package com.ibm.team.repository.client.tests.auth;

import com.ibm.team.repository.client.IOAuthClientLibrary;
import com.ibm.team.repository.client.tests.AbstractAutoLoginClientTest;
import com.ibm.team.repository.client.tests.oauth.FriendsClient;
import com.ibm.team.repository.client.tests.tools.Helper;
import com.ibm.team.repository.common.TeamRepositoryException;
import com.ibm.team.repository.common.UUID;
import com.ibm.team.repository.common.model.OAuthServiceProviderInfo;
import com.ibm.team.repository.common.transport.HttpUtil;
import com.ibm.team.repository.common.transport.UriUtil;
import com.ibm.team.repository.common.util.NLS;
import com.ibm.team.repository.transport.auth.TransportAuthUtil;
import com.ibm.team.repository.transport.client.AuthenticationException;
import com.ibm.team.repository.transport.client.LenientSecureProtocolSocketFactory;
import com.ibm.team.repository.transport.client.RemoteTeamServer;
import com.ibm.team.repository.transport.client.TeamRawRestServiceClient;
import com.ibm.team.repository.transport.client.TeamServerFactory;
import java.net.URL;
import net.oauth.OAuthConsumer;
import net.oauth.OAuthServiceProvider;
import org.apache.commons.httpclient.Header;
import org.apache.commons.httpclient.HostConfiguration;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpMethod;
import org.apache.commons.httpclient.HttpState;
import org.apache.commons.httpclient.UsernamePasswordCredentials;
import org.apache.commons.httpclient.auth.AuthScope;
import org.apache.commons.httpclient.methods.GetMethod;
import org.apache.commons.httpclient.methods.PostMethod;
import org.apache.commons.httpclient.methods.PutMethod;
import org.apache.commons.httpclient.methods.StringRequestEntity;
import org.apache.commons.httpclient.protocol.DefaultProtocolSocketFactory;
import org.apache.commons.httpclient.protocol.Protocol;
import org.eclipse.core.runtime.IProgressMonitor;

/* loaded from: input_file:team_core_client_tests.jar:com/ibm/team/repository/client/tests/auth/LogoutTests.class */
public class LogoutTests extends AbstractAutoLoginClientTest {
    private OAuthServiceProvider provider;
    private OAuthConsumer consumer;
    private static final String LOGOUT_SERVICE = "service/com.ibm.team.repository.service.internal.ILogoutRestService";
    private static final String USERROLES_SERVICE = "service/com.ibm.team.repository.internal.service.auth.IUserRoles";

    public LogoutTests(String str) {
        super(str);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.team.repository.client.tests.AbstractAutoLoginClientTest, com.ibm.team.repository.client.tests.AbstractClientTest
    public void setUp() throws Exception {
        super.setUp();
        IOAuthClientLibrary iOAuthClientLibrary = (IOAuthClientLibrary) this.repo.getClientLibrary(IOAuthClientLibrary.class);
        OAuthServiceProviderInfo serviceProviderInfo = iOAuthClientLibrary.getServiceProviderInfo();
        this.provider = new OAuthServiceProvider(serviceProviderInfo.getRequestTokenURL(), serviceProviderInfo.getAuthorizeUserURL(), serviceProviderInfo.getAccessTokenURL());
        String uuidValue = UUID.generate().getUuidValue();
        this.consumer = new OAuthConsumer((String) null, iOAuthClientLibrary.registerConsumer(uuidValue, (IProgressMonitor) null), uuidValue, this.provider);
    }

    public void testLogout01() throws Exception {
        HttpClient httpClient = new HttpClient();
        URL url = new URL(String.valueOf(Helper.getServerUri(true)) + USERROLES_SERVICE);
        HttpMethod makeRestCall = makeRestCall(httpClient, "", "GET", url.toString(), "TestJazzUser1", true);
        assertEquals(200, makeRestCall.getStatusCode());
        String[] strArr = (String[]) UriUtil.parseQueryParameters(makeRestCall.getResponseBodyAsString()).get("user_principal");
        assertNotNull(strArr);
        assertEquals("TestJazzUser1", strArr[0]);
        makeRestCall.releaseConnection();
        httpClient.getState().clearCredentials();
        HttpMethod makeRestCall2 = makeRestCall(httpClient, "", "GET", new URL(String.valueOf(Helper.getServerUri(false)) + "auth/logout").toString(), "TestJazzUser1", false);
        assertEquals(200, makeRestCall2.getStatusCode());
        Header responseHeader = makeRestCall2.getResponseHeader("X-com-ibm-team-repository-web-auth-msg");
        assertNotNull(responseHeader);
        assertEquals("loggedout", responseHeader.getValue());
        makeRestCall2.releaseConnection();
        try {
            makeRestCall2 = makeRestCall(httpClient, "", "GET", url.toString(), "TestJazzUser1", false);
            fail("Unexpected success - expected authentication failure");
            makeRestCall2.releaseConnection();
        } catch (AuthenticationException unused) {
            makeRestCall2.releaseConnection();
        } catch (Throwable th) {
            makeRestCall2.releaseConnection();
            throw th;
        }
    }

