package com.cloudera.cmf.service.auth;

import com.cloudera.cmf.ProductState;
import com.cloudera.cmf.model.DbConfigContainerConfigProvider;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.auth.AbstractExternalServerLoginMonitor;
import com.cloudera.cmf.service.auth.LdapLoginMonitor;
import com.cloudera.cmf.service.config.MetricsSourceConfigEvaluatorTest;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.scm.ScmConfigValueProvider;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.server.cmf.FeatureManager;
import java.util.Arrays;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:com/cloudera/cmf/service/auth/LdapLoginMonitorTest.class */
public class LdapLoginMonitorTest {
    private static final String NON_EMPTY_LDAP_URL = "ldap:url";
    private static final String NON_EMPTY_LDAP_BIND_DN = "ldapBindDn";
    private static final String NON_EMPTY_LDAP_BIND_PW = "ldapBindPw";

    @Test
    public void splitLdapServerUrl_splitSpaceSeparatedUrls() {
        LdapLoginMonitor ldapLoginMonitor = new LdapLoginMonitor((FeatureManager) null, (ScmConfigValueProvider) null, (LdapLoginMonitor.CmfEntityManagerHelper) null);
        Assert.assertEquals(0L, ldapLoginMonitor.splitLdapServerUrl(MetricsSourceConfigEvaluatorTest.PLACE_HOLDER).size());
        Assert.assertEquals(1L, ldapLoginMonitor.splitLdapServerUrl("ldap://myldapserver.com").size());
        Assert.assertEquals(1L, ldapLoginMonitor.splitLdapServerUrl("ldaps://mysecureldapserver.com").size());
        Assert.assertEquals(1L, ldapLoginMonitor.splitLdapServerUrl("LDAPS://MYNOTVALIDSECURELDAPSERVER.COM").size());
        Assert.assertEquals(1L, ldapLoginMonitor.splitLdapServerUrl("LDAP://MYNOTVALIDSECURELDAPSERVER.COM").size());
        Assert.assertEquals(1L, ldapLoginMonitor.splitLdapServerUrl("notALdapServerAddressFormatString").size());
        Assert.assertEquals(2L, ldapLoginMonitor.splitLdapServerUrl("ldap://myldapserver.com ldap://mysecureldapserver.com").size());
        Assert.assertEquals(2L, ldapLoginMonitor.splitLdapServerUrl("ldaps://myldapserver.com ldaps://mysecureldapserver.com").size());
        Assert.assertEquals(1L, ldapLoginMonitor.splitLdapServerUrl("ldap://myldapserver.com ldaps://mysecureldapserver.com").size());
    }

    @Test
    public void useSSL_onlyReturnsTrueWhenSecureLdapAddressProvided() {
        LdapLoginMonitor ldapLoginMonitor = new LdapLoginMonitor((FeatureManager) null, (ScmConfigValueProvider) null, (LdapLoginMonitor.CmfEntityManagerHelper) null);
        Assert.assertFalse(Boolean.valueOf(ldapLoginMonitor.useSSL(Arrays.asList("ldap://myldapserver.com".split(" ")))).booleanValue());
        Assert.assertTrue(Boolean.valueOf(ldapLoginMonitor.useSSL(Arrays.asList("ldaps://mysecureldapserver.com".split(" ")))).booleanValue());
        Assert.assertTrue(Boolean.valueOf(ldapLoginMonitor.useSSL(Arrays.asList("LDAPS://MYNOTVALIDSECURELDAPSERVER.COM".split(" ")))).booleanValue());
        Assert.assertFalse(Boolean.valueOf(ldapLoginMonitor.useSSL(Arrays.asList("LDAP://MYNOTVALIDSECURELDAPSERVER.COM".split(" ")))).booleanValue());
        Assert.assertFalse(Boolean.valueOf(ldapLoginMonitor.useSSL(Arrays.asList("ldap://myldapserver.com ldap://mysecureldapserver.com".split(" ")))).booleanValue());
        Assert.assertTrue(Boolean.valueOf(ldapLoginMonitor.useSSL(Arrays.asList("ldaps://myldapserver.com ldaps://mysecureldapserver.com".split(" ")))).booleanValue());
    }

