package io.vertx.ext.web.tests.handler;

import io.vertx.core.Future;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.http.CookieSameSite;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.auth.otp.Authenticator;
import io.vertx.ext.auth.otp.hotp.HotpAuth;
import io.vertx.ext.auth.properties.PropertyFileAuthentication;
import io.vertx.ext.web.handler.BasicAuthHandler;
import io.vertx.ext.web.handler.BodyHandler;
import io.vertx.ext.web.handler.OtpAuthHandler;
import io.vertx.ext.web.handler.SessionHandler;
import io.vertx.ext.web.sstore.LocalSessionStore;
import io.vertx.ext.web.tests.WebTestBase;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicReference;
import org.junit.Test;

/* loaded from: input_file:io/vertx/ext/web/tests/handler/OtpHandlerTest.class */
public class OtpHandlerTest extends WebTestBase {

    /* loaded from: input_file:io/vertx/ext/web/tests/handler/OtpHandlerTest$DummyDatabase.class */
    static class DummyDatabase {
        private final Map<String, Authenticator> DB = new ConcurrentHashMap();

        DummyDatabase() {
        }

        public Future<Authenticator> fetch(String str) {
            return this.DB.containsKey(str) ? Future.succeededFuture(this.DB.get(str)) : Future.succeededFuture();
        }

        public Future<Void> upsert(Authenticator authenticator) {
            this.DB.put(authenticator.getIdentifier(), authenticator);
            return Future.succeededFuture();
        }

        public DummyDatabase fixture(Authenticator authenticator) {
            this.DB.put(authenticator.getIdentifier(), authenticator);
            return this;
        }

        public void dump() {
            this.DB.values().forEach(authenticator -> {
                System.out.println(authenticator.toJson().encodePrettily());
            });
        }
    }

    @Override // io.vertx.ext.web.tests.WebTestBase
    public void setUp() throws Exception {
        super.setUp();
        this.router.post().handler(BodyHandler.create());
        this.router.route().handler(SessionHandler.create(LocalSessionStore.create(this.vertx)).setCookieSameSite(CookieSameSite.STRICT));
        this.router.route().handler(BasicAuthHandler.create(PropertyFileAuthentication.create(this.vertx, "login/loginusers.properties")));
    }

    @Test
    public void testWithoutReroute() throws Exception {
        DummyDatabase dummyDatabase = new DummyDatabase();
        HotpAuth create = HotpAuth.create();
        Objects.requireNonNull(dummyDatabase);
        HotpAuth authenticatorFetcher = create.authenticatorFetcher(dummyDatabase::fetch);
        Objects.requireNonNull(dummyDatabase);
        this.router.route().handler(OtpAuthHandler.create(authenticatorFetcher.authenticatorUpdater(dummyDatabase::upsert)).issuer("Vert.x Demo").setupRegisterCallback(this.router.post("/otp/register")).setupCallback(this.router.post("/otp/verify")));
        this.router.route().handler(routingContext -> {
            routingContext.end("OTP OK");
        });
        testRequest(HttpMethod.GET, "/protected", 401, "Unauthorized");
        testRequest(HttpMethod.GET, "/protected", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Basic dGltOmRlbGljaW91czpzYXVzYWdlcw==");
        }, 401, "Unauthorized", "Unauthorized");
    }

    @Test
    public void testWithReroute() throws Exception {
        DummyDatabase dummyDatabase = new DummyDatabase();
        HotpAuth create = HotpAuth.create();
        Objects.requireNonNull(dummyDatabase);
        HotpAuth authenticatorFetcher = create.authenticatorFetcher(dummyDatabase::fetch);
        Objects.requireNonNull(dummyDatabase);
        this.router.route().handler(OtpAuthHandler.create(authenticatorFetcher.authenticatorUpdater(dummyDatabase::upsert)).issuer("Vert.x Demo").verifyUrl("/otp/verify.html").setupRegisterCallback(this.router.post("/otp/register")).setupCallback(this.router.post("/otp/verify")));
        this.router.route().handler(routingContext -> {
            routingContext.end("OTP OK");
        });
        testRequest(HttpMethod.GET, "/protected", 401, "Unauthorized");
        testRequest(HttpMethod.GET, "/protected", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Basic dGltOmRlbGljaW91czpzYXVzYWdlcw==");
        }, 302, "Found", "Redirecting to /otp/verify.html.");
    }

