package org.apache.ambari.server.security.authorization;

import java.util.Collections;
import org.apache.ambari.server.configuration.Configuration;
import org.apache.ambari.server.ldap.service.AmbariLdapConfigurationProvider;
import org.apache.ambari.server.orm.entities.UserAuthenticationEntity;
import org.apache.ambari.server.orm.entities.UserEntity;
import org.apache.ambari.server.security.ClientSecurityType;
import org.apache.ambari.server.security.authentication.AmbariUserAuthentication;
import org.apache.ambari.server.security.authentication.InvalidUsernamePasswordCombinationException;
import org.easymock.EasyMock;
import org.easymock.EasyMockSupport;
import org.junit.Assert;
import org.junit.Test;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.ldap.authentication.LdapAuthenticationProvider;
import org.springframework.security.ldap.userdetails.LdapUserDetails;

/* loaded from: input_file:org/apache/ambari/server/security/authorization/AmbariLdapAuthenticationProviderTest.class */
public class AmbariLdapAuthenticationProviderTest extends EasyMockSupport {
    private static final String ALLOWED_USER_NAME = "allowedUser";
    private static final String ALLOWED_USER_DN = "uid=alloweduser,ou=people,dc=ambari,dc=apache,dc=org";

    @Test(expected = InvalidUsernamePasswordCombinationException.class)
    public void testBadCredential() throws Exception {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(ALLOWED_USER_NAME, "password");
        Configuration createMockConfiguration = createMockConfiguration(ClientSecurityType.LDAP);
        Users users = (Users) createMock(Users.class);
        AmbariLdapConfigurationProvider ambariLdapConfigurationProvider = (AmbariLdapConfigurationProvider) createMock(AmbariLdapConfigurationProvider.class);
        AmbariLdapAuthoritiesPopulator ambariLdapAuthoritiesPopulator = (AmbariLdapAuthoritiesPopulator) createMock(AmbariLdapAuthoritiesPopulator.class);
        LdapAuthenticationProvider ldapAuthenticationProvider = (LdapAuthenticationProvider) createMock(LdapAuthenticationProvider.class);
        EasyMock.expect(ldapAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken)).andThrow(new BadCredentialsException("")).once();
        AmbariLdapAuthenticationProvider ambariLdapAuthenticationProvider = (AmbariLdapAuthenticationProvider) createMockBuilder(AmbariLdapAuthenticationProvider.class).withConstructor(new Object[]{users, createMockConfiguration, ambariLdapConfigurationProvider, ambariLdapAuthoritiesPopulator}).addMockedMethod("loadLdapAuthenticationProvider").createMock();
        EasyMock.expect(ambariLdapAuthenticationProvider.loadLdapAuthenticationProvider(ALLOWED_USER_NAME)).andReturn(ldapAuthenticationProvider).once();
        replayAll();
        ambariLdapAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken);
    }

    @Test
    public void testAuthenticate() throws Exception {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(ALLOWED_USER_NAME, "password");
        LdapUserDetails ldapUserDetails = (LdapUserDetails) createMock(LdapUserDetails.class);
        EasyMock.expect(ldapUserDetails.getDn()).andReturn(ALLOWED_USER_DN).atLeastOnce();
        Authentication authentication = (Authentication) createMock(Authentication.class);
        EasyMock.expect(authentication.getPrincipal()).andReturn(ldapUserDetails).atLeastOnce();
        Configuration createMockConfiguration = createMockConfiguration(ClientSecurityType.LDAP);
        UserEntity userEntity = (UserEntity) createMock(UserEntity.class);
        UserAuthenticationEntity userAuthenticationEntity = (UserAuthenticationEntity) createMock(UserAuthenticationEntity.class);
        EasyMock.expect(userAuthenticationEntity.getUser()).andReturn(userEntity).atLeastOnce();
        User user = (User) createMock(User.class);
        Users users = (Users) createMock(Users.class);
        EasyMock.expect(users.getUserAuthenticationEntities(UserAuthenticationType.LDAP, ALLOWED_USER_DN)).andReturn(Collections.singleton(userAuthenticationEntity)).atLeastOnce();
        users.validateLogin(userEntity, ALLOWED_USER_NAME);
        EasyMock.expectLastCall().atLeastOnce();
        EasyMock.expect(users.getUser(userEntity)).andReturn(user).atLeastOnce();
        EasyMock.expect(users.getUserAuthorities(userEntity)).andReturn(Collections.emptyList()).atLeastOnce();
        AmbariLdapConfigurationProvider ambariLdapConfigurationProvider = (AmbariLdapConfigurationProvider) createMock(AmbariLdapConfigurationProvider.class);
        AmbariLdapAuthoritiesPopulator ambariLdapAuthoritiesPopulator = (AmbariLdapAuthoritiesPopulator) createMock(AmbariLdapAuthoritiesPopulator.class);
        LdapAuthenticationProvider ldapAuthenticationProvider = (LdapAuthenticationProvider) createMock(LdapAuthenticationProvider.class);
        EasyMock.expect(ldapAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken)).andReturn(authentication).once();
        AmbariLdapAuthenticationProvider ambariLdapAuthenticationProvider = (AmbariLdapAuthenticationProvider) createMockBuilder(AmbariLdapAuthenticationProvider.class).withConstructor(new Object[]{users, createMockConfiguration, ambariLdapConfigurationProvider, ambariLdapAuthoritiesPopulator}).addMockedMethod("loadLdapAuthenticationProvider").createMock();
        EasyMock.expect(ambariLdapAuthenticationProvider.loadLdapAuthenticationProvider(ALLOWED_USER_NAME)).andReturn(ldapAuthenticationProvider).once();
        replayAll();
        Authentication authenticate = ambariLdapAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken);
        Assert.assertTrue(authenticate instanceof AmbariUserAuthentication);
        Assert.assertTrue(authenticate.isAuthenticated());
        verifyAll();
    }

    @Test
    public void testDisabled() throws Exception {
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(ALLOWED_USER_NAME, "password");
        Configuration createMockConfiguration = createMockConfiguration(ClientSecurityType.LOCAL);
        AmbariLdapAuthenticationProvider ambariLdapAuthenticationProvider = (AmbariLdapAuthenticationProvider) createMockBuilder(AmbariLdapAuthenticationProvider.class).withConstructor(new Object[]{(Users) createMock(Users.class), createMockConfiguration, (AmbariLdapConfigurationProvider) createMock(AmbariLdapConfigurationProvider.class), (AmbariLdapAuthoritiesPopulator) createMock(AmbariLdapAuthoritiesPopulator.class)}).addMockedMethod("loadLdapAuthenticationProvider").createMock();
        replayAll();
        Assert.assertNull(ambariLdapAuthenticationProvider.authenticate(usernamePasswordAuthenticationToken));
        verifyAll();
    }

    private Configuration createMockConfiguration(ClientSecurityType clientSecurityType) {
        Configuration configuration = (Configuration) createMock(Configuration.class);
        EasyMock.expect(configuration.getClientSecurityType()).andReturn(clientSecurityType).atLeastOnce();
        return configuration;
    }
}
