package com.openexchange.ajax.session;

import com.openexchange.ajax.mail.filter.action.Redirect;
import com.openexchange.groupware.calendar.TimeTools;
import com.openexchange.java.Charsets;
import com.openexchange.test.json.JSONAssertion;
import com.openexchange.tools.encoding.Base64;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Date;
import java.util.regex.Pattern;
import org.apache.commons.httpclient.Cookie;
import org.apache.commons.httpclient.HttpClient;
import org.junit.Test;

/* loaded from: input_file:com/openexchange/ajax/session/LoginTest.class */
public class LoginTest extends AbstractLoginTest {
    public LoginTest(String str) {
        super(str);
    }

    protected void setUp() throws Exception {
        createClient();
    }

    protected void tearDown() {
    }

    public void testSuccessfulLoginReturnsSession() throws Exception {
        assertResponseContains("session");
    }

    public void testSuccessfulLoginLacksRandom() throws Exception {
        assertResponseLacks("random");
    }

    public void testSuccessfulLoginSetsSecretCookie() throws Exception {
        rawLogin("login");
        Cookie[] cookies = this.currentClient.getClient().getState().getCookies();
        boolean z = false;
        ArrayList arrayList = new ArrayList(cookies.length);
        for (Cookie cookie : cookies) {
            String name = cookie.getName();
            arrayList.add(name);
            z = z || name.startsWith("open-xchange-secret");
        }
        assertTrue("Missing secret cookie: " + arrayList.toString(), z);
    }

    public void testSuccessfulLoginDoesNotSetSessionCookie() throws Exception {
        rawLogin("login");
        Cookie[] cookies = this.currentClient.getClient().getState().getCookies();
        boolean z = false;
        ArrayList arrayList = new ArrayList(cookies.length);
        for (Cookie cookie : cookies) {
            String name = cookie.getName();
            arrayList.add(name);
            z = z || name.startsWith("open-xchange-session");
        }
        assertFalse("Found session cookie, but shouldn't have: " + arrayList.toString(), z);
    }

    public void testSecretCookiesDifferPerClientID() throws Exception {
        String[] credentials = credentials("login");
        inModule("login");
        raw("login", "name", credentials[0], "password", credentials[1], "client", "testclient1");
        raw("login", "name", credentials[0], "password", credentials[1], "client", "testclient2");
        Cookie[] cookies = this.currentClient.getClient().getState().getCookies();
        int i = 0;
        ArrayList arrayList = new ArrayList(cookies.length);
        for (Cookie cookie : cookies) {
            String name = cookie.getName();
            arrayList.add(name);
            if (name.startsWith("open-xchange-secret")) {
                i++;
            }
        }
        assertTrue("Missing secret cookie: " + arrayList.toString(), i == 2);
    }

    public void testSecretCookieLifetimeIsLongerThanADay() throws Exception {
        rawLogin("login");
        Cookie[] cookies = this.currentClient.getClient().getState().getCookies();
        ArrayList arrayList = new ArrayList(cookies.length);
        for (Cookie cookie : cookies) {
            String name = cookie.getName();
            arrayList.add(name);
            if (name.startsWith("open-xchange-secret")) {
                assertNotNull(cookie.getExpiryDate());
                assertTrue(cookie.getExpiryDate().after(TimeTools.D("tomorrow")));
            }
        }
    }

    public void testSuccessfulLoginAllowsSubsequentRequests() throws Exception {
        as("login");
        inModule("quota");
        call("filestore", new Object[0]);
        assertNoError();
    }

    public void testRefreshSecretActionResetsSecretCookieLifetime() throws Exception {
        rawLogin("login");
        Date date = null;
        Date date2 = null;
        Cookie[] cookies = this.currentClient.getClient().getState().getCookies();
        for (int i = 0; i < cookies.length; i++) {
            if (cookies[i].getName().startsWith("open-xchange-secret")) {
                date = cookies[i].getExpiryDate();
            }
        }
        Thread.sleep(1000L);
        raw("refreshSecret", "session", this.rawResponse.getString("session"));
        Cookie[] cookies2 = this.currentClient.getClient().getState().getCookies();
        for (int i2 = 0; i2 < cookies2.length; i2++) {
            if (cookies2[i2].getName().startsWith("open-xchange-secret")) {
                date2 = cookies2[i2].getExpiryDate();
            }
        }
        assertNotNull("Precondition: Should find secret cookie after renewal", date2);
        assertNotNull("Precondition: Should find secret cookie first", date);
        assertTrue("Refreshed secret cookie should have newer expiry date", date2.compareTo(date) > 0);
    }

    public void testWrongCredentials() throws Exception {
        inModule("login");
        call("login", "name", "foo", "password", "bar");
        assertError();
    }

    public void testNonExistingSessionIDOnSubsequentRequests() throws Exception {
        as("login");
        inModule("quota");
        call("filestore", "session", "1234567");
        assertError();
    }

    public void testSessionIDAndSecretMismatch() throws Exception {
        as("login");
        String sessionID = this.currentClient.getSessionID();
        as("seconduser");
        inModule("quota");
        call("filestore", "session", sessionID);
        assertError();
    }

    public void testSessionRandomMissingAndUnusable() throws Exception {
        rawLogin("login");
        if (this.rawResponse.has("random")) {
            return;
        }
        String string = this.rawResponse.getString("session");
        callGeneral("logintest", "randomtoken", "session", string);
        assertNoError();
        Object obj = details().get("random");
        assertNotNull(obj);
        assertEquals("action=redirect shouldn't work when randomToken is disabled", 400, rawMethod("login", Redirect.REDIRECT, "session", string, "random", obj).getStatusCode());
        assertEquals("action=redeem shouldn't work when randomToken is disabled", 400, rawMethod("login", "redeem", "session", string, "random", obj).getStatusCode());
    }

    @Test
    public void testCookieHashSalt() throws Exception {
        rawLogin("login");
        HttpClient client = this.currentClient.getClient();
        String str = (String) client.getParams().getParameter("http.useragent");
        for (Cookie cookie : client.getState().getCookies()) {
            if (cookie.getName().startsWith("open-xchange-secret")) {
                assertEquals("Bad cookie hash.", "open-xchange-secret-" + getHash(str, "replaceMe1234567890"), cookie.getName());
            } else if (cookie.getName().startsWith("open-xchange-session")) {
                assertEquals("Bad cookie hash.", "open-xchange-session-" + getHash(str, "replaceMe1234567890"), cookie.getName());
            }
        }
    }

    private void assertResponseContains(String str) throws Exception {
        rawLogin("login");
        assertRaw(new JSONAssertion().isObject().hasKey(str));
    }

    private void assertResponseLacks(String str) throws Exception {
        rawLogin("login");
        assertRaw(new JSONAssertion().isObject().lacksKey(str));
    }

    private void rawLogin(String str) throws Exception {
        String[] credentials = credentials(str);
        inModule("login");
        raw("login", "name", credentials[0], "password", credentials[1]);
    }

    private String getHash(String str, String str2) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        messageDigest.update(str.getBytes(Charsets.UTF_8));
        messageDigest.update("open-xchange-appsuite".getBytes(Charsets.UTF_8));
        messageDigest.update(str2.getBytes());
        return Pattern.compile("\\W").matcher(Base64.encode(messageDigest.digest())).replaceAll("");
    }
}
