package org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx;

import com.google.common.collect.ImmutableMap;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.reflect.Field;
import java.security.AccessControlException;
import java.util.ArrayList;
import java.util.Iterator;
import javax.annotation.Nonnull;
import javax.jcr.Credentials;
import javax.jcr.Item;
import javax.jcr.Node;
import javax.jcr.Property;
import javax.jcr.Repository;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.ValueFactory;
import javax.jcr.Workspace;
import javax.jcr.retention.RetentionManager;
import javax.jcr.security.AccessControlManager;
import org.apache.jackrabbit.api.JackrabbitSession;
import org.apache.jackrabbit.api.security.principal.PrincipalManager;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser;
import org.apache.jackrabbit.oak.spi.security.authentication.external.TestIdentityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.DefaultSyncHandler;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.xml.sax.ContentHandler;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/DelegateeTest.class */
public class DelegateeTest extends AbstractJmxTest {
    private Delegatee delegatee;
    private static final String[] TEST_IDS = {TestIdentityProvider.ID_TEST_USER, TestIdentityProvider.ID_SECOND_USER, TestIdentityProvider.ID_WILDCARD_USER};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/jackrabbit/oak/spi/security/authentication/external/impl/jmx/DelegateeTest$ThrowingSession.class */
    public static final class ThrowingSession implements JackrabbitSession {
        private JackrabbitSession base;

        private ThrowingSession(@Nonnull JackrabbitSession jackrabbitSession) {
            this.base = jackrabbitSession;
        }

        public boolean hasPermission(@Nonnull String str, @Nonnull String... strArr) throws RepositoryException {
            return this.base.hasPermission(str, strArr);
        }

        public PrincipalManager getPrincipalManager() throws RepositoryException {
            return this.base.getPrincipalManager();
        }

        public UserManager getUserManager() throws RepositoryException {
            return this.base.getUserManager();
        }

        public Item getItemOrNull(String str) throws RepositoryException {
            return this.base.getItemOrNull(str);
        }

        public Property getPropertyOrNull(String str) throws RepositoryException {
            return this.base.getPropertyOrNull(str);
        }

        public Node getNodeOrNull(String str) throws RepositoryException {
            return getNodeOrNull(str);
        }

        public Repository getRepository() {
            return this.base.getRepository();
        }

        public String getUserID() {
            return this.base.getUserID();
        }

        public String[] getAttributeNames() {
            return this.base.getAttributeNames();
        }

        public Object getAttribute(String str) {
            return this.base.getAttribute(str);
        }

        public Workspace getWorkspace() {
            return this.base.getWorkspace();
        }

        public Node getRootNode() throws RepositoryException {
            return this.base.getRootNode();
        }

        public Session impersonate(Credentials credentials) throws RepositoryException {
            return this.base.impersonate(credentials);
        }

        public Node getNodeByUUID(String str) throws RepositoryException {
            return this.base.getNodeByUUID(str);
        }

        public Node getNodeByIdentifier(String str) throws RepositoryException {
            return this.base.getNodeByIdentifier(str);
        }

        public Item getItem(String str) throws RepositoryException {
            return this.base.getItem(str);
        }

        public Node getNode(String str) throws RepositoryException {
            return this.base.getNode(str);
        }

        public Property getProperty(String str) throws RepositoryException {
            return this.base.getProperty(str);
        }

        public boolean itemExists(String str) throws RepositoryException {
            return this.base.itemExists(str);
        }

        public boolean nodeExists(String str) throws RepositoryException {
            return this.base.nodeExists(str);
        }

        public boolean propertyExists(String str) throws RepositoryException {
            return this.base.propertyExists(str);
        }

        public void move(String str, String str2) throws RepositoryException {
            this.base.move(str, str2);
        }

        public void removeItem(String str) throws RepositoryException {
            this.base.removeItem(str);
        }

        public void save() throws RepositoryException {
            throw new RepositoryException();
        }

        public void refresh(boolean z) throws RepositoryException {
            this.base.refresh(z);
        }

        public boolean hasPendingChanges() throws RepositoryException {
            return this.base.hasPendingChanges();
        }

        public ValueFactory getValueFactory() throws RepositoryException {
            return this.base.getValueFactory();
        }

        public boolean hasPermission(String str, String str2) throws RepositoryException {
            return this.base.hasPermission(str, str2);
        }

        public void checkPermission(String str, String str2) throws AccessControlException, RepositoryException {
            this.base.checkPermission(str, str2);
        }

        public boolean hasCapability(String str, Object obj, Object[] objArr) throws RepositoryException {
            return this.base.hasCapability(str, obj, objArr);
        }

