package com.ibm.ws.security.wim.adapter.ldap.fat;

import com.ibm.websphere.simplicity.config.ServerConfiguration;
import com.ibm.websphere.simplicity.config.wim.LdapEntityType;
import com.ibm.websphere.simplicity.config.wim.LdapRegistry;
import com.ibm.websphere.simplicity.log.Log;
import com.ibm.ws.apacheds.EmbeddedApacheDS;
import com.ibm.ws.security.registry.test.UserRegistryServletConnection;
import componenttest.custom.junit.runner.FATRunner;
import componenttest.custom.junit.runner.Mode;
import componenttest.topology.impl.LibertyServer;
import componenttest.topology.impl.LibertyServerFactory;
import componenttest.topology.utils.LDAPFatUtils;
import componenttest.topology.utils.LDAPUtils;
import java.util.List;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;

@RunWith(FATRunner.class)
@Mode(Mode.TestMode.FULL)
/* loaded from: input_file:com/ibm/ws/security/wim/adapter/ldap/fat/URAPIs_UserGroupSearchBases.class */
public class URAPIs_UserGroupSearchBases {
    private static UserRegistryServletConnection servlet;
    private static final String SUB_DN = "o=ibm,c=us";
    private static final String USER_BASE_DN = "ou=TestUsers,ou=Test,o=ibm,c=us";
    private static final String GROUP_BASE_DN = "ou=DevGroups,ou=Dev,o=ibm,c=us";
    private static final String USER = "user1";
    private static final String USER_DN = "uid=user1,ou=TestUsers,ou=Test,o=ibm,c=us";
    private static final String GROUP = "group1";
    private static final String GROUP_DN = "cn=group1,ou=DevGroups,ou=Dev,o=ibm,c=us";
    private static final String BAD_USER_BASE_DN = "ou=BadUsers,o=ibm,c=us";
    private static final String BAD_USER = "baduser1";
    private static final String BAD_USER_DN = "uid=baduser1,ou=BadUsers,o=ibm,c=us";
    private static LibertyServer libertyServer = LibertyServerFactory.getLibertyServer("com.ibm.ws.security.registry.ldap.fat.user.group.search.bases");
    private static final Class<?> c = URAPIs_UserGroupSearchBases.class;
    private static ServerConfiguration emptyConfiguration = null;
    private static EmbeddedApacheDS ldapServer = null;

    @BeforeClass
    public static void setupClass() throws Exception {
        setupLibertyServer();
        setupldapServer();
        updateLibertyServer();
    }

    @AfterClass
    public static void teardownClass() throws Exception {
        if (libertyServer != null) {
            try {
                libertyServer.stopServer(new String[0]);
            } catch (Exception e) {
                Log.error(c, "teardown", e, "Liberty server threw error while stopping. " + e.getMessage());
            }
        }
        if (ldapServer != null) {
            try {
                ldapServer.stopServer();
            } catch (Exception e2) {
                Log.error(c, "teardown", e2, "LDAP server threw error while stopping. " + e2.getMessage());
            }
        }
        libertyServer.deleteFileFromLibertyInstallRoot("lib/features/internalfeatures/securitylibertyinternals-1.0.mf");
    }

    private static void setupLibertyServer() throws Exception {
        LDAPUtils.addLDAPVariables(libertyServer);
        Log.info(c, "setUp", "Starting the server... (will wait for userRegistry servlet to start)");
        libertyServer.copyFileToLibertyInstallRoot("lib/features", "internalfeatures/securitylibertyinternals-1.0.mf");
        libertyServer.addInstalledAppForValidation("userRegistry");
        libertyServer.startServer(c.getName() + ".log");
        Assert.assertNotNull("Application userRegistry does not appear to have started.", libertyServer.waitForStringInLog("CWWKZ0001I:.*userRegistry"));
        Assert.assertNotNull("Security service did not report it was ready", libertyServer.waitForStringInLog("CWWKS0008I"));
        Assert.assertNotNull("Server did not came up", libertyServer.waitForStringInLog("CWWKF0011I"));
        Log.info(c, "setUp", "Creating servlet connection the server");
        servlet = new UserRegistryServletConnection(libertyServer.getHostname(), libertyServer.getHttpDefaultPort());
        if (servlet.getRealm() == null) {
            Thread.sleep(5000L);
            servlet.getRealm();
        }
        emptyConfiguration = libertyServer.getServerConfiguration();
    }

