package com.ibm.ws.security.wim.adapter.ldap.fat;

import com.ibm.websphere.simplicity.config.ServerConfiguration;
import com.ibm.websphere.simplicity.config.wim.AttributesCache;
import com.ibm.websphere.simplicity.config.wim.LdapCache;
import com.ibm.websphere.simplicity.config.wim.LdapRegistry;
import com.ibm.websphere.simplicity.config.wim.SearchResultsCache;
import com.ibm.websphere.simplicity.log.Log;
import com.ibm.ws.apacheds.EmbeddedApacheDS;
import com.ibm.ws.security.wim.test.VmmServiceServletConnection;
import componenttest.custom.junit.runner.FATRunner;
import componenttest.custom.junit.runner.Mode;
import componenttest.topology.impl.LibertyServer;
import componenttest.topology.impl.LibertyServerFactory;
import componenttest.topology.utils.LDAPFatUtils;
import componenttest.topology.utils.LDAPUtils;
import componenttest.vulnerability.LeakedPasswordChecker;
import java.util.Map;
import org.apache.directory.api.ldap.model.entry.DefaultAttribute;
import org.apache.directory.api.ldap.model.entry.DefaultModification;
import org.apache.directory.api.ldap.model.entry.Entry;
import org.apache.directory.api.ldap.model.entry.ModificationOperation;
import org.apache.directory.api.ldap.model.name.Dn;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;

@RunWith(FATRunner.class)
@Mode(Mode.TestMode.FULL)
/* loaded from: input_file:com/ibm/ws/security/wim/adapter/ldap/fat/VMMAPIs_EmbeddedLdapTests.class */
public class VMMAPIs_EmbeddedLdapTests {
    private static VmmServiceServletConnection servlet;
    private final LeakedPasswordChecker passwordChecker = new LeakedPasswordChecker(server);
    private static final String LDAP_BASE_ENTRY = "o=ibm,c=us";
    private static LibertyServer server = LibertyServerFactory.getLibertyServer("vmm.apis.empty");
    private static final Class<?> c = VMMAPIs_EmbeddedLdapTests.class;
    private static EmbeddedApacheDS ldapServer = null;
    private static ServerConfiguration serverConfiguration = null;

    @BeforeClass
    public static void setUp() throws Exception {
        LDAPUtils.addLDAPVariables(server);
        Log.info(c, "setUp", "Starting the server... (will wait for vmmapi servlet to start)");
        server.copyFileToLibertyInstallRoot("lib/features", "internalfeatures/vmmapi-1.0.mf");
        server.addInstalledAppForValidation("vmmService");
        server.startServer(c.getName() + ".log");
        Assert.assertNotNull("Application vmmService does not appear to have started.", server.waitForStringInLog("CWWKZ0001I:.*vmmService"));
        Assert.assertNotNull("Security service did not report it was ready", server.waitForStringInLog("CWWKS0008I"));
        Assert.assertNotNull("Server did not came up", server.waitForStringInLog("CWWKF0011I"));
        Log.info(c, "setUp", "Creating servlet connection the server");
        servlet = new VmmServiceServletConnection(server.getHostname(), server.getHttpDefaultPort());
        serverConfiguration = server.getServerConfiguration();
    }

    @AfterClass
    public static void tearDown() throws Exception {
        Log.info(c, "tearDown", "Stopping the server...");
        try {
            server.stopServer(new String[0]);
            server.deleteFileFromLibertyInstallRoot("lib/features/internalfeatures/vmmapi-1.0.mf");
        } catch (Throwable th) {
            server.deleteFileFromLibertyInstallRoot("lib/features/internalfeatures/vmmapi-1.0.mf");
            throw th;
        }
    }

    @After
    public void tearDownLdapserver() throws Exception {
        Log.info(c, "tearDown", "Stopping the ldap server...");
        if (ldapServer != null) {
            ldapServer.stopService();
        }
    }

