package io.vertx.ext.apex.addons.test;

import io.vertx.core.Handler;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.http.HttpMethod;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.apex.addons.AuthHandler;
import io.vertx.ext.apex.addons.FormLoginHandler;
import io.vertx.ext.apex.addons.LocalSessionStore;
import io.vertx.ext.apex.addons.RedirectAuthHandler;
import io.vertx.ext.apex.addons.SessionHandler;
import io.vertx.ext.apex.core.BodyHandler;
import io.vertx.ext.apex.core.CookieHandler;
import io.vertx.ext.apex.core.RoutingContext;
import io.vertx.ext.apex.core.Session;
import io.vertx.ext.auth.AuthService;
import java.util.Set;
import java.util.concurrent.atomic.AtomicReference;
import org.junit.Test;

/* loaded from: input_file:io/vertx/ext/apex/addons/test/RedirectAuthTest.class */
public class RedirectAuthTest extends AuthTestBase {
    protected AtomicReference<String> sessionCookie = new AtomicReference<>();
    String loginHTML = "<html>\n<body>\n<h2>Please login {{foo}}</h2><br>\n<form action=\"/login\" method=\"post\">\n  <div>\n    <label>Username:</label>\n    <input type=\"text\" name=\"username\"/>\n  </div>\n  <div>\n    <label>Password:</label>\n    <input type=\"password\" name=\"password\"/>\n  </div>\n  <div>\n    <input type=\"submit\" value=\"Log In\"/>\n  </div>\n</form>\n</body>\n</html>";

    @Test
    public void testLogin() throws Exception {
        doLogin(routingContext -> {
            Session session = routingContext.session();
            assertNotNull(session);
            assertEquals(this.sessionCookie.get().substring(13, 49), session.id());
            assertTrue(session.isLoggedIn());
            routingContext.response().end("Welcome to the protected resource!");
        });
        testRequest(HttpMethod.GET, "/protected/somepage", httpClientRequest -> {
            httpClientRequest.putHeader("cookie", this.sessionCookie.get());
        }, httpClientResponse -> {
            String str = httpClientResponse.headers().get("set-cookie");
            assertNotNull(str);
            assertEquals(this.sessionCookie.get(), str);
        }, 200, "OK", "Welcome to the protected resource!");
    }

    @Test
    public void testLoginThenLogout() throws Exception {
        doLogin(routingContext -> {
            Session session = routingContext.session();
            assertNotNull(session);
            assertEquals(this.sessionCookie.get().substring(13, 49), session.id());
            assertTrue(session.isLoggedIn());
            session.logout();
            routingContext.response().end("Welcome to the protected resource!");
        });
        testRequest(HttpMethod.GET, "/protected/somepage", httpClientRequest -> {
            httpClientRequest.putHeader("cookie", this.sessionCookie.get());
        }, httpClientResponse -> {
            String str = httpClientResponse.headers().get("location");
            assertNotNull(str);
            assertEquals("/loginpage", str);
            String str2 = httpClientResponse.headers().get("set-cookie");
            assertNotNull(str2);
            assertEquals(this.sessionCookie.get(), str2);
        }, 302, "Found", null);
    }

    @Test
    public void testLoginFailBadUser() throws Exception {
        testLoginFail(true);
    }

    @Test
    public void testLoginFailBadPassword() throws Exception {
        testLoginFail(false);
    }

    @Override // io.vertx.ext.apex.addons.test.AuthTestBase
    protected AuthHandler createAuthHandler(AuthService authService) {
        return RedirectAuthHandler.redirectAuthHandler(authService);
    }

    private void testLoginFail(boolean z) throws Exception {
        doLoginFail(z, routingContext -> {
            Session session = routingContext.session();
            assertNotNull(session);
            assertEquals(this.sessionCookie.get().substring(13, 49), session.id());
            assertTrue(session.isLoggedIn());
            routingContext.response().end("Welcome to the protected resource!");
        });
    }

