package com.cloudera.cmf.service.mgmt;

import com.cloudera.cmf.model.DbRole;
import com.cloudera.cmf.persist.CmfEntityManager;
import com.cloudera.cmf.service.TestUtils;
import com.cloudera.cmf.service.Validation;
import com.cloudera.cmf.service.ValidationContext;
import com.cloudera.cmf.service.config.MetricsSourceConfigEvaluatorTest;
import com.cloudera.cmf.service.config.ParamSpec;
import com.cloudera.cmf.service.mgmt.MgmtServiceHandler;
import com.cloudera.server.cmf.AbstractBaseTest;
import com.cloudera.server.cmf.BaseTest;
import com.cloudera.server.cmf.MockTestCluster;
import com.cloudera.server.web.common.I18n;
import com.google.common.collect.Iterables;
import com.google.common.collect.Lists;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:com/cloudera/cmf/service/mgmt/NavMetaServerSAMLValidatorTest.class */
public class NavMetaServerSAMLValidatorTest extends BaseTest {
    private static final NavMetaServerSAMLValidator VALIDATOR = new NavMetaServerSAMLValidator(NavMetaServerParams.EXTERNAL_AUTH_TYPE);
    private static final String MGMT_SERVICE_NAME = "mgmt1";

    @After
    public void tearDown() {
        cleanDatabase();
    }

    @Before
    public void setUp() {
        TestUtils.interpretCli(sdp, Lists.newArrayList(new String[]{TestUtils.createServiceString(MGMT_SERVICE_NAME, MockTestCluster.MGMT_ST), TestUtils.createHostString("host1", "host1", "127.0.0.1"), TestUtils.createRoleString("navms", MGMT_SERVICE_NAME, "host1", MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name())}));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void assertEmpty(Collection<Validation> collection) {
        Assert.assertEquals(Collections.EMPTY_LIST, collection);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void assertOne(Collection<Validation> collection, boolean z, ValidationContext validationContext) {
        Validation.ValidationState validationState = z ? Validation.ValidationState.CHECK : Validation.ValidationState.ERROR;
        String t = z ? I18n.t("message.samlValidator.check") : I18n.t("message.samlValidator.error", new String[]{MetricsSourceConfigEvaluatorTest.PLACE_HOLDER});
        Assert.assertEquals(1L, collection.size());
        Validation validation = (Validation) Iterables.getOnlyElement(collection);
        Assert.assertEquals(validationState, validation.getState());
        Assert.assertTrue(validation.getMessage().contains(t));
        Assert.assertEquals(validationContext, validation.getContext());
    }

    private String getKeystorePath() {
        return getClass().getClassLoader().getResource("test.keystore").getPath();
    }

    @Test
    public void testDefaultSAMLSettings() {
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.mgmt.NavMetaServerSAMLValidatorTest.1
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                NavMetaServerSAMLValidatorTest.this.assertEmpty(NavMetaServerSAMLValidatorTest.VALIDATOR.validate(NavMetaServerSAMLValidatorTest.shr, ValidationContext.of(cmfEntityManager.findServiceByName(NavMetaServerSAMLValidatorTest.MGMT_SERVICE_NAME).getSingleRoleWithType(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name()))));
            }
        });
    }

    @Test
    public void testSamlNoIDPMetadata() {
        TestUtils.interpretCli(sdp, Arrays.asList("createconfig auth_backend_order EXTERNAL_ONLY mgmt1 navms", "createconfig external_auth_type SAML mgmt1 navms"));
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.mgmt.NavMetaServerSAMLValidatorTest.2
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                DbRole singleRoleWithType = cmfEntityManager.findServiceByName(NavMetaServerSAMLValidatorTest.MGMT_SERVICE_NAME).getSingleRoleWithType(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name());
                ValidationContext of = ValidationContext.of(singleRoleWithType);
                ParamSpec paramSpec = NavMetaServerParams.EXTERNAL_AUTH_TYPE;
                NavMetaServerSAMLValidatorTest.this.assertOne(NavMetaServerSAMLValidatorTest.VALIDATOR.validate(NavMetaServerSAMLValidatorTest.shr, of), false, of.detail(paramSpec, singleRoleWithType.getConfig(paramSpec.getTemplateName())));
            }
        });
    }

