package org.kuali.kfs.web.filter;

import java.io.PrintWriter;
import java.util.Optional;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.junit.jupiter.api.parallel.Execution;
import org.junit.jupiter.api.parallel.ExecutionMode;
import org.kuali.kfs.kim.impl.identity.Person;
import org.kuali.kfs.kns.bo.AuthenticationValidationResponse;
import org.kuali.kfs.kns.service.CfAuthenticationService;
import org.kuali.kfs.krad.UserSession;
import org.kuali.kfs.sys.businessobject.JwtData;
import org.kuali.kfs.sys.service.CoreApiKeyAuthenticationService;
import org.kuali.kfs.sys.service.JwtService;
import org.kuali.kfs.sys.util.BearerTokenContext;
import org.mockito.ArgumentMatchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.jupiter.MockitoExtension;

@Execution(ExecutionMode.SAME_THREAD)
@ExtendWith({MockitoExtension.class})
/* loaded from: input_file:org/kuali/kfs/web/filter/ResourceLoginFilterTest.class */
class ResourceLoginFilterTest {
    private ResourceLoginFilter cut;

    @Mock
    private CfAuthenticationService cfAuthSvcMock;

    @Mock
    private CoreApiKeyAuthenticationService coreApiKeyAuthSvcMock;

    @Mock
    private JwtService jwtSvcMock;
    private boolean userSessionEstablished;

    ResourceLoginFilterTest() {
    }

    @BeforeEach
    void setUp() {
        this.cut = new ResourceLoginFilter() { // from class: org.kuali.kfs.web.filter.ResourceLoginFilterTest.1
            protected JwtService getJwtService() {
                return ResourceLoginFilterTest.this.jwtSvcMock;
            }

            protected CoreApiKeyAuthenticationService getCoreApiKeyAuthenticationService() {
                return ResourceLoginFilterTest.this.coreApiKeyAuthSvcMock;
            }

            protected boolean isUserSessionEstablished(HttpServletRequest httpServletRequest) {
                return ResourceLoginFilterTest.this.userSessionEstablished;
            }

            protected void establishUserSession(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
            }

            protected void setUserSession(HttpServletRequest httpServletRequest, String str) {
            }

            protected CfAuthenticationService getCfAuthenticationService() {
                return ResourceLoginFilterTest.this.cfAuthSvcMock;
            }
        };
        this.userSessionEstablished = false;
    }

