package org.apache.james.smtp;

import java.io.File;
import org.apache.james.mailets.TemporaryJamesServer;
import org.apache.james.mailets.configuration.SmtpConfiguration;
import org.apache.james.modules.protocols.SmtpGuiceProbe;
import org.apache.james.probe.DataProbe;
import org.apache.james.utils.DataProbeImpl;
import org.apache.james.utils.SMTPMessageSender;
import org.apache.james.utils.SMTPSendingException;
import org.apache.james.utils.SmtpSendingStep;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;
import org.junit.jupiter.api.io.TempDir;

/* loaded from: input_file:org/apache/james/smtp/SmtpIdentityVerificationTest.class */
class SmtpIdentityVerificationTest {
    private static final String ATTACKER_PASSWORD = "secret";
    private static final String ATTACKER = "attacker@james.org";
    private static final String USER = "user@james.org";

    @RegisterExtension
    public SMTPMessageSender messageSender = new SMTPMessageSender("james.org");
    private TemporaryJamesServer jamesServer;

    SmtpIdentityVerificationTest() {
    }

    private void createJamesServer(File file, SmtpConfiguration.Builder builder) throws Exception {
        this.jamesServer = TemporaryJamesServer.builder().withSmtpConfiguration(builder).build(file);
        this.jamesServer.start();
        DataProbe probe = this.jamesServer.getProbe(DataProbeImpl.class);
        probe.addDomain("james.org");
        probe.addUser("user@james.org", ATTACKER_PASSWORD);
        probe.addUser(ATTACKER, ATTACKER_PASSWORD);
    }

    @AfterEach
    void tearDown() {
        if (this.jamesServer != null) {
            this.jamesServer.shutdown();
        }
    }

    @Test
    void remoteUserCanSendEmailsToLocalUsers(@TempDir File file) throws Exception {
        createJamesServer(file, SmtpConfiguration.builder().requireAuthentication().verifyIdentity());
        this.messageSender.connect("127.0.0.1", this.jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort()).sendMessage("other@domain.tld", "user@james.org");
    }

    @Test
    void smtpShouldAcceptMessageWhenIdentityIsMatching(@TempDir File file) throws Exception {
        createJamesServer(file, SmtpConfiguration.builder().requireAuthentication().verifyIdentity());
        this.messageSender.connect("127.0.0.1", this.jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort()).authenticate("user@james.org", ATTACKER_PASSWORD).sendMessage("user@james.org", "user@james.org");
    }

    @Test
    void verifyIdentityShouldRejectNullSenderWHenAuthenticated(@TempDir File file) throws Exception {
        createJamesServer(file, SmtpConfiguration.builder().requireAuthentication().verifyIdentity());
        Assertions.assertThatThrownBy(() -> {
            this.messageSender.connect("127.0.0.1", this.jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort()).authenticate("user@james.org", ATTACKER_PASSWORD).sendMessageNoSender("user@james.org");
        }).isEqualTo(new SMTPSendingException(SmtpSendingStep.Sender, "503 5.7.1 Incorrect Authentication for Specified Email Address\n"));
    }

    @Test
    void verifyIdentityShouldAcceptNullSenderWhenAuthenticationRequired(@TempDir File file) throws Exception {
        createJamesServer(file, SmtpConfiguration.builder().requireAuthentication().verifyIdentity());
        Assertions.assertThatCode(() -> {
            this.messageSender.connect("127.0.0.1", this.jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort()).sendMessageNoSender("user@james.org");
        }).doesNotThrowAnyException();
    }

    @Test
    void rejectUnauthenticatedSendersUsingLocalDomains(@TempDir File file) throws Exception {
        createJamesServer(file, SmtpConfiguration.builder().requireAuthentication().verifyIdentity());
        Assertions.assertThatThrownBy(() -> {
            this.messageSender.connect("127.0.0.1", this.jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort()).sendMessage("user@james.org", "user@james.org");
        }).isEqualTo(new SMTPSendingException(SmtpSendingStep.Sender, "530 5.7.1 Authentication Required\n"));
    }

    @Test
    void smtpShouldAcceptMessageWhenIdentityIsNotMatchingButNotChecked(@TempDir File file) throws Exception {
        createJamesServer(file, SmtpConfiguration.builder().requireAuthentication().doNotVerifyIdentity());
        this.messageSender.connect("127.0.0.1", this.jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort()).authenticate(ATTACKER, ATTACKER_PASSWORD).sendMessage("user@james.org", "user@james.org");
    }

    @Test
    void smtpShouldRejectMessageWhenIdentityIsNotMatching(@TempDir File file) throws Exception {
        createJamesServer(file, SmtpConfiguration.builder().requireAuthentication().verifyIdentity());
        Assertions.assertThatThrownBy(() -> {
            this.messageSender.connect("127.0.0.1", this.jamesServer.getProbe(SmtpGuiceProbe.class).getSmtpPort()).authenticate(ATTACKER, ATTACKER_PASSWORD).sendMessage("user@james.org", "user@james.org");
        }).isEqualTo(new SMTPSendingException(SmtpSendingStep.Sender, "503 5.7.1 Incorrect Authentication for Specified Email Address\n"));
    }
}
