package org.nuxeo.ecm.tokenauth;

import javax.inject.Inject;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.nuxeo.ecm.automation.client.RemoteException;
import org.nuxeo.ecm.automation.client.jaxrs.impl.HttpAutomationClient;
import org.nuxeo.ecm.automation.test.EmbeddedAutomationServerFeature;
import org.nuxeo.ecm.core.api.CoreSession;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.api.security.ACE;
import org.nuxeo.ecm.core.api.security.ACP;
import org.nuxeo.ecm.core.test.annotations.Granularity;
import org.nuxeo.ecm.core.test.annotations.RepositoryConfig;
import org.nuxeo.runtime.test.runner.Deploy;
import org.nuxeo.runtime.test.runner.Features;
import org.nuxeo.runtime.test.runner.FeaturesRunner;
import org.nuxeo.runtime.test.runner.HotDeployer;
import org.nuxeo.runtime.test.runner.ServletContainer;

@RepositoryConfig(init = TokenAuthenticationRepositoryInit.class, cleanup = Granularity.METHOD)
@Deploy({"org.nuxeo.ecm.platform.login.token.test:OSGI-INF/test-token-authentication-anonymous-contrib.xml"})
@ServletContainer(port = 18080)
@RunWith(FeaturesRunner.class)
@Features({TokenAuthenticationServiceFeature.class, EmbeddedAutomationServerFeature.class})
/* loaded from: input_file:org/nuxeo/ecm/tokenauth/TestAnonymousTokenAuthenticator.class */
public class TestAnonymousTokenAuthenticator {

    @Inject
    protected HotDeployer deployer;

    @Inject
    protected CoreSession session;

    @Inject
    protected HttpAutomationClient automationClient;

    @Test
    public void testAuthenticatorAsAnonymous() throws Exception {
        TokenAuthenticationCallback tokenAuthenticationCallback = new TokenAuthenticationCallback("Guest", "myFavoriteApp", "Ubuntu box 64 bits", "This is my personal Linux box", "rw");
        String remoteToken = tokenAuthenticationCallback.getRemoteToken(tokenAuthenticationCallback.getTokenParams());
        Assert.assertNotNull(remoteToken);
        try {
            this.automationClient.getSession(remoteToken);
            Assert.fail("Getting an Automation client session with a token as anonymous user should throw a RemoteException with HTTP 401 status code");
        } catch (RemoteException e) {
            Assert.assertEquals(401L, e.getStatus());
        }
        this.deployer.deploy(new String[]{"org.nuxeo.ecm.platform.login.token.test:OSGI-INF/test-token-authentication-allow-anonymous-token-contrib.xml"});
        Assert.assertEquals("Guest", this.automationClient.getSession(remoteToken).getLogin().getUsername());
    }

    protected void setPermission(DocumentModel documentModel, ACE ace) {
        ACP acp = this.session.getACP(documentModel.getRef());
        acp.getOrCreateACL("local").add(ace);
        this.session.setACP(documentModel.getRef(), acp, true);
        this.session.save();
    }
}
