package com.sun.ts.tests.servlet.spec.security.annotations;

import com.sun.ts.lib.util.WebUtil;
import com.sun.ts.tests.servlet.common.client.BaseUrlClient;
import java.util.Properties;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:com/sun/ts/tests/servlet/spec/security/annotations/Client.class */
public class Client extends BaseUrlClient {
    private static final String USERNAME = "user";
    private static final String PASSWORD = "password";
    private static final String UNAUTH_USERNAME = "authuser";
    private static final String UNAUTH_PASSWORD = "authpassword";
    private static final String USER_PRINCIPAL_SEARCH = "The user principal is: ";
    private static final String REMOTE_USER_SEARCH = "getRemoteUser(): ";
    private String pageDeny = null;
    private String pageSec = null;
    private String pageGuest = null;
    private String pageUnprotected = null;
    private String pageTrans = null;
    private String pagePartial = null;
    private String username = null;
    private String password = null;
    private String unauthUsername = null;
    private String unauthPassword = null;
    private String realm = null;
    private WebUtil.Response response = null;
    private String request = null;

    @Deployment(testable = false)
    public static WebArchive getTestArchive() throws Exception {
        return ShrinkWrap.create(WebArchive.class, "servlet_sec_annotations_web.war").addClasses(new Class[]{DenyAllServlet.class, GuestPageTestServlet.class, PartialDDServlet.class, ServletSecTestServlet.class, UnProtectedTestServlet.class}).setWebXML(Client.class.getResource("servlet_sec_annotations_web.xml"));
    }

    @Override // com.sun.ts.tests.servlet.common.client.BaseUrlClient
    public void setup(String[] strArr, Properties properties) throws Exception {
        super.setup(strArr, properties);
        try {
            this.username = System.getProperty("tck.servlet.username", "j2ee");
            this.password = System.getProperty("tck.servlet.password", "j2ee");
            this.unauthUsername = System.getProperty("tck.servlet.unauth.username", "javajoe");
            this.unauthPassword = System.getProperty("tck.servlet.unauth.password", "javajoe");
            this.realm = System.getProperty("tck.servlet.realm", "");
            String contextRoot = getContextRoot();
            String str = contextRoot + "/ServletDenyAll";
            String str2 = contextRoot + "/ServletSecTest";
            String str3 = contextRoot + "/GuestPageTest";
            String str4 = contextRoot + "/UnProtectedTest";
            this.pageSec = str2;
            this.pageDeny = str;
            this.pageGuest = str3;
            this.pageUnprotected = str4;
            this.pageTrans = contextRoot + "/TransportServlet";
            this.pagePartial = contextRoot + "/PartialDDTest";
        } catch (Exception e) {
            logErr("Error: got exception: ", e);
        }
    }

    @Test
    public void test1() throws Exception {
        trace("testing DenyAll");
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test1");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageDeny));
        TEST_PROPS.setProperty("status-code", "401");
        try {
            invoke();
        } catch (Exception e) {
            trace("we tested for Status Code=401 but we could have a 403 code, so check for that.");
            TEST_PROPS.setProperty("testname", "SecAnnotations/Test1");
            TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageDeny));
            TEST_PROPS.setProperty("status-code", "403");
            invoke();
        }
        trace("test1 passed:  we were not allowed to perform GET on a servlet with DenyAll anno");
    }

    @Test
    public void test2() throws Exception {
        StringBuilder sb = new StringBuilder(100);
        sb.append(USER_PRINCIPAL_SEARCH).append(this.unauthUsername);
        trace("Sending request to resource with valid username/password, but not the right roles...");
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test2");
        TEST_PROPS.setProperty("request", getRequestLine("POST", this.pageGuest));
        TEST_PROPS.setProperty("basic_auth_user", this.unauthUsername);
        TEST_PROPS.setProperty("basic_auth_passwd", this.unauthPassword);
        TEST_PROPS.setProperty("status-code", "401");
        try {
            invoke();
        } catch (Exception e) {
            TEST_PROPS.setProperty("testname", "SecAnnotations/Test2");
            TEST_PROPS.setProperty("request", getRequestLine("POST", this.pageGuest));
            TEST_PROPS.setProperty("basic_auth_user", this.unauthUsername);
            TEST_PROPS.setProperty("basic_auth_passwd", this.unauthPassword);
            TEST_PROPS.setProperty("status-code", "403");
        }
        trace("Sending request to resource with valid username/password, but not the right roles...");
        TEST_PROPS.setProperty("search_string", sb.toString());
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test2");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageGuest));
        TEST_PROPS.setProperty("basic_auth_user", this.unauthUsername);
        TEST_PROPS.setProperty("basic_auth_passwd", this.unauthPassword);
        TEST_PROPS.setProperty("status-code", "200");
        invoke();
        trace("Sending request to resource with valid username/password, but not the right roles...");
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test2");
        TEST_PROPS.setProperty("request", getRequestLine("POST", this.pageGuest));
        TEST_PROPS.setProperty("basic_auth_user", this.username);
        TEST_PROPS.setProperty("basic_auth_passwd", this.password);
        TEST_PROPS.setProperty("status-code", "401");
        try {
            invoke();
        } catch (Exception e2) {
            TEST_PROPS.setProperty("testname", "SecAnnotations/Test2");
            TEST_PROPS.setProperty("request", getRequestLine("POST", this.pageGuest));
            TEST_PROPS.setProperty("basic_auth_user", this.username);
            TEST_PROPS.setProperty("basic_auth_passwd", this.password);
            TEST_PROPS.setProperty("status-code", "403");
            invoke();
        }
        trace("test2");
    }