    @Test
    public void getUserRemoveAttribute() throws Exception {
        Log.info(c, "getUserRemoveAttribute", "Starting LDAP server setup");
        ldapServer = new EmbeddedApacheDS("getUserRemoveAttribute");
        ldapServer.addPartition("testing", LDAP_BASE_ENTRY);
        ldapServer.startServer();
        Entry newEntry = ldapServer.newEntry(LDAP_BASE_ENTRY);
        newEntry.add("objectclass", new String[]{"organization"});
        newEntry.add("o", new String[]{"ibm"});
        ldapServer.add(newEntry);
        String str = "uid=blueuser1," + LDAP_BASE_ENTRY;
        Entry newEntry2 = ldapServer.newEntry(str);
        newEntry2.add("objectclass", new String[]{"inetorgperson"});
        newEntry2.add("uid", new String[]{"blueuser1"});
        newEntry2.add("sn", new String[]{"blueuser1"});
        newEntry2.add("cn", new String[]{"blueuser1"});
        newEntry2.add("userPassword", new String[]{"password"});
        newEntry2.add("mail", new String[]{"bluemail5@ibm.com"});
        ldapServer.add(newEntry2);
        Log.info(c, "getUserRemoveAttribute", "Finished LDAP server setup");
        Log.info(c, "getUserRemoveAttribute", "Starting Liberty server update");
        ServerConfiguration clone = serverConfiguration.clone();
        LdapRegistry ldapRegistry = new LdapRegistry();
        ldapRegistry.setRealm("LdapCustom");
        ldapRegistry.setHost("localhost");
        ldapRegistry.setPort(String.valueOf(ldapServer.getLdapServer().getPort()));
        ldapRegistry.setBaseDN(LDAP_BASE_ENTRY);
        ldapRegistry.setBindDN(EmbeddedApacheDS.getBindDN());
        ldapRegistry.setBindPassword(EmbeddedApacheDS.getBindPassword());
        ldapRegistry.setLdapType("Custom");
        ldapRegistry.setLdapCache(new LdapCache(new AttributesCache(true, 4444, 2222, "6s"), new SearchResultsCache(true, 5555, 3333, "2s")));
        clone.getLdapRegistries().add(ldapRegistry);
        LDAPFatUtils.createFederatedRepository(clone, "LDAPRealmAttr", new String[]{LDAP_BASE_ENTRY});
        LDAPFatUtils.updateConfigDynamically(server, clone);
        Log.info(c, "getUserRemoveAttribute", "Finished Liberty server update");
        Log.info(c, "getUserRemoveAttribute", "Login");
        String login = servlet.login("blueuser1", "password");
        System.out.println("Result from login : " + login.toString());
        LDAPFatUtils.assertDNsEqual("Returned uniqueName should be same ", str, login);
        Log.info(c, "getUserRemoveAttribute", "Get User");
        Map user = servlet.getUser(str);
        System.out.println("Result from getUser : " + login.toString());
        Assert.assertEquals("The uid did not match", "blueuser1", user.get("uid"));
        Assert.assertEquals("The mail attribute did not match", "bluemail5@ibm.com", user.get("mail"));
        Thread.sleep(2100L);
        Log.info(c, "getUserRemoveAttribute", "Get User, refresh searchCache");
        servlet.login("blueuser1", "password");
        Map user2 = servlet.getUser(str);
        System.out.println("Result from getUser : " + login.toString());
        Assert.assertEquals("The uid did not match", "blueuser1", user2.get("uid"));
        Assert.assertEquals("The mail attribute did not match", "bluemail5@ibm.com", user2.get("mail"));
        Log.info(c, "getUserRemoveAttribute", "Remove mail addr from Ldap");
        ldapServer.modify(new Dn(new String[]{str}), new DefaultModification(ModificationOperation.REMOVE_ATTRIBUTE, new DefaultAttribute("mail")));
        Log.info(c, "getUserRemoveAttribute", "Get user again, mail attribute should still be in the attributesCache");
        Map user3 = servlet.getUser(str);
        System.out.println("Result from getUser : " + login.toString());
        Assert.assertEquals("The uid did not match", "blueuser1", user3.get("uid"));
        Assert.assertEquals("The mail attribute did not match", "bluemail5@ibm.com", user3.get("mail"));
        Thread.sleep(4100L);
        Log.info(c, "getUserRemoveAttribute", "Get user after sleep.");
        Map user4 = servlet.getUser(str);
        System.out.println("Result from getUser : " + login.toString());
        Assert.assertEquals("The uid did not match", "blueuser1", user4.get("uid"));
        Assert.assertEquals("Should not get a mail attribute back: ", "null", user4.get("mail"));
    }
}