    public void testLogout02() throws Exception {
        HttpClient httpClient = new HttpClient();
        URL url = new URL(String.valueOf(Helper.getServerUri(true)) + USERROLES_SERVICE);
        HttpMethod makeRestCall = makeRestCall(httpClient, "", "GET", new URL(String.valueOf(Helper.getServerUri(false)) + "auth/logout").toString(), "TestJazzUser1", false);
        assertEquals(200, makeRestCall.getStatusCode());
        Header responseHeader = makeRestCall.getResponseHeader("X-com-ibm-team-repository-web-auth-msg");
        assertNotNull(responseHeader);
        assertEquals("loggedout", responseHeader.getValue());
        makeRestCall.releaseConnection();
        try {
            makeRestCall = makeRestCall(httpClient, "", "GET", url.toString(), "TestJazzUser1", false);
            fail("Unexpected success - expected authentication failure");
            makeRestCall.releaseConnection();
        } catch (AuthenticationException unused) {
            makeRestCall.releaseConnection();
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testLogout03() throws Exception {
        HttpClient httpClient = new HttpClient();
        URL url = new URL(String.valueOf(Helper.getServerUri(false)) + "auth/logout");
        HttpMethod makeRestCall = makeRestCall(httpClient, "", "GET", url.toString(), "TestJazzUser1", false);
        assertEquals(200, makeRestCall.getStatusCode());
        Header responseHeader = makeRestCall.getResponseHeader("X-com-ibm-team-repository-web-auth-msg");
        assertNotNull(responseHeader);
        assertEquals("loggedout", responseHeader.getValue());
        makeRestCall.releaseConnection();
        HttpMethod makeRestCall2 = makeRestCall(httpClient, "", "GET", url.toString(), "TestJazzUser1", false);
        assertEquals(200, makeRestCall2.getStatusCode());
        Header responseHeader2 = makeRestCall2.getResponseHeader("X-com-ibm-team-repository-web-auth-msg");
        assertNotNull(responseHeader2);
        assertEquals("loggedout", responseHeader2.getValue());
        makeRestCall2.releaseConnection();
    }

    public void testLogout04() throws Exception {
        HttpClient httpClient = new HttpClient();
        URL url = new URL(String.valueOf(Helper.getServerUri(true)) + USERROLES_SERVICE);
        HttpMethod makeRestCall = makeRestCall(httpClient, "", "GET", url.toString(), "TestJazzUser1", true);
        assertEquals(200, makeRestCall.getStatusCode());
        String[] strArr = (String[]) UriUtil.parseQueryParameters(makeRestCall.getResponseBodyAsString()).get("user_principal");
        assertNotNull(strArr);
        assertEquals("TestJazzUser1", strArr[0]);
        makeRestCall.releaseConnection();
        httpClient.getState().clearCredentials();
        HttpMethod makeRestCall2 = makeRestCall(httpClient, "", "POST", new URL(String.valueOf(Helper.getServerUri(true)) + LOGOUT_SERVICE).toString(), "TestJazzUser1", false);
        assertEquals(200, makeRestCall2.getStatusCode());
        Header responseHeader = makeRestCall2.getResponseHeader("X-com-ibm-team-repository-web-auth-msg");
        assertNotNull(responseHeader);
        assertEquals("loggedout", responseHeader.getValue());
        makeRestCall2.releaseConnection();
        try {
            makeRestCall2 = makeRestCall(httpClient, "", "GET", url.toString(), "TestJazzUser1", false);
            fail("Unexpected success - expected authentication failure");
            makeRestCall2.releaseConnection();
        } catch (AuthenticationException unused) {
            makeRestCall2.releaseConnection();
        } catch (Throwable th) {
            makeRestCall2.releaseConnection();
            throw th;
        }
    }