    @AfterEach
    void tearDown() {
        BearerTokenContext.clear();
    }

    @Test
    void pathDoesNotRequireAuthentication(@Mock HttpServletRequest httpServletRequest, @Mock HttpServletResponse httpServletResponse, @Mock FilterChain filterChain) throws Exception {
        this.userSessionEstablished = false;
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/health/check");
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletResponse});
        Mockito.verifyNoMoreInteractions(new Object[]{this.cfAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void notInSession(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        this.userSessionEstablished = false;
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn((Object) null);
        httpServletResponse.setStatus(401);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(printWriter);
        printWriter.println("[ \"Unauthorized\" ]");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest)).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void notInSessionOrRequest(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        this.userSessionEstablished = false;
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn((Object) null);
        httpServletResponse.setStatus(401);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(printWriter);
        printWriter.println("[ \"Unauthorized\" ]");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest)).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void inSession(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock Person person, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock FilterChain filterChain) throws Exception {
        this.userSessionEstablished = true;
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(person.getPrincipalName()).thenReturn("SomeUser");
        Mockito.when(userSession.getActualPerson()).thenReturn(person);
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn((Object) null);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        Mockito.when(this.cfAuthSvcMock.validatePrincipalName(ArgumentMatchers.anyString())).thenReturn(AuthenticationValidationResponse.VALID_AUTHENTICATION);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest, Mockito.times(2))).getHeader(ArgumentMatchers.anyString());
        ((FilterChain) Mockito.verify(filterChain, Mockito.times(2))).doFilter(httpServletRequest, httpServletResponse);
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void inSessionEmptyHeader(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock Person person, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        this.userSessionEstablished = true;
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(person.getPrincipalName()).thenReturn("SomeUser");
        Mockito.when(userSession.getActualPerson()).thenReturn(person);
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("");
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        httpServletResponse.setStatus(401);
        printWriter.println("[ \"Unauthorized\" ]");
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        Mockito.when(this.cfAuthSvcMock.validatePrincipalName(ArgumentMatchers.anyString())).thenReturn(AuthenticationValidationResponse.VALID_AUTHENTICATION);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest, Mockito.times(2))).getHeader(ArgumentMatchers.anyString());
        ((FilterChain) Mockito.verify(filterChain, Mockito.times(2))).doFilter(httpServletRequest, httpServletResponse);
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void blankAuthHeader(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("");
        httpServletResponse.setStatus(401);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(printWriter);
        printWriter.println("[ \"Unauthorized\" ]");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest)).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void noBearerHeader(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("XXX");
        httpServletResponse.setStatus(401);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(printWriter);
        printWriter.println("[ \"Unauthorized\" ]");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest)).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void onlyBearerHeader(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("Bearer");
        httpServletResponse.setStatus(401);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(printWriter);
        printWriter.println("[ \"Unauthorized\" ]");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest)).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void blankKeyHeader(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("Bearer ");
        httpServletResponse.setStatus(401);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(printWriter);
        printWriter.println("[ \"Unauthorized\" ]");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest)).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void nonCoreBadHeader(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("Bearer BAD");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        Mockito.when(Boolean.valueOf(this.coreApiKeyAuthSvcMock.useCore())).thenReturn(false);
        Mockito.when(this.jwtSvcMock.decodeJwt("BAD")).thenThrow(new Throwable[]{new RuntimeException("Error")});
        httpServletResponse.setStatus(401);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(printWriter);
        printWriter.println("[ \"Unauthorized\" ]");
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest)).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        ((CoreApiKeyAuthenticationService) Mockito.verify(this.coreApiKeyAuthSvcMock)).useCore();
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        ((JwtService) Mockito.verify(this.jwtSvcMock)).decodeJwt(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void nonCoreGoodHeader(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock FilterChain filterChain) throws Exception {
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("Bearer GOOD");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        Mockito.when(Boolean.valueOf(this.coreApiKeyAuthSvcMock.useCore())).thenReturn(false);
        JwtData jwtData = new JwtData();
        jwtData.setPrincipalName("user");
        Mockito.when(this.jwtSvcMock.decodeJwt("GOOD")).thenReturn(jwtData);
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        Mockito.when(this.cfAuthSvcMock.validatePrincipalName(ArgumentMatchers.anyString())).thenReturn(AuthenticationValidationResponse.VALID_AUTHENTICATION);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest, Mockito.times(2))).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        ((CoreApiKeyAuthenticationService) Mockito.verify(this.coreApiKeyAuthSvcMock)).useCore();
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        ((JwtService) Mockito.verify(this.jwtSvcMock)).decodeJwt(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        ((FilterChain) Mockito.verify(filterChain, Mockito.times(2))).doFilter(httpServletRequest, httpServletResponse);
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Assertions.assertEquals("GOOD", BearerTokenContext.getBearerToken());
    }

