package org.neo4j.server.rest.dbms;

import java.io.IOException;
import java.net.URI;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.core.Response;
import org.hamcrest.Matchers;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.mockito.Mockito;
import org.neo4j.internal.kernel.api.security.AuthenticationResult;
import org.neo4j.internal.kernel.api.security.LoginContext;
import org.neo4j.kernel.api.exceptions.InvalidArgumentsException;
import org.neo4j.kernel.api.security.PasswordPolicy;
import org.neo4j.kernel.api.security.UserManager;
import org.neo4j.kernel.api.security.UserManagerSupplier;
import org.neo4j.kernel.impl.security.User;
import org.neo4j.server.rest.repr.formats.JsonFormat;
import org.neo4j.server.security.auth.AuthenticationStrategy;
import org.neo4j.server.security.auth.BasicAuthManager;
import org.neo4j.server.security.auth.BasicLoginContext;
import org.neo4j.server.security.auth.BasicPasswordPolicy;
import org.neo4j.server.security.auth.InMemoryUserRepository;
import org.neo4j.server.security.auth.LegacyCredential;
import org.neo4j.server.security.auth.UserRepository;
import org.neo4j.test.server.EntityOutputFormat;

/* loaded from: input_file:org/neo4j/server/rest/dbms/UserServiceTest.class */
public class UserServiceTest {
    protected static final User NEO4J_USER = new User.Builder("neo4j", LegacyCredential.forPassword("neo4j")).withRequiredPasswordChange(true).build();
    protected final PasswordPolicy passwordPolicy = new BasicPasswordPolicy();
    protected final UserRepository userRepository = new InMemoryUserRepository();
    protected UserManagerSupplier userManagerSupplier;
    protected LoginContext neo4jContext;
    protected Principal neo4jPrinciple;
    private HttpServletRequest request;

    protected void setupAuthManagerAndSubject() {
        this.userManagerSupplier = new BasicAuthManager(this.userRepository, this.passwordPolicy, (AuthenticationStrategy) Mockito.mock(AuthenticationStrategy.class), new InMemoryUserRepository());
        this.neo4jContext = new BasicLoginContext(NEO4J_USER, AuthenticationResult.SUCCESS);
    }

    @Before
    public void setUp() throws InvalidArgumentsException, IOException {
        this.request = (HttpServletRequest) Mockito.mock(HttpServletRequest.class);
        this.userRepository.create(NEO4J_USER);
        setupAuthManagerAndSubject();
        this.neo4jPrinciple = new DelegatingPrincipal("neo4j", this.neo4jContext);
    }

    @After
    public void tearDown() throws IOException {
        this.userRepository.delete(NEO4J_USER);
    }

    @Test
    public void shouldReturnValidUserRepresentation() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        Response user = new UserService(this.userManagerSupplier, new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).getUser("neo4j", this.request);
        Assert.assertThat(Integer.valueOf(user.getStatus()), Matchers.equalTo(200));
        String str = new String((byte[]) user.getEntity());
        Assert.assertNotNull(str);
        Assert.assertThat(str, Matchers.containsString("\"username\" : \"neo4j\""));
        Assert.assertThat(str, Matchers.containsString("\"password_change\" : \"http://www.example.com/user/neo4j/password\""));
        Assert.assertThat(str, Matchers.containsString("\"password_change_required\" : true"));
    }

    @Test
    public void shouldReturn404WhenRequestingUserIfNotAuthenticated() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn((Object) null);
        Assert.assertThat(Integer.valueOf(new UserService(this.userManagerSupplier, new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).getUser("neo4j", this.request).getStatus()), Matchers.equalTo(404));
    }

    @Test
    public void shouldReturn404WhenRequestingUserIfDifferentUser() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        Assert.assertThat(Integer.valueOf(new UserService((UserManagerSupplier) Mockito.mock(BasicAuthManager.class), new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).getUser("fred", this.request).getStatus()), Matchers.equalTo(404));
    }

    @Test
    public void shouldReturn404WhenRequestingUserIfUnknownUser() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        this.userManagerSupplier.getUserManager().deleteUser("neo4j");
        Assert.assertThat(Integer.valueOf(new UserService(this.userManagerSupplier, new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).getUser("neo4j", this.request).getStatus()), Matchers.equalTo(404));
    }

    @Test
    public void shouldChangePasswordAndReturnSuccess() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        Assert.assertThat(Integer.valueOf(new UserService(this.userManagerSupplier, new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).setPassword("neo4j", this.request, "{ \"password\" : \"test\" }").getStatus()), Matchers.equalTo(200));
        this.userManagerSupplier.getUserManager().getUser("neo4j").credentials().matchesPassword("test");
    }

