package com.ibm.ws.security.wim.adapter.ldap.fat;

import com.ibm.websphere.simplicity.log.Log;
import com.ibm.ws.security.registry.test.UserRegistryServletConnection;
import componenttest.custom.junit.runner.FATRunner;
import componenttest.custom.junit.runner.Mode;
import componenttest.topology.impl.LibertyServer;
import componenttest.topology.impl.LibertyServerFactory;
import componenttest.topology.utils.LDAPUtils;
import componenttest.vulnerability.LeakedPasswordChecker;
import java.util.List;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;

@RunWith(FATRunner.class)
@Mode(Mode.TestMode.FULL)
/* loaded from: input_file:com/ibm/ws/security/wim/adapter/ldap/fat/URAPIs_ADWildCardTest.class */
public class URAPIs_ADWildCardTest {
    private static LibertyServer server = LibertyServerFactory.getLibertyServer("com.ibm.ws.security.registry.ldap.fat.ad.wild");
    private static final Class<?> c = URAPIs_ADWildCardTest.class;
    private static UserRegistryServletConnection servlet;
    private final LeakedPasswordChecker passwordChecker = new LeakedPasswordChecker(server);

    @BeforeClass
    public static void setUp() throws Exception {
        LDAPUtils.addLDAPVariables(server);
        Log.info(c, "setUp", "Starting the server... (will wait for userRegistry servlet to start)");
        server.copyFileToLibertyInstallRoot("lib/features", "internalfeatures/securitylibertyinternals-1.0.mf");
        server.addInstalledAppForValidation("userRegistry");
        server.startServer(c.getName() + ".log");
        Assert.assertNotNull("Application userRegistry does not appear to have started.", server.waitForStringInLog("CWWKZ0001I:.*userRegistry"));
        Assert.assertNotNull("Security service did not report it was ready", server.waitForStringInLog("CWWKS0008I"));
        Assert.assertNotNull("Server did not came up", server.waitForStringInLog("CWWKF0011I"));
        Log.info(c, "setUp", "Creating servlet connection the server");
        servlet = new UserRegistryServletConnection(server.getHostname(), server.getHttpDefaultPort());
        if (servlet.getRealm() == null) {
            Thread.sleep(5000L);
            servlet.getRealm();
        }
    }

    @AfterClass
    public static void tearDown() throws Exception {
        Log.info(c, "tearDown", "Stopping the server...");
        try {
            server.stopServer(new String[0]);
            server.deleteFileFromLibertyInstallRoot("lib/features/internalfeatures/securitylibertyinternals-1.0.mf");
        } catch (Throwable th) {
            server.deleteFileFromLibertyInstallRoot("lib/features/internalfeatures/securitylibertyinternals-1.0.mf");
            throw th;
        }
    }

    @Test
    public void getRealm() throws Exception {
        Log.info(c, "getRealm", "Checking expected realm");
        Assert.assertEquals("SampleLdapADRealm", servlet.getRealm());
    }

    @Test
    public void checkPassword() throws Exception {
        Log.info(c, "checkPassword", "Checking good credentials");
        Assert.assertEquals("Authentication should succeed.", "cn=vmmtestuser,cn=users,dc=secfvt2,dc=austin,dc=ibm,dc=com", servlet.checkPassword("vmmtestuser", "vmmtestuserpwd"));
        this.passwordChecker.checkForPasswordInAnyFormat("vmmtestuserpwd");
    }

    @Test
    public void getGroupsForUser() throws Exception {
        Assume.assumeTrue(!LDAPUtils.USE_LOCAL_LDAP_SERVER);
        Log.info(c, "getGroupsForUser", "Checking with a valid user.");
        List groupsForUser = servlet.getGroupsForUser("persona1");
        Assert.assertNotNull("Should receive groups.", groupsForUser);
        Assert.assertTrue("Should should contain CN=g1-10,cn=users,dc=secfvt2,dc=austin,dc=ibm,dc=com. List: " + groupsForUser, groupsForUser.contains("CN=g1-10,cn=users,dc=secfvt2,dc=austin,dc=ibm,dc=com"));
        Assert.assertEquals("Should return 2 groups: " + groupsForUser, 2L, groupsForUser.size());
        Assert.assertTrue("Should not have found, Group will excluded from group membership", server.findStringsInLogsAndTrace("Group will excluded from group membership").isEmpty());
        Assert.assertTrue("Should have found, \\(\\|\\(objectClass=group\\)\\(objectClass=\\*", server.findStringsInLogsAndTrace("\\(\\|\\(objectClass=group\\)\\(objectClass=\\*").isEmpty());
        Assert.assertFalse("Should not have found, \\(\\&\\(objectClass=group\\)\\(\\|\\(member=CN=persona1,cn=users", server.findStringsInLogsAndTrace("\\(\\&\\(objectClass=group\\)\\(\\|\\(member=CN=persona1,cn=users").isEmpty());
        Assert.assertFalse("Should have found, iGroupMemberIdMap\\: group:member\\;\\*\\:distinguishedName", server.findStringsInLogsAndTrace("iGroupMemberIdMap\\: group:member\\;\\*\\:distinguishedName").isEmpty());
    }
}