    private void doLogin(Handler<RoutingContext> handler) throws Exception {
        doLoginCommon(handler);
        testRequest(HttpMethod.POST, "/login", httpClientRequest -> {
            Buffer buffer = Buffer.buffer();
            buffer.appendString("--dLV9Wyq26L_-JQxk6ferf-RT153LhOO\r\nContent-Disposition: form-data; name=\"username\"\r\n\r\ntim\r\n--dLV9Wyq26L_-JQxk6ferf-RT153LhOO\r\nContent-Disposition: form-data; name=\"password\"\r\n\r\nsausages\r\n--dLV9Wyq26L_-JQxk6ferf-RT153LhOO--\r\n");
            httpClientRequest.putHeader("content-length", String.valueOf(buffer.length()));
            httpClientRequest.putHeader("content-type", "multipart/form-data; boundary=dLV9Wyq26L_-JQxk6ferf-RT153LhOO");
            httpClientRequest.putHeader("cookie", this.sessionCookie.get());
            httpClientRequest.write(buffer);
        }, httpClientResponse -> {
            String str = httpClientResponse.headers().get("location");
            assertNotNull(str);
            assertEquals("/protected/somepage", str);
            String str2 = httpClientResponse.headers().get("set-cookie");
            assertNotNull(str2);
            assertEquals(this.sessionCookie.get(), str2);
        }, 302, "Found", null);
        testRequest(HttpMethod.GET, "/protected/somepage", httpClientRequest2 -> {
            httpClientRequest2.putHeader("cookie", this.sessionCookie.get());
        }, httpClientResponse2 -> {
            String str = httpClientResponse2.headers().get("set-cookie");
            assertNotNull(str);
            assertEquals(this.sessionCookie.get(), str);
        }, 200, "OK", "Welcome to the protected resource!");
    }

    private void doLoginCommon(Handler<RoutingContext> handler) throws Exception {
        doLoginCommon(handler, null, null);
    }

    private void doLoginCommon(Handler<RoutingContext> handler, Set<String> set, Set<String> set2) throws Exception {
        this.router.route().handler(BodyHandler.bodyHandler());
        this.router.route().handler(CookieHandler.cookieHandler());
        this.router.route().handler(SessionHandler.sessionHandler(LocalSessionStore.localSessionStore(this.vertx)));
        AuthService create = AuthService.create(this.vertx, new JsonObject().put("properties_path", "classpath:login/loginusers.properties"));
        AuthHandler redirectAuthHandler = RedirectAuthHandler.redirectAuthHandler(create);
        if (set != null) {
            redirectAuthHandler.addRoles(set);
        }
        if (set2 != null) {
            redirectAuthHandler.addPermissions(set2);
        }
        this.router.route("/protected").handler(redirectAuthHandler);
        this.router.route("/protected/somepage").handler(handler);
        this.router.route("/loginpage").handler(routingContext -> {
            routingContext.response().putHeader("content-type", "text/html").end(this.loginHTML);
        });
        this.router.route("/login").handler(FormLoginHandler.formLoginHandler(create));
        testRequest(HttpMethod.GET, "/protected/somepage", null, httpClientResponse -> {
            String str = httpClientResponse.headers().get("location");
            assertNotNull(str);
            assertEquals("/loginpage", str);
            String str2 = httpClientResponse.headers().get("set-cookie");
            assertNotNull(str2);
            this.sessionCookie.set(str2);
        }, 302, "Found", null);
        testRequest(HttpMethod.GET, "/loginpage", httpClientRequest -> {
            httpClientRequest.putHeader("cookie", this.sessionCookie.get());
        }, httpClientResponse2 -> {
            String str = httpClientResponse2.headers().get("set-cookie");
            assertNotNull(str);
            assertEquals(this.sessionCookie.get(), str);
        }, 200, "OK", this.loginHTML);
    }

    private void doLoginFail(boolean z, Handler<RoutingContext> handler) throws Exception {
        doLoginCommon(handler);
        testRequest(HttpMethod.POST, "/login", httpClientRequest -> {
            Buffer buffer = Buffer.buffer();
            buffer.appendString("--dLV9Wyq26L_-JQxk6ferf-RT153LhOO\r\nContent-Disposition: form-data; name=\"username\"\r\n\r\n" + (z ? "jim" : "tim") + "\r\n--dLV9Wyq26L_-JQxk6ferf-RT153LhOO\r\nContent-Disposition: form-data; name=\"password\"\r\n\r\n" + (z ? "sausages" : "fishfingers") + "\r\n--dLV9Wyq26L_-JQxk6ferf-RT153LhOO--\r\n");
            httpClientRequest.putHeader("content-length", String.valueOf(buffer.length()));
            httpClientRequest.putHeader("content-type", "multipart/form-data; boundary=dLV9Wyq26L_-JQxk6ferf-RT153LhOO");
            httpClientRequest.putHeader("cookie", this.sessionCookie.get());
            httpClientRequest.write(buffer);
        }, httpClientResponse -> {
            String str = httpClientResponse.headers().get("set-cookie");
            assertNotNull(str);
            assertEquals(this.sessionCookie.get(), str);
        }, 403, "Forbidden", null);
        testRequest(HttpMethod.GET, "/protected/somepage", httpClientRequest2 -> {
            httpClientRequest2.putHeader("cookie", this.sessionCookie.get());
        }, httpClientResponse2 -> {
            String str = httpClientResponse2.headers().get("location");
            assertNotNull(str);
            assertEquals("/loginpage", str);
            String str2 = httpClientResponse2.headers().get("set-cookie");
            assertNotNull(str2);
            assertEquals(this.sessionCookie.get(), str2);
        }, 302, "Found", null);
    }
}
