package edu.yale.its.tp.cas.client.filter;

import com.mockrunner.mock.web.MockFilterConfig;
import com.mockrunner.mock.web.MockHttpServletRequest;
import com.mockrunner.mock.web.MockHttpServletResponse;
import com.mockrunner.mock.web.MockHttpSession;
import com.mockrunner.mock.web.MockServletContext;
import edu.yale.its.tp.cas.client.CASReceipt;
import java.io.IOException;
import java.util.ArrayList;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import junit.framework.TestCase;

/* loaded from: input_file:WEB-INF/lib/casclient-2.1.1.jar:edu/yale/its/tp/cas/client/filter/CASFilterTest.class */
public class CASFilterTest extends TestCase {
    private static final String USERNAME = "someone";
    private static final String CAS_VALIDATE_URL = "https://casserver.com/serviceValidate";
    private static final String CAS_LOGIN_URL = "https://casserver.com/login";
    private static final String TEST_SERVER_NAME = "www.client.com:8080";
    MockServletContext basicContext;
    MockFilterConfig mockConfig;
    MockHttpSession authenticatedSession;
    MockHttpServletRequest mockRequest;
    MockHttpServletResponse mockResponse;
    CASReceipt basicReceipt;
    WatchfulFilterChain filterChain;

    public CASFilterTest(String str) {
        super(str);
    }

    protected void setUp() throws Exception {
        super.setUp();
        this.basicContext = new MockServletContext();
        this.mockConfig = new MockFilterConfig();
        this.basicContext.setInitParameter(CASFilter.LOGIN_INIT_PARAM, CAS_LOGIN_URL);
        this.basicContext.setInitParameter("edu.yale.its.tp.cas.client.filter.validateUrl", CAS_VALIDATE_URL);
        this.basicContext.setInitParameter("edu.yale.its.tp.cas.client.filter.serverName", TEST_SERVER_NAME);
        this.authenticatedSession = new MockHttpSession();
        this.authenticatedSession.setAttribute("edu.yale.its.tp.cas.client.filter.user", USERNAME);
        this.basicReceipt = new CASReceipt();
        this.basicReceipt.setCasValidateUrl(CAS_VALIDATE_URL);
        this.basicReceipt.setPrimaryAuthentication(false);
        this.basicReceipt.setUserName(USERNAME);
        this.authenticatedSession.setAttribute("edu.yale.its.tp.cas.client.filter.receipt", this.basicReceipt);
        this.mockRequest = new MockHttpServletRequest();
        this.mockResponse = new MockHttpServletResponse();
        this.filterChain = new WatchfulFilterChain();
    }

    protected void tearDown() throws Exception {
        super.tearDown();
    }

    public void testBasicInit() throws ServletException {
        this.mockConfig.setupServletContext(this.basicContext);
        new CASFilter().init(this.mockConfig);
    }

    public void testInitGatewayAndRenew() {
        this.basicContext.setInitParameter("edu.yale.its.tp.cas.client.filter.renew", "true");
        this.basicContext.setInitParameter(CASFilter.GATEWAY_INIT_PARAM, "true");
        this.mockConfig.setupServletContext(this.basicContext);
        try {
            new CASFilter().init(this.mockConfig);
            fail("filter should not allow both renew and gateway to be set.");
        } catch (ServletException e) {
        }
    }

    public void testNoValidateUrl() {
        this.basicContext.setInitParameter("edu.yale.its.tp.cas.client.filter.validateUrl", (String) null);
        this.mockConfig.setupServletContext(this.basicContext);
        try {
            new CASFilter().init(this.mockConfig);
            fail("filter should fail initialization when validation URL is not set.");
        } catch (ServletException e) {
        }
    }

    public void testInsecureValidateUrl() {
        this.basicContext.setInitParameter("edu.yale.its.tp.cas.client.filter.validateUrl", "http://somewhere.com/cas/serviceValidate");
        this.mockConfig.setupServletContext(this.basicContext);
        try {
            new CASFilter().init(this.mockConfig);
            fail("filter should fail initialization when validation URL is insecure.");
        } catch (ServletException e) {
        }
    }

    public void testServiceAndServerName() {
        this.basicContext.setInitParameter("edu.yale.its.tp.cas.client.filter.serviceUrl", "http://www.client.com:8080/login");
        this.mockConfig.setupServletContext(this.basicContext);
        try {
            new CASFilter().init(this.mockConfig);
            fail("filter should fail initialization when both serverName and serviceUrl are set, as they are mutually exlusive.");
        } catch (ServletException e) {
        }
    }