    public void testLogout05() throws Exception {
        HttpClient httpClient = new HttpClient();
        URL url = new URL(String.valueOf(Helper.getServerUri(true)) + USERROLES_SERVICE);
        HttpMethod makeRestCall = makeRestCall(httpClient, "", "POST", new URL(String.valueOf(Helper.getServerUri(true)) + LOGOUT_SERVICE).toString(), "TestJazzUser1", false);
        assertEquals(200, makeRestCall.getStatusCode());
        Header responseHeader = makeRestCall.getResponseHeader("X-com-ibm-team-repository-web-auth-msg");
        assertNotNull(responseHeader);
        assertEquals("loggedout", responseHeader.getValue());
        makeRestCall.releaseConnection();
        try {
            makeRestCall = makeRestCall(httpClient, "", "GET", url.toString(), "TestJazzUser1", false);
            fail("Unexpected success - expected authentication failure");
            makeRestCall.releaseConnection();
        } catch (AuthenticationException unused) {
            makeRestCall.releaseConnection();
        } catch (Throwable th) {
            makeRestCall.releaseConnection();
            throw th;
        }
    }

    public void testLogout06() throws Exception {
        HttpClient httpClient = new HttpClient();
        URL url = new URL(String.valueOf(Helper.getServerUri(true)) + LOGOUT_SERVICE);
        HttpMethod makeRestCall = makeRestCall(httpClient, "", "POST", url.toString(), "TestJazzUser1", false);
        assertEquals(200, makeRestCall.getStatusCode());
        Header responseHeader = makeRestCall.getResponseHeader("X-com-ibm-team-repository-web-auth-msg");
        assertNotNull(responseHeader);
        assertEquals("loggedout", responseHeader.getValue());
        makeRestCall.releaseConnection();
        HttpMethod makeRestCall2 = makeRestCall(httpClient, "", "POST", url.toString(), "TestJazzUser1", false);
        assertEquals(200, makeRestCall2.getStatusCode());
        Header responseHeader2 = makeRestCall2.getResponseHeader("X-com-ibm-team-repository-web-auth-msg");
        assertNotNull(responseHeader2);
        assertEquals("loggedout", responseHeader2.getValue());
        makeRestCall2.releaseConnection();
    }

    public void testLogout07() throws Exception {
        HttpClient httpClient = new HttpClient();
        clearTrustedAuthWhitelist();
        HttpMethod makeRestCall = makeRestCall(httpClient, "", "GET", new URL(String.format("%s%s?redirectURL=%s", Helper.getServerUri(false), "auth/logout", UriUtil.encode("http://www.ibm.com"))).toString(), "TestJazzUser1", false);
        assertTrue(isRedirectErrorResponse(makeRestCall));
        makeRestCall.releaseConnection();
    }

    public void testLogout08() throws Exception {
        try {
            HttpClient httpClient = new HttpClient();
            setTrustedAuthWhitelist(new String[]{UriUtil.encode("http://www.ibm.com")});
            HttpMethod makeRestCall = makeRestCall(httpClient, "", "GET", new URL(String.format("%s%s?redirectURL=%s", Helper.getServerUri(false), "auth/logout", UriUtil.encode("http://www.ibm.com"))).toString(), "TestJazzUser1", false, false);
            assertEquals(302, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
        } finally {
            clearTrustedAuthWhitelist();
        }
    }

    public void testLogout09() throws Exception {
        HttpClient httpClient = new HttpClient();
        clearTrustedAuthWhitelist();
        HttpMethod makeRestCall = makeRestCall(httpClient, "", "GET", new URL(String.format("%s%s?redirectURL=%s", Helper.getServerUri(false), LOGOUT_SERVICE, UriUtil.encode("http://www.ibm.com"))).toString(), "TestJazzUser1", false);
        assertTrue(isRedirectErrorResponse(makeRestCall));
        makeRestCall.releaseConnection();
    }

    public void testLogout10() throws Exception {
        try {
            HttpClient httpClient = new HttpClient();
            setTrustedAuthWhitelist(new String[]{UriUtil.encode("http://www.ibm.com")});
            HttpMethod makeRestCall = makeRestCall(httpClient, "", "GET", new URL(String.format("%s%s?redirectURL=%s", Helper.getServerUri(false), LOGOUT_SERVICE, UriUtil.encode("http://www.ibm.com"))).toString(), "TestJazzUser1", false, false);
            assertEquals(302, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
        } finally {
            clearTrustedAuthWhitelist();
        }
    }

