package org.apache.qpid.server.security.auth.database;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.regex.Pattern;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.login.AccountNotFoundException;
import javax.xml.bind.DatatypeConverter;
import org.apache.qpid.server.model.AuthenticationProvider;
import org.apache.qpid.server.security.auth.UsernamePrincipal;

/* loaded from: input_file:org/apache/qpid/server/security/auth/database/Base64MD5PasswordFilePrincipalDatabaseTest.class */
public class Base64MD5PasswordFilePrincipalDatabaseTest extends AbstractPasswordFilePrincipalDatabaseTest {
    private static final String PASSWORD = "guest";
    private static final String PASSWORD_B64MD5HASHED = "CE4DQ6BIb/BVMN9scFyLtA==";
    private static char[] PASSWORD_MD5_CHARS;
    private static final String PRINCIPAL_USERNAME = "testUserPrincipal";
    private static final Principal PRINCIPAL = new UsernamePrincipal(PRINCIPAL_USERNAME, (AuthenticationProvider) null);
    private Base64MD5PasswordFilePrincipalDatabase _database;
    private File _pwdFile;
    private List<File> _testPwdFiles = new ArrayList();

    public void setUp() throws Exception {
        super.setUp();
        this._database = new Base64MD5PasswordFilePrincipalDatabase((AuthenticationProvider) null);
        this._pwdFile = File.createTempFile(getClass().getName(), "pwd");
        this._pwdFile.deleteOnExit();
        this._database.open(this._pwdFile);
        this._testPwdFiles.clear();
    }

    @Override // org.apache.qpid.server.security.auth.database.AbstractPasswordFilePrincipalDatabaseTest
    public void tearDown() throws Exception {
        try {
            File file = new File(this._pwdFile.getAbsolutePath() + ".old");
            if (file.exists()) {
                file.delete();
            }
            this._pwdFile.delete();
            super.tearDown();
        } catch (Throwable th) {
            super.tearDown();
            throw th;
        }
    }

    @Override // org.apache.qpid.server.security.auth.database.AbstractPasswordFilePrincipalDatabaseTest
    protected AbstractPasswordFilePrincipalDatabase getDatabase() {
        return this._database;
    }

    public void testCreatePrincipal() {
        File createPasswordFile = createPasswordFile(1, 0);
        loadPasswordFile(createPasswordFile);
        Principal principal = new Principal() { // from class: org.apache.qpid.server.security.auth.database.Base64MD5PasswordFilePrincipalDatabaseTest.1
            @Override // java.security.Principal
            public String getName() {
                return "testUser";
            }
        };
        assertTrue("New user not created.", this._database.createPrincipal(principal, PASSWORD.toCharArray()));
        PasswordCallback passwordCallback = new PasswordCallback("prompt", false);
        try {
            this._database.setPassword(principal, passwordCallback);
        } catch (AccountNotFoundException e) {
            fail("user account did not exist");
        }
        assertTrue("Password returned was incorrect.", Arrays.equals(PASSWORD_MD5_CHARS, passwordCallback.getPassword()));
        loadPasswordFile(createPasswordFile);
        try {
            this._database.setPassword(principal, passwordCallback);
        } catch (AccountNotFoundException e2) {
            fail("user account did not exist");
        }
        assertTrue("Password returned was incorrect.", Arrays.equals(PASSWORD_MD5_CHARS, passwordCallback.getPassword()));
        assertNotNull("Created User was not saved", this._database.getUser("testUser"));
        assertFalse("Duplicate user created.", this._database.createPrincipal(principal, PASSWORD.toCharArray()));
    }

    public void testCreatePrincipalIsSavedToFile() {
        File createPasswordFile = createPasswordFile(1, 0);
        loadPasswordFile(createPasswordFile);
        this._database.createPrincipal(new Principal() { // from class: org.apache.qpid.server.security.auth.database.Base64MD5PasswordFilePrincipalDatabaseTest.2
            @Override // java.security.Principal
            public String getName() {
                return "createdUser";
            }
        }, PASSWORD.toCharArray());
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(createPasswordFile));
            assertTrue("File has no content", bufferedReader.ready());
            assertEquals("Comment line has been corrupted.", "# Test Comment", bufferedReader.readLine());
            assertTrue("File is missing user data.", bufferedReader.ready());
            String readLine = bufferedReader.readLine();
            String[] split = Pattern.compile(":").split(readLine);
            assertEquals("User line not complete '" + readLine + "'", 2, split.length);
            assertEquals("Username not correct,", "createdUser", split[0]);
            assertEquals("Password not correct,", PASSWORD_B64MD5HASHED, split[1]);
            assertFalse("File has more content", bufferedReader.ready());
        } catch (IOException e) {
            fail("Unable to validate file contents due to:" + e.getMessage());
        }
    }

