package com.cloudera.server.cmf;

import com.cloudera.cmf.model.DbConfigContainer;
import com.cloudera.cmf.model.DbConfigContainerConfigProvider;
import com.cloudera.cmf.model.Enums;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.ServiceDataProvider;
import com.cloudera.cmf.service.scm.ScmParamTrackerStore;
import com.cloudera.cmf.service.scm.ScmParams;
import com.cloudera.server.cmf.clientprotocol.ClientProtocol;
import com.cloudera.server.cmf.components.CmServerState;
import com.cloudera.server.web.cmf.CMFSAMLUserDetailsService;
import com.cloudera.server.web.cmf.KeyManagerProxy;
import com.google.common.collect.Maps;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.net.InetAddress;
import java.util.ArrayList;
import java.util.HashMap;
import javax.persistence.EntityManagerFactory;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.avro.ipc.stats.StatsServlet;
import org.apache.commons.io.IOUtils;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;
import org.opensaml.xml.parse.StaticBasicParserPool;
import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.security.saml.SAMLBootstrap;
import org.springframework.security.saml.context.SAMLContextProviderImpl;
import org.springframework.security.saml.metadata.CachingMetadataManager;
import org.springframework.security.saml.metadata.ExtendedMetadata;
import org.springframework.security.saml.util.SAMLUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:com/cloudera/server/cmf/SAMLConfigurationTest.class */
public class SAMLConfigurationTest extends BaseTest {
    private static final String ENTITY_ID = "clouderaManager";
    private static final String ENTITY_ALIAS = "clouderaManager";
    WebServerImpl webServer;
    CachingMetadataManager cmm;
    KeyManagerProxy km;

    @Mock
    ServiceDataProvider sdp;

    @Mock
    StatsServlet statsServlet;

    @Mock
    HeartbeatHandlerInfoCache heartbeatHandlerInfoCache;

    @Mock
    ScmParamTrackerStore spts;

    @Mock
    CmServerState cmss;

    @Mock
    ClientProtocol cp;

    @Mock
    DbConfigContainerConfigProvider provider;

    @Mock
    CMFSAMLUserDetailsService csuds;

    @Mock
    SAMLContextProviderImpl scp;
    EntityManagerFactory emf;

    @Before
    public void setupCluster() throws Exception {
        this.emf = BaseTest.createEntityManagerFactoryWithProperties();
        this.webServer = (WebServerImpl) Mockito.spy(new WebServerImpl(this.emf, this.sdp, this.cp, this.statsServlet, this.heartbeatHandlerInfoCache, this.spts, this.cmss));
        this.km = new KeyManagerProxy();
        appCtxUtil.addBean((Class<? extends Class>) KeyManagerProxy.class, (Class) this.km);
        this.cmm = new CachingMetadataManager(new ArrayList());
        this.cmm.setKeyManager(this.km);
        appCtxUtil.addBean((Class<? extends Class>) CachingMetadataManager.class, (Class) this.cmm);
        StaticBasicParserPool staticBasicParserPool = new StaticBasicParserPool();
        staticBasicParserPool.initialize();
        appCtxUtil.addBean((Class<? extends Class>) StaticBasicParserPool.class, (Class) staticBasicParserPool);
        appCtxUtil.addBean((Class<? extends Class>) CMFSAMLUserDetailsService.class, (Class) this.csuds);
        appCtxUtil.addBean((Class<? extends Class>) SAMLContextProviderImpl.class, (Class) this.scp);
        SAMLBootstrap sAMLBootstrap = new SAMLBootstrap();
        sAMLBootstrap.postProcessBeanFactory((ConfigurableListableBeanFactory) Mockito.mock(ConfigurableListableBeanFactory.class));
        appCtxUtil.addBean((Class<? extends Class>) SAMLBootstrap.class, (Class) sAMLBootstrap);
        ((WebServerImpl) Mockito.doReturn(ctx).when(this.webServer)).getApplicationContext();
    }

