package com.cloudera.server.web.cmf;

import com.cloudera.cmf.model.DbAuthRole;
import com.cloudera.cmf.model.DbExternalMapping;
import com.cloudera.cmf.model.ExternalMappingType;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.user.UserRole;
import com.cloudera.server.web.cmf.CMFUserDetailsService;
import com.cloudera.server.web.cmf.CmfPamAuthenticationProvider;
import com.google.common.base.Predicate;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Lists;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.junit.Assert;
import org.junit.Test;
import org.jvnet.libpam.PAMException;
import org.mockito.Mockito;
import org.springframework.security.authentication.TestingAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;

/* loaded from: input_file:com/cloudera/server/web/cmf/CmfPamAuthenticationProviderTest.class */
public class CmfPamAuthenticationProviderTest {

    /* loaded from: input_file:com/cloudera/server/web/cmf/CmfPamAuthenticationProviderTest$CmfPamAuthenticationMockProvider.class */
    private class CmfPamAuthenticationMockProvider extends CmfPamAuthenticationProvider {
        final CmfEntityManager mockCmf = (CmfEntityManager) Mockito.mock(CmfEntityManager.class);

        public CmfPamAuthenticationMockProvider(String str) {
            try {
                this.pamUserProvider = new PamUserTestProvider(str);
            } catch (PAMException e) {
                e.printStackTrace();
            }
            Mockito.when(this.mockCmf.findAllExternalMappings()).thenReturn(getAllExternalMappings());
            CMFUserDetailsService.CMFUser build = CMFUserDetailsService.CMFUser.newBuilder().setAuthorities(CmfPamAuthenticationProviderTest.this.singletonGrantsMap(UserRole.ROLE_ADMIN)).setUsername("pamuser1").build();
            this.userMapper = (UserMapper) Mockito.mock(UserMapper.class);
            Mockito.when(this.userMapper.mapUser((String) Mockito.eq("pamuser1"), (Map) Mockito.any())).thenReturn(build);
        }

        CmfEntityManager getCmfEntityManager() {
            return this.mockCmf;
        }

        private List<DbExternalMapping> getAllExternalMappings() {
            ArrayList newArrayList = Lists.newArrayList();
            for (int i = 0; i < UserRole.values().size(); i++) {
                UserRole byCode = UserRole.getByCode(i);
                if (byCode != null) {
                    DbExternalMapping dbExternalMapping = (DbExternalMapping) Mockito.spy(new DbExternalMapping("group" + i, ExternalMappingType.LDAP));
                    ((DbExternalMapping) Mockito.doReturn(ImmutableSet.of(new DbAuthRole(byCode))).when(dbExternalMapping)).getImmutableAuthRole();
                    newArrayList.add(dbExternalMapping);
                }
            }
            return newArrayList;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:com/cloudera/server/web/cmf/CmfPamAuthenticationProviderTest$PamUser.class */
    public static class PamUser extends CmfPamAuthenticationProvider.PamUser {
        protected PamUser() {
        }
    }

    /* loaded from: input_file:com/cloudera/server/web/cmf/CmfPamAuthenticationProviderTest$PamUserTestProvider.class */
    protected static class PamUserTestProvider extends CmfPamAuthenticationProvider.PamUserProvider {
        Map<String, String> validUsers = new HashMap();
        Map<String, Set<String>> userGroupMap = new HashMap();

        public PamUserTestProvider(String str) throws PAMException {
            this.serviceName = str;
            this.validUsers.put("pamuser1", "pamuser1pwd");
            this.userGroupMap.put("pamuser1", new HashSet(Arrays.asList("group0", "group1")));
        }

        /* renamed from: authPamUser, reason: merged with bridge method [inline-methods] */
        public PamUser m637authPamUser(String str, String str2) {
            PamUser pamUser = new PamUser();
            pamUser.setUsername(str);
            if (!this.validUsers.containsKey(str) || !this.validUsers.get(str).equals(str2)) {
                pamUser.setAuthenticated(false);
                return pamUser;
            }
            pamUser.setAuthenticated(true);
            pamUser.setGroups(this.userGroupMap.get(str));
            return pamUser;
        }
    }

