package org.apache.james.user.ldap;

import org.apache.commons.configuration.HierarchicalConfiguration;
import org.apache.commons.configuration.plist.PropertyListConfiguration;
import org.apache.james.core.MailAddress;
import org.apache.james.domainlist.api.DomainList;
import org.assertj.core.api.Assertions;
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Test;
import org.mockito.Mockito;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/james/user/ldap/ReadOnlyUsersLDAPRepositoryTest.class */
public class ReadOnlyUsersLDAPRepositoryTest {
    private static final String JAMES_USER = "james-user";
    private static final String JAMES_USER_MAIL = "james-user@james.org";
    private static final String UNKNOWN = "unknown";
    private static final String PASSWORD = "secret";
    private static final String BAD_PASSWORD = "badpassword";
    private ReadOnlyUsersLDAPRepository ldapRepository;
    private DomainList domainList;
    private static final Logger LOGGER = LoggerFactory.getLogger(ReadOnlyUsersLDAPRepositoryTest.class);
    private static final String DOMAIN = "james.org";
    private static final String ADMIN_PASSWORD = "mysecretpassword";

    @ClassRule
    public static LdapGenericContainer ldapContainer = LdapGenericContainer.builder().domain(DOMAIN).password(ADMIN_PASSWORD).build();

    @Before
    public void setup() {
        this.domainList = (DomainList) Mockito.mock(DomainList.class);
    }

    private void startUsersRepository(HierarchicalConfiguration hierarchicalConfiguration) throws Exception {
        this.ldapRepository = new ReadOnlyUsersLDAPRepository(this.domainList);
        this.ldapRepository.configure(hierarchicalConfiguration);
        this.ldapRepository.init();
    }

    private HierarchicalConfiguration ldapRepositoryConfiguration() {
        PropertyListConfiguration propertyListConfiguration = new PropertyListConfiguration();
        propertyListConfiguration.addProperty("[@ldapHost]", ldapContainer.getLdapHost());
        propertyListConfiguration.addProperty("[@principal]", "cn=admin\\,dc=james\\,dc=org");
        propertyListConfiguration.addProperty("[@credentials]", ADMIN_PASSWORD);
        propertyListConfiguration.addProperty("[@userBase]", "ou=People\\,dc=james\\,dc=org");
        propertyListConfiguration.addProperty("[@userIdAttribute]", "uid");
        propertyListConfiguration.addProperty("[@userObjectClass]", "inetOrgPerson");
        propertyListConfiguration.addProperty("[@maxRetries]", "4");
        propertyListConfiguration.addProperty("[@retryStartInterval]", "0");
        propertyListConfiguration.addProperty("[@retryMaxInterval]", "8");
        propertyListConfiguration.addProperty("[@retryIntervalScale]", "1000");
        return propertyListConfiguration;
    }

    private HierarchicalConfiguration ldapRepositoryConfigurationWithVirtualHosting() {
        PropertyListConfiguration propertyListConfiguration = new PropertyListConfiguration();
        propertyListConfiguration.addProperty("[@ldapHost]", ldapContainer.getLdapHost());
        propertyListConfiguration.addProperty("[@principal]", "cn=admin\\,dc=james\\,dc=org");
        propertyListConfiguration.addProperty("[@credentials]", ADMIN_PASSWORD);
        propertyListConfiguration.addProperty("[@userBase]", "ou=People\\,dc=james\\,dc=org");
        propertyListConfiguration.addProperty("[@userIdAttribute]", "mail");
        propertyListConfiguration.addProperty("[@userObjectClass]", "inetOrgPerson");
        propertyListConfiguration.addProperty("[@maxRetries]", "4");
        propertyListConfiguration.addProperty("[@retryStartInterval]", "0");
        propertyListConfiguration.addProperty("[@retryMaxInterval]", "8");
        propertyListConfiguration.addProperty("[@retryIntervalScale]", "1000");
        propertyListConfiguration.addProperty("supportsVirtualHosting", true);
        return propertyListConfiguration;
    }

