package org.apache.ignite.internal.processors.authentication;

import java.util.ArrayList;
import java.util.Base64;
import java.util.Iterator;
import java.util.Random;
import java.util.concurrent.Callable;
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.ignite.Ignite;
import org.apache.ignite.IgniteCheckedException;
import org.apache.ignite.configuration.DataRegionConfiguration;
import org.apache.ignite.configuration.DataStorageConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.internal.IgniteEx;
import org.apache.ignite.internal.IgniteInternalFuture;
import org.apache.ignite.internal.processors.security.IgniteSecurity;
import org.apache.ignite.internal.processors.security.OperationSecurityContext;
import org.apache.ignite.internal.processors.security.SecurityContext;
import org.apache.ignite.internal.util.typedef.G;
import org.apache.ignite.internal.util.typedef.internal.U;
import org.apache.ignite.plugin.security.AuthenticationContext;
import org.apache.ignite.plugin.security.SecurityCredentials;
import org.apache.ignite.plugin.security.SecuritySubject;
import org.apache.ignite.plugin.security.SecuritySubjectType;
import org.apache.ignite.testframework.GridTestUtils;
import org.apache.ignite.testframework.junits.common.GridCommonAbstractTest;
import org.junit.Test;

/* loaded from: input_file:org/apache/ignite/internal/processors/authentication/AuthenticationProcessorSelfTest.class */
public class AuthenticationProcessorSelfTest extends GridCommonAbstractTest {
    protected static final int NODES_COUNT = 4;
    private static final int ITERATIONS = 10;
    protected static final int CLI_NODE = 3;
    private static final Random RND = new Random(System.currentTimeMillis());
    protected SecurityContext secCtxDflt;

    private static String randomString(int i) {
        byte[] bArr = new byte[i / 2];
        RND.nextBytes(bArr);
        return Base64.getEncoder().encodeToString(bArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public IgniteConfiguration getConfiguration(String str) throws Exception {
        IgniteConfiguration configuration = super.getConfiguration(str);
        configuration.setAuthenticationEnabled(true);
        configuration.setDataStorageConfiguration(new DataStorageConfiguration().setDefaultDataRegionConfiguration(new DataRegionConfiguration().setMaxSize(209715200L).setPersistenceEnabled(true)));
        return configuration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public void beforeTestsStarted() throws Exception {
        super.beforeTestsStarted();
        GridTestUtils.setFieldValue(User.class, "bCryptGensaltLog2Rounds", 4);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public void afterTestsStopped() throws Exception {
        super.afterTestsStopped();
        GridTestUtils.setFieldValue(User.class, "bCryptGensaltLog2Rounds", 10);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.common.GridCommonAbstractTest, org.apache.ignite.testframework.junits.GridAbstractTest
    public void beforeTest() throws Exception {
        super.beforeTest();
        U.resolveWorkDirectory(U.defaultWorkDirectory(), "db", true);
        startGrids(3);
        startClientGrid(3);
        grid(0).cluster().active(true);
        this.secCtxDflt = authenticate(grid(0), "ignite", "ignite");
        assertNotNull(this.secCtxDflt);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public void afterTest() throws Exception {
        stopAllGrids();
        super.afterTest();
    }

    @Test
    public void testDefaultUser() throws Exception {
        for (int i = 0; i < 4; i++) {
            SecurityContext authenticate = authenticate(grid(i), "ignite", "ignite");
            assertNotNull(authenticate);
            assertEquals("ignite", authenticate.subject().login());
        }
    }