    @Test
    public void testIDPMetadataFile() {
        TestUtils.interpretCli(sdp, Arrays.asList("createconfig auth_backend_order EXTERNAL_ONLY mgmt1 navms", "createconfig external_auth_type SAML mgmt1 navms", "createconfig nav_saml_metadata_path " + getKeystorePath() + " mgmt1 navms"));
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.mgmt.NavMetaServerSAMLValidatorTest.3
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                DbRole singleRoleWithType = cmfEntityManager.findServiceByName(NavMetaServerSAMLValidatorTest.MGMT_SERVICE_NAME).getSingleRoleWithType(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name());
                ValidationContext of = ValidationContext.of(singleRoleWithType);
                ParamSpec paramSpec = NavMetaServerParams.EXTERNAL_AUTH_TYPE;
                NavMetaServerSAMLValidatorTest.this.assertOne(NavMetaServerSAMLValidatorTest.VALIDATOR.validate(NavMetaServerSAMLValidatorTest.shr, of), false, of.detail(paramSpec, singleRoleWithType.getConfig(paramSpec.getTemplateName())));
            }
        });
    }

    @Test
    public void testKeystoreSuccess() {
        TestUtils.interpretCli(sdp, Arrays.asList("createconfig auth_backend_order EXTERNAL_ONLY mgmt1 navms", "createconfig external_auth_type SAML mgmt1 navms", "createconfig nav_saml_metadata_path " + getKeystorePath() + " mgmt1 navms", "createconfig nav_saml_keystore_path " + getKeystorePath() + " mgmt1 navms", "createconfig nav_saml_keystore_password cloudera mgmt1 navms"));
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.mgmt.NavMetaServerSAMLValidatorTest.4
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                DbRole singleRoleWithType = cmfEntityManager.findServiceByName(NavMetaServerSAMLValidatorTest.MGMT_SERVICE_NAME).getSingleRoleWithType(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name());
                ValidationContext of = ValidationContext.of(singleRoleWithType);
                ParamSpec paramSpec = NavMetaServerParams.EXTERNAL_AUTH_TYPE;
                NavMetaServerSAMLValidatorTest.this.assertOne(NavMetaServerSAMLValidatorTest.VALIDATOR.validate(NavMetaServerSAMLValidatorTest.shr, of), false, of.detail(paramSpec, singleRoleWithType.getConfig(paramSpec.getTemplateName())));
            }
        });
    }

    @Test
    public void testKeySuccesss() {
        TestUtils.interpretCli(sdp, Arrays.asList("createconfig auth_backend_order EXTERNAL_ONLY mgmt1 navms", "createconfig external_auth_type SAML mgmt1 navms", "createconfig nav_saml_metadata_path " + getKeystorePath() + " mgmt1 navms", "createconfig nav_saml_keystore_path " + getKeystorePath() + " mgmt1 navms", "createconfig nav_saml_keystore_password cloudera mgmt1 navms", "createconfig nav_saml_key_alias foobar mgmt1 navms", "createconfig nav_saml_key_password cloudera mgmt1 navms"));
        runInRollbackTransaction(new AbstractBaseTest.RunnableWithCmfEM() { // from class: com.cloudera.cmf.service.mgmt.NavMetaServerSAMLValidatorTest.5
            @Override // com.cloudera.server.cmf.AbstractBaseTest.RunnableWithCmfEM
            public void run(CmfEntityManager cmfEntityManager) {
                DbRole singleRoleWithType = cmfEntityManager.findServiceByName(NavMetaServerSAMLValidatorTest.MGMT_SERVICE_NAME).getSingleRoleWithType(MgmtServiceHandler.RoleNames.NAVIGATORMETASERVER.name());
                ValidationContext of = ValidationContext.of(singleRoleWithType);
                ParamSpec paramSpec = NavMetaServerParams.EXTERNAL_AUTH_TYPE;
                NavMetaServerSAMLValidatorTest.this.assertOne(NavMetaServerSAMLValidatorTest.VALIDATOR.validate(NavMetaServerSAMLValidatorTest.shr, of), true, of.detail(paramSpec, singleRoleWithType.getConfig(paramSpec.getTemplateName())));
            }
        });
    }
}
