package net.bluemind.system.ldap.importation.hooks;

import com.google.common.util.concurrent.SettableFuture;
import io.vertx.core.AsyncResult;
import io.vertx.core.Handler;
import java.io.IOException;
import java.util.Collections;
import javax.net.ssl.TrustManager;
import net.bluemind.authentication.provider.IAuthProvider;
import net.bluemind.core.container.model.Item;
import net.bluemind.core.container.model.ItemValue;
import net.bluemind.core.context.SecurityContext;
import net.bluemind.core.jdbc.JdbcTestHelper;
import net.bluemind.core.tests.BmTestContext;
import net.bluemind.domain.api.Domain;
import net.bluemind.lib.ldap.LdapConProxy;
import net.bluemind.lib.vertx.VertxPlatform;
import net.bluemind.pool.impl.BmConfIni;
import net.bluemind.pool.impl.docker.DockerContainer;
import net.bluemind.server.api.Server;
import net.bluemind.system.ldap.importation.api.LdapProperties;
import net.bluemind.system.ldap.tests.helpers.LdapDockerTestHelper;
import net.bluemind.tests.defaultdata.PopulateHelper;
import net.bluemind.user.api.User;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.exception.LdapException;
import org.apache.directory.api.ldap.model.message.BindRequestImpl;
import org.apache.directory.ldap.client.api.LdapConnectionConfig;
import org.apache.directory.ldap.client.api.NoVerificationTrustManager;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TestName;

/* loaded from: input_file:net/bluemind/system/ldap/importation/hooks/ImportLdapAuthenticationServiceTests.class */
public class ImportLdapAuthenticationServiceTests {
    private ItemValue<Domain> domain;

    @Rule
    public TestName testName = new TestName();

    /* loaded from: input_file:net/bluemind/system/ldap/importation/hooks/ImportLdapAuthenticationServiceTests$AuthContextTest.class */
    private class AuthContextTest implements IAuthProvider.IAuthContext {
        private ItemValue<Domain> domain;
        private String realUserLogin;
        private String password;
        private ItemValue<User> userItem;

        public AuthContextTest(ItemValue<Domain> itemValue) {
            this.domain = itemValue;
        }

        public AuthContextTest(ItemValue<Domain> itemValue, String str, String str2) {
            this.domain = itemValue;
            this.realUserLogin = str;
            this.password = str2;
        }

        public AuthContextTest(ItemValue<Domain> itemValue, ItemValue<User> itemValue2, String str) {
            this.domain = itemValue;
            this.userItem = itemValue2;
            this.password = str;
        }

        public SecurityContext getSecurityContext() {
            return null;
        }

        public ItemValue<Domain> getDomain() {
            return this.domain;
        }

        public ItemValue<User> getUser() {
            return this.userItem;
        }

        public String getRealUserLogin() {
            return this.realUserLogin;
        }

        public String getUserPassword() {
            return this.password;
        }
    }

    @BeforeClass
    public static void beforeClass() {
        LdapDockerTestHelper.initLdapServer();
    }

    @Before
    public void before() throws Exception {
        JdbcTestHelper.getInstance().beforeTest();
        JdbcTestHelper.getInstance().getDbSchemaService().initialize();
        PopulateHelper.initGlobalVirt(new Server[0]);
        String str = "test" + System.currentTimeMillis() + ".lan";
        this.domain = PopulateHelper.createTestDomain(str, Domain.create(str, String.valueOf(str) + " label", String.valueOf(str) + " description", Collections.emptySet()), new Server[0]);
        PopulateHelper.domainAdmin(str, BmTestContext.contextWithSession("testUser", "test", str, new String[]{"admin"}).getSecurityContext().getSubject());
        final SettableFuture create = SettableFuture.create();
        VertxPlatform.spawnVerticles(new Handler<AsyncResult<Void>>() { // from class: net.bluemind.system.ldap.importation.hooks.ImportLdapAuthenticationServiceTests.1
            public void handle(AsyncResult<Void> asyncResult) {
                create.set((Object) null);
            }
        });
        create.get();
        LdapDockerTestHelper.initLdapTree(getClass(), this.testName);
    }

    private void setDomainLdapProperties(ItemValue<Domain> itemValue, boolean z) {
        ((Domain) itemValue.value).properties.put(LdapProperties.import_ldap_enabled.name(), Boolean.TRUE.toString());
        ((Domain) itemValue.value).properties.put(LdapProperties.import_ldap_hostname.name(), new BmConfIni().get(DockerContainer.LDAP.getName()));
        ((Domain) itemValue.value).properties.put(LdapProperties.import_ldap_base_dn.name(), "dc=local");
        ((Domain) itemValue.value).properties.put(LdapProperties.import_ldap_login_dn.name(), "uid=admin,dc=local");
        ((Domain) itemValue.value).properties.put(LdapProperties.import_ldap_password.name(), "admin");
        ((Domain) itemValue.value).properties.put(LdapProperties.import_ldap_ext_id_attribute.name(), "entryuuid");
        ((Domain) itemValue.value).properties.put(LdapProperties.import_ldap_lastupdate.name(), "lastupdate");
    }

