package org.apache.ambari.server.serveraction.kerberos;

import com.google.inject.AbstractModule;
import com.google.inject.Guice;
import com.google.inject.Injector;
import com.google.inject.Module;
import java.lang.reflect.Method;
import java.nio.charset.Charset;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javax.naming.AuthenticationException;
import javax.naming.CommunicationException;
import javax.naming.Name;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.Control;
import javax.naming.ldap.LdapContext;
import junit.framework.Assert;
import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.security.InternalSSLSocketFactoryNonTrusting;
import org.apache.ambari.server.security.InternalSSLSocketFactoryTrusting;
import org.apache.ambari.server.security.credential.PrincipalKeyCredential;
import org.apache.ambari.server.state.Clusters;
import org.apache.ambari.server.state.stack.OsFamily;
import org.easymock.Capture;
import org.easymock.CaptureType;
import org.easymock.EasyMock;
import org.easymock.IAnswer;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Test;

/* loaded from: input_file:org/apache/ambari/server/serveraction/kerberos/ADKerberosOperationHandlerTest.class */
public class ADKerberosOperationHandlerTest extends KerberosOperationHandlerTest {
    private static final String DEFAULT_ADMIN_PRINCIPAL = "cluser_admin@HDP01.LOCAL";
    private static final String DEFAULT_ADMIN_PASSWORD = "Hadoop12345";
    private static final String DEFAULT_LDAP_URL = "ldaps://10.0.100.4";
    private static final String DEFAULT_PRINCIPAL_CONTAINER_DN = "ou=HDP,DC=HDP01,DC=LOCAL";
    private static final String DEFAULT_REALM = "HDP01.LOCAL";
    private static final Map<String, String> KERBEROS_ENV_MAP;
    private static Method methodCreateInitialLdapContext;
    private Injector injector;
    private LdapContext ldapContext;

    @BeforeClass
    public static void beforeMITKerberosOperationHandlerTest() throws Exception {
        methodCreateInitialLdapContext = ADKerberosOperationHandler.class.getDeclaredMethod("createInitialLdapContext", Properties.class, Control[].class);
    }

    @Before
    public void setup() {
        this.injector = Guice.createInjector(new Module[]{new AbstractModule() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.1
            protected void configure() {
                bind(Clusters.class).toInstance(ADKerberosOperationHandlerTest.this.createNiceMock(Clusters.class));
                bind(Configuration.class).toInstance(ADKerberosOperationHandlerTest.this.createNiceMock(Configuration.class));
                bind(OsFamily.class).toInstance(ADKerberosOperationHandlerTest.this.createNiceMock(OsFamily.class));
            }
        }});
        this.ldapContext = (LdapContext) createMock(LdapContext.class);
    }

    @Test(expected = KerberosKDCConnectionException.class)
    public void testOpenExceptionLdapUrlNotProvided() throws Exception {
        ADKerberosOperationHandler aDKerberosOperationHandler = new ADKerberosOperationHandler();
        aDKerberosOperationHandler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, new HashMap<String, String>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.2
            {
                put("container_dn", ADKerberosOperationHandlerTest.DEFAULT_PRINCIPAL_CONTAINER_DN);
            }
        });
        aDKerberosOperationHandler.close();
    }

    @Test(expected = KerberosLDAPContainerException.class)
    public void testOpenExceptionPrincipalContainerDnNotProvided() throws Exception {
        ADKerberosOperationHandler aDKerberosOperationHandler = new ADKerberosOperationHandler();
        aDKerberosOperationHandler.open(new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD), DEFAULT_REALM, new HashMap<String, String>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.3
            {
                put("ldap_url", ADKerberosOperationHandlerTest.DEFAULT_LDAP_URL);
            }
        });
        aDKerberosOperationHandler.close();
    }

    @Test(expected = KerberosAdminAuthenticationException.class)
    public void testOpenExceptionAdminCredentialsNotProvided() throws Exception {
        ADKerberosOperationHandler aDKerberosOperationHandler = new ADKerberosOperationHandler();
        aDKerberosOperationHandler.open((PrincipalKeyCredential) null, DEFAULT_REALM, getKerberosEnv());
        aDKerberosOperationHandler.close();
    }

