package com.zimbra.qa.unittest;

import com.zimbra.common.account.Key;
import com.zimbra.common.httpclient.HttpClientUtil;
import com.zimbra.cs.account.Account;
import com.zimbra.cs.account.Domain;
import com.zimbra.cs.account.PreAuthKey;
import com.zimbra.cs.account.Provisioning;
import com.zimbra.cs.account.Server;
import com.zimbra.cs.account.ZimbraAuthToken;
import com.zimbra.cs.ldap.LdapConstants;
import com.zimbra.cs.service.PreAuthServlet;
import java.io.IOException;
import java.util.HashMap;
import junit.framework.Assert;
import junit.framework.TestCase;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpException;
import org.apache.commons.httpclient.NameValuePair;
import org.apache.commons.httpclient.methods.GetMethod;

/* loaded from: input_file:com/zimbra/qa/unittest/TestPreAuthServlet.class */
public class TestPreAuthServlet extends TestCase {
    private static String PRE_AUTH_URL = "/service/preauth";

    String setUpDomain() throws Exception {
        Domain domain = Provisioning.getInstance().get(Key.DomainBy.name, TestUtil.getDomain());
        String generateRandomPreAuthKey = PreAuthKey.generateRandomPreAuthKey();
        HashMap hashMap = new HashMap();
        hashMap.put("zimbraPreAuthKey", generateRandomPreAuthKey);
        Provisioning.getInstance().modifyAttrs(domain, hashMap);
        return generateRandomPreAuthKey;
    }

    public static String genPreAuthUrl(String str, String str2, boolean z, boolean z2) throws Exception {
        HashMap hashMap = new HashMap();
        String address = TestUtil.getAddress(str2);
        long currentTimeMillis = System.currentTimeMillis();
        hashMap.put("account", address);
        hashMap.put(PreAuthServlet.PARAM_BY, "name");
        hashMap.put(PreAuthServlet.PARAM_TIMESTAMP, currentTimeMillis + "");
        hashMap.put(PreAuthServlet.PARAM_EXPIRES, "0");
        if (z) {
            hashMap.put(PreAuthServlet.PARAM_ADMIN, "1");
        }
        String computePreAuth = PreAuthKey.computePreAuth(hashMap, str);
        StringBuffer stringBuffer = new StringBuffer(PRE_AUTH_URL + "?");
        stringBuffer.append("account=" + address);
        stringBuffer.append("&by=name");
        if (z2) {
            stringBuffer.append("&timestamp=" + (currentTimeMillis + 10));
        } else {
            stringBuffer.append("&timestamp=" + currentTimeMillis);
        }
        stringBuffer.append("&expires=0");
        stringBuffer.append("&preauth=" + computePreAuth);
        if (z) {
            stringBuffer.append("&admin=1");
        }
        return stringBuffer.toString();
    }

    void doPreAuthServletRequest(String str, boolean z) throws Exception {
        Server localServer = Provisioning.getInstance().getLocalServer();
        String str2 = (z ? "https://localhost:" + localServer.getIntAttr("zimbraAdminPort", 0) : "http://localhost:" + localServer.getIntAttr("zimbraMailPort", 0)) + str;
        HttpClient httpClient = new HttpClient();
        GetMethod getMethod = new GetMethod(str2);
        try {
            try {
                int executeMethod = HttpClientUtil.executeMethod(httpClient, getMethod);
                int statusCode = getMethod.getStatusCode();
                String statusLine = getMethod.getStatusLine().toString();
                System.out.println("respCode=" + executeMethod);
                System.out.println("statusCode=" + statusCode);
                System.out.println("statusLine=" + statusLine);
                getMethod.releaseConnection();
            } catch (IOException e) {
                throw e;
            } catch (HttpException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            getMethod.releaseConnection();
            throw th;
        }
    }

    private void doPreAuth(String str, boolean z, boolean z2) throws Exception {
        String upDomain = setUpDomain();
        String genPreAuthUrl = genPreAuthUrl(upDomain, str, z, z2);
        System.out.println("preAuthKey=" + upDomain);
        System.out.println("preAuth=" + genPreAuthUrl);
        doPreAuthServletRequest(genPreAuthUrl, z);
    }

    public void testPreAuthServlet() throws Exception {
        doPreAuth("user1", false, false);
        doPreAuth(PreAuthServlet.PARAM_ADMIN, true, false);
        doPreAuth("domainadmin", true, false);
    }

    private Account dumpLockoutAttrs(String str) throws Exception {
        Account account = Provisioning.getInstance().get(Key.AccountBy.name, str);
        System.out.println();
        System.out.println("zimbraAccountStatus: " + account.getAttr("zimbraAccountStatus"));
        System.out.println("zimbraPasswordLockoutLockedTime: " + account.getAttr("zimbraPasswordLockoutLockedTime"));
        System.out.println("zimbraPasswordLockoutFailureTime: ");
        for (String str2 : account.getMultiAttr("zimbraPasswordLockoutFailureTime")) {
            System.out.println("    " + str2);
        }
        return account;
    }