    @Test
    public void testDefaultUserUpdate() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            for (int i = 0; i < 4; i++) {
                grid(i).context().security().alterUser("ignite", ("ignite" + i).toCharArray());
                for (int i2 = 0; i2 < 4; i2++) {
                    SecurityContext authenticate = authenticate(grid(i2), "ignite", "ignite" + i);
                    assertNotNull(authenticate);
                    assertEquals("ignite", authenticate.subject().login());
                }
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testRemoveDefault() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            for (int i = 0; i < 4; i++) {
                final int i2 = i;
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.1
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().security().dropUser("ignite");
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "Default user cannot be removed");
                assertNotNull(authenticate(grid(0), "ignite", "ignite"));
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testUserManagementPermission() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            grid(0).context().security().createUser("test", "test".toCharArray());
            SecurityContext authenticate = authenticate(grid(0), "test", "test");
            for (int i = 0; i < 4; i++) {
                final int i2 = i;
                AutoCloseable withSecurityContextOnAllNodes2 = withSecurityContextOnAllNodes(authenticate);
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.2
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().security().createUser("test1", "test1".toCharArray());
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "User management operations are not allowed for user");
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.3
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().security().dropUser("test");
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "User management operations are not allowed for user");
                grid(i2).context().security().alterUser("test", "new_password".toCharArray());
                grid(i2).context().security().alterUser("test", "test".toCharArray());
                withSecurityContextOnAllNodes2.close();
                withSecurityContextOnAllNodes.close();
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.4
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().security().dropUser("test");
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "User management operations initiated on behalf of the Ignite node are not expected.");
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testProceedUsersOnJoinNode() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            grid(0).context().security().createUser("test0", "test".toCharArray());
            grid(0).context().security().createUser("test1", "test".toCharArray());
            startGrid(4);
            SecurityContext authenticate = authenticate(grid(4), "test0", "test");
            SecurityContext authenticate2 = authenticate(grid(4), "test1", "test");
            assertNotNull(authenticate);
            assertEquals("test0", authenticate.subject().login());
            assertNotNull(authenticate2);
            assertEquals("test1", authenticate2.subject().login());
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testAuthenticationInvalidUser() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            for (int i = 0; i < 4; i++) {
                final int i2 = i;
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.5
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.authenticate(AuthenticationProcessorSelfTest.this.grid(i2), "invalid_name", "test");
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "The user name or password is incorrect");
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.6
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.authenticate(AuthenticationProcessorSelfTest.this.grid(i2), "test", "invalid_password");
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "The user name or password is incorrect");
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testAddUpdateRemoveUser() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            for (int i = 0; i < 4; i++) {
                for (int i2 = 0; i2 < 4; i2++) {
                    checkAddUpdateRemoveUser(grid(i), grid(i2));
                }
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testUpdateUser() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            grid(0).context().security().createUser("test", "test".toCharArray());
            SecurityContext authenticate = authenticate(grid(0), "test", "test");
            for (int i = 0; i < 4; i++) {
                for (int i2 = 0; i2 < 4; i2++) {
                    checkUpdateUser(authenticate, grid(i), grid(i2));
                }
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testUpdateRemoveDoesNotExistsUser() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            for (int i = 0; i < 4; i++) {
                final int i2 = i;
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.7
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().security().alterUser("invalid_name", "test".toCharArray());
                        return null;
                    }
                }, (Class<? extends Throwable>) UserManagementException.class, "User doesn't exist");
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.8
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().security().dropUser("invalid_name");
                        return null;
                    }
                }, (Class<? extends Throwable>) UserManagementException.class, "User doesn't exist");
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testAddAlreadyExistsUser() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            grid(0).context().security().createUser("test", "test".toCharArray());
            for (int i = 0; i < 4; i++) {
                final int i2 = i;
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.9
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().security().createUser("test", "new_passwd".toCharArray());
                        return null;
                    }
                }, (Class<? extends Throwable>) UserManagementException.class, "User already exists");
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testAuthorizeOnClientDisconnect() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            grid(3).context().security().createUser("test", "test".toCharArray());
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            final IgniteInternalFuture runAsync = GridTestUtils.runAsync(new Runnable() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.10
                @Override // java.lang.Runnable
                public void run() {
                    for (int i = 0; i < 3; i++) {
                        try {
                            Thread.sleep(500L);
                            AuthenticationProcessorSelfTest.this.stopGrid(i);
                        } catch (Exception e) {
                            e.printStackTrace();
                            AuthenticationProcessorSelfTest.fail("Unexpected exception");
                            return;
                        }
                    }
                }
            });
            GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.11
                @Override // java.util.concurrent.Callable
                public Object call() throws Exception {
                    while (!runAsync.isDone()) {
                        AuthenticationProcessorSelfTest.assertNotNull(AuthenticationProcessorSelfTest.authenticate(AuthenticationProcessorSelfTest.this.grid(3), "test", "test"));
                    }
                    return null;
                }
            }, (Class<? extends Throwable>) IgniteCheckedException.class, "Client node was disconnected from topology (operation result is unknown)");
            runAsync.get();
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testConcurrentAddRemove() throws Exception {
        final AtomicInteger atomicInteger = new AtomicInteger();
        GridTestUtils.runMultiThreaded(new Runnable() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.12
            @Override // java.lang.Runnable
            public void run() {
                AuthenticationProcessorSelfTest.withSecurityContextOnAllNodes(AuthenticationProcessorSelfTest.this.secCtxDflt);
                String str = "test" + atomicInteger.getAndIncrement();
                for (int i = 0; i < 10; i++) {
                    try {
                        AuthenticationProcessorSelfTest.this.grid(3).context().security().createUser(str, ("passwd_" + str).toCharArray());
                        AuthenticationProcessorSelfTest.this.grid(3).context().security().dropUser(str);
                    } catch (Exception e) {
                        e.printStackTrace();
                        AuthenticationProcessorSelfTest.fail("Unexpected exception");
                        return;
                    }
                }
            }
        }, 10, "user-op");
    }

