package com.openexchange.ajax.requesthandler.oauth;

import com.openexchange.ajax.container.Response;
import com.openexchange.ajax.requesthandler.AJAXActionService;
import com.openexchange.ajax.requesthandler.AJAXActionServiceFactory;
import com.openexchange.ajax.requesthandler.AJAXRequestData;
import com.openexchange.ajax.requesthandler.AJAXRequestResult;
import com.openexchange.ajax.requesthandler.DefaultDispatcher;
import com.openexchange.ajax.requesthandler.DispatcherServlet;
import com.openexchange.ajax.requesthandler.Dispatchers;
import com.openexchange.ajax.requesthandler.responseRenderers.APIResponseRenderer;
import com.openexchange.config.SimConfigurationService;
import com.openexchange.configuration.ServerConfig;
import com.openexchange.dispatcher.DispatcherPrefixService;
import com.openexchange.exception.OXException;
import com.openexchange.java.util.UUIDs;
import com.openexchange.log.LogProperties;
import com.openexchange.oauth.provider.OAuthResourceService;
import com.openexchange.oauth.provider.OAuthSessionProvider;
import com.openexchange.oauth.provider.SimOAuthResourceService;
import com.openexchange.oauth.provider.annotations.OAuthAction;
import com.openexchange.oauth.provider.annotations.OAuthModule;
import com.openexchange.oauth.provider.annotations.OAuthScopeCheck;
import com.openexchange.oauth.provider.exceptions.OAuthInsufficientScopeException;
import com.openexchange.oauth.provider.exceptions.OAuthInvalidRequestException;
import com.openexchange.oauth.provider.exceptions.OAuthInvalidTokenException;
import com.openexchange.oauth.provider.exceptions.OAuthRequestException;
import com.openexchange.oauth.provider.grant.OAuthGrant;
import com.openexchange.oauth.provider.scope.Scope;
import com.openexchange.server.SimpleServiceLookup;
import com.openexchange.server.services.ServerServiceRegistry;
import com.openexchange.tools.session.ServerSession;
import com.openexchange.tools.session.SimServerSession;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletInputStream;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.sim.SimHttpServletRequest;
import javax.servlet.http.sim.SimHttpServletResponse;
import org.json.JSONException;
import org.json.JSONObject;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;

/* loaded from: input_file:com/openexchange/ajax/requesthandler/oauth/OAuthDispatcherServletTest.class */
public class OAuthDispatcherServletTest {
    private static final AJAXRequestResult RESULT = new AJAXRequestResult(new Response(new JSONObject()));
    private OAuthDispatcherServlet servlet;
    private SimHttpServletRequest request;
    private SimHttpServletResponse response;
    private ByteArrayOutputStream responseStream;
    private SimOAuthResourceService resourceService;
    private String readToken;
    private String writeToken;
    private String readWriteToken;
    private String expiredToken;

    /* JADX INFO: Access modifiers changed from: private */
    @OAuthModule
    /* loaded from: input_file:com/openexchange/ajax/requesthandler/oauth/OAuthDispatcherServletTest$TestFactory.class */
    public static final class TestFactory implements AJAXActionServiceFactory {
        private final Map<String, AJAXActionService> services;

        @OAuthAction("__custom__")
        /* loaded from: input_file:com/openexchange/ajax/requesthandler/oauth/OAuthDispatcherServletTest$TestFactory$CustomAction.class */
        private final class CustomAction implements AJAXActionService {
            private CustomAction() {
            }

            public AJAXRequestResult perform(AJAXRequestData aJAXRequestData, ServerSession serverSession) throws OXException {
                return OAuthDispatcherServletTest.RESULT;
            }

            @OAuthScopeCheck
            public boolean checkScope(AJAXRequestData aJAXRequestData, ServerSession serverSession, OAuthGrant oAuthGrant) {
                return oAuthGrant.getScope().has("r_test") && oAuthGrant.getScope().has("w_test");
            }
        }

        @OAuthAction("*")
        /* loaded from: input_file:com/openexchange/ajax/requesthandler/oauth/OAuthDispatcherServletTest$TestFactory$GrantAllAction.class */
        private final class GrantAllAction implements AJAXActionService {
            private GrantAllAction() {
            }

            public AJAXRequestResult perform(AJAXRequestData aJAXRequestData, ServerSession serverSession) throws OXException {
                return OAuthDispatcherServletTest.RESULT;
            }
        }

