package org.apache.jackrabbit.oak.spi.security.authentication.external.impl;

import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import javax.jcr.Repository;
import javax.jcr.SimpleCredentials;
import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import javax.security.auth.spi.LoginModule;
import org.apache.felix.jaas.LoginModuleFactory;
import org.apache.felix.jaas.boot.ProxyLoginModule;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.AbstractSecurityTest;
import org.apache.jackrabbit.oak.Oak;
import org.apache.jackrabbit.oak.api.ContentSession;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProviderManager;
import org.apache.jackrabbit.oak.spi.security.authentication.external.SyncHandler;
import org.apache.jackrabbit.oak.spi.security.authentication.external.SyncManager;
import org.apache.jackrabbit.oak.spi.security.authentication.external.TestIdentityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig;
import org.apache.jackrabbit.oak.spi.whiteboard.Registration;
import org.apache.jackrabbit.oak.spi.whiteboard.Whiteboard;
import org.apache.sling.testing.mock.osgi.junit.OsgiContext;
import org.easymock.EasyMock;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;

/* loaded from: input_file:org/apache/jackrabbit/oak/spi/security/authentication/external/impl/ExternalLoginModuleFactoryTest.class */
public class ExternalLoginModuleFactoryTest extends AbstractSecurityTest {
    private static final String TEST_CONSTANT_PROPERTY_NAME = "profile/constantProperty";
    private static final String TEST_CONSTANT_PROPERTY_VALUE = "constant-value";

    @Rule
    public final OsgiContext context = new OsgiContext();
    private final HashMap<String, Object> options = new HashMap<>();
    private final String userId = "testUser";
    private ExternalIdentityProvider idp;
    private DefaultSyncConfig syncConfig;
    private Registration testIdpReg;
    private Registration syncHandlerReg;
    private Whiteboard whiteboard;

    protected Oak withEditors(Oak oak) {
        super.withEditors(oak);
        this.whiteboard = oak.getWhiteboard();
        return oak;
    }

    @Before
    public void before() throws Exception {
        super.before();
        this.idp = new TestIdentityProvider();
        this.testIdpReg = this.whiteboard.register(ExternalIdentityProvider.class, this.idp, Collections.emptyMap());
        this.options.put("sync.handlerName", "default");
        this.options.put("idp.name", this.idp.getName());
        this.syncConfig = new DefaultSyncConfig();
        HashMap hashMap = new HashMap();
        hashMap.put("name", "name");
        hashMap.put("email", "email");
        hashMap.put("profile/name", "profile/name");
        hashMap.put("profile/age", "profile/age");
        hashMap.put(TEST_CONSTANT_PROPERTY_NAME, "\"constant-value\"");
        this.syncConfig.user().setPropertyMapping(hashMap);
        this.syncConfig.user().setMembershipNestingDepth(1L);
        this.syncHandlerReg = this.whiteboard.register(SyncHandler.class, new DefaultSyncHandler(this.syncConfig), Collections.emptyMap());
    }

    @After
    public void after() throws Exception {
        this.testIdpReg.unregister();
        this.syncHandlerReg.unregister();
        try {
            Authorizable authorizable = getUserManager(this.root).getAuthorizable("testUser");
            if (authorizable != null) {
                authorizable.remove();
            }
            this.root.commit();
            this.root.refresh();
            super.after();
        } catch (Throwable th) {
            this.root.refresh();
            super.after();
            throw th;
        }
    }

    protected Configuration getConfiguration() {
        return new Configuration() { // from class: org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalLoginModuleFactoryTest.1
            public AppConfigurationEntry[] getAppConfigurationEntry(String str) {
                return new AppConfigurationEntry[]{new AppConfigurationEntry(ProxyLoginModule.class.getName(), AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, ExternalLoginModuleFactoryTest.this.options)};
            }
        };
    }

    @Test
    public void testSyncCreateUser() throws Exception {
        setUpJaasFactoryWithInjection();
        UserManager userManager = getUserManager(this.root);
        ContentSession contentSession = null;
        try {
            Assert.assertNull(userManager.getAuthorizable("testUser"));
            contentSession = login(new SimpleCredentials("testUser", new char[0]));
            this.root.refresh();
            Authorizable authorizable = userManager.getAuthorizable("testUser");
            Assert.assertNotNull(authorizable);
            Iterator it = this.idp.getUser("testUser").getProperties().keySet().iterator();
            while (it.hasNext()) {
                Assert.assertTrue(authorizable.hasProperty((String) it.next()));
            }
            Assert.assertEquals(TEST_CONSTANT_PROPERTY_VALUE, authorizable.getProperty(TEST_CONSTANT_PROPERTY_NAME)[0].getString());
            if (contentSession != null) {
                contentSession.close();
            }
            this.options.clear();
        } catch (Throwable th) {
            if (contentSession != null) {
                contentSession.close();
            }
            this.options.clear();
            throw th;
        }
    }

    private void setUpJaasFactoryWithInjection() throws Exception {
        this.context.registerService(Repository.class, EasyMock.createMock(Repository.class));
        this.context.registerService(SyncManager.class, new SyncManagerImpl(this.whiteboard));
        this.context.registerService(ExternalIdentityProviderManager.class, new ExternalIDPManagerImpl(this.whiteboard));
        final LoginModuleFactory loginModuleFactory = (LoginModuleFactory) this.context.registerInjectActivateService(new ExternalLoginModuleFactory());
        this.options.put("org.apache.felix.jaas.LoginModuleFactory", new ProxyLoginModule.BootLoginModuleFactory() { // from class: org.apache.jackrabbit.oak.spi.security.authentication.external.impl.ExternalLoginModuleFactoryTest.2
            public LoginModule createLoginModule() {
                return loginModuleFactory.createLoginModule();
            }
        });
    }
}