    @Test
    public void test3() throws Exception {
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test3");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageSec));
        TEST_PROPS.setProperty("basic_auth_user", this.unauthUsername);
        TEST_PROPS.setProperty("basic_auth_passwd", this.unauthPassword);
        TEST_PROPS.setProperty("status-code", "200");
        invoke();
        trace("Class level annotation of Roles allowed overridden by method level permit all access.");
        trace("test3 passed.");
    }

    @Test
    public void test4() throws Exception {
        TEST_PROPS.setProperty("request", getRequestLine("POST", this.pageSec));
        TEST_PROPS.setProperty("basic_auth_user", this.username);
        TEST_PROPS.setProperty("basic_auth_passwd", this.password);
        TEST_PROPS.setProperty("status-code", "401");
        try {
            invoke();
        } catch (Exception e) {
            TEST_PROPS.setProperty("request", getRequestLine("POST", this.pageSec));
            TEST_PROPS.setProperty("basic_auth_user", this.username);
            TEST_PROPS.setProperty("basic_auth_passwd", this.password);
            TEST_PROPS.setProperty("status-code", "403");
            invoke();
        }
        trace("Class level setting of roles allowed was overridden by deny all access at method level.");
        trace("test4 passed.");
    }

    @Test
    public void test5() throws Exception {
        trace("Sending request to resource that uses the PermitAll annotation....");
        TEST_PROPS.setProperty("testname", "BasicSec/Test5");
        TEST_PROPS.setProperty("basic_auth_user", this.unauthUsername);
        TEST_PROPS.setProperty("basic_auth_passwd", this.unauthPassword);
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pageUnprotected));
        TEST_PROPS.setProperty("status-code", "200");
        invoke();
        trace("Class level PermitAll anno returned expected results");
        trace("test5 passed.");
    }

    @Test
    public void test6() throws Exception {
        trace("Sending request to resource where DD allows access to override any restricting annotation...");
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test6");
        trace("Sending request to resource with valid username/password, but not the right roles...");
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test6");
        TEST_PROPS.setProperty("request", getRequestLine("POST", this.pageGuest));
        TEST_PROPS.setProperty("basic_auth_user", this.username);
        TEST_PROPS.setProperty("basic_auth_passwd", this.password);
        TEST_PROPS.setProperty("status-code", "401");
        try {
            invoke();
        } catch (Exception e) {
            TEST_PROPS.setProperty("testname", "SecAnnotations/Test6");
            TEST_PROPS.setProperty("request", getRequestLine("POST", this.pageGuest));
            TEST_PROPS.setProperty("basic_auth_user", this.username);
            TEST_PROPS.setProperty("basic_auth_passwd", this.password);
            TEST_PROPS.setProperty("status-code", "403");
            invoke();
        }
        trace("User successfully accessed the resource");
    }

    @Test
    public void test7() throws Exception {
        trace("testing http-method-omission");
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test7");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pagePartial));
        TEST_PROPS.setProperty("status-code", "401");
        try {
            invoke();
        } catch (Exception e) {
            trace("we tested for Status Code=401 but we could have a 403 code, so check for that.");
            TEST_PROPS.setProperty("testname", "SecAnnotations/Test7");
            TEST_PROPS.setProperty("request", getRequestLine("GET", this.pagePartial));
            TEST_PROPS.setProperty("basic_auth_user", this.username);
            TEST_PROPS.setProperty("basic_auth_passwd", this.password);
            TEST_PROPS.setProperty("status-code", "403");
            invoke();
        }
        trace("test7:  complete doGet() with no creds - now starting doPost");
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test7");
        TEST_PROPS.setProperty("request", getRequestLine("GET", this.pagePartial));
        TEST_PROPS.setProperty("basic_auth_user", this.username);
        TEST_PROPS.setProperty("basic_auth_passwd", this.password);
        TEST_PROPS.setProperty("status-code", "200");
        invoke();
        trace("test7:  complete doGet() with creds - now starting doPost");
        TEST_PROPS.setProperty("testname", "SecAnnotations/Test7");
        TEST_PROPS.setProperty("request", getRequestLine("POST", this.pagePartial));
        TEST_PROPS.setProperty("status-code", "200");
        invoke();
        trace("test7:  complete doPost() with no creds.");
        trace("test7 passed:  servlet with http-method-omission settings.");
    }

    private static String getRequestLine(String str, String str2) {
        return str + " " + str2 + " HTTP/1.1";
    }

    private void trace(String str) {
        this.logger.debug("[Client]: {}", str);
    }
}