    public void testLogout11() throws Exception {
        HttpClient httpClient = new HttpClient();
        clearTrustedAuthWhitelist();
        HttpMethod makeRestCall = makeRestCall(httpClient, "", "GET", new URL(String.format("%s%s?redirectURL=%s", Helper.getServerUri(false), LOGOUT_SERVICE, UriUtil.encode("http://www.ibm.com"))).toString(), "TestJazzUser1", false);
        assertTrue(isRedirectErrorResponse(makeRestCall));
        makeRestCall.releaseConnection();
    }

    public void testLogout12() throws Exception {
        try {
            HttpMethod makeRestCall = makeRestCall(new HttpClient(), "", "GET", new URL(String.format("%s%s?redirectURL=%s", Helper.getServerUri(false), LOGOUT_SERVICE, UriUtil.encode(String.valueOf(registerApp(this.consumer.consumerKey, this.consumer.consumerSecret, false).getPublicUri()) + "/anotherSegment"))).toString(), "TestJazzUser1", false, false);
            assertEquals(302, makeRestCall.getStatusCode());
            makeRestCall.releaseConnection();
        } finally {
            clearRegisteredApps();
        }
    }

    private static HttpMethod makeRestCall(HttpClient httpClient, String str, String str2, String str3, String str4, boolean z) throws Exception {
        return makeRestCall(httpClient, str, str2, str3, str4, z, true);
    }

    private static HttpMethod makeRestCall(HttpClient httpClient, String str, String str2, String str3, String str4, boolean z, boolean z2) throws Exception {
        GetMethod getMethod;
        URL url = new URL(str3);
        Protocol protocol = "https".equalsIgnoreCase(url.getProtocol()) ? new Protocol("https", LenientSecureProtocolSocketFactory.getFactory(), 443) : new Protocol("http", new DefaultProtocolSocketFactory(), 80);
        HostConfiguration hostConfiguration = new HostConfiguration();
        hostConfiguration.setHost(url.getHost(), url.getPort(), protocol);
        boolean z3 = false;
        if ("get".equalsIgnoreCase(str2)) {
            getMethod = new GetMethod(url.getFile());
        } else {
            GetMethod putMethod = "put".equalsIgnoreCase(str2) ? new PutMethod(url.getFile()) : new PostMethod(url.getFile());
            putMethod.setRequestEntity(new StringRequestEntity(str, HttpUtil.MediaType.JSON.toString(), HttpUtil.CharsetEncoding.UTF8.toString()));
            getMethod = putMethod;
        }
        getMethod.setFollowRedirects(false);
        getMethod.setRequestHeader("Accept", "*/*");
        if (oidcEnabled()) {
            if (getMethod.getRequestHeader("Authorization") != null) {
                getMethod.removeRequestHeader("Authorization");
            }
            TransportAuthUtil.setCredentials(httpClient, new AuthScope(hostConfiguration.getHost(), hostConfiguration.getPort()), str4, str4);
            boolean booleanParameter = httpClient.getParams().getBooleanParameter("http.authentication.preemptive", false);
            httpClient.getParams().setAuthenticationPreemptive(true);
            boolean doAuthentication = getMethod.getDoAuthentication();
            getMethod.setDoAuthentication(true);
            try {
                httpClient.executeMethod(hostConfiguration, getMethod);
                z3 = true;
                getMethod.setDoAuthentication(doAuthentication);
                httpClient.getParams().setAuthenticationPreemptive(booleanParameter);
                if (1 == 0) {
                    getMethod.releaseConnection();
                }
            } catch (Throwable th) {
                getMethod.setDoAuthentication(doAuthentication);
                httpClient.getParams().setAuthenticationPreemptive(booleanParameter);
                throw th;
            }
        } else {
            try {
                httpClient.executeMethod(hostConfiguration, getMethod);
                z3 = true;
                if (1 == 0) {
                    getMethod.releaseConnection();
                }
            } finally {
                if (!z3) {
                    getMethod.releaseConnection();
                }
            }
        }
        if (TransportAuthUtil.formAuthRequested(getMethod)) {
            if (!z || str4 == null) {
                throw new AuthenticationException(NLS.bind("A request to \"{0}\" failed because an unexpected login was required for \"{0}\"", str3, new Object[]{str4}));
            }
            httpClient.setHostConfiguration(hostConfiguration);
            TransportAuthUtil.formBasedAuthenticate(new URL(Helper.getServerUri(true)).getFile(), httpClient, new UsernamePasswordCredentials(str4, str4), (HttpState) null);
            getMethod.releaseConnection();
            return makeRestCall(httpClient, str, str2, str3, str4, false);
        }
        if (z2 && getMethod.getStatusCode() == 302) {
            Header responseHeader = getMethod.getResponseHeader("Location");
            if (responseHeader != null) {
                getMethod.releaseConnection();
                return makeRestCall(httpClient, str, str2, responseHeader.getValue(), str4, z);
            }
        } else if (getMethod.getStatusCode() == 401) {
            throw new AuthenticationException(NLS.bind("A request to \"{0}\" failed because of an authentication error for user \"{0}\"", str3, new Object[]{str4}));
        }
        return getMethod;
    }