    public void testNoServerNameNoServiceUrl() {
        this.basicContext.setInitParameter("edu.yale.its.tp.cas.client.filter.serverName", (String) null);
        this.mockConfig.setupServletContext(this.basicContext);
        try {
            new CASFilter().init(this.mockConfig);
            fail("filter should fail initialization when neither serverName nor serviceUrl are set, as it will be unable to validate tickets.");
        } catch (ServletException e) {
        }
    }

    public void testAlreadyAuthenticated() throws ServletException, IOException {
        assertNotNull(this.authenticatedSession);
        this.mockRequest.setSession(this.authenticatedSession);
        assertNotNull(this.mockRequest.getSession());
        WatchfulFilterChain watchfulFilterChain = new WatchfulFilterChain();
        this.mockConfig.setupServletContext(this.basicContext);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        cASFilter.doFilter(this.mockRequest, this.mockResponse, watchfulFilterChain);
        assertTrue(watchfulFilterChain.isChainInvoked());
    }

    public void testStrictnessRequireRenew() throws ServletException, IOException {
        this.mockRequest.setSession(this.authenticatedSession);
        WatchfulFilterChain watchfulFilterChain = new WatchfulFilterChain();
        this.basicContext.setInitParameter("edu.yale.its.tp.cas.client.filter.renew", "true");
        this.mockConfig.setupServletContext(this.basicContext);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        cASFilter.doFilter(this.mockRequest, this.mockResponse, watchfulFilterChain);
        assertFalse(watchfulFilterChain.isChainInvoked());
        assertTrue(this.mockResponse.wasRedirectSent());
    }

    public void testStrictnessRejectProxied() throws ServletException, IOException {
        ArrayList arrayList = new ArrayList();
        arrayList.add("https://www.foo.com/proxier");
        this.basicReceipt.setProxyList(arrayList);
        this.mockRequest.setSession(this.authenticatedSession);
        this.mockConfig.setupServletContext(this.basicContext);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        cASFilter.doFilter(this.mockRequest, this.mockResponse, this.filterChain);
        assertFalse(this.filterChain.isChainInvoked());
        assertTrue(this.mockResponse.wasRedirectSent());
    }

    public void testStrictnessRejectUnknownProxy() throws ServletException, IOException {
        ArrayList arrayList = new ArrayList();
        arrayList.add("https://www.foo.com/proxier");
        this.basicReceipt.setProxyList(arrayList);
        this.basicContext.setInitParameter(CASFilter.AUTHORIZED_PROXY_INIT_PARAM, "https://www.bar.com/proxier");
        this.mockRequest.setSession(this.authenticatedSession);
        this.mockConfig.setupServletContext(this.basicContext);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        cASFilter.doFilter(this.mockRequest, this.mockResponse, this.filterChain);
        assertFalse(this.filterChain.isChainInvoked());
        assertTrue(this.mockResponse.wasRedirectSent());
    }

    public void testAcceptProxy() throws ServletException, IOException {
        ArrayList arrayList = new ArrayList();
        arrayList.add("https://www.foo.com/proxier");
        this.basicReceipt.setProxyList(arrayList);
        this.basicContext.setInitParameter(CASFilter.AUTHORIZED_PROXY_INIT_PARAM, "https://www.foo.com/proxier");
        this.mockRequest.setSession(this.authenticatedSession);
        this.mockConfig.setupServletContext(this.basicContext);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        cASFilter.doFilter(this.mockRequest, this.mockResponse, this.filterChain);
        assertTrue(this.filterChain.isChainInvoked());
    }

    public void testAcceptProxies() throws Exception {
        ArrayList arrayList = new ArrayList();
        arrayList.add("https://www.foo.com/proxier");
        this.basicReceipt.setProxyList(arrayList);
        this.basicContext.setInitParameter(CASFilter.AUTHORIZED_PROXY_INIT_PARAM, "https://www.foo.com/proxier https://www.bar.com/proxier https://www.fred.com/proxier");
        this.mockRequest.setSession(this.authenticatedSession);
        this.mockConfig.setupServletContext(this.basicContext);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        cASFilter.doFilter(this.mockRequest, this.mockResponse, this.filterChain);
        assertTrue(this.filterChain.isChainInvoked());
        this.filterChain = new WatchfulFilterChain();
        arrayList.remove("https://www.foo.com/proxier");
        arrayList.add("https://www.bar.com/proxier");
        cASFilter.doFilter(this.mockRequest, new MockHttpServletResponse(), this.filterChain);
        assertTrue(this.filterChain.isChainInvoked());
        this.filterChain = new WatchfulFilterChain();
        arrayList.remove("https://www.bar.com/proxier");
        arrayList.add("https://www.fred.com/proxier");
        cASFilter.doFilter(this.mockRequest, new MockHttpServletResponse(), this.filterChain);
        assertTrue(this.filterChain.isChainInvoked());
        this.filterChain = new WatchfulFilterChain();
        arrayList.remove("https://www.fred.com/proxier");
        arrayList.add("https://www.wombat.com/proxier");
        cASFilter.doFilter(this.mockRequest, new MockHttpServletResponse(), this.filterChain);
        assertFalse(this.filterChain.isChainInvoked());
    }

