package org.apache.directory.server.operations.bind;

import java.net.UnknownHostException;
import java.util.Hashtable;
import javax.naming.AuthenticationException;
import javax.naming.NamingException;
import javax.naming.OperationNotSupportedException;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.InitialDirContext;
import netscape.ldap.LDAPAttribute;
import netscape.ldap.LDAPConnection;
import netscape.ldap.LDAPException;
import netscape.ldap.LDAPSearchResults;
import netscape.ldap.LDAPUrl;
import org.apache.directory.api.ldap.model.exception.LdapAuthenticationException;
import org.apache.directory.api.ldap.model.name.Dn;
import org.apache.directory.api.util.Network;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.annotations.ApplyLdifs;
import org.apache.directory.server.core.annotations.CreateDS;
import org.apache.directory.server.core.api.InterceptorEnum;
import org.apache.directory.server.core.authn.AnonymousAuthenticator;
import org.apache.directory.server.core.authn.AuthenticationInterceptor;
import org.apache.directory.server.core.authn.Authenticator;
import org.apache.directory.server.core.authn.SimpleAuthenticator;
import org.apache.directory.server.core.authn.StrongAuthenticator;
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
import org.apache.directory.server.core.integ.FrameworkRunner;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;

@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP")})
@RunWith(FrameworkRunner.class)
@ApplyLdifs({"dn: uid=hnelson,ou=users,ou=system", "objectClass: inetOrgPerson", "objectClass: organizationalPerson", "objectClass: person", "objectClass: top", "userPassword: secret", "uid: hnelson", "cn: Horatio Nelson", "sn: Nelson"})
@CreateDS(allowAnonAccess = true, name = "SimpleBindIT-class")
/* loaded from: input_file:org/apache/directory/server/operations/bind/SimpleBindIT.class */
public class SimpleBindIT extends AbstractLdapTestUnit {
    private static final String BASE = "ou=users,ou=system";

    protected Attributes getPersonAttributes(String str, String str2, String str3, String str4) {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        BasicAttribute basicAttribute = new BasicAttribute("objectClass");
        basicAttribute.add("top");
        basicAttribute.add("person");
        basicAttribute.add("inetOrgPerson");
        basicAttributes.put(basicAttribute);
        basicAttributes.put("cn", str2);
        basicAttributes.put("sn", str);
        basicAttributes.put("uid", str3);
        basicAttributes.put("userPassword", str4);
        return basicAttributes;
    }

    protected Attributes getOrgUnitAttributes(String str) {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        BasicAttribute basicAttribute = new BasicAttribute("objectClass");
        basicAttribute.add("top");
        basicAttribute.add("organizationalUnit");
        basicAttributes.put(basicAttribute);
        basicAttributes.put("ou", str);
        return basicAttributes;
    }

    @Test
    public void testSimpleBind() throws UnknownHostException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", Network.ldapLoopbackUrl(getLdapServer().getPort()));
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", "uid=hnelson,ou=users,ou=system");
        hashtable.put("java.naming.security.credentials", "secret");
        try {
            Attributes attributes = new InitialDirContext(hashtable).getAttributes("uid=hnelson,ou=users,ou=system", new String[]{"uid"});
            String str = null;
            if (attributes.get("uid") != null) {
                str = (String) attributes.get("uid").get();
            }
            Assert.assertEquals("hnelson", str);
        } catch (NamingException e) {
            Assert.fail("Should not have caught exception.");
        }
    }

    @Test
    public void testSimpleBindBadPassword() throws UnknownHostException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", Network.ldapLoopbackUrl(getLdapServer().getPort()));
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", "uid=hnelson,ou=users,ou=system");
        hashtable.put("java.naming.security.credentials", "badsecret");
        try {
            new InitialDirContext(hashtable);
        } catch (AuthenticationException e) {
            Assert.assertTrue(e.getMessage().contains("error code 49"));
        } catch (NamingException e2) {
            Assert.fail();
        }
    }