    @Test
    void coreBadHeader(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("Bearer BAD");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        Mockito.when(Boolean.valueOf(this.coreApiKeyAuthSvcMock.useCore())).thenReturn(true);
        Mockito.when(this.coreApiKeyAuthSvcMock.getPrincipalIdFromApiKey("BAD", userSession)).thenReturn(Optional.empty());
        httpServletResponse.setStatus(401);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(printWriter);
        printWriter.println("[ \"Unauthorized\" ]");
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest)).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        ((CoreApiKeyAuthenticationService) Mockito.verify(this.coreApiKeyAuthSvcMock)).useCore();
        ((CoreApiKeyAuthenticationService) Mockito.verify(this.coreApiKeyAuthSvcMock)).getPrincipalIdFromApiKey(ArgumentMatchers.anyString(), (UserSession) ArgumentMatchers.eq(userSession));
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    @Test
    void coreGoodHeader(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock FilterChain filterChain) throws Exception {
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("Bearer GOOD");
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        Mockito.when(Boolean.valueOf(this.coreApiKeyAuthSvcMock.useCore())).thenReturn(true);
        Mockito.when(this.coreApiKeyAuthSvcMock.getPrincipalIdFromApiKey("GOOD", userSession)).thenReturn(Optional.of("user"));
        filterChain.doFilter(httpServletRequest, httpServletResponse);
        Mockito.when(this.cfAuthSvcMock.validatePrincipalName(ArgumentMatchers.anyString())).thenReturn(AuthenticationValidationResponse.VALID_AUTHENTICATION);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest, Mockito.times(2))).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        ((CoreApiKeyAuthenticationService) Mockito.verify(this.coreApiKeyAuthSvcMock)).useCore();
        ((CoreApiKeyAuthenticationService) Mockito.verify(this.coreApiKeyAuthSvcMock)).getPrincipalIdFromApiKey(ArgumentMatchers.anyString(), (UserSession) ArgumentMatchers.eq(userSession));
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        ((FilterChain) Mockito.verify(filterChain, Mockito.times(2))).doFilter(httpServletRequest, httpServletResponse);
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertEquals("GOOD", BearerTokenContext.getBearerToken());
    }

    @Test
    void coreGoodHeaderInactiveUser(@Mock HttpServletRequest httpServletRequest, @Mock HttpSession httpSession, @Mock UserSession userSession, @Mock HttpServletResponse httpServletResponse, @Mock PrintWriter printWriter, @Mock FilterChain filterChain) throws Exception {
        Mockito.when(httpServletRequest.getPathInfo()).thenReturn("/foo");
        Mockito.when(httpServletRequest.getHeader("Authorization")).thenReturn("Bearer GOOD");
        Mockito.when(Boolean.valueOf(this.coreApiKeyAuthSvcMock.useCore())).thenReturn(true);
        Mockito.when(httpSession.getAttribute("userSession")).thenReturn(userSession);
        Mockito.when(httpServletRequest.getSession()).thenReturn(httpSession);
        Mockito.when(this.coreApiKeyAuthSvcMock.getPrincipalIdFromApiKey("GOOD", userSession)).thenReturn(Optional.of("user"));
        Mockito.when(this.cfAuthSvcMock.validatePrincipalName(ArgumentMatchers.anyString())).thenReturn(AuthenticationValidationResponse.INVALID_PRINCIPAL_CANNOT_LOGIN);
        expectForbiddenResponse(httpServletResponse, printWriter);
        this.cut.doFilter(httpServletRequest, httpServletResponse, filterChain);
        ((HttpServletRequest) Mockito.verify(httpServletRequest)).getHeader(ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{httpServletRequest});
        ((CoreApiKeyAuthenticationService) Mockito.verify(this.coreApiKeyAuthSvcMock)).useCore();
        ((CoreApiKeyAuthenticationService) Mockito.verify(this.coreApiKeyAuthSvcMock)).getPrincipalIdFromApiKey(ArgumentMatchers.anyString(), (UserSession) ArgumentMatchers.eq(userSession));
        Mockito.verifyNoMoreInteractions(new Object[]{this.coreApiKeyAuthSvcMock});
        Mockito.verifyNoMoreInteractions(new Object[]{filterChain});
        Mockito.verifyNoMoreInteractions(new Object[]{this.jwtSvcMock});
        Assertions.assertNull(BearerTokenContext.getBearerToken());
    }

    private static void expectForbiddenResponse(HttpServletResponse httpServletResponse, PrintWriter printWriter) throws Exception {
        httpServletResponse.setStatus(403);
        Mockito.when(httpServletResponse.getWriter()).thenReturn(printWriter);
        printWriter.println("[ \"Forbidden\" ]");
    }
}