    private FriendsClient.RegisteredApp registerApp(String str, String str2, boolean z) throws Exception {
        RemoteTeamServer newTeamServerFromURL = TeamServerFactory.INSTANCE.newTeamServerFromURL(getRepositoryURI());
        newTeamServerFromURL.setCredentials("TestJazzAdmin1", "password");
        FriendsClient friendsClient = new FriendsClient(new TeamRawRestServiceClient(newTeamServerFromURL), getRepositoryURI());
        FriendsClient.RegisteredApp addInternalFriend = friendsClient.addInternalFriend(friendsClient.getRootServicesUrl(), str, str2, z);
        newTeamServerFromURL.closeConnections();
        if (addInternalFriend == null) {
            fail("Unexpected failure retrieving application id");
        }
        return addInternalFriend;
    }

    private static boolean isRedirectErrorResponse(HttpMethod httpMethod) throws Exception {
        String value;
        Header responseHeader = httpMethod.getResponseHeader("X-com-ibm-team-repository-auth-status");
        return responseHeader != null && (value = responseHeader.getValue()) != null && value.trim().length() > 0 && value.equals("loggedout-no-redirect") && httpMethod.getStatusCode() == 200;
    }

    private void clearRegisteredApps() throws Exception {
        RemoteTeamServer newTeamServerFromURL = TeamServerFactory.INSTANCE.newTeamServerFromURL(getRepositoryURI());
        newTeamServerFromURL.setCredentials("TestJazzAdmin1", "password");
        new FriendsClient(new TeamRawRestServiceClient(newTeamServerFromURL), getRepositoryURI()).clearFriendsConfiguration();
        newTeamServerFromURL.closeConnections();
    }

    private void clearTrustedAuthWhitelist() throws Exception {
        RemoteTeamServer newTeamServerFromURL = TeamServerFactory.INSTANCE.newTeamServerFromURL(getRepositoryURI());
        newTeamServerFromURL.setCredentials("TestJazzAdmin1", "password");
        try {
            new com.ibm.team.repository.client.tests.oauth.TrustedCallbackConfigClient(new TeamRawRestServiceClient(newTeamServerFromURL), getRepositoryURI()).setAuthorizedCallbacksWhiteList(new String[]{""});
        } finally {
            newTeamServerFromURL.closeConnections();
        }
    }

    private void setTrustedAuthWhitelist(String[] strArr) throws Exception {
        RemoteTeamServer newTeamServerFromURL = TeamServerFactory.INSTANCE.newTeamServerFromURL(getRepositoryURI());
        newTeamServerFromURL.setCredentials("TestJazzAdmin1", "password");
        try {
            new com.ibm.team.repository.client.tests.oauth.TrustedCallbackConfigClient(new TeamRawRestServiceClient(newTeamServerFromURL), getRepositoryURI()).setAuthorizedCallbacksWhiteList(strArr);
        } finally {
            newTeamServerFromURL.closeConnections();
        }
    }

    protected OAuthConsumer createConsumer() throws TeamRepositoryException {
        IOAuthClientLibrary iOAuthClientLibrary = (IOAuthClientLibrary) this.repo.getClientLibrary(IOAuthClientLibrary.class);
        String uuidValue = UUID.generate().getUuidValue();
        return new OAuthConsumer((String) null, iOAuthClientLibrary.registerConsumer(uuidValue, (IProgressMonitor) null), uuidValue, this.provider);
    }
}