        @OAuthAction("r_test")
        /* loaded from: input_file:com/openexchange/ajax/requesthandler/oauth/OAuthDispatcherServletTest$TestFactory$ReadAction.class */
        private final class ReadAction implements AJAXActionService {
            private ReadAction() {
            }

            public AJAXRequestResult perform(AJAXRequestData aJAXRequestData, ServerSession serverSession) throws OXException {
                return OAuthDispatcherServletTest.RESULT;
            }
        }

        @OAuthAction("w_test")
        /* loaded from: input_file:com/openexchange/ajax/requesthandler/oauth/OAuthDispatcherServletTest$TestFactory$WriteAction.class */
        private final class WriteAction implements AJAXActionService {
            private WriteAction() {
            }

            public AJAXRequestResult perform(AJAXRequestData aJAXRequestData, ServerSession serverSession) throws OXException {
                return OAuthDispatcherServletTest.RESULT;
            }
        }

        private TestFactory() {
            this.services = new HashMap();
            this.services.put("read", new ReadAction());
            this.services.put("write", new WriteAction());
            this.services.put("readwrite", new CustomAction());
            this.services.put("unprivileged", new GrantAllAction());
        }

        public Collection<?> getSupportedServices() {
            return null;
        }

        public AJAXActionService createActionService(String str) throws OXException {
            return this.services.get(str);
        }
    }

    /* loaded from: input_file:com/openexchange/ajax/requesthandler/oauth/OAuthDispatcherServletTest$TestGrant.class */
    public class TestGrant implements OAuthGrant {
        private final int contextId;
        private final int userId;
        private final String accessToken;
        private final String refreshToken;
        private final Date expirationDate;
        private final Scope scope;

        public TestGrant(int i, int i2, String str, String str2, Date date, Scope scope) {
            this.contextId = i;
            this.userId = i2;
            this.accessToken = str;
            this.refreshToken = str2;
            this.expirationDate = date;
            this.scope = scope;
        }

        public String getClientId() {
            return "1234";
        }

        public int getContextId() {
            return this.contextId;
        }

        public int getUserId() {
            return this.userId;
        }

        public String getAccessToken() {
            return this.accessToken;
        }

        public String getRefreshToken() {
            return this.refreshToken;
        }

        public Date getExpirationDate() {
            return this.expirationDate;
        }

        public Scope getScope() {
            return this.scope;
        }
    }

    @BeforeClass
    public static void beforeClass() {
        DefaultDispatcher defaultDispatcher = new DefaultDispatcher();
        defaultDispatcher.register("test", new TestFactory());
        defaultDispatcher.addAnnotationProcessor(new OAuthAnnotationProcessor());
        DispatcherServlet.setDispatcher(defaultDispatcher);
        DispatcherServlet.registerRenderer(new APIResponseRenderer());
        ServerConfig.getInstance().initialize(new SimConfigurationService());
        DispatcherPrefixService dispatcherPrefixService = new DispatcherPrefixService() { // from class: com.openexchange.ajax.requesthandler.oauth.OAuthDispatcherServletTest.1
            public String getPrefix() {
                return "/ajax/";
            }
        };
        ServerServiceRegistry.getInstance().addService(DispatcherPrefixService.class, dispatcherPrefixService);
        Dispatchers.setDispatcherPrefixService(dispatcherPrefixService);
    }

