package org.apache.directory.server.operations.bind;

import java.lang.reflect.Field;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.nio.ByteBuffer;
import javax.naming.directory.Attribute;
import javax.naming.directory.InitialDirContext;
import org.apache.commons.lang.ArrayUtils;
import org.apache.commons.net.SocketClient;
import org.apache.directory.junit.tools.MultiThreadedMultiInvoker;
import org.apache.directory.ldap.client.api.CramMd5Request;
import org.apache.directory.ldap.client.api.DigestMd5Request;
import org.apache.directory.ldap.client.api.GssApiRequest;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.server.annotations.CreateKdcServer;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.annotations.SaslMechanism;
import org.apache.directory.server.core.annotations.ApplyLdifs;
import org.apache.directory.server.core.annotations.ContextEntry;
import org.apache.directory.server.core.annotations.CreateDS;
import org.apache.directory.server.core.annotations.CreateIndex;
import org.apache.directory.server.core.annotations.CreatePartition;
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
import org.apache.directory.server.core.integ.FrameworkRunner;
import org.apache.directory.server.core.kerberos.KeyDerivationInterceptor;
import org.apache.directory.server.ldap.handlers.bind.cramMD5.CramMd5MechanismHandler;
import org.apache.directory.server.ldap.handlers.bind.digestMD5.DigestMd5MechanismHandler;
import org.apache.directory.server.ldap.handlers.bind.gssapi.GssapiMechanismHandler;
import org.apache.directory.server.ldap.handlers.bind.ntlm.NtlmMechanismHandler;
import org.apache.directory.server.ldap.handlers.bind.plain.PlainMechanismHandler;
import org.apache.directory.server.ldap.handlers.extended.StoredProcedureExtendedOperationHandler;
import org.apache.directory.shared.ldap.codec.api.LdapDecoder;
import org.apache.directory.shared.ldap.codec.api.LdapEncoder;
import org.apache.directory.shared.ldap.codec.api.LdapMessageContainer;
import org.apache.directory.shared.ldap.model.constants.SaslQoP;
import org.apache.directory.shared.ldap.model.entry.DefaultEntry;
import org.apache.directory.shared.ldap.model.entry.Entry;
import org.apache.directory.shared.ldap.model.exception.LdapException;
import org.apache.directory.shared.ldap.model.message.BindRequestImpl;
import org.apache.directory.shared.ldap.model.message.BindResponse;
import org.apache.directory.shared.ldap.model.message.ModifyRequestImpl;
import org.apache.directory.shared.ldap.model.message.ResultCodeEnum;
import org.apache.directory.shared.ldap.model.name.Dn;
import org.junit.Assert;
import org.junit.Ignore;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP")}, saslHost = "localhost", saslPrincipal = "ldap/localhost@EXAMPLE.COM", saslMechanisms = {@SaslMechanism(name = "PLAIN", implClass = PlainMechanismHandler.class), @SaslMechanism(name = "CRAM-MD5", implClass = CramMd5MechanismHandler.class), @SaslMechanism(name = "DIGEST-MD5", implClass = DigestMd5MechanismHandler.class), @SaslMechanism(name = "GSSAPI", implClass = GssapiMechanismHandler.class), @SaslMechanism(name = "NTLM", implClass = NtlmMechanismHandler.class), @SaslMechanism(name = "GSS-SPNEGO", implClass = NtlmMechanismHandler.class)}, extendedOpHandlers = {StoredProcedureExtendedOperationHandler.class}, ntlmProvider = BogusNtlmProvider.class)
@CreateKdcServer(transports = {@CreateTransport(protocol = "UDP", port = 6088), @CreateTransport(protocol = "TCP", port = 6088)})
@RunWith(FrameworkRunner.class)
@ApplyLdifs({"dn: ou=users,dc=example,dc=com", "objectClass: organizationalUnit", "objectClass: top", "ou: users\n", "dn: uid=hnelson,ou=users,dc=example,dc=com", "objectClass: inetOrgPerson", "objectClass: organizationalPerson", "objectClass: person", "objectClass: krb5principal", "objectClass: krb5kdcentry", "objectClass: top", "uid: hnelson", "userPassword: secret", "krb5PrincipalName: hnelson@EXAMPLE.COM", "krb5KeyVersionNumber: 0", "cn: Horatio Nelson", "sn: Nelson", "dn: uid=krbtgt,ou=users,dc=example,dc=com", "objectClass: inetOrgPerson", "objectClass: organizationalPerson", "objectClass: person", "objectClass: krb5principal", "objectClass: krb5kdcentry", "objectClass: top", "uid: krbtgt", "userPassword: secret", "krb5PrincipalName: krbtgt/EXAMPLE.COM@EXAMPLE.COM", "krb5KeyVersionNumber: 0", "cn: KDC Service", "sn: Service", "dn: uid=ldap,ou=users,dc=example,dc=com", "objectClass: inetOrgPerson", "objectClass: organizationalPerson", "objectClass: person", "objectClass: krb5principal", "objectClass: krb5kdcentry", "objectClass: top", "uid: ldap", "userPassword: randall", "krb5PrincipalName: ldap/localhost@EXAMPLE.COM", "krb5KeyVersionNumber: 0", "cn: LDAP Service", "sn: Service"})
@CreateDS(allowAnonAccess = false, name = "SaslBindIT-class", partitions = {@CreatePartition(name = "example", suffix = "dc=example,dc=com", contextEntry = @ContextEntry(entryLdif = "dn: dc=example,dc=com\ndc: example\nobjectClass: top\nobjectClass: domain\n\n"), indexes = {@CreateIndex(attribute = "objectClass"), @CreateIndex(attribute = "dc"), @CreateIndex(attribute = "ou")})}, additionalInterceptors = {KeyDerivationInterceptor.class})
/* loaded from: input_file:org/apache/directory/server/operations/bind/SaslBindIT.class */
public class SaslBindIT extends AbstractLdapTestUnit {