    @Test
    public void testUserPersistence() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            for (int i = 0; i < 4; i++) {
                grid(i).context().security().createUser("test" + i, ("passwd" + i).toCharArray());
            }
            grid(3).context().security().alterUser("ignite", "new_passwd".toCharArray());
            stopAllGrids();
            startGrids(3);
            startClientGrid(3);
            for (int i2 = 0; i2 < 4; i2++) {
                for (int i3 = 0; i3 < 4; i3++) {
                    SecurityContext authenticate = authenticate(grid(i2), "test" + i3, "passwd" + i3);
                    assertNotNull(authenticate);
                    assertEquals("test" + i3, authenticate.subject().login());
                }
                SecurityContext authenticate2 = authenticate(grid(i2), "ignite", "new_passwd");
                assertNotNull(authenticate2);
                assertEquals("ignite", authenticate2.subject().login());
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testDefaultUserPersistence() throws Exception {
        AutoCloseable withSecurityContextOnAllNodes = withSecurityContextOnAllNodes(this.secCtxDflt);
        Throwable th = null;
        try {
            grid(3).context().security().createUser("test", "passwd".toCharArray());
            stopAllGrids();
            U.sleep(500L);
            startGrids(3);
            startClientGrid(3);
            for (int i = 0; i < 4; i++) {
                SecurityContext authenticate = authenticate(grid(i), "ignite", "ignite");
                assertNotNull(authenticate);
                assertEquals("ignite", authenticate.subject().login());
                SecurityContext authenticate2 = authenticate(grid(i), "test", "passwd");
                assertNotNull(authenticate2);
                assertEquals("test", authenticate2.subject().login());
            }
            if (withSecurityContextOnAllNodes != null) {
                if (0 == 0) {
                    withSecurityContextOnAllNodes.close();
                    return;
                }
                try {
                    withSecurityContextOnAllNodes.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (withSecurityContextOnAllNodes != null) {
                if (0 != 0) {
                    try {
                        withSecurityContextOnAllNodes.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    withSecurityContextOnAllNodes.close();
                }
            }
            throw th3;
        }
    }

    @Test
    public void testInvalidUserNamePassword() throws Exception {
        withSecurityContextOnAllNodes(this.secCtxDflt);
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.13
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().security().createUser((String) null, "test".toCharArray());
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "User name is empty");
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.14
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().security().createUser("", "test".toCharArray());
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "User name is empty");
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.15
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().security().createUser("test", (char[]) null);
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "Password is empty");
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.16
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().security().createUser("test", "".toCharArray());
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "Password is empty");
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.17
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().security().createUser("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "a".toCharArray());
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "User name is too long");
    }