    @Test
    public void testSimpleBindBadPrincipalAPassword() throws UnknownHostException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", Network.ldapLoopbackUrl(getLdapServer().getPort()));
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", "hnelson");
        hashtable.put("java.naming.security.credentials", "secret");
        try {
            new InitialDirContext(hashtable);
        } catch (AuthenticationException e) {
            Assert.assertTrue(e.getMessage().startsWith("[LDAP: error code 49 - INVALID_CREDENTIALS: Bind failed: Invalid authentication]"));
        } catch (NamingException e2) {
            Assert.fail();
        }
    }

    @Test
    public void testSimpleBindUnknowPrincipalAPassword() throws UnknownHostException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", Network.ldapLoopbackUrl(getLdapServer().getPort()));
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", "uid=unknown,ou=system");
        hashtable.put("java.naming.security.credentials", "secret");
        try {
            new InitialDirContext(hashtable);
        } catch (AuthenticationException e) {
        } catch (NamingException e2) {
            Assert.fail("Expected AuthenticationException with error code 49 for invalidate credentials instead got: " + e2.getMessage());
        }
    }

    @Test
    public void testSimpleBindNoPrincipalNoPassword() throws UnknownHostException {
        boolean isAllowAnonymousAccess = getLdapServer().getDirectoryService().isAllowAnonymousAccess();
        getLdapServer().getDirectoryService().setAllowAnonymousAccess(false);
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", Network.ldapLoopbackUrl(getLdapServer().getPort()));
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", "");
        hashtable.put("java.naming.security.credentials", "");
        String[] strArr = {"*", "+"};
        try {
            new InitialDirContext(hashtable);
            Assert.fail();
        } catch (NamingException e) {
        }
        try {
            LDAPSearchResults search = LDAPConnection.search(new LDAPUrl(Network.LOOPBACK_HOSTNAME, getLdapServer().getPort(), "", new String[]{"vendorName"}, 0, "(ObjectClass=*)"));
            if (search.hasMoreElements()) {
                LDAPAttribute attribute = search.next().getAttribute("vendorName");
                if (attribute != null) {
                    Assert.assertEquals("Apache Software Foundation", attribute.getStringValueArray()[0]);
                } else {
                    Assert.fail();
                }
            } else {
                Assert.fail();
            }
        } catch (Exception e2) {
            Assert.fail("Should not have caught exception.");
        }
        try {
            LDAPConnection.search(new LDAPUrl(Network.LOOPBACK_HOSTNAME, getLdapServer().getPort(), "uid=admin,ou=system", strArr, 0, "(ObjectClass=*)"));
            Assert.fail();
        } catch (LDAPException e3) {
            Assert.assertTrue(true);
        }
        getLdapServer().getDirectoryService().setAllowAnonymousAccess(isAllowAnonymousAccess);
    }

    @Test
    public void testSimpleBindPrincipalNoPassword() throws UnknownHostException {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", Network.ldapLoopbackUrl(getLdapServer().getPort()));
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", "uid=admin,ou=system");
        hashtable.put("java.naming.security.credentials", "");
        try {
            new InitialDirContext(hashtable);
        } catch (OperationNotSupportedException e) {
            Assert.assertTrue(e.getMessage().contains("error code 53"));
        } catch (NamingException e2) {
            Assert.fail();
        }
    }

    @Test
    public void testSimpleBindNoUserAPassword() throws Exception {
        Hashtable hashtable = new Hashtable();
        hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        hashtable.put("java.naming.provider.url", Network.ldapLoopbackUrl(getLdapServer().getPort()));
        hashtable.put("java.naming.security.authentication", "simple");
        hashtable.put("java.naming.security.principal", "");
        hashtable.put("java.naming.security.credentials", "secret");
        try {
            new InitialDirContext(hashtable);
        } catch (AuthenticationException e) {
        } catch (NamingException e2) {
            Assert.fail("Expected AuthenticationException but instead got: " + e2.getMessage());
        }
    }

