package net.shibboleth.idp.authn.impl;

import java.util.Arrays;
import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import net.shibboleth.idp.authn.AuthenticationFlowDescriptor;
import net.shibboleth.idp.authn.context.AuthenticationContext;
import net.shibboleth.idp.authn.principal.UsernamePrincipal;
import net.shibboleth.idp.profile.ActionTestingSupport;
import net.shibboleth.utilities.java.support.component.ComponentInitializationException;
import org.opensaml.profile.context.ProfileRequestContext;
import org.testng.Assert;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/authn/impl/ValidateRemoteUserTest.class */
public class ValidateRemoteUserTest extends BaseAuthenticationContextTest {
    private ValidateRemoteUser action;

    @Override // net.shibboleth.idp.authn.impl.BaseAuthenticationContextTest
    @BeforeMethod
    public void setUp() throws Exception {
        super.setUp();
        this.action = new ValidateRemoteUser();
        this.action.setWhitelistedUsernames(Arrays.asList("bar", "baz"));
        this.action.setBlacklistedUsernames(Arrays.asList("foo"));
        this.action.setMatchExpression(Pattern.compile("^ba(r|z|n)$"));
        this.action.setHttpServletRequest((HttpServletRequest) this.src.getExternalContext().getNativeRequest());
        this.action.initialize();
    }

    @Test
    public void testMissingFlow() {
        ActionTestingSupport.assertEvent(this.action.execute(this.src), "InvalidProfileContext");
    }

    @Test
    public void testMissingUser() {
        this.prc.getSubcontext(AuthenticationContext.class, false).setAttemptedFlow((AuthenticationFlowDescriptor) this.authenticationFlows.get(0));
        ActionTestingSupport.assertEvent(this.action.execute(this.src), "NoCredentials");
    }

    @Test
    public void testMissingUser2() throws ComponentInitializationException {
        this.prc.getSubcontext(AuthenticationContext.class, false).setAttemptedFlow((AuthenticationFlowDescriptor) this.authenticationFlows.get(0));
        doExtract(this.prc);
        ActionTestingSupport.assertEvent(this.action.execute(this.src), "NoCredentials");
    }

    @Test
    public void testUnauthorized() throws ComponentInitializationException {
        this.action.getHttpServletRequest().setRemoteUser("bam");
        this.prc.getSubcontext(AuthenticationContext.class, false).setAttemptedFlow((AuthenticationFlowDescriptor) this.authenticationFlows.get(0));
        doExtract(this.prc);
        ActionTestingSupport.assertEvent(this.action.execute(this.src), "InvalidCredentials");
    }

    @Test
    public void testAuthorized() throws ComponentInitializationException {
        this.action.getHttpServletRequest().setRemoteUser("baz");
        AuthenticationContext subcontext = this.prc.getSubcontext(AuthenticationContext.class, false);
        subcontext.setAttemptedFlow((AuthenticationFlowDescriptor) this.authenticationFlows.get(0));
        doExtract(this.prc);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.src));
        Assert.assertNotNull(subcontext.getAuthenticationResult());
        Assert.assertEquals(((UsernamePrincipal) subcontext.getAuthenticationResult().getSubject().getPrincipals(UsernamePrincipal.class).iterator().next()).getName(), "baz");
    }

    @Test
    public void testBlacklist() throws ComponentInitializationException {
        this.action.getHttpServletRequest().setRemoteUser("foo");
        this.prc.getSubcontext(AuthenticationContext.class, false).setAttemptedFlow((AuthenticationFlowDescriptor) this.authenticationFlows.get(0));
        doExtract(this.prc);
        ActionTestingSupport.assertEvent(this.action.execute(this.src), "InvalidCredentials");
    }

    @Test
    public void testPattern() throws ComponentInitializationException {
        this.action.getHttpServletRequest().setRemoteUser("ban");
        AuthenticationContext subcontext = this.prc.getSubcontext(AuthenticationContext.class, false);
        subcontext.setAttemptedFlow((AuthenticationFlowDescriptor) this.authenticationFlows.get(0));
        doExtract(this.prc);
        ActionTestingSupport.assertProceedEvent(this.action.execute(this.src));
        Assert.assertNotNull(subcontext.getAuthenticationResult());
        Assert.assertEquals(((UsernamePrincipal) subcontext.getAuthenticationResult().getSubject().getPrincipals(UsernamePrincipal.class).iterator().next()).getName(), "ban");
    }

    private void doExtract(ProfileRequestContext profileRequestContext) throws ComponentInitializationException {
        ExtractRemoteUser extractRemoteUser = new ExtractRemoteUser();
        extractRemoteUser.setHttpServletRequest(this.action.getHttpServletRequest());
        extractRemoteUser.initialize();
        extractRemoteUser.execute(this.src);
    }
}