    @Test(expected = KerberosKDCConnectionException.class)
    public void testOpenExceptionNoLdaps() throws Exception {
        PrincipalKeyCredential principalKeyCredential = new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, "hello");
        ADKerberosOperationHandler aDKerberosOperationHandler = new ADKerberosOperationHandler();
        aDKerberosOperationHandler.open(principalKeyCredential, DEFAULT_REALM, new HashMap<String, String>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.4
            {
                put("ldap_url", "ldap://this_wont_work");
                put("container_dn", ADKerberosOperationHandlerTest.DEFAULT_PRINCIPAL_CONTAINER_DN);
            }
        });
        aDKerberosOperationHandler.close();
    }

    @Test(expected = KerberosAdminAuthenticationException.class)
    public void testTestAdministratorCredentialsIncorrectAdminPassword() throws Exception {
        Injector injector = getInjector();
        PrincipalKeyCredential principalKeyCredential = new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, "wrong");
        ADKerberosOperationHandler aDKerberosOperationHandler = (ADKerberosOperationHandler) createMockBuilder(ADKerberosOperationHandler.class).addMockedMethod(ADKerberosOperationHandler.class.getDeclaredMethod("createInitialLdapContext", Properties.class, Control[].class)).createNiceMock();
        injector.injectMembers(aDKerberosOperationHandler);
        EasyMock.expect(aDKerberosOperationHandler.createInitialLdapContext((Properties) EasyMock.anyObject(Properties.class), (Control[]) EasyMock.anyObject(Control[].class))).andAnswer(new IAnswer<LdapContext>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.5
            /* renamed from: answer, reason: merged with bridge method [inline-methods] */
            public LdapContext m239answer() throws Throwable {
                throw new AuthenticationException();
            }
        }).once();
        replayAll();
        aDKerberosOperationHandler.open(principalKeyCredential, DEFAULT_REALM, getKerberosEnv());
        aDKerberosOperationHandler.testAdministratorCredentials();
        aDKerberosOperationHandler.close();
    }

    @Test(expected = KerberosAdminAuthenticationException.class)
    public void testTestAdministratorCredentialsIncorrectAdminPrincipal() throws Exception {
        Injector injector = getInjector();
        PrincipalKeyCredential principalKeyCredential = new PrincipalKeyCredential("wrong", DEFAULT_ADMIN_PASSWORD);
        ADKerberosOperationHandler aDKerberosOperationHandler = (ADKerberosOperationHandler) createMockBuilder(ADKerberosOperationHandler.class).addMockedMethod(ADKerberosOperationHandler.class.getDeclaredMethod("createInitialLdapContext", Properties.class, Control[].class)).createNiceMock();
        injector.injectMembers(aDKerberosOperationHandler);
        EasyMock.expect(aDKerberosOperationHandler.createInitialLdapContext((Properties) EasyMock.anyObject(Properties.class), (Control[]) EasyMock.anyObject(Control[].class))).andAnswer(new IAnswer<LdapContext>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.6
            /* renamed from: answer, reason: merged with bridge method [inline-methods] */
            public LdapContext m240answer() throws Throwable {
                throw new AuthenticationException();
            }
        }).once();
        replayAll();
        aDKerberosOperationHandler.open(principalKeyCredential, DEFAULT_REALM, getKerberosEnv());
        aDKerberosOperationHandler.testAdministratorCredentials();
        aDKerberosOperationHandler.close();
    }

    @Test(expected = KerberosKDCConnectionException.class)
    public void testTestAdministratorCredentialsKDCConnectionException() throws Exception {
        PrincipalKeyCredential principalKeyCredential = new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD);
        ADKerberosOperationHandler createMockedHandler = createMockedHandler(methodCreateInitialLdapContext);
        EasyMock.expect(createMockedHandler.createInitialLdapContext((Properties) EasyMock.anyObject(Properties.class), (Control[]) EasyMock.anyObject(Control[].class))).andAnswer(new IAnswer<LdapContext>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.7
            /* renamed from: answer, reason: merged with bridge method [inline-methods] */
            public LdapContext m241answer() throws Throwable {
                throw new CommunicationException();
            }
        }).once();
        replayAll();
        createMockedHandler.open(principalKeyCredential, DEFAULT_REALM, getKerberosEnv());
        createMockedHandler.testAdministratorCredentials();
        createMockedHandler.close();
    }

