package net.shibboleth.idp.authn.config;

import com.unboundid.ldap.listener.InMemoryDirectoryServer;
import com.unboundid.ldap.listener.InMemoryDirectoryServerConfig;
import com.unboundid.ldap.listener.InMemoryListenerConfig;
import com.unboundid.ldap.sdk.LDAPException;
import java.time.Duration;
import java.util.Map;
import net.shibboleth.idp.authn.context.UsernamePasswordContext;
import net.shibboleth.utilities.java.support.velocity.VelocityEngine;
import org.apache.velocity.VelocityContext;
import org.ldaptive.Credential;
import org.ldaptive.auth.AuthenticationRequest;
import org.ldaptive.auth.AuthenticationResponse;
import org.ldaptive.auth.Authenticator;
import org.ldaptive.auth.User;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.BeforeMethod;
import org.testng.annotations.Test;

/* loaded from: input_file:net/shibboleth/idp/authn/config/LDAPAuthenticationFactoryBeanTest.class */
public class LDAPAuthenticationFactoryBeanTest {
    private static final String DATA_PATH = "src/test/resources/net/shibboleth/idp/authn/config/";
    private InMemoryDirectoryServer directoryServer;
    private LDAPAuthenticationFactoryBean factoryBean;
    private Authenticator authenticator;

    @BeforeClass
    public void setupDirectoryServer() throws LDAPException {
        InMemoryDirectoryServerConfig inMemoryDirectoryServerConfig = new InMemoryDirectoryServerConfig(new String[]{"dc=shibboleth,dc=net"});
        inMemoryDirectoryServerConfig.setListenerConfigs(new InMemoryListenerConfig[]{InMemoryListenerConfig.createLDAPConfig("default", 10389)});
        inMemoryDirectoryServerConfig.addAdditionalBindCredentials("cn=Directory Manager", "password");
        this.directoryServer = new InMemoryDirectoryServer(inMemoryDirectoryServerConfig);
        this.directoryServer.importFromLDIF(true, "src/test/resources/net/shibboleth/idp/authn/config/loginLDAPTest.ldif");
        this.directoryServer.startListening();
    }

    @AfterClass
    public void teardownDirectoryServer() {
        this.directoryServer.shutDown(true);
    }

    @BeforeMethod
    public void setupAuthenticator() throws Exception {
        this.factoryBean = new LDAPAuthenticationFactoryBean();
        this.factoryBean.setLdapUrl("ldap://localhost:10389");
        this.factoryBean.setBaseDn("ou=people,dc=shibboleth,dc=net");
        this.factoryBean.setUserFilter("(uid={user})");
        this.factoryBean.setSubtreeSearch(false);
        this.factoryBean.setVelocityEngine(VelocityEngine.newVelocityEngine());
        this.factoryBean.setAuthenticatorType("anonSearchAuthenticator");
        this.factoryBean.setTrustType("disabled");
        this.factoryBean.setConnectionStrategyType("ACTIVE_PASSIVE");
        this.factoryBean.setUseStartTLS(false);
        this.factoryBean.setConnectTimeout(Duration.ofSeconds(3L));
        this.factoryBean.setResponseTimeout(Duration.ofSeconds(3L));
        this.factoryBean.setDisablePooling(true);
        this.factoryBean.setBlockWaitTime(Duration.ofSeconds(3L));
        this.factoryBean.setPrunePeriod(Duration.ofMinutes(5L));
        this.factoryBean.setIdleTime(Duration.ofMinutes(10L));
        this.factoryBean.setMinPoolSize(3);
        this.factoryBean.setMaxPoolSize(5);
        this.factoryBean.setValidateOnCheckout(false);
        this.factoryBean.setValidatePeriodically(true);
        this.factoryBean.setValidatePeriod(Duration.ofMinutes(5L));
        this.factoryBean.setValidateDn("");
        this.factoryBean.setValidateFilter("(objectClass=*)");
        this.factoryBean.setBindPoolPassivatorType("anonymousBind");
        this.authenticator = this.factoryBean.createInstance();
    }

    @Test
    public void testAuthnSuccess() throws Exception {
        AuthenticationResponse authenticate = this.authenticator.authenticate(createAuthenticationRequest("PETER_THE_PRINCIPAL", "changeit"));
        Assert.assertNotNull(authenticate);
        Assert.assertTrue(((Boolean) authenticate.getResult()).booleanValue());
    }

    @Test
    public void testAuthnFailure() throws Exception {
        AuthenticationResponse authenticate = this.authenticator.authenticate(createAuthenticationRequest("PETER_THE_PRINCIPAL", "wrong"));
        Assert.assertNotNull(authenticate);
        Assert.assertFalse(((Boolean) authenticate.getResult()).booleanValue());
    }

    private AuthenticationRequest createAuthenticationRequest(String str, String str2) {
        UsernamePasswordContext usernamePasswordContext = new UsernamePasswordContext();
        usernamePasswordContext.setUsername(str);
        usernamePasswordContext.setPassword(str2);
        return new AuthenticationRequest(new User(usernamePasswordContext.getUsername(), new VelocityContext(Map.of("usernamePasswordContext", usernamePasswordContext))), new Credential(usernamePasswordContext.getPassword()));
    }
}