    @Test
    public void shouldReturn404WhenChangingPasswordIfNotAuthenticated() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn((Object) null);
        Assert.assertThat(Integer.valueOf(new UserService((UserManagerSupplier) Mockito.mock(BasicAuthManager.class), new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).setPassword("neo4j", this.request, "{ \"password\" : \"test\" }").getStatus()), Matchers.equalTo(404));
    }

    @Test
    public void shouldReturn404WhenChangingPasswordIfDifferentUser() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        UserManager userManager = (UserManager) Mockito.mock(UserManager.class);
        Assert.assertThat(Integer.valueOf(new UserService(this.userManagerSupplier, new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).setPassword("fred", this.request, "{ \"password\" : \"test\" }").getStatus()), Matchers.equalTo(404));
        Mockito.verifyZeroInteractions(new Object[]{userManager});
    }

    @Test
    public void shouldReturn422WhenChangingPasswordIfUnknownUser() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        UserService userService = new UserService(this.userManagerSupplier, new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null));
        this.userRepository.delete(NEO4J_USER);
        Assert.assertThat(Integer.valueOf(userService.setPassword("neo4j", this.request, "{ \"password\" : \"test\" }").getStatus()), Matchers.equalTo(422));
    }

    @Test
    public void shouldReturn400IfPayloadIsInvalid() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        Response password = new UserService((UserManagerSupplier) Mockito.mock(BasicAuthManager.class), new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).setPassword("neo4j", this.request, "xxx");
        Assert.assertThat(Integer.valueOf(password.getStatus()), Matchers.equalTo(400));
        String str = new String((byte[]) password.getEntity());
        Assert.assertNotNull(str);
        Assert.assertThat(str, Matchers.containsString("\"code\" : \"Neo.ClientError.Request.InvalidFormat\""));
    }

    @Test
    public void shouldReturn422IfMissingPassword() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        Response password = new UserService((UserManagerSupplier) Mockito.mock(BasicAuthManager.class), new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).setPassword("neo4j", this.request, "{ \"unknown\" : \"unknown\" }");
        Assert.assertThat(Integer.valueOf(password.getStatus()), Matchers.equalTo(422));
        String str = new String((byte[]) password.getEntity());
        Assert.assertNotNull(str);
        Assert.assertThat(str, Matchers.containsString("\"code\" : \"Neo.ClientError.Request.InvalidFormat\""));
        Assert.assertThat(str, Matchers.containsString("\"message\" : \"Required parameter 'password' is missing.\""));
    }

    @Test
    public void shouldReturn422IfInvalidPasswordType() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        Response password = new UserService((UserManagerSupplier) Mockito.mock(BasicAuthManager.class), new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).setPassword("neo4j", this.request, "{ \"password\" : 1 }");
        Assert.assertThat(Integer.valueOf(password.getStatus()), Matchers.equalTo(422));
        String str = new String((byte[]) password.getEntity());
        Assert.assertNotNull(str);
        Assert.assertThat(str, Matchers.containsString("\"code\" : \"Neo.ClientError.Request.InvalidFormat\""));
        Assert.assertThat(str, Matchers.containsString("\"message\" : \"Expected 'password' to be a string.\""));
    }

    @Test
    public void shouldReturn422IfEmptyPassword() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        Response password = new UserService(this.userManagerSupplier, new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).setPassword("neo4j", this.request, "{ \"password\" : \"\" }");
        Assert.assertThat(Integer.valueOf(password.getStatus()), Matchers.equalTo(422));
        String str = new String((byte[]) password.getEntity());
        Assert.assertNotNull(str);
        Assert.assertThat(str, Matchers.containsString("\"code\" : \"Neo.ClientError.General.InvalidArguments\""));
        Assert.assertThat(str, Matchers.containsString("\"message\" : \"A password cannot be empty.\""));
    }

    @Test
    public void shouldReturn422IfPasswordIdentical() throws Exception {
        Mockito.when(this.request.getUserPrincipal()).thenReturn(this.neo4jPrinciple);
        Response password = new UserService(this.userManagerSupplier, new JsonFormat(), new EntityOutputFormat(new JsonFormat(), new URI("http://www.example.com"), null)).setPassword("neo4j", this.request, "{ \"password\" : \"neo4j\" }");
        Assert.assertThat(Integer.valueOf(password.getStatus()), Matchers.equalTo(422));
        String str = new String((byte[]) password.getEntity());
        Assert.assertNotNull(str);
        Assert.assertThat(str, Matchers.containsString("\"code\" : \"Neo.ClientError.General.InvalidArguments\""));
        Assert.assertThat(str, Matchers.containsString("\"message\" : \"Old password and new password cannot be the same.\""));
    }
}
