package org.springframework.security.userdetails.ldap;

import javax.naming.directory.Attributes;
import org.junit.After;
import org.junit.Assert;
import org.junit.Test;
import org.springframework.ldap.core.DirContextAdapter;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.GrantedAuthority;
import org.springframework.security.GrantedAuthorityImpl;
import org.springframework.security.context.SecurityContextHolder;
import org.springframework.security.ldap.AbstractLdapIntegrationTests;
import org.springframework.security.ldap.DefaultLdapUsernameToDnMapper;
import org.springframework.security.ldap.SpringSecurityLdapTemplate;
import org.springframework.security.providers.UsernamePasswordAuthenticationToken;
import org.springframework.security.userdetails.UsernameNotFoundException;
import org.springframework.security.userdetails.ldap.InetOrgPerson;

/* loaded from: input_file:org/springframework/security/userdetails/ldap/LdapUserDetailsManagerTests.class */
public class LdapUserDetailsManagerTests extends AbstractLdapIntegrationTests {
    private static final GrantedAuthority[] TEST_AUTHORITIES = {new GrantedAuthorityImpl("ROLE_CLOWNS"), new GrantedAuthorityImpl("ROLE_ACROBATS")};
    private LdapUserDetailsManager mgr;
    private SpringSecurityLdapTemplate template;

    @Override // org.springframework.security.ldap.AbstractLdapIntegrationTests
    public void onSetUp() throws Exception {
        super.onSetUp();
        this.mgr = new LdapUserDetailsManager(getContextSource());
        this.template = new SpringSecurityLdapTemplate(getContextSource());
        DirContextAdapter dirContextAdapter = new DirContextAdapter();
        dirContextAdapter.setAttributeValue("objectclass", "organizationalUnit");
        dirContextAdapter.setAttributeValue("ou", "test people");
        this.template.bind("ou=test people", dirContextAdapter, (Attributes) null);
        dirContextAdapter.setAttributeValue("ou", "testgroups");
        this.template.bind("ou=testgroups", dirContextAdapter, (Attributes) null);
        DirContextAdapter dirContextAdapter2 = new DirContextAdapter();
        dirContextAdapter2.setAttributeValue("objectclass", "groupOfNames");
        dirContextAdapter2.setAttributeValue("cn", "clowns");
        dirContextAdapter2.setAttributeValue("member", "cn=nobody,ou=test people,dc=springframework,dc=org");
        this.template.bind("cn=clowns,ou=testgroups", dirContextAdapter2, (Attributes) null);
        dirContextAdapter2.setAttributeValue("cn", "acrobats");
        this.template.bind("cn=acrobats,ou=testgroups", dirContextAdapter2, (Attributes) null);
        this.mgr.setUsernameMapper(new DefaultLdapUsernameToDnMapper("ou=test people", "uid"));
        this.mgr.setGroupSearchBase("ou=testgroups");
        this.mgr.setGroupRoleAttributeName("cn");
        this.mgr.setGroupMemberAttributeName("member");
        this.mgr.setUserDetailsMapper(new PersonContextMapper());
    }

    @After
    public void onTearDown() throws Exception {
        this.template.unbind("ou=test people", true);
        this.template.unbind("ou=testgroups", true);
        SecurityContextHolder.clearContext();
    }

    @Test
    public void testLoadUserByUsernameReturnsCorrectData() {
        this.mgr.setUsernameMapper(new DefaultLdapUsernameToDnMapper("ou=people", "uid"));
        this.mgr.setGroupSearchBase("ou=groups");
        LdapUserDetails loadUserByUsername = this.mgr.loadUserByUsername("bob");
        Assert.assertEquals("bob", loadUserByUsername.getUsername());
        Assert.assertEquals("uid=bob, ou=people, dc=springframework, dc=org", loadUserByUsername.getDn());
        Assert.assertEquals("bobspassword", loadUserByUsername.getPassword());
        Assert.assertEquals(1L, loadUserByUsername.getAuthorities().length);
    }

