package com.ibm.ws.security.javaeesec.fat;

import com.ibm.websphere.simplicity.log.Log;
import com.ibm.ws.security.javaeesec.fat_helper.Constants;
import com.ibm.ws.security.javaeesec.fat_helper.FATHelper;
import com.ibm.ws.security.javaeesec.fat_helper.JavaEESecTestBase;
import com.ibm.ws.security.javaeesec.fat_helper.WCApplicationHelper;
import componenttest.annotation.ExpectedFFDC;
import componenttest.annotation.MinimumJavaLevel;
import componenttest.custom.junit.runner.FATRunner;
import componenttest.custom.junit.runner.Mode;
import componenttest.topology.impl.LibertyServer;
import componenttest.topology.impl.LibertyServerFactory;
import componenttest.vulnerability.LeakedPasswordChecker;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.params.BasicHttpParams;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.TestName;
import org.junit.runner.RunWith;
import web.war.database.deferred.DatabaseSettingsBean;

@MinimumJavaLevel(javaLevel = 7)
@RunWith(FATRunner.class)
@Mode(Mode.TestMode.LITE)
/* loaded from: input_file:com/ibm/ws/security/javaeesec/fat/DatabaseIdentityStoreDeferredSettingsTest.class */
public class DatabaseIdentityStoreDeferredSettingsTest extends JavaEESecTestBase {
    protected static String urlBase;
    private final LeakedPasswordChecker passwordChecker;
    protected DefaultHttpClient httpclient;

    @Rule
    public TestName name;
    protected static LibertyServer myServer = LibertyServerFactory.getLibertyServer("com.ibm.ws.security.javaeesec.dbidstore.deferred.fat");
    protected static Class<?> logClass = DatabaseIdentityStoreDeferredSettingsTest.class;
    protected static String JAR_NAME = "JavaEESecBase.jar";

    public DatabaseIdentityStoreDeferredSettingsTest() {
        super(myServer, logClass);
        this.passwordChecker = new LeakedPasswordChecker(this.server);
        this.name = new TestName();
    }

    @BeforeClass
    public static void setUp() throws Exception {
        WCApplicationHelper.addWarToServerApps(myServer, "DatabaseIdstoreDeferred.war", true, JAR_NAME, false, "web.jar.base", "web.war.database.deferred");
        WCApplicationHelper.addWarToServerApps(myServer, "dbfat.war", true, JAR_NAME, false, "web.jar.base", "web.war.db");
        myServer.startServer(true);
        Assert.assertNotNull("Application DBServlet does not appear to have started.", myServer.waitForStringInLog("CWWKZ0001I: Application DBServlet started"));
        urlBase = "http://" + myServer.getHostname() + ":" + myServer.getHttpDefaultPort() + "/DatabaseIdstoreDeferred/DatabaseIdstoreDeferred";
    }

    @AfterClass
    public static void tearDown() throws Exception {
        myServer.stopServer(new String[]{"CWWKS1916W", "CWWKS1919W", "CWWKS1918E", "CWWKS1924W"});
    }

    @Before
    public void setupConnection() {
        BasicHttpParams basicHttpParams = new BasicHttpParams();
        basicHttpParams.setParameter("http.protocol.handle-redirects", Boolean.FALSE);
        this.httpclient = new DefaultHttpClient(basicHttpParams);
    }

    @After
    public void cleanupConnection() {
        this.httpclient.getConnectionManager().shutdown();
    }

    public void resetConnection() {
        cleanupConnection();
        setupConnection();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.ibm.ws.security.javaeesec.fat_helper.JavaEESecTestBase
    public String getCurrentTestName() {
        return this.name.getMethodName();
    }