    @Test
    public void check_importLdapDisabled() {
        AuthContextTest authContextTest = new AuthContextTest(this.domain);
        ((Domain) this.domain.value).properties.remove(LdapProperties.import_ldap_enabled.name());
        Assert.assertEquals(IAuthProvider.AuthResult.UNKNOWN, new ImportLdapAuthenticationService().check(authContextTest));
        setDomainLdapProperties(this.domain, false);
        Assert.assertEquals(IAuthProvider.AuthResult.UNKNOWN, new ImportLdapAuthenticationService().check(authContextTest));
    }

    @Test
    public void check_nullAuthContextItemValueUser_nullRealUserLogin() {
        setDomainLdapProperties(this.domain, true);
        Assert.assertEquals(IAuthProvider.AuthResult.UNKNOWN, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain)));
    }

    @Test
    public void check_nullAuthContextItemValueUser_realUserLoginNotExists() {
        setDomainLdapProperties(this.domain, true);
        Assert.assertEquals(IAuthProvider.AuthResult.UNKNOWN, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, "notexist", (String) null)));
    }

    @Test
    public void check_nullAuthContextItemValueUser_realUserLoginExists() {
        setDomainLdapProperties(this.domain, true);
        Assert.assertEquals(IAuthProvider.AuthResult.NO, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, "user00", "invalidPassword")));
        Assert.assertEquals(IAuthProvider.AuthResult.YES, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, "user00", "test")));
    }

    @Test
    public void check_notLdapExternalId() {
        setDomainLdapProperties(this.domain, true);
        ItemValue create = ItemValue.create(Item.create("uid", "invalidLdapExternalId"), new User());
        ((User) create.value).login = "userlogin";
        Assert.assertEquals(IAuthProvider.AuthResult.UNKNOWN, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, (ItemValue<User>) create, (String) null)));
    }

    @Test
    public void check_invalidExternalId() {
        setDomainLdapProperties(this.domain, true);
        ItemValue create = ItemValue.create(Item.create("uid", "ldap://invalidLdapExternalId"), new User());
        ((User) create.value).login = "userlogin";
        Assert.assertEquals(IAuthProvider.AuthResult.NO, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, (ItemValue<User>) create, (String) null)));
    }

    @Test
    public void check_ldapFail() {
        setDomainLdapProperties(this.domain, true);
        ((Domain) this.domain.value).properties.put(LdapProperties.import_ldap_hostname.name(), "127.0.0.1");
        ItemValue create = ItemValue.create(Item.create("uid", "ldap://00000000-0000-0000-0000-000000000000"), new User());
        ((User) create.value).login = "userlogin";
        Assert.assertEquals(IAuthProvider.AuthResult.NO, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, (ItemValue<User>) create, (String) null)));
    }

    @Test
    public void check_guidNotFound() {
        setDomainLdapProperties(this.domain, true);
        ItemValue create = ItemValue.create(Item.create("uid", "ldap://00000000-0000-0000-0000-000000000000"), new User());
        ((User) create.value).login = "userlogin";
        Assert.assertEquals(IAuthProvider.AuthResult.NO, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, (ItemValue<User>) create, (String) null)));
    }

    @Test
    public void check() throws IOException, LdapException {
        setDomainLdapProperties(this.domain, true);
        ItemValue create = ItemValue.create(Item.create("uid", getTestUserEntryUuid(this.domain)), new User());
        ((User) create.value).login = "test00";
        Assert.assertEquals(IAuthProvider.AuthResult.YES, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, (ItemValue<User>) create, "test")));
        Assert.assertEquals(IAuthProvider.AuthResult.NO, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, (ItemValue<User>) create, "invalidpassword")));
        Assert.assertEquals(IAuthProvider.AuthResult.NO, new ImportLdapAuthenticationService().check(new AuthContextTest(this.domain, (ItemValue<User>) create, "")));
    }

    private String getTestUserEntryUuid(ItemValue<Domain> itemValue) throws IOException, LdapException {
        BindRequestImpl bindRequestImpl = new BindRequestImpl();
        bindRequestImpl.setSimple(true);
        bindRequestImpl.setName((String) ((Domain) itemValue.value).properties.get(LdapProperties.import_ldap_login_dn.name()));
        bindRequestImpl.setCredentials((String) ((Domain) itemValue.value).properties.get(LdapProperties.import_ldap_password.name()));
        LdapConnectionConfig ldapConnectionConfig = new LdapConnectionConfig();
        ldapConnectionConfig.setLdapHost((String) ((Domain) itemValue.value).properties.get(LdapProperties.import_ldap_hostname.name()));
        ldapConnectionConfig.setLdapPort(389);
        ldapConnectionConfig.setTrustManagers(new TrustManager[]{new NoVerificationTrustManager()});
        ldapConnectionConfig.setUseTls(true);
        ldapConnectionConfig.setUseSsl(false);
        Throwable th = null;
        try {
            LdapConProxy ldapConProxy = new LdapConProxy(ldapConnectionConfig);
            try {
                ldapConProxy.bind(bindRequestImpl);
                Entry lookup = ldapConProxy.lookup("uid=user00,dc=local", new String[]{"entryuuid"});
                if (ldapConProxy != null) {
                    ldapConProxy.close();
                }
                return "ldap://" + lookup.get("entryuuid").getString();
            } catch (Throwable th2) {
                if (ldapConProxy != null) {
                    ldapConProxy.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }
}