    @Rule
    public MultiThreadedMultiInvoker i = new MultiThreadedMultiInvoker(false);

    /* loaded from: input_file:org/apache/directory/server/operations/bind/SaslBindIT$NtlmSaslBindClient.class */
    class NtlmSaslBindClient extends SocketClient {
        private final Logger LOG = LoggerFactory.getLogger(NtlmSaslBindClient.class);
        private final String mechanism;

        NtlmSaslBindClient(String str) throws Exception {
            this.mechanism = str;
            setDefaultPort(AbstractLdapTestUnit.getLdapServer().getPort());
            connect("localhost", AbstractLdapTestUnit.getLdapServer().getPort());
            setTcpNoDelay(false);
            this.LOG.debug("isConnected() = {}", Boolean.valueOf(isConnected()));
            this.LOG.debug("LocalPort     = {}", Integer.valueOf(getLocalPort()));
            this.LOG.debug("LocalAddress  = {}", getLocalAddress());
            this.LOG.debug("RemotePort    = {}", Integer.valueOf(getRemotePort()));
            this.LOG.debug("RemoteAddress = {}", getRemoteAddress());
        }

        BindResponse bindType1(byte[] bArr) throws Exception {
            if (!isConnected()) {
                throw new IllegalStateException("Client is not connected.");
            }
            BindRequestImpl bindRequestImpl = new BindRequestImpl();
            bindRequestImpl.setMessageId(1);
            bindRequestImpl.setName(new Dn(new String[]{"uid=admin,ou=system"}));
            bindRequestImpl.setSimple(false);
            bindRequestImpl.setCredentials(bArr);
            bindRequestImpl.setSaslMechanism(this.mechanism);
            bindRequestImpl.setVersion3(true);
            LdapDecoder ldapDecoder = new LdapDecoder();
            ByteBuffer encodeMessage = new LdapEncoder(AbstractLdapTestUnit.getLdapServer().getDirectoryService().getLdapCodecService()).encodeMessage(bindRequestImpl);
            encodeMessage.flip();
            this._output_.write(encodeMessage.array());
            this._output_.flush();
            while (this._input_.available() <= 0) {
                Thread.sleep(100L);
            }
            return ldapDecoder.decode(this._input_, new LdapMessageContainer(AbstractLdapTestUnit.ldapServer.getDirectoryService().getLdapCodecService()));
        }