        public ContentHandler getImportContentHandler(String str, int i) throws RepositoryException {
            return this.base.getImportContentHandler(str, i);
        }

        public void importXML(String str, InputStream inputStream, int i) throws IOException, RepositoryException {
            this.base.importXML(str, inputStream, i);
        }

        public void exportSystemView(String str, ContentHandler contentHandler, boolean z, boolean z2) throws SAXException, RepositoryException {
            this.base.exportSystemView(str, contentHandler, z, z2);
        }

        public void exportSystemView(String str, OutputStream outputStream, boolean z, boolean z2) throws IOException, RepositoryException {
            this.base.exportSystemView(str, outputStream, z, z2);
        }

        public void exportDocumentView(String str, ContentHandler contentHandler, boolean z, boolean z2) throws SAXException, RepositoryException {
            this.base.exportDocumentView(str, contentHandler, z, z2);
        }

        public void exportDocumentView(String str, OutputStream outputStream, boolean z, boolean z2) throws IOException, RepositoryException {
            this.base.exportDocumentView(str, outputStream, z, z2);
        }

        public void setNamespacePrefix(String str, String str2) throws RepositoryException {
            this.base.setNamespacePrefix(str, str2);
        }

        public String[] getNamespacePrefixes() throws RepositoryException {
            return this.base.getNamespacePrefixes();
        }

        public String getNamespaceURI(String str) throws RepositoryException {
            return this.base.getNamespaceURI(str);
        }

        public String getNamespacePrefix(String str) throws RepositoryException {
            return this.base.getNamespacePrefix(str);
        }

        public void logout() {
            this.base.logout();
        }

        public boolean isLive() {
            return this.base.isLive();
        }

        public void addLockToken(String str) {
            this.base.addLockToken(str);
        }

        public String[] getLockTokens() {
            return this.base.getLockTokens();
        }

        public void removeLockToken(String str) {
            this.base.removeLockToken(str);
        }

        public AccessControlManager getAccessControlManager() throws RepositoryException {
            return this.base.getAccessControlManager();
        }

        public RetentionManager getRetentionManager() throws RepositoryException {
            return this.base.getRetentionManager();
        }
    }

    @Override // org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.AbstractJmxTest
    @Before
    public void before() throws Exception {
        super.before();
        this.delegatee = createDelegatee(new TestIdentityProvider());
    }

    @Override // org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.AbstractJmxTest
    public void after() throws Exception {
        try {
            if (this.delegatee != null) {
                this.delegatee.close();
            }
        } finally {
            super.after();
        }
    }

    int getBatchSize() {
        return 100;
    }

    private Delegatee createDelegatee(@Nonnull ExternalIdentityProvider externalIdentityProvider) {
        return Delegatee.createInstance(REPOSITORY, new DefaultSyncHandler(this.syncConfig), externalIdentityProvider, getBatchSize());
    }

    private static Session preventSessionSave(@Nonnull Delegatee delegatee) throws Exception {
        Field declaredField = Delegatee.class.getDeclaredField("systemSession");
        declaredField.setAccessible(true);
        JackrabbitSession jackrabbitSession = (JackrabbitSession) declaredField.get(delegatee);
        jackrabbitSession.refresh(false);
        declaredField.set(delegatee, new ThrowingSession(jackrabbitSession));
        return jackrabbitSession;
    }

    @Test
    public void testDoubleClose() {
        this.delegatee.close();
        this.delegatee.close();
    }