    @Before
    public void setUp() throws Exception {
        this.resourceService = new SimOAuthResourceService();
        TestGrant testGrant = new TestGrant(1, 3, UUIDs.getUnformattedStringFromRandom(), UUIDs.getUnformattedStringFromRandom(), new Date(System.currentTimeMillis() + 3600000), Scope.newInstance(new String[]{"r_test"}));
        this.resourceService.addToken(testGrant);
        this.readToken = testGrant.getAccessToken();
        TestGrant testGrant2 = new TestGrant(1, 3, UUIDs.getUnformattedStringFromRandom(), UUIDs.getUnformattedStringFromRandom(), new Date(System.currentTimeMillis() + 3600000), Scope.newInstance(new String[]{"w_test"}));
        this.resourceService.addToken(testGrant2);
        this.writeToken = testGrant2.getAccessToken();
        TestGrant testGrant3 = new TestGrant(1, 3, UUIDs.getUnformattedStringFromRandom(), UUIDs.getUnformattedStringFromRandom(), new Date(System.currentTimeMillis() + 3600000), Scope.newInstance(new String[]{"r_test", "w_test"}));
        this.resourceService.addToken(testGrant3);
        this.readWriteToken = testGrant3.getAccessToken();
        TestGrant testGrant4 = new TestGrant(1, 3, UUIDs.getUnformattedStringFromRandom(), UUIDs.getUnformattedStringFromRandom(), new Date(System.currentTimeMillis() - 1), Scope.newInstance(new String[]{"r_test"}));
        this.resourceService.addToken(testGrant4);
        this.expiredToken = testGrant4.getAccessToken();
        SimpleServiceLookup simpleServiceLookup = new SimpleServiceLookup();
        simpleServiceLookup.add(OAuthResourceService.class, this.resourceService);
        simpleServiceLookup.add(OAuthSessionProvider.class, new OAuthSessionProvider() { // from class: com.openexchange.ajax.requesthandler.oauth.OAuthDispatcherServletTest.2
            /* renamed from: getSession, reason: merged with bridge method [inline-methods] */
            public ServerSession m2getSession(OAuthGrant oAuthGrant, HttpServletRequest httpServletRequest) throws OXException {
                SimServerSession simServerSession = new SimServerSession(oAuthGrant.getContextId(), oAuthGrant.getUserId());
                simServerSession.setParameter(LogProperties.Name.DATABASE_SCHEMA.getName(), "oxdb1");
                return simServerSession;
            }
        });
        this.servlet = new OAuthDispatcherServlet(simpleServiceLookup, "/ajax/");
        this.request = new SimHttpServletRequest();
        this.request.setMethod("GET");
        this.responseStream = new ByteArrayOutputStream();
        this.response = new SimHttpServletResponse();
        this.response.setCharacterEncoding("UTF-8");
        this.response.setOutputStream(new ServletOutputStream() { // from class: com.openexchange.ajax.requesthandler.oauth.OAuthDispatcherServletTest.3
            public void write(int i) throws IOException {
                OAuthDispatcherServletTest.this.responseStream.write(i);
            }
        });
    }

    private void prepareRequest(String str, String str2) {
        this.request.setServerName("appsuite.example.com");
        this.request.setServerPort(80);
        this.request.setRequestURI("/ajax/oauth/modules/test");
        this.request.setQueryString("action=" + str);
        this.request.setParameter("action", str);
        this.request.setContextPath("");
        this.request.setInputStream(new ServletInputStream() { // from class: com.openexchange.ajax.requesthandler.oauth.OAuthDispatcherServletTest.4
            public int read() throws IOException {
                return -1;
            }
        });
        if (str2 != null) {
            this.request.setHeader("Authorization", "Bearer " + str2);
        }
    }

    @Test
    public void testMissingToken() throws Exception {
        prepareRequest("read", null);
        this.servlet.service(this.request, this.response);
        assertStatus(401);
        Assert.assertEquals("Bearer", this.response.getHeader("WWW-Authenticate"));
        Assert.assertEquals(0L, this.responseStream.size());
    }

    @Test
    public void testMalformedToken() throws Exception {
        prepareRequest("read", "?!$");
        this.servlet.service(this.request, this.response);
        assertStatus(401);
        String header = this.response.getHeader("WWW-Authenticate");
        OAuthInvalidTokenException oAuthInvalidTokenException = new OAuthInvalidTokenException(OAuthInvalidTokenException.Reason.TOKEN_MALFORMED);
        Assert.assertEquals("Bearer,error=\"invalid_token\",error_description=\"" + oAuthInvalidTokenException.getErrorDescription() + "\"", header);
        assertErrorResponse(oAuthInvalidTokenException);
    }

    @Test
    public void testUnknownToken() throws Exception {
        prepareRequest("read", "idontexist");
        this.servlet.service(this.request, this.response);
        assertStatus(401);
        String header = this.response.getHeader("WWW-Authenticate");
        OAuthInvalidTokenException oAuthInvalidTokenException = new OAuthInvalidTokenException(OAuthInvalidTokenException.Reason.TOKEN_UNKNOWN);
        Assert.assertEquals("Bearer,error=\"invalid_token\",error_description=\"" + oAuthInvalidTokenException.getErrorDescription() + "\"", header);
        assertErrorResponse(oAuthInvalidTokenException);
    }