        BindResponse bindType3(byte[] bArr) throws Exception {
            if (!isConnected()) {
                throw new IllegalStateException("Client is not connected.");
            }
            BindRequestImpl bindRequestImpl = new BindRequestImpl();
            bindRequestImpl.setMessageId(2);
            bindRequestImpl.setName(new Dn(new String[]{"uid=admin,ou=system"}));
            bindRequestImpl.setSimple(false);
            bindRequestImpl.setCredentials(bArr);
            bindRequestImpl.setSaslMechanism(this.mechanism);
            bindRequestImpl.setVersion3(true);
            LdapDecoder ldapDecoder = new LdapDecoder();
            ByteBuffer encodeMessage = new LdapEncoder(AbstractLdapTestUnit.getLdapServer().getDirectoryService().getLdapCodecService()).encodeMessage(bindRequestImpl);
            encodeMessage.flip();
            this._output_.write(encodeMessage.array());
            this._output_.flush();
            while (this._input_.available() <= 0) {
                Thread.sleep(100L);
            }
            return ldapDecoder.decode(this._input_, new LdapMessageContainer(AbstractLdapTestUnit.ldapServer.getDirectoryService().getLdapCodecService()));
        }
    }

    public SaslBindIT() throws Exception {
        String str;
        try {
            str = InetAddress.getByName("127.0.0.1").getHostName();
        } catch (UnknownHostException e) {
            System.err.println("Can't find loopback address '127.0.0.1', using hostname 'localhost'");
            str = "localhost";
        }
        String str2 = "ldap/" + str + "@EXAMPLE.COM";
        getLdapServer().setSaslPrincipal(str2);
        ModifyRequestImpl modifyRequestImpl = new ModifyRequestImpl();
        modifyRequestImpl.setName(new Dn(new String[]{"uid=ldap,ou=users,dc=example,dc=com"}));
        modifyRequestImpl.replace("userPassword", new String[]{"randall"});
        modifyRequestImpl.replace("krb5PrincipalName", new String[]{str2});
        getService().getAdminSession().modify(modifyRequestImpl);
    }

    @Test
    public void testSupportedSASLMechanisms() throws Exception {
        getLdapServer().getDirectoryService().setAllowAnonymousAccess(true);
        Attribute attribute = (Attribute) new InitialDirContext().getAttributes("ldap://localhost:" + getLdapServer().getPort(), new String[]{"supportedSASLMechanisms"}).getAll().next();
        Assert.assertEquals(6L, attribute.size());
        Assert.assertTrue(attribute.contains("GSSAPI"));
        Assert.assertTrue(attribute.contains("DIGEST-MD5"));
        Assert.assertTrue(attribute.contains("CRAM-MD5"));
        Assert.assertTrue(attribute.contains("NTLM"));
        Assert.assertTrue(attribute.contains("PLAIN"));
        Assert.assertTrue(attribute.contains("GSS-SPNEGO"));
    }

    @Test
    @Ignore
    public void testSaslBindPLAIN() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        BindRequestImpl bindRequestImpl = new BindRequestImpl();
        bindRequestImpl.setCredentials("secret");
        bindRequestImpl.setName(dn);
        bindRequestImpl.setSaslMechanism("PLAIN");
        Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection.bind(bindRequestImpl).getLdapResult().getResultCode());
        Assert.assertEquals("hnelson", ldapNetworkConnection.lookup(dn).get("uid").getString());
        ldapNetworkConnection.close();
    }

    @Test
    @Ignore("Activate and fix when DIRAPI-36 (Provide a SaslBindRequest extending BindRequest that can be used in LdapConnection.bind(...) method) is solved")
    public void testSaslBindNoMech() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        BindRequestImpl bindRequestImpl = new BindRequestImpl();
        bindRequestImpl.setCredentials("secret");
        bindRequestImpl.setName(dn);
        bindRequestImpl.setSaslMechanism("");
        bindRequestImpl.setSimple(false);
        try {
            ldapNetworkConnection.bind(bindRequestImpl);
            Assert.fail();
        } catch (LdapException e) {
        }
        ldapNetworkConnection.close();
    }

    @Test
    public void testSaslCramMd5Bind() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        CramMd5Request cramMd5Request = new CramMd5Request();
        cramMd5Request.setUsername(dn.getRdn().getUpValue().getString());
        cramMd5Request.setCredentials("secret");
        Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection.bind(cramMd5Request).getLdapResult().getResultCode());
        Assert.assertEquals("hnelson", ldapNetworkConnection.lookup(dn).get("uid").getString());
        ldapNetworkConnection.close();
    }

