package org.apache.directory.server.operations.bind;

import org.apache.directory.api.ldap.model.exception.LdapAuthenticationException;
import org.apache.directory.api.util.Network;
import org.apache.directory.ldap.client.api.LdapNetworkConnection;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.annotations.ApplyLdifs;
import org.apache.directory.server.core.annotations.CreateAuthenticator;
import org.apache.directory.server.core.annotations.CreateDS;
import org.apache.directory.server.core.authn.DelegatingAuthenticator;
import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
import org.apache.directory.server.core.integ.ApacheDSTestExtension;
import org.apache.directory.server.ldap.handlers.extended.StartTlsHandler;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;

@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP", port = 10200)}, allowAnonymousAccess = true)
@ExtendWith({ApacheDSTestExtension.class})
@CreateDS(allowAnonAccess = true, name = "DelegatedAuthIT-class", authenticators = {@CreateAuthenticator(type = DelegatingAuthenticator.class, delegatePort = 10201, delegateSsl = true, delegateTls = false, delegateSslTrustManagerFQCN = "org.apache.directory.ldap.client.api.NoVerificationTrustManager")})
@ApplyLdifs({"dn: uid=emmanuel,ou=users,ou=system", "objectClass: uidObject", "objectClass: person", "objectClass: top", "uid: emmanuel", "cn: Emmanuel Lecharny", "sn: Lecharny", "userPassword: sesame"})
/* loaded from: input_file:org/apache/directory/server/operations/bind/DelegatedAuthOverSslIT.class */
public class DelegatedAuthOverSslIT extends AbstractLdapTestUnit {
    @CreateLdapServer(transports = {@CreateTransport(protocol = "LDAPS", port = 10201)}, extendedOpHandlers = {StartTlsHandler.class})
    @Test
    @CreateDS(allowAnonAccess = true, name = "DelegatedAuthIT-method")
    @ApplyLdifs({"dn: uid=antoine,ou=users,ou=system", "objectClass: uidObject", "objectClass: person", "objectClass: top", "uid: antoine", "cn: Antoine Levy-Lambert", "sn: Levy-Lambert", "userPassword: secret"})
    public void testDelegatedSSLAuthentication() throws Exception {
        Assertions.assertTrue(getService().isStarted());
        Assertions.assertEquals("DelegatedAuthIT-method", getService().getInstanceId());
        LdapNetworkConnection ldapNetworkConnection = new LdapNetworkConnection(Network.LOOPBACK_HOSTNAME, 10200);
        ldapNetworkConnection.bind("uid=antoine,ou=users,ou=system", "secret");
        Assertions.assertTrue(ldapNetworkConnection.isAuthenticated());
        ldapNetworkConnection.unBind();
        try {
            ldapNetworkConnection.bind("uid=antoine,ou=users,ou=system", "sesame");
            Assertions.fail();
        } catch (LdapAuthenticationException e) {
            Assertions.assertTrue(true);
        }
        ldapNetworkConnection.unBind();
        ldapNetworkConnection.close();
    }
}
