package org.dspace.app.rest.security.jwt;

import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Date;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.dspace.core.Context;
import org.dspace.eperson.EPerson;
import org.dspace.eperson.service.EPersonService;
import org.dspace.service.ClientInfoService;
import org.dspace.services.ConfigurationService;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.ArgumentMatchers;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.Spy;
import org.mockito.junit.MockitoJUnitRunner;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.security.crypto.keygen.KeyGenerators;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:org/dspace/app/rest/security/jwt/JWTTokenHandlerTest.class */
public class JWTTokenHandlerTest {

    @InjectMocks
    @Spy
    private LoginJWTTokenHandler loginJWTTokenHandler;

    @Mock
    protected ConfigurationService configurationService;

    @Mock
    protected Context context;

    @Mock
    protected EPerson ePerson;

    @Mock
    protected HttpServletRequest httpServletRequest;

    @Mock
    protected EPersonService ePersonService;

    @Mock
    protected EPersonClaimProvider ePersonClaimProvider;

    @Mock
    protected ClientInfoService clientInfoService;

    @Spy
    protected List<JWTClaimProvider> jwtClaimProviders = new ArrayList();

    @Before
    public void setUp() throws Exception {
        Mockito.when(this.ePerson.getSessionSalt()).thenReturn("01234567890123456789012345678901");
        Mockito.when(this.ePerson.getLastActive()).thenReturn(new Date());
        Mockito.when(this.context.getCurrentUser()).thenReturn(this.ePerson);
        Mockito.when(this.clientInfoService.getClientIp((HttpServletRequest) ArgumentMatchers.any())).thenReturn("123.123.123.123");
        Mockito.when(this.ePersonClaimProvider.getKey()).thenReturn("eid");
        Mockito.when(this.ePersonClaimProvider.getValue((Context) ArgumentMatchers.any(), (HttpServletRequest) Mockito.any(HttpServletRequest.class))).thenReturn("epersonID");
        this.jwtClaimProviders.add(this.ePersonClaimProvider);
    }

    @After
    public void tearDown() throws Exception {
    }

    @Test
    public void testJWTNoEncryption() throws Exception {
        Assert.assertEquals("epersonID", (String) SignedJWT.parse(this.loginJWTTokenHandler.createTokenForEPerson(this.context, new MockHttpServletRequest(), new Date(System.currentTimeMillis() - 10000000000L))).getJWTClaimsSet().getClaim("eid"));
    }

    @Test(expected = ParseException.class)
    public void testJWTEncrypted() throws Exception {
        Mockito.when(Boolean.valueOf(this.loginJWTTokenHandler.isEncryptionEnabled())).thenReturn(true);
        Date date = new Date(System.currentTimeMillis() - 10000000000L);
        Mockito.when(this.configurationService.getProperty("jwt.login.encryption.secret")).thenReturn(KeyGenerators.string().generateKey());
        SignedJWT.parse(this.loginJWTTokenHandler.createTokenForEPerson(this.context, new MockHttpServletRequest(), date));
    }

    @Test
    public void testExpiredToken() throws Exception {
        Mockito.when(Long.valueOf(this.configurationService.getLongProperty("jwt.login.token.expiration", 1800000L))).thenReturn(-99999999L);
        Mockito.when(this.ePersonClaimProvider.getEPerson((Context) ArgumentMatchers.any(Context.class), (JWTClaimsSet) ArgumentMatchers.any(JWTClaimsSet.class))).thenReturn(this.ePerson);
        Assert.assertEquals((Object) null, this.loginJWTTokenHandler.parseEPersonFromToken(this.loginJWTTokenHandler.createTokenForEPerson(this.context, new MockHttpServletRequest(), new Date(new Date().getTime() - 10000000000L)), this.httpServletRequest, this.context));
    }

    @Test
    public void testTokenTampering() throws Exception {
        Mockito.when(Long.valueOf(this.loginJWTTokenHandler.getExpirationPeriod())).thenReturn(-99999999L);
        Mockito.when(this.ePersonClaimProvider.getEPerson((Context) ArgumentMatchers.any(Context.class), (JWTClaimsSet) ArgumentMatchers.any(JWTClaimsSet.class))).thenReturn(this.ePerson);
        String createTokenForEPerson = this.loginJWTTokenHandler.createTokenForEPerson(this.context, new MockHttpServletRequest(), new Date(new Date().getTime() - 10000000000L));
        String str = new String(Base64.getUrlEncoder().encode(new JWTClaimsSet.Builder().claim("eid", "epersonID").expirationTime(new Date(System.currentTimeMillis() + 99999999)).build().toString().getBytes()));
        String[] split = createTokenForEPerson.split("\\.");
        Assert.assertEquals((Object) null, this.loginJWTTokenHandler.parseEPersonFromToken(split[0] + "." + str + "." + split[2], this.httpServletRequest, this.context));
    }

    @Test
    public void testInvalidatedToken() throws Exception {
        String createTokenForEPerson = this.loginJWTTokenHandler.createTokenForEPerson(this.context, new MockHttpServletRequest(), new Date(System.currentTimeMillis() - 10000000000L));
        this.loginJWTTokenHandler.invalidateToken(createTokenForEPerson, new MockHttpServletRequest(), this.context);
        Assert.assertEquals((Object) null, this.loginJWTTokenHandler.parseEPersonFromToken(createTokenForEPerson, this.httpServletRequest, this.context));
    }
}