    @Test
    public void testExpiredToken() throws Exception {
        prepareRequest("read", this.expiredToken);
        this.servlet.service(this.request, this.response);
        assertStatus(401);
        String header = this.response.getHeader("WWW-Authenticate");
        OAuthInvalidTokenException oAuthInvalidTokenException = new OAuthInvalidTokenException(OAuthInvalidTokenException.Reason.TOKEN_EXPIRED);
        Assert.assertEquals("Bearer,error=\"invalid_token\",error_description=\"" + oAuthInvalidTokenException.getErrorDescription() + "\"", header);
        assertErrorResponse(oAuthInvalidTokenException);
    }

    @Test
    public void testInsufficientScope1() throws Exception {
        prepareRequest("write", this.readToken);
        this.servlet.service(this.request, this.response);
        assertStatus(403);
        assertErrorResponse(new OAuthInsufficientScopeException("w_test"));
    }

    @Test
    public void testInsufficientScope2() throws Exception {
        prepareRequest("readwrite", this.writeToken);
        this.servlet.service(this.request, this.response);
        assertStatus(403);
        assertErrorResponse(new OAuthInsufficientScopeException());
    }

    @Test
    public void testCustomScopeCheck2() throws Exception {
        prepareRequest("readwrite", this.readToken);
        this.servlet.service(this.request, this.response);
        assertStatus(403);
        assertErrorResponse(new OAuthInsufficientScopeException());
    }

    @Test
    public void testCustomScopeCheck3() throws Exception {
        prepareRequest("readwrite", this.writeToken);
        this.servlet.service(this.request, this.response);
        assertStatus(403);
        assertErrorResponse(new OAuthInsufficientScopeException());
    }

    @Test
    public void testCustomScopeCheck4() throws Exception {
        prepareRequest("readwrite", this.readWriteToken);
        this.servlet.service(this.request, this.response);
        assertStatus(200);
    }

    @Test
    public void testGrantAllScope2() throws Exception {
        prepareRequest("unprivileged", this.readToken);
        this.servlet.service(this.request, this.response);
        assertStatus(200);
    }

    @Test
    public void testScope1() throws Exception {
        prepareRequest("read", this.readToken);
        this.servlet.service(this.request, this.response);
        assertStatus(200);
    }

    @Test
    public void testScope2() throws Exception {
        prepareRequest("write", this.writeToken);
        this.servlet.service(this.request, this.response);
        assertStatus(200);
    }

    @Test
    public void testScope3() throws Exception {
        prepareRequest("readwrite", this.readWriteToken);
        this.servlet.service(this.request, this.response);
        assertStatus(200);
    }

    @Test
    public void testScope4() throws Exception {
        prepareRequest("read", this.readWriteToken);
        this.servlet.service(this.request, this.response);
        assertStatus(200);
    }

    @Test
    public void testScope5() throws Exception {
        prepareRequest("write", this.readWriteToken);
        this.servlet.service(this.request, this.response);
        assertStatus(200);
    }

    private void assertStatus(int i) {
        Assert.assertEquals(i, this.response.getStatus());
    }

    private void assertErrorResponse(OAuthRequestException oAuthRequestException) throws JSONException {
        Assert.assertEquals("application/json;charset=UTF-8", this.response.getHeader("Content-Type"));
        JSONObject object = JSONObject.parse(new BufferedReader(new InputStreamReader(new ByteArrayInputStream(this.responseStream.toByteArray())))).toObject();
        Assert.assertNotNull(object);
        if (oAuthRequestException instanceof OAuthInvalidTokenException) {
            Assert.assertEquals("invalid_token", object.get("error"));
        } else if (oAuthRequestException instanceof OAuthInsufficientScopeException) {
            Assert.assertEquals("insufficient_scope", object.get("error"));
            String scope = ((OAuthInsufficientScopeException) oAuthRequestException).getScope();
            if (scope != null) {
                Assert.assertEquals(scope, object.get("scope"));
            }
        } else if (oAuthRequestException instanceof OAuthInvalidRequestException) {
            Assert.assertEquals("invalid_request", object.get("error"));
        } else {
            Assert.fail("Unknown exception: " + oAuthRequestException.getClass().getName());
        }
        String errorDescription = oAuthRequestException.getErrorDescription();
        if (errorDescription != null) {
            Assert.assertEquals(errorDescription, object.get("error_description"));
        }
    }

    static {
        try {
            ((Response) RESULT.getResultObject()).setData(new JSONObject("{'ok':true}"));
        } catch (JSONException e) {
            throw new RuntimeException(e);
        }
    }
}