    @Test(expected = UsernameNotFoundException.class)
    public void testLoadingInvalidUsernameThrowsUsernameNotFoundException() {
        this.mgr.loadUserByUsername("jim");
    }

    @Test
    public void testUserExistsReturnsTrueForValidUser() {
        this.mgr.setUsernameMapper(new DefaultLdapUsernameToDnMapper("ou=people", "uid"));
        Assert.assertTrue(this.mgr.userExists("bob"));
    }

    @Test
    public void testUserExistsReturnsFalseForInValidUser() {
        Assert.assertFalse(this.mgr.userExists("jim"));
    }

    @Test
    public void testCreateNewUserSucceeds() {
        InetOrgPerson.Essence essence = new InetOrgPerson.Essence();
        essence.setCarLicense("XXX");
        essence.setCn(new String[]{"Joe Smeth"});
        essence.setDepartmentNumber("5679");
        essence.setDescription("Some description");
        essence.setDn("whocares");
        essence.setEmployeeNumber("E781");
        essence.setInitials("J");
        essence.setMail("joe@smeth.com");
        essence.setMobile("+44776542911");
        essence.setOu("Joes Unit");
        essence.setO("Organization");
        essence.setRoomNumber("500X");
        essence.setSn("Smeth");
        essence.setUid("joe");
        essence.setAuthorities(TEST_AUTHORITIES);
        this.mgr.createUser(essence.createUserDetails());
    }

    @Test
    public void testDeleteUserSucceeds() {
        InetOrgPerson.Essence essence = new InetOrgPerson.Essence();
        essence.setDn("whocares");
        essence.setCn(new String[]{"Don Smeth"});
        essence.setSn("Smeth");
        essence.setUid("don");
        essence.setAuthorities(TEST_AUTHORITIES);
        this.mgr.createUser(essence.createUserDetails());
        this.mgr.setUserDetailsMapper(new InetOrgPersonContextMapper());
        Assert.assertEquals(2L, this.mgr.loadUserByUsername("don").getAuthorities().length);
        this.mgr.deleteUser("don");
        try {
            this.mgr.loadUserByUsername("don");
            Assert.fail("Expected UsernameNotFoundException after deleting user");
        } catch (UsernameNotFoundException e) {
        }
        Assert.assertEquals(0L, this.mgr.getUserAuthorities(this.mgr.usernameMapper.buildDn("don"), "don").length);
    }

    @Test
    public void testPasswordChangeWithCorrectOldPasswordSucceeds() {
        InetOrgPerson.Essence essence = new InetOrgPerson.Essence();
        essence.setDn("whocares");
        essence.setCn(new String[]{"John Yossarian"});
        essence.setSn("Yossarian");
        essence.setUid("johnyossarian");
        essence.setPassword("yossarianspassword");
        essence.setAuthorities(TEST_AUTHORITIES);
        this.mgr.createUser(essence.createUserDetails());
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("johnyossarian", "yossarianspassword", TEST_AUTHORITIES));
        this.mgr.changePassword("yossarianspassword", "yossariansnewpassword");
        Assert.assertTrue(this.template.compare("uid=johnyossarian,ou=test people", "userPassword", "yossariansnewpassword"));
    }

    @Test(expected = BadCredentialsException.class)
    public void testPasswordChangeWithWrongOldPasswordFails() {
        InetOrgPerson.Essence essence = new InetOrgPerson.Essence();
        essence.setDn("whocares");
        essence.setCn(new String[]{"John Yossarian"});
        essence.setSn("Yossarian");
        essence.setUid("johnyossarian");
        essence.setPassword("yossarianspassword");
        essence.setAuthorities(TEST_AUTHORITIES);
        this.mgr.createUser(essence.createUserDetails());
        SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken("johnyossarian", "yossarianspassword", TEST_AUTHORITIES));
        this.mgr.changePassword("wrongpassword", "yossariansnewpassword");
    }
}