    private void verifyAuthorization(int i, int i2, int i3) throws Exception {
        String executeGetRequestBasicAuthCreds = executeGetRequestBasicAuthCreds(this.httpclient, urlBase, "blue1", Constants.DB_USER1_PWD, i);
        if (i == 200) {
            verifyUserResponse(executeGetRequestBasicAuthCreds, "getUserPrincipal().getName(): blue1", "getRemoteUser: blue1");
        }
        this.passwordChecker.checkForPasswordInAnyFormat(Constants.DB_USER1_PWD);
        resetConnection();
        String executeGetRequestBasicAuthCreds2 = executeGetRequestBasicAuthCreds(this.httpclient, urlBase, Constants.DB_USER2, Constants.DB_USER2_PWD, i2);
        if (i2 == 200) {
            verifyUserResponse(executeGetRequestBasicAuthCreds2, "getUserPrincipal().getName(): blue2", "getRemoteUser: blue2");
        }
        this.passwordChecker.checkForPasswordInAnyFormat(Constants.DB_USER2_PWD);
        resetConnection();
        String executeGetRequestBasicAuthCreds3 = executeGetRequestBasicAuthCreds(this.httpclient, urlBase, Constants.DB_USER3, Constants.DB_USER3_PWD, i3);
        if (i3 == 200) {
            verifyUserResponse(executeGetRequestBasicAuthCreds3, "getUserPrincipal().getName(): blue3", "getRemoteUser: blue3");
        }
        this.passwordChecker.checkForPasswordInAnyFormat(Constants.DB_USER3_PWD);
    }