    @Test
    public void initLoginCredentials_setsStateToStopRunning_ifAuthBackendOrderIsDbOnly() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.DB_ONLY, null, null, null, null, null);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.STOP_RUNNING, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_setsStateToStopRunning_ifLdapDisabled() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(false, ScmParams.AuthBackendOrder.LDAP_ONLY, null, null, null, null, null);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.STOP_RUNNING, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_setsStateToStopRunning_ifLdapServerUrlMissing() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, null, NON_EMPTY_LDAP_BIND_DN, NON_EMPTY_LDAP_BIND_PW, NON_EMPTY_LDAP_BIND_DN, NON_EMPTY_LDAP_BIND_PW);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.STOP_RUNNING, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_setsStateToStopRunning_ifLdapBindDnMissing() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, NON_EMPTY_LDAP_URL, null, NON_EMPTY_LDAP_BIND_PW, null, NON_EMPTY_LDAP_BIND_PW);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.STOP_RUNNING, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_setsStateToStopRunning_ifLdapBindPwMissing() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, NON_EMPTY_LDAP_URL, NON_EMPTY_LDAP_BIND_DN, null, NON_EMPTY_LDAP_BIND_DN, null);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.STOP_RUNNING, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_setsStateToStopRunning_ifLdapServerUrlEmpty() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, MetricsSourceConfigEvaluatorTest.PLACE_HOLDER, NON_EMPTY_LDAP_BIND_DN, NON_EMPTY_LDAP_BIND_PW, NON_EMPTY_LDAP_BIND_DN, NON_EMPTY_LDAP_BIND_PW);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.STOP_RUNNING, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_setsStateToStopRunning_ifLdapBindDnEmpty() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, NON_EMPTY_LDAP_URL, MetricsSourceConfigEvaluatorTest.PLACE_HOLDER, NON_EMPTY_LDAP_BIND_PW, MetricsSourceConfigEvaluatorTest.PLACE_HOLDER, NON_EMPTY_LDAP_BIND_PW);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.STOP_RUNNING, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_setsStateToStopRunning_ifLdapBindPwEmpty() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, NON_EMPTY_LDAP_URL, NON_EMPTY_LDAP_BIND_DN, MetricsSourceConfigEvaluatorTest.PLACE_HOLDER, NON_EMPTY_LDAP_BIND_DN, MetricsSourceConfigEvaluatorTest.PLACE_HOLDER);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.STOP_RUNNING, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_setsStateToReadyToMeasure_ifEveryParamProvided() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, NON_EMPTY_LDAP_URL, NON_EMPTY_LDAP_BIND_DN, NON_EMPTY_LDAP_BIND_PW, NON_EMPTY_LDAP_BIND_DN, NON_EMPTY_LDAP_BIND_PW);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.READY_TO_MEASURE, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_reusesBindPw_ifBindPwMonNotProvided() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, NON_EMPTY_LDAP_URL, NON_EMPTY_LDAP_BIND_DN, NON_EMPTY_LDAP_BIND_PW, NON_EMPTY_LDAP_BIND_DN, MetricsSourceConfigEvaluatorTest.PLACE_HOLDER);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.READY_TO_MEASURE, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_refusesMonitoringPasswordOnly() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, NON_EMPTY_LDAP_URL, NON_EMPTY_LDAP_BIND_DN, NON_EMPTY_LDAP_BIND_PW, MetricsSourceConfigEvaluatorTest.PLACE_HOLDER, NON_EMPTY_LDAP_BIND_PW);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.STOP_RUNNING, buildLdapLoginMonitor.initState);
    }