    public void testInsecureProxier() {
        this.basicContext.setInitParameter(CASFilter.AUTHORIZED_PROXY_INIT_PARAM, "http://www.foo.com/proxier");
        this.mockRequest.setSession(this.authenticatedSession);
        this.mockConfig.setupServletContext(this.basicContext);
        try {
            new CASFilter().init(this.mockConfig);
            fail("Should have thrown servlet exception because of insecure entry in authorized proxy parameter");
        } catch (ServletException e) {
        }
    }

    public void testGetRemoteUser() throws ServletException, IOException {
        this.basicContext.setInitParameter("edu.yale.its.tp.cas.client.filter.wrapRequest", "true");
        this.mockConfig.setupServletContext(this.basicContext);
        this.mockRequest.setSession(this.authenticatedSession);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        cASFilter.doFilter(this.mockRequest, this.mockResponse, this.filterChain);
        assertEquals(USERNAME, this.filterChain.getFilteredServletRequest().getRemoteUser());
    }

    public void testNotRemoteUser() throws ServletException, IOException {
        this.mockConfig.setupServletContext(this.basicContext);
        this.mockRequest.setSession(this.authenticatedSession);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        cASFilter.doFilter(this.mockRequest, this.mockResponse, this.filterChain);
        assertNull(this.filterChain.getFilteredServletRequest().getRemoteUser());
    }

    public void testRedirect() throws ServletException, IOException {
        ServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setSession(new MockHttpSession());
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        this.mockConfig.setupServletContext(this.basicContext);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        cASFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, this.filterChain);
        assertFalse(this.filterChain.isChainInvoked());
        assertTrue(mockHttpServletResponse.wasRedirectSent());
    }

    public void testGateway() throws ServletException, IOException {
        this.basicContext.setInitParameter(CASFilter.GATEWAY_INIT_PARAM, "true");
        this.mockConfig.setupServletContext(this.basicContext);
        CASFilter cASFilter = new CASFilter();
        cASFilter.init(this.mockConfig);
        MockHttpSession mockHttpSession = new MockHttpSession();
        ServletRequest mockHttpServletRequest = new MockHttpServletRequest();
        mockHttpServletRequest.setSession(mockHttpSession);
        ServletResponse mockHttpServletResponse = new MockHttpServletResponse();
        cASFilter.doFilter(mockHttpServletRequest, mockHttpServletResponse, this.filterChain);
        assertFalse(this.filterChain.isChainInvoked());
        assertTrue(mockHttpServletResponse.wasRedirectSent());
        this.filterChain = null;
        WatchfulFilterChain watchfulFilterChain = new WatchfulFilterChain();
        ServletRequest mockHttpServletRequest2 = new MockHttpServletRequest();
        mockHttpServletRequest2.setSession(mockHttpSession);
        ServletResponse mockHttpServletResponse2 = new MockHttpServletResponse();
        cASFilter.doFilter(mockHttpServletRequest2, mockHttpServletResponse2, watchfulFilterChain);
        assertTrue(watchfulFilterChain.isChainInvoked());
        assertFalse(mockHttpServletResponse2.wasRedirectSent());
        WatchfulFilterChain watchfulFilterChain2 = new WatchfulFilterChain();
        ServletRequest mockHttpServletRequest3 = new MockHttpServletRequest();
        mockHttpServletRequest3.setSession(mockHttpSession);
        ServletResponse mockHttpServletResponse3 = new MockHttpServletResponse();
        cASFilter.doFilter(mockHttpServletRequest3, mockHttpServletResponse3, watchfulFilterChain2);
        assertTrue(watchfulFilterChain.isChainInvoked());
        assertFalse(mockHttpServletResponse3.wasRedirectSent());
    }
}