    private void checkInvalidUsername(String str) {
    }

    @Test
    public void testRemoteNodeSecurityContext() throws Exception {
        OperationSecurityContext withContext = grid(3).context().security().withContext(this.secCtxDflt);
        Throwable th = null;
        try {
            grid(3).context().security().createUser("test", "pwd".toCharArray());
            if (withContext != null) {
                if (0 != 0) {
                    try {
                        withContext.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    withContext.close();
                }
            }
            SecuritySubject subject = authenticate(grid(0), "test", "pwd").subject();
            int i = 1;
            while (i < 4) {
                IgniteSecurity security = ignite(i).context().security();
                OperationSecurityContext withContext2 = security.withContext(subject.id());
                Throwable th3 = null;
                try {
                    try {
                        SecuritySubject subject2 = security.securityContext().subject();
                        assertEquals(subject.id(), subject2.id());
                        assertEquals(i != 3 ? subject.login() : null, subject2.login());
                        assertEquals(subject.type(), subject2.type());
                        if (withContext2 != null) {
                            if (0 != 0) {
                                try {
                                    withContext2.close();
                                } catch (Throwable th4) {
                                    th3.addSuppressed(th4);
                                }
                            } else {
                                withContext2.close();
                            }
                        }
                        i++;
                    } finally {
                    }
                } catch (Throwable th5) {
                    if (withContext2 != null) {
                        if (th3 != null) {
                            try {
                                withContext2.close();
                            } catch (Throwable th6) {
                                th3.addSuppressed(th6);
                            }
                        } else {
                            withContext2.close();
                        }
                    }
                    throw th5;
                }
            }
        } catch (Throwable th7) {
            if (withContext != null) {
                if (0 != 0) {
                    try {
                        withContext.close();
                    } catch (Throwable th8) {
                        th.addSuppressed(th8);
                    }
                } else {
                    withContext.close();
                }
            }
            throw th7;
        }
    }

    private void checkInvalidPassword(final String str) {
        withSecurityContextOnAllNodes(this.secCtxDflt);
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.18
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().security().createUser("test", str.toCharArray());
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "Invalid user name");
    }

    private void checkAddUpdateRemoveUser(IgniteEx igniteEx, IgniteEx igniteEx2) throws Exception {
        igniteEx.context().security().createUser("test", "test".toCharArray());
        SecurityContext authenticate = authenticate(igniteEx2, "test", "test");
        assertNotNull(authenticate);
        assertEquals("test", authenticate.subject().login());
        igniteEx.context().security().alterUser("test", "newpasswd".toCharArray());
        SecurityContext authenticate2 = authenticate(igniteEx2, "test", "newpasswd");
        assertNotNull(authenticate2);
        assertEquals("test", authenticate2.subject().login());
        igniteEx.context().security().dropUser("test");
    }

    private void checkUpdateUser(SecurityContext securityContext, IgniteEx igniteEx, IgniteEx igniteEx2) throws Exception {
        String randomString = randomString(16);
        igniteEx.context().security().alterUser("test", randomString.toCharArray());
        SecurityContext authenticate = authenticate(igniteEx2, "test", randomString);
        assertNotNull(authenticate);
        assertEquals("test", authenticate.subject().login());
    }

    public static SecurityContext authenticate(IgniteEx igniteEx, String str, String str2) throws IgniteCheckedException {
        AuthenticationContext authenticationContext = new AuthenticationContext();
        authenticationContext.credentials(new SecurityCredentials(str, str2));
        authenticationContext.subjectType(SecuritySubjectType.REMOTE_CLIENT);
        return igniteEx.context().security().authenticate(authenticationContext);
    }

    public static AutoCloseable withSecurityContextOnAllNodes(SecurityContext securityContext) {
        final ArrayList arrayList = new ArrayList();
        Iterator it = G.allGrids().iterator();
        while (it.hasNext()) {
            arrayList.add(((Ignite) it.next()).context().security().withContext(securityContext));
        }
        return new AutoCloseable() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.19
            @Override // java.lang.AutoCloseable
            public void close() throws Exception {
                arrayList.forEach((v0) -> {
                    v0.close();
                });
            }
        };
    }
}