    @Test
    public void testSAMLConfiguration() {
        DbConfigContainer dbConfigContainer = (DbConfigContainer) Mockito.mock(DbConfigContainer.class);
        ((DbConfigContainer) Mockito.doReturn(Enums.ConfigContainerType.SCM).when(dbConfigContainer)).getConfigTypeEnum();
        ((DbConfigContainerConfigProvider) Mockito.doReturn(dbConfigContainer).when(this.provider)).getConfigContainer();
        HashMap newHashMap = Maps.newHashMap();
        newHashMap.put(ScmParams.SAML_METADATA.getTemplateName(), "src/test/resources/com/cloudera/server/cmf/saml/idp-metadata.xml");
        newHashMap.put(ScmParams.SAML_ENTITY_ID.getTemplateName(), "clouderaManager");
        newHashMap.put(ScmParams.SAML_ENTITY_ALIAS.getTemplateName(), "clouderaManager");
        newHashMap.put(ScmParams.SAML_KEY_ALIAS.getTemplateName(), "shibboleth.sec.cloudera.com");
        newHashMap.put(ScmParams.SAML_KEY_PASSWORD.getTemplateName(), "cloudera");
        newHashMap.put(ScmParams.SAML_KEYSTORE.getTemplateName(), "src/test/resources/com/cloudera/server/cmf/saml/idp.jks");
        newHashMap.put(ScmParams.SAML_KEYSTORE_PASSWORD.getTemplateName(), "cloudera");
        newHashMap.put(ScmParams.SAML_RESPONSE_BINDING.getTemplateName(), ScmParams.SAMLBinding.ARTIFACT.toString());
        ((DbConfigContainerConfigProvider) Mockito.doReturn(newHashMap).when(this.provider)).getConfigContainerConfigsMap();
        CmfEntityManager cmfEntityManager = new CmfEntityManager(this.emf);
        try {
            try {
                cmfEntityManager.beginForRollbackAndReadonly();
                this.webServer.configureSAMLAuthentication(cmfEntityManager, this.provider);
                String metadataAsString = SAMLUtil.getMetadataAsString(this.cmm, this.km, this.cmm.getEntityDescriptor("clouderaManager"), (ExtendedMetadata) null);
                Assert.assertTrue(metadataAsString.contains("<ds:Signature"));
                Assert.assertTrue(metadataAsString.contains("/alias/clouderaManager"));
                compareWithExistingMetadata(metadataAsString);
                cmfEntityManager.close();
            } catch (Exception e) {
                e.printStackTrace();
                Assert.assertTrue(false);
                cmfEntityManager.close();
            }
        } catch (Throwable th) {
            cmfEntityManager.close();
            throw th;
        }
    }

    private void compareWithExistingMetadata(String str) throws ParserConfigurationException, SAXException, IOException, TransformerException {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        newInstance.setCoalescing(true);
        newInstance.setIgnoringElementContentWhitespace(true);
        newInstance.setIgnoringComments(true);
        DocumentBuilder newDocumentBuilder = newInstance.newDocumentBuilder();
        Document parse = newDocumentBuilder.parse(new InputSource(new ByteArrayInputStream(IOUtils.toString(new FileInputStream(new File("src/test/resources/com/cloudera/server/cmf/saml/cm-metadata.xml"))).replaceAll("<ds:DigestValue>.*</ds:DigestValue>", "<ds:DigestValue/>").replaceAll("<ds:SignatureValue>.*</ds:SignatureValue>", "<ds:SignatureValue/>").getBytes("utf-8"))));
        parse.normalizeDocument();
        Document parse2 = newDocumentBuilder.parse(new InputSource(new ByteArrayInputStream(str.replaceAll(InetAddress.getLocalHost().getHostName(), "localhost").replaceAll(InetAddress.getLocalHost().getHostAddress(), "localhost").replaceAll("<ds:DigestValue>.*</ds:DigestValue>", "<ds:DigestValue/>").replaceAll("<ds:SignatureValue>.*</ds:SignatureValue>", "<ds:SignatureValue/>").getBytes("utf-8"))));
        parse2.normalizeDocument();
        for (int i = 0; i < parse.getChildNodes().getLength(); i++) {
            Node item = parse.getChildNodes().item(i);
            Node item2 = parse2.getChildNodes().item(i);
            if (!item.isEqualNode(item2)) {
                print(item, item2);
            }
        }
        Assert.assertTrue(parse.isEqualNode(parse2));
    }

    private void print(Node node, Node node2) throws IOException, TransformerException {
        System.out.println("Existing node");
        printDocument(node, System.out);
        System.out.println();
        System.out.println("New node");
        printDocument(node2, System.out);
        System.out.println();
    }

    public static void printDocument(Node node, OutputStream outputStream) throws IOException, TransformerException {
        Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
        newTransformer.setOutputProperty("omit-xml-declaration", "no");
        newTransformer.setOutputProperty("method", "xml");
        newTransformer.setOutputProperty("indent", "yes");
        newTransformer.setOutputProperty("encoding", "UTF-8");
        newTransformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "4");
        newTransformer.transform(new DOMSource(node), new StreamResult(new OutputStreamWriter(outputStream, "UTF-8")));
    }
}