    @Test
    public void testTestAdministratorCredentialsSuccess() throws Exception {
        PrincipalKeyCredential principalKeyCredential = new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD);
        ADKerberosOperationHandler createMockedHandler = createMockedHandler(methodCreateInitialLdapContext);
        EasyMock.expect(createMockedHandler.createInitialLdapContext((Properties) EasyMock.anyObject(Properties.class), (Control[]) EasyMock.anyObject(Control[].class))).andAnswer(new IAnswer<LdapContext>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.8
            /* renamed from: answer, reason: merged with bridge method [inline-methods] */
            public LdapContext m242answer() throws Throwable {
                LdapContext ldapContext = (LdapContext) ADKerberosOperationHandlerTest.this.createNiceMock(LdapContext.class);
                EasyMock.expect(ldapContext.search((String) EasyMock.anyObject(String.class), (String) EasyMock.anyObject(String.class), (SearchControls) EasyMock.anyObject(SearchControls.class))).andAnswer(new IAnswer<NamingEnumeration<SearchResult>>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.8.1
                    /* renamed from: answer, reason: merged with bridge method [inline-methods] */
                    public NamingEnumeration<SearchResult> m243answer() throws Throwable {
                        NamingEnumeration<SearchResult> namingEnumeration = (NamingEnumeration) ADKerberosOperationHandlerTest.this.createNiceMock(NamingEnumeration.class);
                        EasyMock.expect(Boolean.valueOf(namingEnumeration.hasMore())).andReturn(false).once();
                        EasyMock.replay(new Object[]{namingEnumeration});
                        return namingEnumeration;
                    }
                }).once();
                return ldapContext;
            }
        }).once();
        replayAll();
        createMockedHandler.open(principalKeyCredential, DEFAULT_REALM, getKerberosEnv());
        createMockedHandler.testAdministratorCredentials();
        createMockedHandler.close();
    }