    @Test
    public void testUserProperties() {
        PamUser pamUser = new PamUser();
        pamUser.setUsername("testUser");
        pamUser.setAuthenticated(true);
        HashSet hashSet = new HashSet();
        hashSet.add("group0");
        pamUser.setGroups(hashSet);
        Assert.assertEquals("testUser", pamUser.getUsername());
        Assert.assertTrue(pamUser.isAuthenticated());
        Assert.assertTrue(pamUser.getGroups().contains("group0") && pamUser.getGroups().size() == 1);
    }

    @Test
    public void testPamUserAuthentication() {
        PamUserTestProvider pamUserTestProvider = null;
        try {
            pamUserTestProvider = new PamUserTestProvider("login");
        } catch (PAMException e) {
            e.printStackTrace();
        }
        PamUser m637authPamUser = pamUserTestProvider.m637authPamUser("badUser123", "badUser123");
        Assert.assertFalse(m637authPamUser.isAuthenticated());
        Assert.assertEquals("badUser123", m637authPamUser.getUsername());
        Assert.assertFalse(pamUserTestProvider.m637authPamUser("pamuser1", "badUser123").isAuthenticated());
        Assert.assertTrue(pamUserTestProvider.m637authPamUser("pamuser1", "pamuser1pwd").isAuthenticated());
    }

    @Test
    public void testFetchMappings() {
        CmfPamAuthenticationMockProvider cmfPamAuthenticationMockProvider = new CmfPamAuthenticationMockProvider("login");
        Iterator it = cmfPamAuthenticationMockProvider.fetchMappings(new Predicate<DbExternalMapping>() { // from class: com.cloudera.server.web.cmf.CmfPamAuthenticationProviderTest.1
            public boolean apply(DbExternalMapping dbExternalMapping) {
                return dbExternalMapping.getCode().equals("group0") && dbExternalMapping.getExternalMappingType().equals(ExternalMappingType.LDAP);
            }
        }).keySet().iterator();
        while (it.hasNext()) {
            Assert.assertEquals("GlobalScope", ((AuthScope) it.next()).toString());
            Assert.assertEquals(1L, ((Set) r0.get(r0)).size());
        }
        Iterator it2 = cmfPamAuthenticationMockProvider.fetchMappings(new Predicate<DbExternalMapping>() { // from class: com.cloudera.server.web.cmf.CmfPamAuthenticationProviderTest.2
            public boolean apply(DbExternalMapping dbExternalMapping) {
                return true;
            }
        }).keySet().iterator();
        while (it2.hasNext()) {
            Assert.assertEquals("GlobalScope", ((AuthScope) it2.next()).toString());
            Assert.assertEquals(UserRole.values().size(), ((Set) r0.get(r0)).size());
        }
        Assert.assertEquals(0L, cmfPamAuthenticationMockProvider.fetchMappings(new Predicate<DbExternalMapping>() { // from class: com.cloudera.server.web.cmf.CmfPamAuthenticationProviderTest.3
            public boolean apply(DbExternalMapping dbExternalMapping) {
                return false;
            }
        }).size());
    }

    @Test
    public void testAuthentication() {
        CmfPamAuthenticationMockProvider cmfPamAuthenticationMockProvider = new CmfPamAuthenticationMockProvider("login");
        Assert.assertTrue(cmfPamAuthenticationMockProvider.authenticate(new TestingAuthenticationToken("pamuser1", "pamuser1pwd")).isAuthenticated());
        Assert.assertEquals(UserRole.ROLE_ADMIN.getAuthorities().size(), r0.getAuthorities().size());
        try {
            cmfPamAuthenticationMockProvider.authenticate(new TestingAuthenticationToken("pamuser1", "badpwd"));
            Assert.fail("Authentication should fail!");
        } catch (Exception e) {
        }
        try {
            cmfPamAuthenticationMockProvider.authenticate(new TestingAuthenticationToken("badusername", "badpwd"));
            Assert.fail("Authentication should fail!");
        } catch (Exception e2) {
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Map<AuthScope, ImmutableList<GrantedAuthority>> singletonGrantsMap(UserRole userRole) {
        return Collections.singletonMap(AuthScope.global(), ImmutableList.copyOf(CMFUserDetailsService.createAuthoritySet(userRole.getAuthorities())));
    }
}