    @Test
    public void testSyncUsersBeforeSaveError() throws Exception {
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.syncUsers(TEST_IDS, false), ImmutableMap.of(TestIdentityProvider.ID_TEST_USER, "nsa", TestIdentityProvider.ID_SECOND_USER, "nsa", TestIdentityProvider.ID_WILDCARD_USER, "nsa"));
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test
    public void testSyncUsersSaveError() throws Exception {
        sync(this.idp, TestIdentityProvider.ID_TEST_USER, false);
        sync(this.foreignIDP, TestIdentityProvider.ID_SECOND_USER, false);
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.syncUsers(new String[]{TestIdentityProvider.ID_TEST_USER, TestIdentityProvider.ID_SECOND_USER, TestIdentityProvider.ID_WILDCARD_USER}, false), ImmutableMap.of(TestIdentityProvider.ID_TEST_USER, "ERR", TestIdentityProvider.ID_SECOND_USER, "for", TestIdentityProvider.ID_WILDCARD_USER, "nsa"));
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test
    public void testSyncAllUsersBeforeSaveError() throws Exception {
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.syncAllUsers(false), ImmutableMap.of());
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test
    public void testSyncAllUsersSaveError() throws Exception {
        sync(this.idp, TestIdentityProvider.ID_TEST_USER, false);
        sync(this.idp, TestIdentityProvider.ID_SECOND_USER, false);
        sync(new TestIdentityProvider.TestUser("third", this.idp.getName()), this.idp);
        sync(this.foreignIDP, TestIdentityProvider.ID_WILDCARD_USER, false);
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.syncAllUsers(false), ImmutableMap.builder().put(TestIdentityProvider.ID_TEST_USER, "ERR").put("a", "ERR").put("b", "ERR").put("c", "ERR").put(TestIdentityProvider.ID_SECOND_USER, "ERR").put("secondGroup", "ERR").put("third", "mis").build());
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test
    public void testSyncAllUsersPurgeSaveError() throws Exception {
        sync(this.idp, TestIdentityProvider.ID_TEST_USER, false);
        sync(this.idp, TestIdentityProvider.ID_SECOND_USER, false);
        sync(new TestIdentityProvider.TestUser("third", this.idp.getName()), this.idp);
        sync(this.foreignIDP, TestIdentityProvider.ID_WILDCARD_USER, false);
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.syncAllUsers(true), ImmutableMap.builder().put(TestIdentityProvider.ID_TEST_USER, "ERR").put("a", "ERR").put("b", "ERR").put("c", "ERR").put(TestIdentityProvider.ID_SECOND_USER, "ERR").put("secondGroup", "ERR").put("third", "ERR").build());
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test
    public void testSyncNonExistingExternalUserSaveError() throws Exception {
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.syncExternalUsers(new String[]{new ExternalIdentityRef("nonExisting", this.idp.getName()).getString()}), "", "nsi");
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test
    public void testSyncForeignExternalUserSaveError() throws Exception {
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.syncExternalUsers(new String[]{new ExternalIdentityRef(TestIdentityProvider.ID_TEST_USER, this.foreignIDP.getName()).getString()}), TestIdentityProvider.ID_TEST_USER, "for");
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test
    public void testSyncThrowingExternalUserSaveError() throws Exception {
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.syncExternalUsers(new String[]{new ExternalIdentityRef(TestIdentityProvider.ID_EXCEPTION, this.idp.getName()).getString()}), TestIdentityProvider.ID_EXCEPTION, "ERR");
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test
    public void testSyncExternalUsersSaveError() throws Exception {
        Session preventSessionSave = preventSessionSave(this.delegatee);
        ArrayList arrayList = new ArrayList();
        for (String str : TEST_IDS) {
            arrayList.add(new ExternalIdentityRef(str, this.idp.getName()).getString());
        }
        assertResultMessages(this.delegatee.syncExternalUsers((String[]) arrayList.toArray(new String[arrayList.size()])), ImmutableMap.of(TestIdentityProvider.ID_TEST_USER, "ERR", TestIdentityProvider.ID_SECOND_USER, "ERR", TestIdentityProvider.ID_WILDCARD_USER, "ERR"));
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test
    public void testSyncAllExternalUsersSaveError() throws Exception {
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.syncAllExternalUsers(), ImmutableMap.of(TestIdentityProvider.ID_TEST_USER, "ERR", TestIdentityProvider.ID_SECOND_USER, "ERR", TestIdentityProvider.ID_WILDCARD_USER, "ERR"));
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }

    @Test(expected = SyncRuntimeException.class)
    public void testSyncAllExternalUsersThrowingIDP() {
        createDelegatee(new TestIdentityProvider("throwing") { // from class: org.apache.jackrabbit.oak.spi.security.authentication.external.impl.jmx.DelegateeTest.1
            @Override // org.apache.jackrabbit.oak.spi.security.authentication.external.TestIdentityProvider
            @Nonnull
            public Iterator<ExternalUser> listUsers() throws ExternalIdentityException {
                throw new ExternalIdentityException();
            }
        }).syncAllExternalUsers();
    }

    @Test
    public void testPurgeOrphanedSaveError() throws Exception {
        sync(new TestIdentityProvider.TestUser("third", this.idp.getName()), this.idp);
        sync(new TestIdentityProvider.TestUser("forth", this.idp.getName()), this.idp);
        sync(this.idp, TestIdentityProvider.ID_TEST_USER, false);
        Session preventSessionSave = preventSessionSave(this.delegatee);
        assertResultMessages(this.delegatee.purgeOrphanedUsers(), ImmutableMap.of("third", "ERR", "forth", "ERR"));
        Assert.assertFalse(preventSessionSave.hasPendingChanges());
    }
}