    @Test
    public void testProcessCreateTemplateDefault() throws Exception {
        Injector injector = getInjector();
        PrincipalKeyCredential principalKeyCredential = new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD);
        Capture newCapture = EasyMock.newCapture(CaptureType.ALL);
        Capture newCapture2 = EasyMock.newCapture(CaptureType.ALL);
        ADKerberosOperationHandler aDKerberosOperationHandler = (ADKerberosOperationHandler) createMockBuilder(ADKerberosOperationHandler.class).addMockedMethod(ADKerberosOperationHandler.class.getDeclaredMethod("createInitialLdapContext", Properties.class, Control[].class)).addMockedMethod(ADKerberosOperationHandler.class.getDeclaredMethod("createSearchControls", new Class[0])).createNiceMock();
        injector.injectMembers(aDKerberosOperationHandler);
        NamingEnumeration namingEnumeration = (NamingEnumeration) createNiceMock(NamingEnumeration.class);
        EasyMock.expect(Boolean.valueOf(namingEnumeration.hasMore())).andReturn(false).once();
        LdapContext ldapContext = (LdapContext) createNiceMock(LdapContext.class);
        EasyMock.expect(ldapContext.search((String) EasyMock.anyObject(String.class), (String) EasyMock.anyObject(String.class), (SearchControls) EasyMock.anyObject(SearchControls.class))).andReturn(namingEnumeration).once();
        EasyMock.expect(ldapContext.createSubcontext((Name) EasyMock.capture(newCapture), (Attributes) EasyMock.capture(newCapture2))).andReturn(createNiceMock(DirContext.class)).anyTimes();
        EasyMock.expect(aDKerberosOperationHandler.createInitialLdapContext((Properties) EasyMock.anyObject(Properties.class), (Control[]) EasyMock.anyObject(Control[].class))).andReturn(ldapContext).once();
        EasyMock.expect(aDKerberosOperationHandler.createSearchControls()).andAnswer(new IAnswer<SearchControls>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.9
            /* renamed from: answer, reason: merged with bridge method [inline-methods] */
            public SearchControls m244answer() throws Throwable {
                SearchControls searchControls = (SearchControls) ADKerberosOperationHandlerTest.this.createNiceMock(SearchControls.class);
                EasyMock.replay(new Object[]{searchControls});
                return searchControls;
            }
        }).once();
        replayAll();
        aDKerberosOperationHandler.open(principalKeyCredential, DEFAULT_REALM, getKerberosEnv());
        aDKerberosOperationHandler.createPrincipal("nn/c6501.ambari.apache.org", "secret", true);
        aDKerberosOperationHandler.createPrincipal("hdfs@HDP01.LOCAL", "secret", false);
        aDKerberosOperationHandler.close();
        List values = newCapture2.getValues();
        Attributes attributes = (Attributes) values.get(0);
        String[] strArr = {"top", "person", "organizationalPerson", "user"};
        Assert.assertNotNull(attributes);
        Assert.assertEquals(7, attributes.size());
        Assert.assertNotNull(attributes.get("objectClass"));
        Assert.assertEquals(strArr.length, attributes.get("objectClass").size());
        for (int i = 0; i < strArr.length; i++) {
            Assert.assertEquals(strArr[i], attributes.get("objectClass").get(i));
        }
        Assert.assertNotNull(attributes.get("cn"));
        Assert.assertEquals("nn/c6501.ambari.apache.org", attributes.get("cn").get());
        Assert.assertNotNull(attributes.get("servicePrincipalName"));
        Assert.assertEquals("nn/c6501.ambari.apache.org", attributes.get("servicePrincipalName").get());
        Assert.assertNotNull(attributes.get("userPrincipalName"));
        Assert.assertEquals("nn/c6501.ambari.apache.org@HDP01.LOCAL", attributes.get("userPrincipalName").get());
        Assert.assertNotNull(attributes.get("unicodePwd"));
        Assert.assertEquals("\"secret\"", new String((byte[]) attributes.get("unicodePwd").get(), Charset.forName("UTF-16LE")));
        Assert.assertNotNull(attributes.get("accountExpires"));
        Assert.assertEquals("0", attributes.get("accountExpires").get());
        Assert.assertNotNull(attributes.get("userAccountControl"));
        Assert.assertEquals("66048", attributes.get("userAccountControl").get());
        Attributes attributes2 = (Attributes) values.get(1);
        Assert.assertNotNull(attributes2);
        Assert.assertEquals(6, attributes2.size());
        Assert.assertNotNull(attributes2.get("objectClass"));
        Assert.assertEquals(strArr.length, attributes2.get("objectClass").size());
        for (int i2 = 0; i2 < strArr.length; i2++) {
            Assert.assertEquals(strArr[i2], attributes2.get("objectClass").get(i2));
        }
        Assert.assertNotNull(attributes2.get("cn"));
        Assert.assertEquals("hdfs", attributes2.get("cn").get());
        Assert.assertNotNull(attributes2.get("userPrincipalName"));
        Assert.assertEquals("hdfs@HDP01.LOCAL", attributes2.get("userPrincipalName").get());
        Assert.assertNotNull(attributes2.get("unicodePwd"));
        Assert.assertEquals("\"secret\"", new String((byte[]) attributes2.get("unicodePwd").get(), Charset.forName("UTF-16LE")));
        Assert.assertNotNull(attributes2.get("accountExpires"));
        Assert.assertEquals("0", attributes2.get("accountExpires").get());
        Assert.assertNotNull(attributes2.get("userAccountControl"));
        Assert.assertEquals("66048", attributes2.get("userAccountControl").get());
    }

