/*******************************************************************************
 * This file is part of OpenNMS(R).
 *
 * Copyright (C) 2010-2011 The OpenNMS Group, Inc.
 * OpenNMS(R) is Copyright (C) 1999-2011 The OpenNMS Group, Inc.
 *
 * OpenNMS(R) is a registered trademark of The OpenNMS Group, Inc.
 *
 * OpenNMS(R) is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published
 * by the Free Software Foundation, either version 3 of the License,
 * or (at your option) any later version.
 *
 * OpenNMS(R) is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with OpenNMS(R).  If not, see:
 *      http://www.gnu.org/licenses/
 *
 * For more information contact:
 *     OpenNMS(R) Licensing <license@opennms.org>
 *     http://www.opennms.org/
 *     http://www.opennms.com/
 *******************************************************************************/

package org.opennms.web.springframework.security;

import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;

import java.io.IOException;
import java.io.UnsupportedEncodingException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;

import org.apache.commons.codec.binary.Base64;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;
import org.opennms.core.utils.BeanUtils;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mock.web.MockHttpServletRequest;
import org.springframework.mock.web.MockHttpServletResponse;
import org.springframework.mock.web.MockServletContext;
import org.springframework.security.web.FilterChainProxy;


/**
 * @author brozow
 *
 */
/*@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations={
        "classpath:/applicationContext-ldapTest.xml"
})*/
public class LdapAuthTest implements InitializingBean {
    
    /**
     * @author brozow
     *
     */
    private static class AccesAnticipator implements FilterChain {
        private boolean m_called = false;
        public void doFilter(ServletRequest arg0, ServletResponse arg1) throws IOException, ServletException {
            m_called = true;
        }
        
        public void assertAccessDenied() {
            assertFalse("Expected access to be denied", m_called);
        }
        
        public void assertAccessAllowed() {
            assertTrue("Expected access to be allowed", m_called);
        }
    }

    @Autowired
    FilterChainProxy m_authFilterChain;
    
    MockServletContext m_servletContext;
    
    AccesAnticipator m_chain = new AccesAnticipator();
    
    String m_contextPath = "/opennms";
    
    @Override
    public void afterPropertiesSet() throws Exception {
        BeanUtils.assertAutowiring(this);
    }
    
    @Before
    public void setUp() {
        m_servletContext = new MockServletContext();
        m_servletContext.setContextPath(m_contextPath);
    }
    
    @Test
    @Ignore
    public void testNoAuth() throws IOException, ServletException {
        
        MockHttpServletRequest request = createRequest("GET", "/index.htm");

        assertAccessDenied(request);
    }
    

    @Test
    @Ignore
    public void testBasicAuth() throws IOException, ServletException {
        
        MockHttpServletRequest request = createRequest("GET", "/index.htm", "bob", "bobspassword");

        assertAccessAllowed(request);

    }

    @Test
    @Ignore
    public void testBasicAuthInvalidPassword() throws IOException, ServletException {
        
        MockHttpServletRequest request = createRequest("GET", "/index.htm", "bob", "invalid");

        assertAccessDenied(request);

    }

    /**
     * @param request
     * @throws IOException
     * @throws ServletException
     */
    private void assertAccessAllowed(MockHttpServletRequest request)
            throws IOException, ServletException {
        MockHttpServletResponse response = new MockHttpServletResponse();
        
        m_authFilterChain.doFilter(request, response, m_chain);
        
        assertEquals(200, response.getStatus());
        m_chain.assertAccessAllowed();
    }
    
    /**
     * @param request
     * @throws IOException
     * @throws ServletException
     */
    private void assertAccessDenied(MockHttpServletRequest request)
            throws IOException, ServletException {
        MockHttpServletResponse response = new MockHttpServletResponse();
        
        m_authFilterChain.doFilter(request, response, m_chain);
        
        assertEquals(401, response.getStatus());
        m_chain.assertAccessDenied();
    }
    

    protected MockHttpServletRequest createRequest(String requestType, String urlPath) {
        MockHttpServletRequest request = new MockHttpServletRequest(m_servletContext, requestType, m_contextPath + urlPath);
        request.setServletPath(m_contextPath + urlPath);
        request.setContextPath(m_contextPath);
        return request;
    }
    
    private MockHttpServletRequest createRequest(String requestType, String urlPath, String user, String passwd) throws UnsupportedEncodingException {
        MockHttpServletRequest request = createRequest(requestType, urlPath);
        
        String token = user + ":"  + passwd;
        byte[] encodedToken = Base64.encodeBase64(token.getBytes("UTF-8"));
        request.addHeader("Authorization", "Basic " + new String(encodedToken, "UTF-8"));

        return request;
    }

}