    @Test
    public void testSaslCramMd5BindBadPassword() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        CramMd5Request cramMd5Request = new CramMd5Request();
        cramMd5Request.setUsername(dn.getRdn().getUpValue().getString());
        cramMd5Request.setCredentials("badsecret");
        Assert.assertEquals(ResultCodeEnum.INVALID_CREDENTIALS, ldapNetworkConnection.bind(cramMd5Request).getLdapResult().getResultCode());
        ldapNetworkConnection.close();
    }

    @Test
    public void testSaslDigestMd5Bind() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        DigestMd5Request digestMd5Request = new DigestMd5Request();
        digestMd5Request.setUsername(dn.getRdn().getUpValue().getString());
        digestMd5Request.setCredentials("secret");
        digestMd5Request.setRealmName((String) ldapServer.getSaslRealms().get(0));
        Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection.bind(digestMd5Request).getLdapResult().getResultCode());
        Assert.assertEquals("hnelson", ldapNetworkConnection.lookup(dn).get("uid").getString());
        ldapNetworkConnection.close();
    }

    @Test
    public void testSaslDigestMd5BindSaslQoPAuth() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        DigestMd5Request digestMd5Request = new DigestMd5Request();
        digestMd5Request.setUsername(dn.getRdn().getUpValue().getString());
        digestMd5Request.setCredentials("secret");
        digestMd5Request.setRealmName((String) ldapServer.getSaslRealms().get(0));
        digestMd5Request.setQualityOfProtection(SaslQoP.AUTH);
        Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection.bind(digestMd5Request).getLdapResult().getResultCode());
        Assert.assertEquals("hnelson", ldapNetworkConnection.lookup(dn).get("uid").getString());
        ldapNetworkConnection.close();
    }

    @Test
    @Ignore
    public void testSaslDigestMd5BindSaslQoPAuthInt() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        DigestMd5Request digestMd5Request = new DigestMd5Request();
        digestMd5Request.setUsername(dn.getRdn().getUpValue().getString());
        digestMd5Request.setCredentials("secret");
        digestMd5Request.setRealmName((String) ldapServer.getSaslRealms().get(0));
        digestMd5Request.setQualityOfProtection(SaslQoP.AUTH_INT);
        Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection.bind(digestMd5Request).getLdapResult().getResultCode());
        Assert.assertEquals("hnelson", ldapNetworkConnection.lookup(dn).get("uid").getString());
        ldapNetworkConnection.close();
    }

    @Test
    @Ignore
    public void testSaslDigestMd5BindSaslQoPAuthConf() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        DigestMd5Request digestMd5Request = new DigestMd5Request();
        digestMd5Request.setUsername(dn.getRdn().getUpValue().getString());
        digestMd5Request.setCredentials("secret");
        digestMd5Request.setRealmName((String) ldapServer.getSaslRealms().get(0));
        digestMd5Request.setQualityOfProtection(SaslQoP.AUTH_CONF);
        Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection.bind(digestMd5Request).getLdapResult().getResultCode());
        Assert.assertEquals("hnelson", ldapNetworkConnection.lookup(dn).get("uid").getString());
        ldapNetworkConnection.close();
    }

    @Test
    public void testSaslDigestMd5BindBadRealm() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        DigestMd5Request digestMd5Request = new DigestMd5Request();
        digestMd5Request.setUsername(dn.getRdn().getUpValue().getString());
        digestMd5Request.setCredentials("secret");
        digestMd5Request.setRealmName("badrealm.com");
        Assert.assertEquals(ResultCodeEnum.INVALID_CREDENTIALS, ldapNetworkConnection.bind(digestMd5Request).getLdapResult().getResultCode());
        ldapNetworkConnection.close();
    }

    @Test
    public void testSaslDigestMd5BindBadPassword() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        DigestMd5Request digestMd5Request = new DigestMd5Request();
        digestMd5Request.setUsername(dn.getRdn().getUpValue().getString());
        digestMd5Request.setCredentials("badsecret");
        digestMd5Request.setRealmName((String) ldapServer.getSaslRealms().get(0));
        Assert.assertEquals(ResultCodeEnum.INVALID_CREDENTIALS, ldapNetworkConnection.bind(digestMd5Request).getLdapResult().getResultCode());
        ldapNetworkConnection.close();
    }

