package io.vertx.ext.web.handler;

import io.vertx.core.http.HttpHeaders;
import io.vertx.core.http.HttpMethod;
import io.vertx.ext.auth.User;
import io.vertx.ext.auth.authentication.AuthenticationProvider;
import io.vertx.ext.auth.authorization.AuthorizationProvider;
import io.vertx.ext.auth.authorization.RoleBasedAuthorization;
import io.vertx.ext.auth.properties.PropertyFileAuthentication;
import io.vertx.ext.auth.properties.PropertyFileAuthorization;
import io.vertx.ext.web.WebTestBase;
import io.vertx.ext.web.sstore.SessionStore;
import java.util.concurrent.atomic.AtomicReference;
import org.junit.Test;

/* loaded from: input_file:io/vertx/ext/web/handler/BasicAuthImpersonationTest.class */
public class BasicAuthImpersonationTest extends WebTestBase {
    AuthenticationProvider authn;
    AuthorizationProvider authz;
    private static final String USER_SWITCH_KEY = "__vertx.user-switch-ref";

    @Override // io.vertx.ext.web.WebTestBase
    public void setUp() throws Exception {
        super.setUp();
        this.authn = PropertyFileAuthentication.create(this.vertx, "login/loginusers.properties");
        this.authz = PropertyFileAuthorization.create(this.vertx, "login/loginusers.properties");
    }