    @Test
    public void testRegisterAuthenticator() throws Exception {
        DummyDatabase dummyDatabase = new DummyDatabase();
        HotpAuth create = HotpAuth.create();
        Objects.requireNonNull(dummyDatabase);
        HotpAuth authenticatorFetcher = create.authenticatorFetcher(dummyDatabase::fetch);
        Objects.requireNonNull(dummyDatabase);
        this.router.route().handler(OtpAuthHandler.create(authenticatorFetcher.authenticatorUpdater(dummyDatabase::upsert)).issuer("Vert.x Demo").verifyUrl("/otp/verify.html").setupRegisterCallback(this.router.post("/otp/register")).setupCallback(this.router.post("/otp/verify")));
        this.router.route().handler(routingContext -> {
            routingContext.end("OTP OK");
        });
        testRequest(HttpMethod.POST, "/otp/register", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Basic dGltOmRlbGljaW91czpzYXVzYWdlcw==");
        }, httpClientResponse -> {
            httpClientResponse.body().onFailure(this::fail).onSuccess(buffer -> {
                try {
                    JsonObject jsonObject = new JsonObject(buffer);
                    assertEquals("Vert.x Demo", jsonObject.getString("issuer"));
                    assertNotNull(jsonObject.getString("url"));
                    assertTrue(jsonObject.getString("url").startsWith("otpauth://hotp/Vert.x+Demo:tim?secret="));
                    assertTrue(jsonObject.getString("url").endsWith("&counter=0"));
                    testComplete();
                } catch (Exception e) {
                    fail(e);
                }
            });
        }, 200, "OK", null);
        await();
    }

    @Test
    public void testVerifyAuthenticatorBadCode() throws Exception {
        DummyDatabase dummyDatabase = new DummyDatabase();
        dummyDatabase.fixture(new Authenticator().setAlgorithm("SHA1").setCounter(0L).setIdentifier("tim").setKey("FNQTLXVB74MKCGYYHXBKEKCGAHPXK7ED"));
        HotpAuth create = HotpAuth.create();
        Objects.requireNonNull(dummyDatabase);
        HotpAuth authenticatorFetcher = create.authenticatorFetcher(dummyDatabase::fetch);
        Objects.requireNonNull(dummyDatabase);
        this.router.route().handler(OtpAuthHandler.create(authenticatorFetcher.authenticatorUpdater(dummyDatabase::upsert)).issuer("Vert.x Demo").verifyUrl("/otp/verify.html").setupRegisterCallback(this.router.post("/otp/register")).setupCallback(this.router.post("/otp/verify")));
        this.router.route().handler(routingContext -> {
            routingContext.end("OTP OK");
        });
        testRequest(HttpMethod.POST, "/otp/verify", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Basic dGltOmRlbGljaW91czpzYXVzYWdlcw==");
            Buffer buffer = Buffer.buffer();
            buffer.appendString("--" + "dLV9Wyq26L_-JQxk6ferf-RT153LhOO" + "\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n000000\r\n--" + "dLV9Wyq26L_-JQxk6ferf-RT153LhOO" + "--\r\n");
            httpClientRequest.putHeader("content-length", String.valueOf(buffer.length()));
            httpClientRequest.putHeader("content-type", "multipart/form-data; boundary=" + "dLV9Wyq26L_-JQxk6ferf-RT153LhOO");
            httpClientRequest.write(buffer);
        }, 401, "Unauthorized", (String) null);
    }

    @Test
    public void testVerifyAuthenticatorGoodCode() throws Exception {
        DummyDatabase dummyDatabase = new DummyDatabase();
        dummyDatabase.fixture(new Authenticator().setAlgorithm("SHA1").setCounter(0L).setIdentifier("tim").setKey("FNQTLXVB74MKCGYYHXBKEKCGAHPXK7ED"));
        HotpAuth create = HotpAuth.create();
        Objects.requireNonNull(dummyDatabase);
        HotpAuth authenticatorFetcher = create.authenticatorFetcher(dummyDatabase::fetch);
        Objects.requireNonNull(dummyDatabase);
        this.router.route().handler(OtpAuthHandler.create(authenticatorFetcher.authenticatorUpdater(dummyDatabase::upsert)).issuer("Vert.x Demo").verifyUrl("/otp/verify.html").setupRegisterCallback(this.router.post("/otp/register")).setupCallback(this.router.post("/otp/verify")));
        this.router.route().handler(routingContext -> {
            routingContext.end("OTP OK");
        });
        AtomicReference atomicReference = new AtomicReference();
        testRequest(HttpMethod.POST, "/otp/verify", httpClientRequest -> {
            httpClientRequest.putHeader("Authorization", "Basic dGltOmRlbGljaW91czpzYXVzYWdlcw==");
            Buffer buffer = Buffer.buffer();
            buffer.appendString("--" + "dLV9Wyq26L_-JQxk6ferf-RT153LhOO" + "\r\nContent-Disposition: form-data; name=\"code\"\r\n\r\n793127\r\n--" + "dLV9Wyq26L_-JQxk6ferf-RT153LhOO" + "--\r\n");
            httpClientRequest.putHeader("content-length", String.valueOf(buffer.length()));
            httpClientRequest.putHeader("content-type", "multipart/form-data; boundary=" + "dLV9Wyq26L_-JQxk6ferf-RT153LhOO");
            httpClientRequest.write(buffer);
        }, httpClientResponse -> {
            atomicReference.set(httpClientResponse.headers().get("set-cookie"));
        }, 302, "Found", "Redirecting to /.");
        testRequest(HttpMethod.GET, "/", httpClientRequest2 -> {
            httpClientRequest2.putHeader("cookie", (String) atomicReference.get());
        }, 200, "OK", "OTP OK");
    }
}