    @Test
    public void testProcessCreateTemplateCustom() throws Exception {
        Injector injector = getInjector();
        PrincipalKeyCredential principalKeyCredential = new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD);
        HashMap hashMap = new HashMap(getKerberosEnv());
        hashMap.put("ad_create_attributes_template", "#set( $user = \"${principal_primary}-${principal_digest}\" ){  \"objectClass\": [    \"top\",    \"person\",    \"organizationalPerson\",    \"user\"  ],  \"cn\": \"$user\",  \"sAMAccountName\": \"$user.substring(0,20)\",  #if( $is_service )  \"servicePrincipalName\": \"$principal_name\",  #end  \"userPrincipalName\": \"$normalized_principal\",  \"unicodePwd\": \"$password\",  \"accountExpires\": \"0\",  \"userAccountControl\": \"66048\"}");
        Capture newCapture = EasyMock.newCapture();
        Capture newCapture2 = EasyMock.newCapture();
        ADKerberosOperationHandler aDKerberosOperationHandler = (ADKerberosOperationHandler) createMockBuilder(ADKerberosOperationHandler.class).addMockedMethod(ADKerberosOperationHandler.class.getDeclaredMethod("createInitialLdapContext", Properties.class, Control[].class)).addMockedMethod(ADKerberosOperationHandler.class.getDeclaredMethod("createSearchControls", new Class[0])).createNiceMock();
        injector.injectMembers(aDKerberosOperationHandler);
        NamingEnumeration namingEnumeration = (NamingEnumeration) createNiceMock(NamingEnumeration.class);
        EasyMock.expect(Boolean.valueOf(namingEnumeration.hasMore())).andReturn(false).once();
        LdapContext ldapContext = (LdapContext) createNiceMock(LdapContext.class);
        EasyMock.expect(ldapContext.search((String) EasyMock.anyObject(String.class), (String) EasyMock.anyObject(String.class), (SearchControls) EasyMock.anyObject(SearchControls.class))).andReturn(namingEnumeration).once();
        EasyMock.expect(ldapContext.createSubcontext((Name) EasyMock.capture(newCapture), (Attributes) EasyMock.capture(newCapture2))).andReturn(createNiceMock(DirContext.class)).once();
        EasyMock.expect(aDKerberosOperationHandler.createInitialLdapContext((Properties) EasyMock.anyObject(Properties.class), (Control[]) EasyMock.anyObject(Control[].class))).andReturn(ldapContext).once();
        EasyMock.expect(aDKerberosOperationHandler.createSearchControls()).andAnswer(new IAnswer<SearchControls>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.10
            /* renamed from: answer, reason: merged with bridge method [inline-methods] */
            public SearchControls m237answer() throws Throwable {
                SearchControls searchControls = (SearchControls) ADKerberosOperationHandlerTest.this.createNiceMock(SearchControls.class);
                EasyMock.replay(new Object[]{searchControls});
                return searchControls;
            }
        }).once();
        replayAll();
        aDKerberosOperationHandler.open(principalKeyCredential, DEFAULT_REALM, hashMap);
        aDKerberosOperationHandler.createPrincipal("nn/c6501.ambari.apache.org", "secret", true);
        aDKerberosOperationHandler.close();
        Attributes attributes = (Attributes) newCapture2.getValue();
        String[] strArr = {"top", "person", "organizationalPerson", "user"};
        Assert.assertNotNull(attributes);
        Assert.assertEquals(8, attributes.size());
        Assert.assertNotNull(attributes.get("objectClass"));
        Assert.assertEquals(strArr.length, attributes.get("objectClass").size());
        for (int i = 0; i < strArr.length; i++) {
            Assert.assertEquals(strArr[i], attributes.get("objectClass").get(i));
        }
        Assert.assertNotNull(attributes.get("cn"));
        Assert.assertEquals("nn-995e1580db28198e7fda1417ab5d894c877937d2", attributes.get("cn").get());
        Assert.assertNotNull(attributes.get("servicePrincipalName"));
        Assert.assertEquals("nn/c6501.ambari.apache.org", attributes.get("servicePrincipalName").get());
        Assert.assertNotNull(attributes.get("userPrincipalName"));
        Assert.assertEquals("nn/c6501.ambari.apache.org@HDP01.LOCAL", attributes.get("userPrincipalName").get());
        Assert.assertNotNull(attributes.get("sAMAccountName"));
        Assert.assertTrue(attributes.get("sAMAccountName").get().toString().length() <= 20);
        Assert.assertEquals("nn-995e1580db28198e7", attributes.get("sAMAccountName").get());
        Assert.assertNotNull(attributes.get("unicodePwd"));
        Assert.assertEquals("\"secret\"", new String((byte[]) attributes.get("unicodePwd").get(), Charset.forName("UTF-16LE")));
        Assert.assertNotNull(attributes.get("accountExpires"));
        Assert.assertEquals("0", attributes.get("accountExpires").get());
        Assert.assertNotNull(attributes.get("userAccountControl"));
        Assert.assertEquals("66048", attributes.get("userAccountControl").get());
    }