    @Test
    public void testAnonymousRootDseSearch() {
        boolean isAllowAnonymousAccess = getLdapServer().getDirectoryService().isAllowAnonymousAccess();
        getLdapServer().getDirectoryService().setAllowAnonymousAccess(false);
        try {
            try {
                LDAPSearchResults search = LDAPConnection.search(new LDAPUrl(Network.LOOPBACK_HOSTNAME, getLdapServer().getPort(), "", new String[]{"vendorName"}, 0, "(ObjectClass=*)"));
                if (search.hasMoreElements()) {
                    LDAPAttribute attribute = search.next().getAttribute("vendorName");
                    if (attribute != null) {
                        Assert.assertEquals("Apache Software Foundation", attribute.getStringValueArray()[0]);
                    } else {
                        Assert.fail();
                    }
                } else {
                    Assert.fail();
                }
                getLdapServer().getDirectoryService().setAllowAnonymousAccess(isAllowAnonymousAccess);
            } catch (Exception e) {
                Assert.fail("Should not have caught exception.");
                getLdapServer().getDirectoryService().setAllowAnonymousAccess(isAllowAnonymousAccess);
            }
        } catch (Throwable th) {
            getLdapServer().getDirectoryService().setAllowAnonymousAccess(isAllowAnonymousAccess);
            throw th;
        }
    }

    @Test
    public void testBindWithDoubleQuote() throws Exception {
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection(Network.LOOPBACK_HOSTNAME, getLdapServer().getPort());
        ldapNetworkConnection.bind("uid=\"admin\",ou=\"system\"", "secret");
        Assert.assertTrue(ldapNetworkConnection.isAuthenticated());
        ldapNetworkConnection.close();
    }

    @Test
    public void testBindSimpleAuthenticatorDisabled() throws Exception {
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection(Network.LOOPBACK_HOSTNAME, getLdapServer().getPort());
        try {
            ldapNetworkConnection.bind("uid=hacker", "badsecret");
            Assert.fail();
        } catch (LdapAuthenticationException e) {
        }
        Assert.assertFalse(ldapNetworkConnection.isAuthenticated());
        AuthenticationInterceptor interceptor = ldapServer.getDirectoryService().getInterceptor(InterceptorEnum.AUTHENTICATION_INTERCEPTOR.getName());
        interceptor.destroy();
        interceptor.setAuthenticators(new Authenticator[]{new StrongAuthenticator(Dn.ROOT_DSE)});
        try {
            ldapNetworkConnection.bind("uid=hacker", "badsecret");
            Assert.fail();
        } catch (LdapAuthenticationException e2) {
        }
        try {
            ldapNetworkConnection.bind("uid=admin,ou=system", "secret");
            Assert.fail();
        } catch (LdapAuthenticationException e3) {
        }
        Assert.assertFalse(ldapNetworkConnection.isAuthenticated());
        ldapNetworkConnection.close();
        interceptor.destroy();
        interceptor.setAuthenticators(new Authenticator[]{new StrongAuthenticator(Dn.ROOT_DSE), new SimpleAuthenticator(Dn.ROOT_DSE), new AnonymousAuthenticator(Dn.ROOT_DSE)});
    }

    @Test
    public void testSimpleBindAndUnbindLoop() throws Exception {
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection(Network.LOOPBACK_HOSTNAME, getLdapServer().getPort());
        Throwable th = null;
        try {
            for (int i = 0; i < 100; i++) {
                ldapNetworkConnection.bind("uid=admin,ou=system", "secret");
                Assert.assertTrue(ldapNetworkConnection.isAuthenticated());
                ldapNetworkConnection.unBind();
                Assert.assertFalse(ldapNetworkConnection.isAuthenticated());
                Thread.sleep(2L);
            }
            if (ldapNetworkConnection != null) {
                if (0 == 0) {
                    ldapNetworkConnection.close();
                    return;
                }
                try {
                    ldapNetworkConnection.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (ldapNetworkConnection != null) {
                if (0 != 0) {
                    try {
                        ldapNetworkConnection.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    ldapNetworkConnection.close();
                }
            }
            throw th3;
        }
    }
}