    @Test
    public void testSaslGssApiBind() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", getLdapServer().getPort());
        GssApiRequest gssApiRequest = new GssApiRequest();
        gssApiRequest.setUsername(dn.getRdn().getUpValue().getString());
        gssApiRequest.setCredentials("secret");
        gssApiRequest.setRealmName(((String) ldapServer.getSaslRealms().get(0)).toUpperCase());
        gssApiRequest.setKdcHost("localhost");
        gssApiRequest.setKdcPort(6088);
        Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection.bind(gssApiRequest).getLdapResult().getResultCode());
        Assert.assertEquals("hnelson", ldapNetworkConnection.lookup(dn).get("uid").getString());
        ldapNetworkConnection.close();
    }

    @Test
    public void testSaslGssApiBindBadRealm() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", ldapServer.getPort());
        GssApiRequest gssApiRequest = new GssApiRequest();
        gssApiRequest.setUsername(dn.getRdn().getUpValue().getString());
        gssApiRequest.setCredentials("secret");
        gssApiRequest.setRealmName("badrealm.com");
        gssApiRequest.setKdcHost("localhost");
        gssApiRequest.setKdcPort(6088);
        try {
            try {
                ldapNetworkConnection.bind(gssApiRequest);
                ldapNetworkConnection.close();
            } catch (Exception e) {
                Assert.assertTrue(e instanceof LdapException);
                ldapNetworkConnection.close();
            }
        } catch (Throwable th) {
            ldapNetworkConnection.close();
            throw th;
        }
    }

    @Test
    public void testSaslGssApiBindBadPassword() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", ldapServer.getPort());
        GssApiRequest gssApiRequest = new GssApiRequest();
        gssApiRequest.setUsername(dn.getRdn().getUpValue().getString());
        gssApiRequest.setCredentials("badsecret");
        gssApiRequest.setRealmName(((String) ldapServer.getSaslRealms().get(0)).toUpperCase());
        gssApiRequest.setKdcHost("localhost");
        gssApiRequest.setKdcPort(6088);
        try {
            try {
                ldapNetworkConnection.bind(gssApiRequest);
                ldapNetworkConnection.close();
            } catch (Exception e) {
                Assert.assertTrue(e instanceof LdapException);
                ldapNetworkConnection.close();
            }
        } catch (Throwable th) {
            ldapNetworkConnection.close();
            throw th;
        }
    }

    @Test
    public void testNtlmBind() throws Exception {
        BogusNtlmProvider ntlmProviderUsingReflection = getNtlmProviderUsingReflection();
        NtlmSaslBindClient ntlmSaslBindClient = new NtlmSaslBindClient("NTLM");
        BindResponse bindType1 = ntlmSaslBindClient.bindType1("type1_test".getBytes());
        Assert.assertEquals(1L, bindType1.getMessageId());
        Assert.assertEquals(ResultCodeEnum.SASL_BIND_IN_PROGRESS, bindType1.getLdapResult().getResultCode());
        Assert.assertTrue(ArrayUtils.isEquals("type1_test".getBytes(), ntlmProviderUsingReflection.getType1Response()));
        Assert.assertTrue(ArrayUtils.isEquals("challenge".getBytes(), bindType1.getServerSaslCreds()));
        BindResponse bindType3 = ntlmSaslBindClient.bindType3("type3_test".getBytes());
        Assert.assertEquals(2L, bindType3.getMessageId());
        Assert.assertEquals(ResultCodeEnum.SUCCESS, bindType3.getLdapResult().getResultCode());
        Assert.assertTrue(ArrayUtils.isEquals("type3_test".getBytes(), ntlmProviderUsingReflection.getType3Response()));
    }

    @Test
    public void testGssSpnegoBind() throws Exception {
        BogusNtlmProvider bogusNtlmProvider = new BogusNtlmProvider();
        ((NtlmMechanismHandler) getLdapServer().getSaslMechanismHandlers().get("GSS-SPNEGO")).setNtlmProvider(bogusNtlmProvider);
        NtlmSaslBindClient ntlmSaslBindClient = new NtlmSaslBindClient("GSS-SPNEGO");
        BindResponse bindType1 = ntlmSaslBindClient.bindType1("type1_test".getBytes());
        Assert.assertEquals(1L, bindType1.getMessageId());
        Assert.assertEquals(ResultCodeEnum.SASL_BIND_IN_PROGRESS, bindType1.getLdapResult().getResultCode());
        Assert.assertTrue(ArrayUtils.isEquals("type1_test".getBytes(), bogusNtlmProvider.getType1Response()));
        Assert.assertTrue(ArrayUtils.isEquals("challenge".getBytes(), bindType1.getServerSaslCreds()));
        BindResponse bindType3 = ntlmSaslBindClient.bindType3("type3_test".getBytes());
        Assert.assertEquals(2L, bindType3.getMessageId());
        Assert.assertEquals(ResultCodeEnum.SUCCESS, bindType3.getLdapResult().getResultCode());
        Assert.assertTrue(ArrayUtils.isEquals("type3_test".getBytes(), bogusNtlmProvider.getType3Response()));
    }

