package org.mule.module.cxf;

import com.google.common.net.MediaType;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.Collection;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.methods.StringRequestEntity;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runners.Parameterized;
import org.mule.tck.AbstractServiceAndFlowTestCase;
import org.mule.tck.junit4.rule.DynamicPort;

/* loaded from: input_file:org/mule/module/cxf/HttpSecurityPolicyTestCase.class */
public class HttpSecurityPolicyTestCase extends AbstractHttpSecurityTestCase {
    String msgEchoOperation1;

    @Rule
    public DynamicPort dynamicPort1;

    @Rule
    public DynamicPort dynamicPort2;
    private static String SOAP_REQUEST_OPEN = "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:tes=\"http://testmodels.cxf.module.mule.org/\">";
    private static String SOAP_ENV_HEADER_OPEN = "<soapenv:Header>";
    private static String SOAP_ENV_HEADER_CLOSE = "</soapenv:Header>";
    private static String SOAP_BODY = "<soapenv:Body><tes:echo><text>echo</text></tes:echo></soapenv:Body>";
    private static String SOAP_REQUEST_CLOSE = "</soapenv:Envelope>";
    private static String SOAP_PROPERTY_USERNAME_TOKEN = "<wsse:Security soapenv:mustUnderstand=\"1\" xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"><wsse:UsernameToken wsu:Id=\"UsernameToken-8424E70C4CDF89B5E514992807079293\"><wsse:Username>fabiang</wsse:Username><wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">password</wsse:Password><wsse:Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\">nFovTkBez8DceekL08FsQw==</wsse:Nonce></wsse:UsernameToken></wsse:Security>";
    private static String soapPropertyUsernameWrongPasswordToken = "<wsse:Security soapenv:mustUnderstand=\"1\" xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"><wsse:UsernameToken wsu:Id=\"UsernameToken-8424E70C4CDF89B5E514992807079293\"><wsse:Username>fabiang</wsse:Username><wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">wrongPassword</wsse:Password><wsse:Nonce EncodingType=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary\">nFovTkBez8DceekL08FsQw==</wsse:Nonce></wsse:UsernameToken></wsse:Security>";
    private static String SOAP_RESPONSE_AUTHENTICATED = "<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\"><SOAP-ENV:Header xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\"/><soap:Body><ns2:echoResponse xmlns:ns2=\"http://testmodels.cxf.module.mule.org/\"><text>echo</text></ns2:echoResponse></soap:Body></soap:Envelope>";
    private static String SOAP_RESPONSE_NOT_AUTHENTICATED = "<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\"><soap:Body><soap:Fault><faultcode xmlns:ns1=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\">ns1:FailedAuthentication</faultcode><faultstring>The security token could not be authenticated or authorized</faultstring></soap:Fault></soap:Body></soap:Envelope>";

    public HttpSecurityPolicyTestCase(AbstractServiceAndFlowTestCase.ConfigVariant configVariant, String str) {
        super(configVariant, str);
        this.msgEchoOperation1 = "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:new=\"http://new.webservice.namespace\"><soapenv:Header/>  <soapenv:Body>    <new:parameter1>hello world</new:parameter1>  </soapenv:Body></soapenv:Envelope>";
        this.dynamicPort1 = new DynamicPort("port1");
        this.dynamicPort2 = new DynamicPort("port2");
    }

    @Test
    public void testSSLSessionPropagationWithCorrectPassword() throws Exception {
        HttpClient httpClient = new HttpClient();
        PostMethod postMethod = new PostMethod("https://localhost:" + this.dynamicPort2.getNumber() + "/echo");
        sendRequest(true, httpClient, postMethod, SOAP_PROPERTY_USERNAME_TOKEN);
        MatcherAssert.assertThat(Integer.valueOf(httpClient.executeMethod(postMethod)), CoreMatchers.equalTo(200));
        MatcherAssert.assertThat(postMethod.getResponseBodyAsString(), CoreMatchers.equalTo(SOAP_RESPONSE_AUTHENTICATED));
    }

    @Test
    public void testSSLSessionPropagationWithIncorrectPassword() throws Exception {
        HttpClient httpClient = new HttpClient();
        PostMethod postMethod = new PostMethod("https://localhost:" + this.dynamicPort2.getNumber() + "/echo");
        sendRequest(false, httpClient, postMethod, soapPropertyUsernameWrongPasswordToken);
        MatcherAssert.assertThat(Integer.valueOf(httpClient.executeMethod(postMethod)), CoreMatchers.equalTo(500));
        MatcherAssert.assertThat(postMethod.getResponseBodyAsString(), CoreMatchers.equalTo(SOAP_RESPONSE_NOT_AUTHENTICATED));
    }

    private void sendRequest(boolean z, HttpClient httpClient, PostMethod postMethod, String str) throws Exception {
        postMethod.setRequestEntity(new StringRequestEntity(getSoapRequest(z, str), MediaType.PLAIN_TEXT_UTF_8.toString(), StandardCharsets.UTF_8.name()));
    }

    @Parameterized.Parameters
    public static Collection<Object[]> parameters() {
        return Arrays.asList(new Object[]{AbstractServiceAndFlowTestCase.ConfigVariant.FLOW, "jax-ws-security-policy.xml"});
    }

    private static String getSoapRequest(boolean z, String str) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(SOAP_REQUEST_OPEN);
        stringBuffer.append(SOAP_ENV_HEADER_OPEN);
        stringBuffer.append(str);
        stringBuffer.append(SOAP_ENV_HEADER_CLOSE);
        stringBuffer.append(SOAP_BODY);
        stringBuffer.append(SOAP_REQUEST_CLOSE);
        return stringBuffer.toString();
    }
}