    public void disable_testPreAuthLockout() throws Exception {
        Account account = TestUtil.getAccount("user4");
        Provisioning provisioning = Provisioning.getInstance();
        HashMap hashMap = new HashMap();
        hashMap.put("zimbraPasswordLockoutEnabled", LdapConstants.LDAP_TRUE);
        hashMap.put("zimbraPasswordLockoutDuration", "1m");
        hashMap.put("zimbraPasswordLockoutMaxFailures", "3");
        hashMap.put("zimbraPasswordLockoutFailureLifetime", "30s");
        hashMap.put("zimbraAccountStatus", "active");
        hashMap.put("zimbraPasswordLockoutLockedTime", "");
        hashMap.put("zimbraPasswordLockoutFailureTime", "");
        provisioning.modifyAttrs(account, hashMap);
        System.out.println("Before the test:");
        dumpLockoutAttrs("user4");
        System.out.println();
        for (int i = 0; i <= 3; i++) {
            System.out.println("======================");
            System.out.println("Iteration: " + i);
            doPreAuth("user4", false, true);
            Account dumpLockoutAttrs = dumpLockoutAttrs("user4");
            System.out.println("\n\n");
            if (i >= 3 - 1) {
                assertEquals(Provisioning.ACCOUNT_STATUS_LOCKOUT, dumpLockoutAttrs.getAttr("zimbraAccountStatus"));
            } else {
                assertEquals("active", dumpLockoutAttrs.getAttr("zimbraAccountStatus"));
            }
            Thread.sleep(2000L);
        }
    }

    public void testPreAuthAccountNotActive() throws Exception {
        Account account = TestUtil.getAccount("user1");
        Provisioning provisioning = Provisioning.getInstance();
        HashMap hashMap = new HashMap();
        hashMap.put("zimbraAccountStatus", "maintenance");
        provisioning.modifyAttrs(account, hashMap);
        System.out.println("Before the test:");
        System.out.println("zimbraAccountStatus: " + account.getAttr("zimbraAccountStatus"));
        System.out.println();
        String upDomain = setUpDomain();
        String genPreAuthUrl = genPreAuthUrl(upDomain, "user1", false, false);
        System.out.println("preAuthKey=" + upDomain);
        System.out.println("preAuth=" + genPreAuthUrl);
        String str = ("http://localhost:" + Provisioning.getInstance().getLocalServer().getIntAttr("zimbraMailPort", 0)) + genPreAuthUrl;
        HttpClient httpClient = new HttpClient();
        GetMethod getMethod = new GetMethod(str);
        try {
            try {
                int executeMethod = HttpClientUtil.executeMethod(httpClient, getMethod);
                int statusCode = getMethod.getStatusCode();
                String statusLine = getMethod.getStatusLine().toString();
                System.out.println("respCode=" + executeMethod);
                System.out.println("statusCode=" + statusCode);
                System.out.println("statusLine=" + statusLine);
                assertEquals(400, statusCode);
                getMethod.releaseConnection();
                HashMap hashMap2 = new HashMap();
                hashMap2.put("zimbraAccountStatus", "active");
                provisioning.modifyAttrs(account, hashMap2);
                System.out.println("After the test:");
                System.out.println("zimbraAccountStatus: " + account.getAttr("zimbraAccountStatus"));
                System.out.println();
            } catch (IOException e) {
                throw e;
            } catch (HttpException e2) {
                throw e2;
            }
        } catch (Throwable th) {
            getMethod.releaseConnection();
            throw th;
        }
    }

    public void testShouldNotAllowPreAuthGetCookieReuse() throws Exception {
        ZimbraAuthToken zimbraAuthToken = new ZimbraAuthToken(TestUtil.getAccount("user1"));
        System.out.println(zimbraAuthToken.isRegistered());
        HttpClient httpClient = new HttpClient();
        String str = ("http://localhost:" + Provisioning.getInstance().getLocalServer().getIntAttr("zimbraMailPort", 0)) + PRE_AUTH_URL;
        GetMethod getMethod = new GetMethod(str);
        NameValuePair[] nameValuePairArr = {new NameValuePair(PreAuthServlet.PARAM_ISREDIRECT, "1"), new NameValuePair("authtoken", zimbraAuthToken.getEncoded())};
        getMethod.setQueryString(nameValuePairArr);
        HttpClientUtil.executeMethod(httpClient, getMethod);
        GetMethod getMethod2 = new GetMethod(str);
        getMethod2.setQueryString(nameValuePairArr);
        Assert.assertEquals(400, HttpClientUtil.executeMethod(httpClient, getMethod2));
    }

    public static void main(String[] strArr) throws Exception {
        TestUtil.cliSetup();
        try {
            TestUtil.runTest(TestPreAuthServlet.class);
        } catch (Exception e) {
            System.out.println(e.getMessage());
        }
    }
}
