package org.apache.hadoop.hive.metastore.ldap;

import com.google.common.base.Joiner;
import com.google.common.base.Preconditions;
import java.util.EnumMap;
import java.util.Map;
import javax.security.sasl.AuthenticationException;
import org.apache.directory.server.ldap.LdapServer;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hive.metastore.MetaStoreLdapAuthenticationProviderImpl;
import org.apache.hadoop.hive.metastore.conf.MetastoreConf;
import org.junit.Assert;

/* loaded from: input_file:org/apache/hadoop/hive/metastore/ldap/LdapAuthenticationTestCase.class */
public final class LdapAuthenticationTestCase {
    private final MetaStoreLdapAuthenticationProviderImpl ldapProvider;

    /* loaded from: input_file:org/apache/hadoop/hive/metastore/ldap/LdapAuthenticationTestCase$Builder.class */
    public static final class Builder {
        private final Map<MetastoreConf.ConfVars, String> overrides = new EnumMap(MetastoreConf.ConfVars.class);
        private Configuration conf;

        public Builder baseDN(String str) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_BASEDN, str);
        }

        public Builder guidKey(String str) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_GUIDKEY, str);
        }

        public Builder userDNPatterns(String... strArr) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_USERDNPATTERN, Joiner.on(':').join(strArr));
        }

        public Builder userFilters(String... strArr) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_USERFILTER, Joiner.on(',').join(strArr));
        }

        public Builder groupDNPatterns(String... strArr) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_GROUPDNPATTERN, Joiner.on(':').join(strArr));
        }

        public Builder groupFilters(String... strArr) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_GROUPFILTER, Joiner.on(',').join(strArr));
        }

        public Builder groupClassKey(String str) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_GROUPCLASS_KEY, str);
        }

        public Builder ldapServer(LdapServer ldapServer) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_URL, "ldap://localhost:" + ldapServer.getPort());
        }

        public Builder customQuery(String str) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_CUSTOMLDAPQUERY, str);
        }

        public Builder groupMembershipKey(String str) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_GROUPMEMBERSHIP_KEY, str);
        }

        public Builder userMembershipKey(String str) {
            return setVarOnce(MetastoreConf.ConfVars.METASTORE_PLAIN_LDAP_USERMEMBERSHIP_KEY, str);
        }

        private Builder setVarOnce(MetastoreConf.ConfVars confVars, String str) {
            Preconditions.checkState(!this.overrides.containsKey(confVars), "Property %s has been set already", new Object[]{confVars});
            this.overrides.put(confVars, str);
            return this;
        }

        private void overrideMetaStoreConf() {
            this.conf.set("hive.root.logger", "DEBUG,console");
            for (Map.Entry<MetastoreConf.ConfVars, String> entry : this.overrides.entrySet()) {
                MetastoreConf.setVar(this.conf, entry.getKey(), entry.getValue());
            }
        }

        public LdapAuthenticationTestCase build() {
            Preconditions.checkState(this.conf == null, "Test Case Builder should not be reused. Please create a new instance.");
            this.conf = MetastoreConf.newMetastoreConf();
            overrideMetaStoreConf();
            return new LdapAuthenticationTestCase(this);
        }
    }

    public static Builder builder() {
        return new Builder();
    }

    private LdapAuthenticationTestCase(Builder builder) {
        this.ldapProvider = new MetaStoreLdapAuthenticationProviderImpl(builder.conf);
    }

    public void assertAuthenticatePasses(Credentials credentials) {
        try {
            this.ldapProvider.authenticate(credentials.getUser(), credentials.getPassword());
        } catch (AuthenticationException e) {
            throw new AssertionError(String.format("Authentication failed for user '%s' with password '%s'", credentials.getUser(), credentials.getPassword()), e);
        }
    }

    public void assertAuthenticateFails(Credentials credentials) {
        assertAuthenticateFails(credentials.getUser(), credentials.getPassword());
    }

    public void assertAuthenticateFailsUsingWrongPassword(Credentials credentials) {
        assertAuthenticateFails(credentials.getUser(), "not" + credentials.getPassword());
    }

    public void assertAuthenticateFails(String str, String str2) {
        try {
            this.ldapProvider.authenticate(str, str2);
            Assert.fail(String.format("Expected authentication to fail for %s", str));
        } catch (AuthenticationException e) {
            Assert.assertNotNull("Expected authentication exception", e);
        }
    }
}