    @Test
    public void testSwitchUser() throws Exception {
        this.router.route().handler(SessionHandler.create(SessionStore.create(this.vertx)));
        this.router.route("/user-switch/impersonate").handler(routingContext -> {
            routingContext.userContext().loginHint(routingContext.request().getParam("login_hint")).impersonate(routingContext.request().getParam("redirect_uri")).onFailure(th -> {
                if (th instanceof HttpException) {
                    routingContext.fail(th);
                } else {
                    routingContext.fail(500);
                }
            });
        });
        this.router.route("/user-switch/undo").handler(routingContext2 -> {
            routingContext2.userContext().loginHint(routingContext2.request().getParam("login_hint")).restore(routingContext2.request().getParam("redirect_uri")).onFailure(th -> {
                if (th instanceof HttpException) {
                    routingContext2.fail(th);
                } else {
                    routingContext2.fail(500);
                }
            });
        });
        this.router.route("/protected/*").handler(BasicAuthHandler.create(this.authn));
        AtomicReference atomicReference = new AtomicReference();
        this.router.route("/protected/base").handler(AuthorizationHandler.create(RoleBasedAuthorization.create("read")).addAuthorizationProvider(this.authz)).handler(routingContext3 -> {
            assertNotNull(routingContext3.user());
            atomicReference.set(routingContext3.user());
            routingContext3.end("OK");
        });
        this.router.route("/protected/admin").handler(AuthorizationHandler.create(RoleBasedAuthorization.create("write")).addAuthorizationProvider(this.authz)).handler(routingContext4 -> {
            assertNotNull(routingContext4.user());
            User user = (User) atomicReference.get();
            assertNotNull(user);
            assertFalse(user.equals(routingContext4.user()));
            User user2 = (User) routingContext4.session().get(USER_SWITCH_KEY);
            assertNotNull(user2);
            assertEquals(user2, user);
            routingContext4.response().end("Welcome to the 2nd protected resource!");
        });
        AtomicReference atomicReference2 = new AtomicReference();
        testRequest(HttpMethod.GET, "/protected/base", null, httpClientResponse -> {
            assertNotNull(httpClientResponse.getHeader("WWW-Authenticate"));
            assertNull(httpClientResponse.headers().get("set-cookie"));
        }, 401, "Unauthorized", null);
        testRequest(HttpMethod.GET, "/protected/base", httpClientRequest -> {
            httpClientRequest.putHeader(HttpHeaders.AUTHORIZATION, "Basic cmVndWxhcjpyZWd1bGFy");
        }, httpClientResponse2 -> {
            String str = httpClientResponse2.headers().get("set-cookie");
            assertNotNull(str);
            atomicReference2.set(str.substring(0, str.indexOf(59)));
        }, 200, "OK", null);
        testRequest(HttpMethod.GET, "/protected/base", httpClientRequest2 -> {
            httpClientRequest2.putHeader(HttpHeaders.COOKIE, (CharSequence) atomicReference2.get());
        }, httpClientResponse3 -> {
        }, 200, "OK", "OK");
        testRequest(HttpMethod.GET, "/protected/admin", httpClientRequest3 -> {
            httpClientRequest3.putHeader(HttpHeaders.COOKIE, (CharSequence) atomicReference2.get());
        }, httpClientResponse4 -> {
        }, 403, "Forbidden", null);
        testRequest(HttpMethod.GET, "/user-switch/impersonate?redirect_uri=/protected/admin&login_hint=admin", httpClientRequest4 -> {
        }, httpClientResponse5 -> {
        }, 401, "Unauthorized", null);
        testRequest(HttpMethod.GET, "/user-switch/impersonate?redirect_uri=/protected/admin&login_hint=admin", httpClientRequest5 -> {
            httpClientRequest5.putHeader(HttpHeaders.COOKIE, (CharSequence) atomicReference2.get());
        }, httpClientResponse6 -> {
            String str = httpClientResponse6.headers().get("set-cookie");
            assertNotNull(str);
            assertFalse(str.substring(0, str.indexOf(59)).equals(atomicReference2.get()));
            atomicReference2.set(str.substring(0, str.indexOf(59)));
            assertNotNull(httpClientResponse6.getHeader(HttpHeaders.LOCATION));
        }, 302, "Found", null);
        testRequest(HttpMethod.GET, "/protected/admin", httpClientRequest6 -> {
        }, httpClientResponse7 -> {
        }, 401, "Unauthorized", null);
        testRequest(HttpMethod.GET, "/protected/admin", httpClientRequest7 -> {
            httpClientRequest7.putHeader(HttpHeaders.COOKIE, (CharSequence) atomicReference2.get());
        }, httpClientResponse8 -> {
            assertNotNull(httpClientResponse8.getHeader("WWW-Authenticate"));
            assertNull(httpClientResponse8.headers().get("set-cookie"));
        }, 401, "Unauthorized", null);
        testRequest(HttpMethod.GET, "/protected/admin", httpClientRequest8 -> {
            httpClientRequest8.putHeader(HttpHeaders.COOKIE, (CharSequence) atomicReference2.get());
            httpClientRequest8.putHeader(HttpHeaders.AUTHORIZATION, "Basic YWRtaW46YWRtaW4=");
        }, httpClientResponse9 -> {
            String str = httpClientResponse9.headers().get("set-cookie");
            assertNotNull(str);
            atomicReference2.set(str.substring(0, str.indexOf(59)));
        }, 200, "OK", null);
        testRequest(HttpMethod.GET, "/protected/admin", httpClientRequest9 -> {
            httpClientRequest9.putHeader(HttpHeaders.COOKIE, (CharSequence) atomicReference2.get());
        }, httpClientResponse10 -> {
        }, 200, "OK", "Welcome to the 2nd protected resource!");
        testRequest(HttpMethod.GET, "/user-switch/undo?redirect_uri=/protected/base", httpClientRequest10 -> {
            httpClientRequest10.putHeader(HttpHeaders.COOKIE, (CharSequence) atomicReference2.get());
        }, httpClientResponse11 -> {
            String str = httpClientResponse11.headers().get("set-cookie");
            assertNotNull(str);
            assertFalse(str.substring(0, str.indexOf(59)).equals(atomicReference2.get()));
            atomicReference2.set(str.substring(0, str.indexOf(59)));
            assertNotNull(httpClientResponse11.getHeader(HttpHeaders.LOCATION));
        }, 302, "Found", null);
        testRequest(HttpMethod.GET, "/protected/base", httpClientRequest11 -> {
            httpClientRequest11.putHeader(HttpHeaders.COOKIE, (CharSequence) atomicReference2.get());
        }, httpClientResponse12 -> {
        }, 200, "OK", "OK");
        testRequest(HttpMethod.GET, "/protected/admin", httpClientRequest12 -> {
            httpClientRequest12.putHeader(HttpHeaders.COOKIE, (CharSequence) atomicReference2.get());
        }, httpClientResponse13 -> {
        }, 403, "Forbidden", null);
    }
}