    @Test
    public void baselineTest() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), new HashMap());
        verifyAuthorization(200, 200, 403);
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @ExpectedFFDC({"java.sql.SQLSyntaxErrorException", "com.ibm.ws.security.javaeesec.identitystore.IdentityStoreRuntimeException"})
    public void callerQuery() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("callerQuery", "select password from badtable where name = ?");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        verifyAuthorization(403, 403, 403);
        List findStringsInLogsAndTraceUsingMark = myServer.findStringsInLogsAndTraceUsingMark("CWWKS1918E");
        Assert.assertTrue("Did not find 'CWWKS1918E' in trace: " + findStringsInLogsAndTraceUsingMark, !findStringsInLogsAndTraceUsingMark.isEmpty());
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @ExpectedFFDC({"java.sql.SQLException", "com.ibm.ws.security.javaeesec.identitystore.IdentityStoreRuntimeException"})
    public void callerQuery_insertStatement() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("callerQuery", "insert into callers (password, name) values ('badWolf', 'badWolf' )");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        verifyAuthorization(403, 403, 403);
        List findStringsInLogsAndTraceUsingMark = myServer.findStringsInLogsAndTraceUsingMark("CWWKS1918E");
        Assert.assertTrue("Did not find 'CWWKS1918E' in trace: " + findStringsInLogsAndTraceUsingMark, !findStringsInLogsAndTraceUsingMark.isEmpty());
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @ExpectedFFDC({"java.sql.SQLException", "com.ibm.ws.security.javaeesec.identitystore.IdentityStoreRuntimeException"})
    public void callerQuery_insertStatementWithParam() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("callerQuery", "insert into callers (password) select callers.name from callers where callers.name = ?");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        verifyAuthorization(403, 403, 403);
        List findStringsInLogsAndTraceUsingMark = myServer.findStringsInLogsAndTraceUsingMark("CWWKS1918E");
        Assert.assertTrue("Did not find 'CWWKS1918E' in trace: " + findStringsInLogsAndTraceUsingMark, !findStringsInLogsAndTraceUsingMark.isEmpty());
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    public void callerQuery_likeCaller() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("callerQuery", "select * from callers where callers.name like ?");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        executeGetRequestBasicAuthCreds(this.httpclient, urlBase, "blue%", Constants.DB_USER1_PWD, 401);
        List findStringsInLogsAndTraceUsingMark = myServer.findStringsInLogsAndTraceUsingMark("CWWKS1924W");
        Assert.assertTrue("Did not find 'CWWKS1924W' in trace: " + findStringsInLogsAndTraceUsingMark, !findStringsInLogsAndTraceUsingMark.isEmpty());
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    public void callerQuery_sqlCaller() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("callerQuery", "select password from callers where name = ?");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        executeGetRequestBasicAuthCreds(this.httpclient, urlBase, "select * from callers", Constants.DB_USER1_PWD, 401);
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @ExpectedFFDC({"java.lang.IllegalArgumentException", "com.ibm.ws.security.javaeesec.identitystore.IdentityStoreRuntimeException"})
    public void callerQuery_NULL() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("callerQuery", "NULL");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.resetMarksInLogs(this.server);
        verifyAuthorization(403, 403, 403);
        this.server.findStringsInLogsAndTrace("CWWKS1916W: An error occurs when the program resolves the 'callerQuery' configuration for the identity store.");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @ExpectedFFDC({"javax.naming.NameNotFoundException", "com.ibm.ws.security.javaeesec.identitystore.IdentityStoreRuntimeException"})
    public void dataSourceLookup() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("dataSourceLookup", "java:comp/InvalidDataSource");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        Assert.assertEquals("Expected datasource to not be evaluated: Always evaluate Datasource: true", 1L, myServer.findStringsInLogsAndTrace("Always evaluate Datasource: true").size());
        verifyAuthorization(403, 403, 403);
        Assert.assertTrue("Should not save the datasource: DataSource for ", myServer.findStringsInLogsAndTrace("DataSource for ").isEmpty());
        List findStringsInLogs = myServer.findStringsInLogs("returns: java:comp/InvalidDataSource");
        Assert.assertFalse("Should have evaluated the datasource: returns: java:comp/InvalidDataSource", findStringsInLogs.isEmpty());
        int size = findStringsInLogs.size();
        verifyAuthorization(403, 403, 403);
        Assert.assertTrue("Should not save the datasource: DataSource for ", myServer.findStringsInLogsAndTrace("DataSource for ").isEmpty());
        Assert.assertTrue("Should have evaluated the datasource again: returns: java:comp/InvalidDataSource", myServer.findStringsInLogs("returns: java:comp/InvalidDataSource").size() > size);
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @ExpectedFFDC({"java.sql.SQLException", "com.ibm.ws.security.javaeesec.identitystore.IdentityStoreRuntimeException", "com.ibm.ws.rsadapter.exceptions.DataStoreAdapterException", "javax.resource.spi.ResourceAllocationException"})
    public void dataSourceLookup_NoDB() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("dataSourceLookup", "jdbc/NoDatabase");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        verifyAuthorization(403, 403, 403);
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    public void dataSourceLookup_NULL() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("dataSourceLookup", "NULL");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.resetMarksInLogs(this.server);
        verifyAuthorization(200, 200, 403);
        this.server.findStringsInLogsAndTrace("CWWKS1916W: An error occurs when the program resolves the 'dataSourceLookup' configuration for the identity store.");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @ExpectedFFDC({"java.lang.IllegalArgumentException", "com.ibm.ws.security.javaeesec.identitystore.IdentityStoreRuntimeException"})
    public void dataSourceLookup_Empty() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("dataSourceLookup", "");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.resetMarksInLogs(this.server);