    private static void setupldapServer() throws Exception {
        ldapServer = new EmbeddedApacheDS("myLDAP");
        ldapServer.addPartition("users", USER_BASE_DN);
        ldapServer.addPartition("groups", GROUP_BASE_DN);
        ldapServer.addPartition("groups", BAD_USER_BASE_DN);
        ldapServer.startServer();
        Entry newEntry = ldapServer.newEntry(USER_BASE_DN);
        newEntry.add("objectclass", new String[]{"organizationalunit"});
        newEntry.add("ou", new String[]{"Test"});
        newEntry.add("ou", new String[]{"TestUsers"});
        ldapServer.add(newEntry);
        Entry newEntry2 = ldapServer.newEntry(BAD_USER_BASE_DN);
        newEntry2.add("objectclass", new String[]{"organizationalunit"});
        ldapServer.add(newEntry2);
        Entry newEntry3 = ldapServer.newEntry(GROUP_BASE_DN);
        newEntry3.add("objectclass", new String[]{"organizationalunit"});
        newEntry3.add("ou", new String[]{"Dev"});
        newEntry3.add("ou", new String[]{"DevGroups"});
        ldapServer.add(newEntry3);
        Entry newEntry4 = ldapServer.newEntry(USER_DN);
        newEntry4.add("objectclass", new String[]{"inetorgperson"});
        newEntry4.add("uid", new String[]{USER});
        newEntry4.add("sn", new String[]{USER});
        newEntry4.add("cn", new String[]{USER});
        newEntry4.add("userPassword", new String[]{"password"});
        ldapServer.add(newEntry4);
        Entry newEntry5 = ldapServer.newEntry(BAD_USER_DN);
        newEntry5.add("objectclass", new String[]{"inetorgperson"});
        newEntry5.add("uid", new String[]{BAD_USER});
        newEntry5.add("sn", new String[]{BAD_USER});
        newEntry5.add("cn", new String[]{BAD_USER});
        newEntry5.add("userPassword", new String[]{"password"});
        ldapServer.add(newEntry5);
        Entry newEntry6 = ldapServer.newEntry(GROUP_DN);
        newEntry6.add("objectclass", new String[]{"groupofnames"});
        newEntry6.add("cn", new String[]{GROUP});
        newEntry6.add("member", new String[]{USER_DN});
        newEntry6.add("member", new String[]{BAD_USER_DN});
        ldapServer.add(newEntry6);
    }

    private static void updateLibertyServer() throws Exception {
        ServerConfiguration clone = emptyConfiguration.clone();
        LdapRegistry ldapRegistry = new LdapRegistry();
        ldapRegistry.setId("ldap1");
        ldapRegistry.setRealm("LDAPRealm");
        ldapRegistry.setHost("localhost");
        ldapRegistry.setPort(String.valueOf(ldapServer.getLdapServer().getPort()));
        ldapRegistry.setBaseDN(SUB_DN);
        ldapRegistry.setBindDN(EmbeddedApacheDS.getBindDN());
        ldapRegistry.setBindPassword(EmbeddedApacheDS.getBindPassword());
        ldapRegistry.setLdapType("Custom");
        LdapEntityType ldapEntityType = new LdapEntityType("Group", (String) null, new String[]{"groupOfNames"}, new String[]{GROUP_BASE_DN});
        LdapEntityType ldapEntityType2 = new LdapEntityType("PersonAccount", (String) null, new String[]{"inetOrgPerson"}, new String[]{USER_BASE_DN});
        ldapRegistry.getLdapEntityTypes().add(ldapEntityType);
        ldapRegistry.getLdapEntityTypes().add(ldapEntityType2);
        LDAPFatUtils.createFederatedRepository(clone, "LDAPRealmFed", new String[]{SUB_DN});
        clone.getLdapRegistries().add(ldapRegistry);
        LDAPFatUtils.updateConfigDynamically(libertyServer, clone);
    }

    @Test
    public void testSearchBase() throws Exception {
        Assert.assertNotNull("Should find user on checkPassword using uid=user1,ou=TestUsers,ou=Test,o=ibm,c=us", servlet.checkPassword(USER_DN, "password"));
        Assert.assertTrue("Expected 'uid=user1,ou=TestUsers,ou=Test,o=ibm,c=us' to be valid user.", servlet.isValidUser(USER_DN));
        List groupsForUser = servlet.getGroupsForUser(USER_DN);
        Assert.assertFalse("Should have found groups", groupsForUser.isEmpty());
        Assert.assertTrue("Group should include group1 returned " + groupsForUser, groupsForUser.contains(GROUP_DN));
        String uniqueUserId = servlet.getUniqueUserId(USER);
        Assert.assertNotNull("Should find user user1", uniqueUserId);
        Assert.assertEquals("Wrong unique ID returned for user1", USER_DN, uniqueUserId);
        Assert.assertNull("baduser1 should not be able to login", servlet.checkPassword(BAD_USER_DN, "password"));
        Assert.assertFalse("baduser1 should not be a valid user", servlet.isValidUser(BAD_USER_DN));
        try {
            servlet.getUniqueUserId(BAD_USER);
            Assert.fail("Should not find user baduser1");
        } catch (Exception e) {
        }
    }
}