    @Test
    @Ignore("Activate when DIRAPI-30 is solved")
    public void testSequentialBinds() throws Exception {
        Dn dn = new Dn(new String[]{"uid=hnelson,ou=users,dc=example,dc=com"});
        for (int i = 0; i < 1000; i++) {
            System.out.println("try " + i);
            LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection("localhost", ldapServer.getPort());
            DigestMd5Request digestMd5Request = new DigestMd5Request();
            digestMd5Request.setUsername(dn.getRdn().getUpValue().getString());
            digestMd5Request.setCredentials("secret");
            digestMd5Request.setRealmName((String) ldapServer.getSaslRealms().get(0));
            Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection.bind(digestMd5Request).getLdapResult().getResultCode());
            Assert.assertEquals("hnelson", ldapNetworkConnection.lookup(dn).get("uid").getString());
            ldapNetworkConnection.close();
            LdapNetworkConnection ldapNetworkConnection2 = new LdapNetworkConnection("localhost", ldapServer.getPort());
            CramMd5Request cramMd5Request = new CramMd5Request();
            cramMd5Request.setUsername(dn.getRdn().getUpValue().getString());
            cramMd5Request.setCredentials("secret");
            Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection2.bind(cramMd5Request).getLdapResult().getResultCode());
            Assert.assertEquals("hnelson", ldapNetworkConnection2.lookup(dn).get("uid").getString());
            ldapNetworkConnection2.close();
            LdapNetworkConnection ldapNetworkConnection3 = new LdapNetworkConnection("localhost", ldapServer.getPort());
            GssApiRequest gssApiRequest = new GssApiRequest();
            gssApiRequest.setUsername(dn.getRdn().getUpValue().getString());
            gssApiRequest.setCredentials("secret");
            gssApiRequest.setRealmName((String) ldapServer.getSaslRealms().get(0));
            gssApiRequest.setKdcHost("localhost");
            gssApiRequest.setKdcPort(6088);
            Assert.assertEquals(ResultCodeEnum.SUCCESS, ldapNetworkConnection3.bind(gssApiRequest).getLdapResult().getResultCode());
            Assert.assertEquals("hnelson", ldapNetworkConnection3.lookup(dn).get("uid").getString());
            ldapNetworkConnection3.close();
        }
    }

    private BogusNtlmProvider getNtlmProviderUsingReflection() {
        BogusNtlmProvider bogusNtlmProvider = null;
        try {
            NtlmMechanismHandler ntlmMechanismHandler = (NtlmMechanismHandler) getLdapServer().getSaslMechanismHandlers().get("NTLM");
            Field declaredField = ntlmMechanismHandler.getClass().getDeclaredField("provider");
            declaredField.setAccessible(true);
            bogusNtlmProvider = (BogusNtlmProvider) declaredField.get(ntlmMechanismHandler);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return bogusNtlmProvider;
    }

    protected Entry getPrincipalAttributes(String str, String str2, String str3, String str4, String str5, String str6) throws LdapException {
        DefaultEntry defaultEntry = new DefaultEntry(str);
        defaultEntry.add("objectClass", new String[]{"person", "inetOrgPerson", "krb5principal", "krb5kdcentry"});
        defaultEntry.add("cn", new String[]{str3});
        defaultEntry.add("sn", new String[]{str2});
        defaultEntry.add("uid", new String[]{str4});
        defaultEntry.add("userPassword", new String[]{str5});
        defaultEntry.add("krb5PrincipalName", new String[]{str6});
        defaultEntry.add("krb5KeyVersionNumber", new String[]{"0"});
        return defaultEntry;
    }
}
