package it;

import com.atlassian.jwt.SigningAlgorithm;
import com.atlassian.jwt.core.TimeUtil;
import com.atlassian.jwt.core.writer.JsonSmartJwtJsonBuilder;
import com.atlassian.jwt.core.writer.JwtClaimsBuilder;
import com.atlassian.jwt.core.writer.NimbusJwtWriter;
import com.atlassian.jwt.exception.JwtMalformedSharedSecretException;
import com.atlassian.jwt.httpclient.CanonicalHttpUriRequest;
import com.atlassian.jwt.server.JwtPeer;
import com.atlassian.jwt.util.HttpUtil;
import com.atlassian.jwt.writer.JwtJsonBuilder;
import com.atlassian.jwt.writer.JwtWriter;
import com.google.common.collect.ImmutableMap;
import com.nimbusds.jose.KeyLengthException;
import com.nimbusds.jose.crypto.MACSigner;
import it.rule.JwtPeerRegistration;
import it.util.HttpResponseConsumers;
import java.io.IOException;
import java.net.URI;
import java.security.NoSuchAlgorithmException;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;

/* loaded from: input_file:it/TestJwtAuthentication.class */
public class TestJwtAuthentication extends AbstractPeerTest {
    private final JwtPeer peer = new JwtPeer();

    @Rule
    public final JwtPeerRegistration lifecycle = new JwtPeerRegistration(this.peer, this);
    private JwtWriter jwtWriter;

    @Before
    public void before() {
        this.jwtWriter = new NimbusJwtWriter(SigningAlgorithm.HS256, createMACSigner(this.peer.getSecretStore().getSecret()));
    }

    @Test
    public void testRequestFromAnonymous() throws IOException {
        HttpUtil.get(whoAmIResource(), HttpResponseConsumers.expectBody("anonymous"));
    }

    @Test
    public void testRequestSignedWithJwtHs256InQueryString() throws Exception {
        HttpUtil.get(whoAmIResource() + "?jwt=" + this.jwtWriter.jsonToJwt(createJwtJsonBuilder(whoAmIResource()).build()), HttpResponseConsumers.expectBody("admin"));
    }

    @Test
    public void testRequestSignedWithJwtHs256InHeader() throws Exception {
        HttpUtil.get(whoAmIResource(), ImmutableMap.of("Authorization", "JWT " + this.jwtWriter.jsonToJwt(createJwtJsonBuilder(whoAmIResource()).build())), HttpResponseConsumers.expectBody("admin"));
    }

    private static MACSigner createMACSigner(String str) {
        try {
            return new MACSigner(str);
        } catch (KeyLengthException e) {
            throw new JwtMalformedSharedSecretException("Failed to create MAC signer with the provided secret key", e);
        }
    }

    private JwtJsonBuilder createJwtJsonBuilder(String str) throws IOException, NoSuchAlgorithmException {
        JwtJsonBuilder expirationTime = new JsonSmartJwtJsonBuilder().issuer(this.peer.getSecretStore().getClientId()).subject("admin").issuedAt(TimeUtil.currentTimeSeconds()).expirationTime(TimeUtil.currentTimePlusNSeconds(60L));
        JwtClaimsBuilder.appendHttpRequestClaims(expirationTime, new CanonicalHttpUriRequest("GET", URI.create(str).getPath(), getContextPath()));
        return expirationTime;
    }
}