    @Test
    public void testDigests() throws Exception {
        Injector injector = getInjector();
        PrincipalKeyCredential principalKeyCredential = new PrincipalKeyCredential(DEFAULT_ADMIN_PRINCIPAL, DEFAULT_ADMIN_PASSWORD);
        HashMap hashMap = new HashMap(getKerberosEnv());
        hashMap.put("ad_create_attributes_template", "{\"principal_digest\": \"$principal_digest\",\"principal_digest_256\": \"$principal_digest_256\",\"principal_digest_512\": \"$principal_digest_512\"}");
        Capture newCapture = EasyMock.newCapture();
        ADKerberosOperationHandler aDKerberosOperationHandler = (ADKerberosOperationHandler) createMockBuilder(ADKerberosOperationHandler.class).addMockedMethod(ADKerberosOperationHandler.class.getDeclaredMethod("createInitialLdapContext", Properties.class, Control[].class)).addMockedMethod(ADKerberosOperationHandler.class.getDeclaredMethod("createSearchControls", new Class[0])).createNiceMock();
        injector.injectMembers(aDKerberosOperationHandler);
        NamingEnumeration namingEnumeration = (NamingEnumeration) createNiceMock(NamingEnumeration.class);
        EasyMock.expect(Boolean.valueOf(namingEnumeration.hasMore())).andReturn(false).once();
        LdapContext ldapContext = (LdapContext) createNiceMock(LdapContext.class);
        EasyMock.expect(ldapContext.search((String) EasyMock.anyObject(String.class), (String) EasyMock.anyObject(String.class), (SearchControls) EasyMock.anyObject(SearchControls.class))).andReturn(namingEnumeration).once();
        EasyMock.expect(ldapContext.createSubcontext((Name) EasyMock.anyObject(Name.class), (Attributes) EasyMock.capture(newCapture))).andReturn(createNiceMock(DirContext.class)).once();
        EasyMock.expect(aDKerberosOperationHandler.createInitialLdapContext((Properties) EasyMock.anyObject(Properties.class), (Control[]) EasyMock.anyObject(Control[].class))).andReturn(ldapContext).once();
        EasyMock.expect(aDKerberosOperationHandler.createSearchControls()).andAnswer(new IAnswer<SearchControls>() { // from class: org.apache.ambari.server.serveraction.kerberos.ADKerberosOperationHandlerTest.11
            /* renamed from: answer, reason: merged with bridge method [inline-methods] */
            public SearchControls m238answer() throws Throwable {
                SearchControls searchControls = (SearchControls) ADKerberosOperationHandlerTest.this.createNiceMock(SearchControls.class);
                EasyMock.replay(new Object[]{searchControls});
                return searchControls;
            }
        }).once();
        replayAll();
        aDKerberosOperationHandler.open(principalKeyCredential, DEFAULT_REALM, hashMap);
        aDKerberosOperationHandler.createPrincipal("nn/c6501.ambari.apache.org", "secret", true);
        aDKerberosOperationHandler.close();
        Attributes attributes = (Attributes) newCapture.getValue();
        Assert.assertNotNull(attributes);
        Assert.assertEquals("995e1580db28198e7fda1417ab5d894c877937d2", attributes.get("principal_digest").get());
        Assert.assertEquals("b65bc066d11ac8b1beb31dc84035d9c204736f823decf8dfedda05a30e4ae410", attributes.get("principal_digest_256").get());
        Assert.assertEquals("f48de28bc0467d764f5b04dbf04d35ff329a80277614be35eda0d0deed7f1c074cc5b0e0dc361130fdb078e09eb0ca545b9c653388192508ef382af89bd3a80c", attributes.get("principal_digest_512").get());
    }

