package integration.rbacapi.configuration;

import io.confluent.rbacapi.entities.MdsScope;
import io.confluent.rbacapi.retrofit.v1.V1RbacRestApi;
import io.confluent.rbacapi.retrofit.v1.V1RbacRetrofitFactory;
import io.confluent.security.test.utils.RbacClusters;
import io.confluent.testing.ldap.client.ExampleComLdapCrud;
import io.confluent.testing.ldap.server.LdapServer;
import java.net.ConnectException;
import java.util.Collections;
import java.util.List;
import java.util.concurrent.TimeUnit;
import org.awaitility.Awaitility;
import org.junit.Assert;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;
import utils.KafkaConfigTool;
import utils.MdsTestUtil;
import utils.ScopeBuilder;

@Test(groups = {"classParallelTests"})
/* loaded from: input_file:integration/rbacapi/configuration/BootStrapTest.class */
public class BootStrapTest {
    private static final String MDS_USER = "mds";
    private static final String ALICE_USER = "alice";
    private static final String ADMINS_GROUP = "admins_group";
    private LdapServer ldapServer;
    private int actualLdapPort;

    @BeforeMethod
    public void setUp() {
        this.ldapServer = LdapServer.defaultServerNoUsers().start();
        this.actualLdapPort = this.ldapServer.actualPort();
        ExampleComLdapCrud exampleComLdapCrud = new ExampleComLdapCrud(this.actualLdapPort);
        exampleComLdapCrud.createUser("mds");
        exampleComLdapCrud.createUser(ALICE_USER);
        exampleComLdapCrud.addUserToGroup(ALICE_USER, ADMINS_GROUP);
    }

    @AfterMethod
    public void tearDown() {
        this.ldapServer.stop();
    }

    @Test
    public void backdoorBoostrapSetup() throws Throwable {
        RbacClusters rbacClusters = new RbacClusters(KafkaConfigTool.justLDAPv1(this.actualLdapPort, "mds"));
        int lookupActualMdsPort = MdsTestUtil.lookupActualMdsPort(rbacClusters);
        V1RbacRestApi build = V1RbacRetrofitFactory.build(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST, lookupActualMdsPort, ALICE_USER, ALICE_USER);
        Awaitility.given().ignoreException(ConnectException.class).await().atMost(30L, TimeUnit.SECONDS).until(() -> {
            return Boolean.valueOf(build.getRoleNames().execute().isSuccessful());
        });
        MdsScope build2 = ScopeBuilder.withKafka(rbacClusters.metadataClusterId()).build();
        try {
            rbacClusters.assignRole("User", ALICE_USER, "UserAdmin", build2.scope(), Collections.emptySet());
            Assert.assertTrue(((List) build.getRoleNamesForPrincipal("User:alice", build2).execute().body()).contains("UserAdmin"));
            rbacClusters.shutdown();
            MdsTestUtil.releasePort(lookupActualMdsPort);
        } catch (Throwable th) {
            rbacClusters.shutdown();
            MdsTestUtil.releasePort(lookupActualMdsPort);
            throw th;
        }
    }

    @Test
    public void realBootstrap() throws Throwable {
        RbacClusters rbacClusters = new RbacClusters(KafkaConfigTool.justLDAPv1(this.actualLdapPort, "mds"));
        int lookupActualMdsPort = MdsTestUtil.lookupActualMdsPort(rbacClusters);
        V1RbacRestApi build = V1RbacRetrofitFactory.build(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST, lookupActualMdsPort, "mds", "mds");
        V1RbacRestApi build2 = V1RbacRetrofitFactory.build(MdsTestUtil.DEFAULT_HTTP_ADVERTISED_HOST, lookupActualMdsPort, ALICE_USER, ALICE_USER);
        Awaitility.given().ignoreException(ConnectException.class).await().atMost(30L, TimeUnit.SECONDS).until(() -> {
            return Boolean.valueOf(build.getRoleNames().execute().isSuccessful());
        });
        MdsScope build3 = ScopeBuilder.withKafka(rbacClusters.metadataClusterId()).build();
        try {
            Assert.assertTrue(build.addClusterRoleForPrincipal("User:alice", "UserAdmin", build3).execute().isSuccessful());
            Assert.assertTrue(((List) build2.getRoleNamesForPrincipal("User:alice", build3).execute().body()).contains("UserAdmin"));
            rbacClusters.shutdown();
            MdsTestUtil.releasePort(lookupActualMdsPort);
        } catch (Throwable th) {
            rbacClusters.shutdown();
            MdsTestUtil.releasePort(lookupActualMdsPort);
            throw th;
        }
    }
}
