package org.apache.jackrabbit.oak.spi.security.authentication.external.impl.principal;

import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import java.security.Principal;
import java.security.acl.Group;
import java.util.UUID;
import org.apache.jackrabbit.oak.api.Root;
import org.apache.jackrabbit.oak.namepath.NamePathMapper;
import org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest;
import org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef;
import org.apache.jackrabbit.oak.spi.security.authentication.external.TestIdentityProvider;
import org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncConfig;
import org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext;
import org.apache.jackrabbit.oak.spi.security.authentication.external.impl.DynamicSyncContext;
import org.apache.jackrabbit.oak.spi.security.principal.PrincipalProvider;
import org.apache.jackrabbit.oak.spi.security.user.UserConfiguration;
import org.jetbrains.annotations.NotNull;
import org.junit.Assert;

/* loaded from: input_file:org/apache/jackrabbit/oak/spi/security/authentication/external/impl/principal/AbstractPrincipalTest.class */
public abstract class AbstractPrincipalTest extends AbstractExternalAuthTest {
    PrincipalProvider principalProvider;

    @Override // org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest
    public void before() throws Exception {
        super.before();
        Root systemRoot = getSystemRoot();
        DynamicSyncContext dynamicSyncContext = new DynamicSyncContext(this.syncConfig, this.idp, getUserManager(systemRoot), getValueFactory(systemRoot));
        dynamicSyncContext.sync(this.idp.getUser(TestIdentityProvider.ID_TEST_USER));
        dynamicSyncContext.close();
        DefaultSyncContext defaultSyncContext = new DefaultSyncContext(this.syncConfig, this.idp, getUserManager(systemRoot), getValueFactory(systemRoot));
        defaultSyncContext.sync(this.idp.getUser(TestIdentityProvider.ID_SECOND_USER));
        defaultSyncContext.close();
        systemRoot.commit();
        this.root.refresh();
        this.principalProvider = createPrincipalProvider();
    }

    @NotNull
    PrincipalProvider createPrincipalProvider() {
        ImmutableSet copyOf = ImmutableSet.copyOf(Iterables.concat(this.syncConfig.user().getAutoMembership(), this.syncConfig.group().getAutoMembership()));
        return new ExternalGroupPrincipalProvider(this.root, (UserConfiguration) getSecurityProvider().getConfiguration(UserConfiguration.class), NamePathMapper.DEFAULT, ImmutableMap.of(this.idp.getName(), copyOf.toArray(new String[copyOf.size()])));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest
    public DefaultSyncConfig createSyncConfig() {
        DefaultSyncConfig createSyncConfig = super.createSyncConfig();
        createSyncConfig.user().setDynamicMembership(true);
        return createSyncConfig;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Group getGroupPrincipal() throws Exception {
        return getGroupPrincipal((ExternalIdentityRef) this.idp.getUser(TestIdentityProvider.ID_TEST_USER).getDeclaredGroups().iterator().next());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Group getGroupPrincipal(@NotNull ExternalIdentityRef externalIdentityRef) throws Exception {
        Principal principal = this.principalProvider.getPrincipal(this.idp.getIdentity(externalIdentityRef).getPrincipalName());
        Assert.assertNotNull(principal);
        Assert.assertTrue(principal instanceof Group);
        return (Group) principal;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public org.apache.jackrabbit.api.security.user.Group createTestGroup() throws Exception {
        org.apache.jackrabbit.api.security.user.Group createGroup = getUserManager(this.root).createGroup("group" + UUID.randomUUID());
        this.root.commit();
        return createGroup;
    }
}