        verifyAuthorization(403, 403, 403);
        this.server.findStringsInLogsAndTrace("CWWKS1916W: An error occurs when the program resolves the 'dataSourceLookup' configuration for the identity store.");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Ignore("Test hangs on reloadApplications() in remote buids but not on local builds")
    public void hashAlgorithmParameters_Array() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("hashAlgorithmParameters", "[Pbkdf2PasswordHash.Algorithm=PBKDF2WithHmacSHA512, Pbkdf2PasswordHash.Iterations=4096, Pbkdf2PasswordHash.SaltSizeBytes=64, Pbkdf2PasswordHash.KeySizeBytes=64]");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.reloadApplications(this.server, (Set) Stream.of("DatabaseIdstoreDeferred").collect(Collectors.toCollection(HashSet::new)));
        verifyAuthorization(200, 200, 403);
        this.server.findStringsInTrace("Processed HashAlgorithmParameters: \\{Pbkdf2PasswordHash.Algorithm=PBKDF2WithHmacSHA512, Pbkdf2PasswordHash.Iterations=4096, Pbkdf2PasswordHash.SaltSizeBytes=64, Pbkdf2PasswordHash.KeySizeBytes=64\\}");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Ignore("Test hangs on reloadApplications() in remote buids but not on local builds")
    public void hashAlgorithmParameters_Stream() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("hashAlgorithmParameters", "{Pbkdf2PasswordHash.Algorithm=PBKDF2WithHmacSHA512, Pbkdf2PasswordHash.Iterations=4096, Pbkdf2PasswordHash.SaltSizeBytes=64, Pbkdf2PasswordHash.KeySizeBytes=128}");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.reloadApplications(this.server, (Set) Stream.of("DatabaseIdstoreDeferred").collect(Collectors.toCollection(HashSet::new)));
        verifyAuthorization(200, 200, 403);
        this.server.findStringsInTrace("Processed HashAlgorithmParameters: \\{Pbkdf2PasswordHash.Algorithm=PBKDF2WithHmacSHA512, Pbkdf2PasswordHash.Iterations=4096, Pbkdf2PasswordHash.SaltSizeBytes=64, Pbkdf2PasswordHash.KeySizeBytes=128\\}");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Ignore("Test hangs on reloadApplications() in remote buids but not on local builds")
    public void hashAlgorithmParameters_String() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("hashAlgorithmParameters", "Pbkdf2PasswordHash.Iterations=4096");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.reloadApplications(this.server, (Set) Stream.of("DatabaseIdstoreDeferred").collect(Collectors.toCollection(HashSet::new)));
        verifyAuthorization(200, 200, 403);
        this.server.findStringsInTrace("Processed HashAlgorithmParameters: \\{Pbkdf2PasswordHash.Iterations=4096\\}");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Ignore("Test hangs on reloadApplications() in remote buids but not on local builds")
    public void hashAlgorithmParameters_NULL() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("hashAlgorithmParameters", "NULL");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.reloadApplications(this.server, (Set) Stream.of("DatabaseIdstoreDeferred").collect(Collectors.toCollection(HashSet::new)));
        verifyAuthorization(200, 200, 403);
        this.server.findStringsInLogsAndTrace("CWWKS1916W: An error occurs when the program resolves the 'hashAlgorithmParameters[0]' configuration for the identity store.");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @ExpectedFFDC({"java.sql.SQLSyntaxErrorException", "com.ibm.ws.security.javaeesec.identitystore.IdentityStoreRuntimeException"})
    public void groupsQuery() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("groupsQuery", "select group_name from badtable where caller_name = ?");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        verifyAuthorization(403, 403, 403);
        List findStringsInLogsAndTraceUsingMark = myServer.findStringsInLogsAndTraceUsingMark("CWWKS1919W");
        Assert.assertTrue("Did not find 'CWWKS1919W' in trace: " + findStringsInLogsAndTraceUsingMark, !findStringsInLogsAndTraceUsingMark.isEmpty());
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Ignore("Test hangs on reloadApplications() in remote buids but not on local builds")
    public void priority() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("priority", "100");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.reloadApplications(this.server, (Set) Stream.of("DatabaseIdstoreDeferred").collect(Collectors.toCollection(HashSet::new)));
        verifyAuthorization(200, 200, 403);
        this.server.findStringsInTrace("IdentityStore from module BeanManager.*priority : 100");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    @Ignore("Test hangs on reloadApplications() in remote buids but not on local builds")
    public void priority_NULL() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("priority", "NULL");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.reloadApplications(this.server, (Set) Stream.of("DatabaseIdstoreDeferred").collect(Collectors.toCollection(HashSet::new)));
        verifyAuthorization(200, 200, 403);
        this.server.findStringsInLogsAndTrace("CWWKS1916W: An error occurs when the program resolves the 'priority/priorityExpression' configuration for the identity store.");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    public void useFor_1() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("useFor", "VALIDATE");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        verifyAuthorization(200, 403, 403);
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    public void useFor_2() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("useFor", "");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.resetMarksInLogs(this.server);
        verifyAuthorization(200, 200, 403);
        this.server.findStringsInLogsAndTrace("CWWKS1916W: An error occurs when the program resolves the 'useFor/useForExpression' configuration for the identity store.");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }

    @Test
    public void useFor_NULL() throws Exception {
        Log.info(logClass, getCurrentTestName(), "-----Entering " + getCurrentTestName());
        HashMap hashMap = new HashMap();
        hashMap.put("useFor", "NULL");
        DatabaseSettingsBean.updateDatabaseSettingsBean(this.server.getServerRoot(), hashMap);
        FATHelper.resetMarksInLogs(this.server);
        verifyAuthorization(200, 200, 403);
        this.server.findStringsInLogsAndTrace("CWWKS1916W: An error occurs when the program resolves the 'useFor/useForExpression' configuration for the identity store.");
        Log.info(logClass, getCurrentTestName(), "-----Exiting " + getCurrentTestName());
    }
}