    @Test
    public void initLoginCredentials_fallsBackToAuthBindCredentials_byDefault() {
        LdapLoginMonitor buildLdapLoginMonitor = buildLdapLoginMonitor(true, ScmParams.AuthBackendOrder.LDAP_ONLY, NON_EMPTY_LDAP_URL, NON_EMPTY_LDAP_BIND_DN, NON_EMPTY_LDAP_BIND_PW, MetricsSourceConfigEvaluatorTest.PLACE_HOLDER, MetricsSourceConfigEvaluatorTest.PLACE_HOLDER);
        buildLdapLoginMonitor.initLoginCredentials();
        Assert.assertEquals(AbstractExternalServerLoginMonitor.InitializationState.READY_TO_MEASURE, buildLdapLoginMonitor.initState);
    }

    private static LdapLoginMonitor buildLdapLoginMonitor(boolean z, ScmParams.AuthBackendOrder authBackendOrder, String str, String str2, String str3, String str4, String str5) {
        ScmConfigValueProvider scmConfigValueProvider = (ScmConfigValueProvider) Mockito.mock(ScmConfigValueProvider.class);
        FeatureManager featureManager = (FeatureManager) Mockito.mock(FeatureManager.class);
        Mockito.when(Boolean.valueOf(featureManager.hasFeature(ProductState.Feature.LDAP))).thenReturn(Boolean.valueOf(z));
        LdapLoginMonitor.CmfEntityManagerHelper cmfEntityManagerHelper = (LdapLoginMonitor.CmfEntityManagerHelper) Mockito.mock(LdapLoginMonitor.CmfEntityManagerHelper.class);
        LdapLoginMonitor ldapLoginMonitor = new LdapLoginMonitor(featureManager, scmConfigValueProvider, cmfEntityManagerHelper);
        DbConfigContainerConfigProvider dbConfigContainerConfigProvider = (DbConfigContainerConfigProvider) Mockito.mock(DbConfigContainerConfigProvider.class);
        CmfEntityManager cmfEntityManager = (CmfEntityManager) Mockito.mock(CmfEntityManager.class);
        ((CmfEntityManager) Mockito.doReturn(dbConfigContainerConfigProvider).when(cmfEntityManager)).getScmConfigProvider();
        ((LdapLoginMonitor.CmfEntityManagerHelper) Mockito.doReturn(cmfEntityManager).when(cmfEntityManagerHelper)).getCmfEntityManager();
        ((ScmConfigValueProvider) Mockito.doReturn(authBackendOrder).when(scmConfigValueProvider)).getScmConfigValue((ParamSpec) Mockito.eq(ScmParams.AUTH_BACKEND_ORDER), (DbConfigContainerConfigProvider) Mockito.any(DbConfigContainerConfigProvider.class));
        ((ScmConfigValueProvider) Mockito.doReturn(str).when(scmConfigValueProvider)).getScmConfigValue(ScmParams.LDAP_URL, dbConfigContainerConfigProvider);
        ((ScmConfigValueProvider) Mockito.doReturn(str2).when(scmConfigValueProvider)).getScmConfigValue(ScmParams.LDAP_BIND_DN, dbConfigContainerConfigProvider);
        ((ScmConfigValueProvider) Mockito.doReturn(str3).when(scmConfigValueProvider)).getScmConfigValue(ScmParams.LDAP_BIND_PW, dbConfigContainerConfigProvider);
        ((ScmConfigValueProvider) Mockito.doReturn(str4).when(scmConfigValueProvider)).getScmConfigValue(ScmParams.LDAP_BIND_DN_MONITORING, dbConfigContainerConfigProvider);
        ((ScmConfigValueProvider) Mockito.doReturn(str5).when(scmConfigValueProvider)).getScmConfigValue(ScmParams.LDAP_BIND_PW_MONITORING, dbConfigContainerConfigProvider);
        return ldapLoginMonitor;
    }
}