    @Test
    @Ignore
    public void testLive() throws Throwable {
        ADKerberosOperationHandler aDKerberosOperationHandler = new ADKerberosOperationHandler();
        String property = System.getProperty("principal");
        String property2 = System.getProperty("password");
        String property3 = System.getProperty("realm");
        String property4 = System.getProperty("ldap_url");
        String property5 = System.getProperty("container_dn");
        if (property == null) {
            property = DEFAULT_ADMIN_PRINCIPAL;
        }
        if (property2 == null) {
            property2 = DEFAULT_ADMIN_PASSWORD;
        }
        if (property3 == null) {
            property3 = DEFAULT_REALM;
        }
        if (property4 == null) {
            property4 = DEFAULT_LDAP_URL;
        }
        if (property5 == null) {
            property5 = DEFAULT_PRINCIPAL_CONTAINER_DN;
        }
        PrincipalKeyCredential principalKeyCredential = new PrincipalKeyCredential(property, property2);
        HashMap hashMap = new HashMap();
        hashMap.put("ldap_url", property4);
        hashMap.put("container_dn", property5);
        aDKerberosOperationHandler.open(principalKeyCredential, property3, hashMap);
        System.out.println("Test Admin Credentials: " + aDKerberosOperationHandler.testAdministratorCredentials());
        System.out.println("Principal exists: " + aDKerberosOperationHandler.principalExists("nn/c1508.ambari.apache.org", true));
        aDKerberosOperationHandler.close();
        aDKerberosOperationHandler.open(principalKeyCredential, property3, hashMap);
        if (aDKerberosOperationHandler.principalExists("nn/c6501.ambari.apache.org@HDP01.LOCAL", true)) {
            aDKerberosOperationHandler.setPrincipalPassword("nn/c6501.ambari.apache.org@HDP01.LOCAL", "some password", true);
        } else {
            aDKerberosOperationHandler.createPrincipal("nn/c6501.ambari.apache.org@HDP01.LOCAL", "some password", true);
        }
        if (aDKerberosOperationHandler.principalExists("hdfs@HDP01.LOCAL", false)) {
            aDKerberosOperationHandler.setPrincipalPassword("hdfs@HDP01.LOCAL", "some password", false);
        } else {
            aDKerberosOperationHandler.createPrincipal("hdfs@HDP01.LOCAL", "some password", true);
        }
        hashMap.put("ad_create_attributes_template", "#set( $user = \"${principal_primary}-${principal_digest}\" ){  \"objectClass\": [    \"top\",    \"person\",    \"organizationalPerson\",    \"user\"  ],  \"cn\": \"$user\",  \"sAMAccountName\": \"$user.substring(0,20)\",  #if( $is_service )  \"servicePrincipalName\": \"$principal_name\",  #end  \"userPrincipalName\": \"$normalized_principal\",  \"unicodePwd\": \"$password\",  \"accountExpires\": \"0\",  \"userAccountControl\": \"66048\"}");
        aDKerberosOperationHandler.close();
        aDKerberosOperationHandler.open(principalKeyCredential, property3, hashMap);
        aDKerberosOperationHandler.removePrincipal("abcdefg", false);
        aDKerberosOperationHandler.removePrincipal("abcdefg/c1509.ambari.apache.org@HDP01.LOCAL", true);
        aDKerberosOperationHandler.createPrincipal("abcdefg/c1509.ambari.apache.org@HDP01.LOCAL", "some password", true);
        aDKerberosOperationHandler.createPrincipal("abcdefg@HDP01.LOCAL", "some password", false);
        aDKerberosOperationHandler.setPrincipalPassword("abcdefg/c1509.ambari.apache.org@HDP01.LOCAL", "some password", true);
        aDKerberosOperationHandler.close();
    }

    @Test
    public void testCreateLdapContextSSLSocketFactoryTrusting() throws Exception {
        testCreateLdapContextSSLSocketFactory(true);
    }

    @Test
    public void testCreateLdapContextSSLSocketFactoryNonTrusting() throws Exception {
        testCreateLdapContextSSLSocketFactory(false);
    }

    private void testCreateLdapContextSSLSocketFactory(boolean z) throws Exception {
        Injector injector = getInjector();
        EasyMock.expect(Boolean.valueOf(((Configuration) injector.getInstance(Configuration.class)).validateKerberosOperationSSLCertTrust())).andReturn(Boolean.valueOf(!z)).once();
        LdapContext ldapContext = (LdapContext) createNiceMock(LdapContext.class);
        Capture newCapture = EasyMock.newCapture(CaptureType.FIRST);
        ADKerberosOperationHandler aDKerberosOperationHandler = (ADKerberosOperationHandler) createMockBuilder(ADKerberosOperationHandler.class).addMockedMethod(ADKerberosOperationHandler.class.getDeclaredMethod("createInitialLdapContext", Properties.class, Control[].class)).createNiceMock();
        injector.injectMembers(aDKerberosOperationHandler);
        EasyMock.expect(aDKerberosOperationHandler.createInitialLdapContext((Properties) EasyMock.capture(newCapture), (Control[]) EasyMock.anyObject(Control[].class))).andReturn(ldapContext).once();
        replayAll();
        aDKerberosOperationHandler.open(new PrincipalKeyCredential("principal", "key"), "EXAMPLE.COM", getKerberosEnv());
        Properties properties = (Properties) newCapture.getValue();
        Assert.assertNotNull(properties);
        String property = properties.getProperty("java.naming.ldap.factory.socket");
        if (z) {
            Assert.assertEquals(InternalSSLSocketFactoryTrusting.class.getName(), property);
        } else {
            Assert.assertEquals(InternalSSLSocketFactoryNonTrusting.class.getName(), property);
        }
    }