    public void testDeletePrincipal() {
        File createPasswordFile = createPasswordFile(1, 1);
        loadPasswordFile(createPasswordFile);
        Principal user = this._database.getUser("testUser0");
        assertNotNull("Generated user not present.", user);
        try {
            this._database.deletePrincipal(user);
        } catch (AccountNotFoundException e) {
            fail("User should be present" + e.getMessage());
        }
        try {
            this._database.deletePrincipal(user);
            fail("User should not be present");
        } catch (AccountNotFoundException e2) {
        }
        loadPasswordFile(createPasswordFile);
        try {
            this._database.deletePrincipal(user);
            fail("User should not be present");
        } catch (AccountNotFoundException e3) {
        }
        assertNull("Deleted user still present.", this._database.getUser("testUser0"));
    }

    public void testGetUsers() {
        loadPasswordFile(createPasswordFile(1, 10));
        assertNull("Missing user present.", this._database.getUser("MISSING_USERNAME"));
        List users = this._database.getUsers();
        assertNotNull("Users list is null.", users);
        assertEquals(10, users.size());
        boolean[] zArr = new boolean[10];
        for (int i = 0; i < 10; i++) {
            Principal principal = (Principal) users.get(i);
            assertNotNull("Generated user not present.", principal);
            int parseInt = Integer.parseInt(principal.getName().substring("testUser".length()));
            assertFalse("Duplicated username retrieve", zArr[parseInt]);
            zArr[parseInt] = true;
        }
        for (int i2 = 0; i2 < 10; i2++) {
            assertTrue("User " + i2 + " missing", zArr[i2]);
        }
    }

    public void testUpdatePasswordIsSavedToFile() {
        File createPasswordFile = createPasswordFile(1, 1);
        loadPasswordFile(createPasswordFile);
        Principal user = this._database.getUser("testUser0");
        assertNotNull(user);
        try {
            this._database.updatePassword(user, PASSWORD.toCharArray());
        } catch (AccountNotFoundException e) {
            fail(e.toString());
        }
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(createPasswordFile));
            assertTrue("File has no content", bufferedReader.ready());
            assertEquals("Comment line has been corrupted.", "# Test Comment", bufferedReader.readLine());
            assertTrue("File is missing user data.", bufferedReader.ready());
            String readLine = bufferedReader.readLine();
            String[] split = Pattern.compile(":").split(readLine);
            assertEquals("User line not complete '" + readLine + "'", 2, split.length);
            assertEquals("Username not correct,", "testUser0", split[0]);
            assertEquals("New Password not correct,", PASSWORD_B64MD5HASHED, split[1]);
            assertFalse("File has more content", bufferedReader.ready());
        } catch (IOException e2) {
            fail("Unable to validate file contents due to:" + e2.getMessage());
        }
    }

    public void testSetPasswordFileWithMissingFile() {
        try {
            this._database.open(new File("DoesntExist"));
        } catch (FileNotFoundException e) {
            assertTrue(e.getMessage(), e.getMessage().startsWith("Cannot find password file"));
        } catch (IOException e2) {
            fail("Password File was not created." + e2.getMessage());
        }
    }

    public void testSetPasswordFileWithReadOnlyFile() {
        File createPasswordFile = createPasswordFile(0, 0);
        createPasswordFile.setReadOnly();
        try {
            this._database.open(createPasswordFile);
        } catch (FileNotFoundException e) {
            assertTrue(e.getMessage().startsWith("Cannot read password file "));
        } catch (IOException e2) {
            fail("Password File was not created." + e2.getMessage());
        }
    }

    public void testCreateUserPrincipal() throws IOException {
        this._database.createPrincipal(PRINCIPAL, PASSWORD.toCharArray());
        Principal user = this._database.getUser(PRINCIPAL_USERNAME);
        assertNotNull(user);
        assertEquals(PRINCIPAL.getName(), user.getName());
    }

    public void testVerifyPassword() throws IOException, AccountNotFoundException {
        testCreateUserPrincipal();
        assertFalse(this._database.verifyPassword(PRINCIPAL_USERNAME, new char[0]));
        assertFalse(this._database.verifyPassword(PRINCIPAL_USERNAME, "guestz".toCharArray()));
        assertTrue(this._database.verifyPassword(PRINCIPAL_USERNAME, PASSWORD.toCharArray()));
        try {
            this._database.verifyPassword("made.up.username", PASSWORD.toCharArray());
            fail("Should not have been able to verify this nonexistent users password.");
        } catch (AccountNotFoundException e) {
        }
    }

    public void testUpdatePassword() throws IOException, AccountNotFoundException {
        testCreateUserPrincipal();
        char[] charArray = "newpassword".toCharArray();
        this._database.updatePassword(PRINCIPAL, charArray);
        assertFalse(this._database.verifyPassword(PRINCIPAL_USERNAME, PASSWORD.toCharArray()));
        assertTrue(this._database.verifyPassword(PRINCIPAL_USERNAME, charArray));
    }

    static {
        byte[] parseBase64Binary = DatatypeConverter.parseBase64Binary(PASSWORD_B64MD5HASHED);
        PASSWORD_MD5_CHARS = new char[parseBase64Binary.length];
        for (int i = 0; i < parseBase64Binary.length; i++) {
            PASSWORD_MD5_CHARS[i] = (char) parseBase64Binary[i];
        }
    }
}
