDIBean.getName();
        Assert.assertTrue("Unexpected multi thread bean name - " + name, name.equals("Faulty"));
    }

    @Test
    public void testSecureAsyncObserverUsingRunAsWithAuthority() throws Exception {
        String details = this.secureApprentice.produceARecipe().getDetails();
        Assert.assertTrue("Unexpected recipe details - " + details, details.equals("SecretRecipeDetail"));
    }

    @Test
    public void testSecureAsyncObserverUsingRunAsWithNOAuthority() throws Exception {
        try {
            this.secureChef.produceARecipe();
            Assert.fail("Should have thrown access exception");
        } catch (Exception e) {
            Assert.assertTrue("Unexpected exception - " + e, e.toString().contains("EJBAccessException"));
        }
    }

    private String getNameFromSubject(Subject subject) {
        String str = "";
        if (subject != null) {
            Set<Principal> principals = subject.getPrincipals();
            if (principals == null || principals.size() <= 0) {
                Assert.fail("No Principals returned by observer");
            } else {
                Principal next = principals.iterator().next();
                if (next != null) {
                    str = next.getName();
                } else {
                    Assert.fail("Observer's first Principal not found");
                }
            }
        } else {
            Assert.fail("No Subject reported by observer");
        }
        return str;
    }
}