    private Injector getInjector() {
        return this.injector;
    }

    @Override // org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest
    protected KerberosOperationHandler createMockedHandler() throws KerberosOperationException {
        return createMockedHandler(methodCreateInitialLdapContext);
    }

    private ADKerberosOperationHandler createMockedHandler(Method... methodArr) {
        ADKerberosOperationHandler aDKerberosOperationHandler = (ADKerberosOperationHandler) createMockBuilder(ADKerberosOperationHandler.class).addMockedMethods(methodArr).createMock();
        this.injector.injectMembers(aDKerberosOperationHandler);
        return aDKerberosOperationHandler;
    }

    @Override // org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest
    protected void setupOpenSuccess(KerberosOperationHandler kerberosOperationHandler) throws Exception {
        EasyMock.expect(((ADKerberosOperationHandler) kerberosOperationHandler).createInitialLdapContext((Properties) EasyMock.anyObject(Properties.class), (Control[]) EasyMock.isNull())).andReturn(this.ldapContext).anyTimes();
    }

    @Override // org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest
    protected void setupOpenFailure(KerberosOperationHandler kerberosOperationHandler) throws Exception {
        EasyMock.expect(((ADKerberosOperationHandler) kerberosOperationHandler).createInitialLdapContext((Properties) EasyMock.anyObject(Properties.class), (Control[]) EasyMock.isNull())).andThrow(new AuthenticationException("Bogus error!")).anyTimes();
    }

    @Override // org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest
    protected void setupPrincipalAlreadyExists(KerberosOperationHandler kerberosOperationHandler, boolean z) throws Exception {
        setupPrincipalExists(kerberosOperationHandler, z);
    }

    @Override // org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest
    protected void setupPrincipalDoesNotExist(KerberosOperationHandler kerberosOperationHandler, boolean z) throws Exception {
        NamingEnumeration namingEnumeration = (NamingEnumeration) createMock(NamingEnumeration.class);
        namingEnumeration.close();
        EasyMock.expectLastCall().once();
        EasyMock.expect(Boolean.valueOf(namingEnumeration.hasMore())).andReturn(false).anyTimes();
        EasyMock.expect(this.ldapContext.search((Name) EasyMock.anyObject(Name.class), EasyMock.anyString(), (SearchControls) EasyMock.anyObject(SearchControls.class))).andReturn(namingEnumeration).anyTimes();
        this.ldapContext.close();
        EasyMock.expectLastCall().once();
    }

    @Override // org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest
    protected void setupPrincipalExists(KerberosOperationHandler kerberosOperationHandler, boolean z) throws Exception {
        SearchResult searchResult = (SearchResult) createMock(SearchResult.class);
        EasyMock.expect(searchResult.getNameInNamespace()).andReturn("user/service dn").anyTimes();
        NamingEnumeration namingEnumeration = (NamingEnumeration) createMock(NamingEnumeration.class);
        namingEnumeration.close();
        EasyMock.expectLastCall().anyTimes();
        EasyMock.expect(Boolean.valueOf(namingEnumeration.hasMore())).andReturn(true).once();
        EasyMock.expect(namingEnumeration.next()).andReturn(searchResult).once();
        EasyMock.expect(Boolean.valueOf(namingEnumeration.hasMore())).andReturn(false).anyTimes();
        EasyMock.expect(this.ldapContext.search((Name) EasyMock.anyObject(Name.class), EasyMock.anyString(), (SearchControls) EasyMock.anyObject(SearchControls.class))).andReturn(namingEnumeration).anyTimes();
        this.ldapContext.close();
        EasyMock.expectLastCall().once();
    }

    @Override // org.apache.ambari.server.serveraction.kerberos.KerberosOperationHandlerTest
    protected Map<String, String> getKerberosEnv() {
        return KERBEROS_ENV_MAP;
    }

    static {
        HashMap hashMap = new HashMap(DEFAULT_KERBEROS_ENV_MAP);
        hashMap.put("container_dn", DEFAULT_PRINCIPAL_CONTAINER_DN);
        hashMap.put("ldap_url", DEFAULT_LDAP_URL);
        KERBEROS_ENV_MAP = Collections.unmodifiableMap(hashMap);
    }
}