    @Test
    public void knownUserShouldBeAbleToLogInWhenPasswordIsCorrect() throws Exception {
        startUsersRepository(ldapRepositoryConfiguration());
        Assertions.assertThat(this.ldapRepository.test(JAMES_USER, PASSWORD)).isTrue();
    }

    @Test
    public void knownUserShouldNotBeAbleToLogInWhenPasswordIsNotCorrect() throws Exception {
        startUsersRepository(ldapRepositoryConfiguration());
        Assertions.assertThat(this.ldapRepository.test(JAMES_USER, BAD_PASSWORD)).isFalse();
    }

    @Test
    public void unknownUserShouldNotBeAbleToLogIn() throws Exception {
        startUsersRepository(ldapRepositoryConfiguration());
        Assertions.assertThat(this.ldapRepository.test(UNKNOWN, BAD_PASSWORD)).isFalse();
    }

    @Test
    public void unknownUserShouldNotBeAbleToLogInWhenPasswordIsCorrect() throws Exception {
        startUsersRepository(ldapRepositoryConfiguration());
        Assertions.assertThat(this.ldapRepository.test(UNKNOWN, PASSWORD)).isFalse();
    }

    @Test
    public void knownUserShouldBeAbleToLogInWhenPasswordIsCorrectWithVirtualHosting() throws Exception {
        startUsersRepository(ldapRepositoryConfigurationWithVirtualHosting());
        Assertions.assertThat(this.ldapRepository.test(JAMES_USER_MAIL, PASSWORD)).isTrue();
    }

    @Test
    public void testShouldStillWorksAfterRestartingLDAP() throws Exception {
        startUsersRepository(ldapRepositoryConfigurationWithVirtualHosting());
        this.ldapRepository.test(JAMES_USER_MAIL, PASSWORD);
        ldapContainer.pause();
        try {
            this.ldapRepository.test(JAMES_USER_MAIL, PASSWORD);
        } catch (Exception e) {
            LOGGER.info("This exception is expected as we shut down the LDAP and forced its use", e);
        }
        ldapContainer.unpause();
        Assertions.assertThat(this.ldapRepository.test(JAMES_USER_MAIL, PASSWORD)).isTrue();
    }

    @Test
    public void knownUserShouldNotBeAbleToLogInWhenPasswordIsNotCorrectWithVirtualHosting() throws Exception {
        startUsersRepository(ldapRepositoryConfigurationWithVirtualHosting());
        Assertions.assertThat(this.ldapRepository.test(JAMES_USER, BAD_PASSWORD)).isFalse();
    }

    @Test
    public void unknownUserShouldNotBeAbleToLogInWithVirtualHosting() throws Exception {
        startUsersRepository(ldapRepositoryConfigurationWithVirtualHosting());
        Assertions.assertThat(this.ldapRepository.test(UNKNOWN, BAD_PASSWORD)).isFalse();
    }

    @Test
    public void unknownUserShouldNotBeAbleToLogInWhenPasswordIsCorrectWithVirtualHosting() throws Exception {
        startUsersRepository(ldapRepositoryConfigurationWithVirtualHosting());
        Assertions.assertThat(this.ldapRepository.test(UNKNOWN, PASSWORD)).isFalse();
    }

    @Test
    public void containsWithGetUserShouldBeTrue() throws Exception {
        startUsersRepository(ldapRepositoryConfiguration());
        Assertions.assertThat(this.ldapRepository.contains(this.ldapRepository.getUser(new MailAddress(JAMES_USER_MAIL)))).isTrue();
    }

    @Test
    public void containsWithGetUserShouldBeTrueWithVirtualHosting() throws Exception {
        startUsersRepository(ldapRepositoryConfigurationWithVirtualHosting());
        Assertions.assertThat(this.ldapRepository.contains(this.ldapRepository.getUser(new MailAddress(JAMES_USER_MAIL)))).isTrue();
    }

    @Test
    public void specialCharacterInUserInputShouldBeSanitized() throws Exception {
        startUsersRepository(ldapRepositoryConfigurationWithVirtualHosting());
        Assertions.assertThat(this.ldapRepository.test("j*", PASSWORD)).isFalse();
    }
}
