package org.keycloak.testsuite.federation.ldap;

import java.lang.invoke.SerializedLambda;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runners.MethodSorters;
import org.keycloak.common.Profile;
import org.keycloak.models.RealmModel;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.storage.StorageId;
import org.keycloak.storage.UserStorageProviderModel;
import org.keycloak.storage.ldap.LDAPStorageProvider;
import org.keycloak.storage.ldap.mappers.LDAPStorageMapper;
import org.keycloak.testsuite.AssertEvents;
import org.keycloak.testsuite.admin.ApiUtil;
import org.keycloak.testsuite.arquillian.annotation.DisableFeature;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.util.LDAPRule;
import org.keycloak.testsuite.util.LDAPTestUtils;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
/* loaded from: input_file:org/keycloak/testsuite/federation/ldap/LDAPPasswordModifyExtensionTest.class */
public class LDAPPasswordModifyExtensionTest extends AbstractLDAPTest {

    @ClassRule
    public static LDAPRule ldapRule = new LDAPRule().assumeTrue(lDAPTestConfiguration -> {
        return lDAPTestConfiguration.isStartEmbeddedLdapServer();
    });

    @Override // org.keycloak.testsuite.federation.ldap.AbstractLDAPTest
    protected LDAPRule getLDAPRule() {
        return ldapRule;
    }

    @Override // org.keycloak.testsuite.federation.ldap.AbstractLDAPTest
    protected void afterImportTestRealm() {
        this.testingClient.server().run(keycloakSession -> {
            LDAPTestContext init = LDAPTestContext.init(keycloakSession);
            RealmModel realm = init.getRealm();
            UserStorageProviderModel ldapModel = init.getLdapModel();
            ldapModel.put("usePasswordModifyExtendedOp", true);
            realm.updateComponent(ldapModel);
            realm.addComponentModel(KeycloakModelUtils.createComponentModel("random initial password", ldapModel.getId(), "hardcoded-ldap-attribute-mapper", LDAPStorageMapper.class.getName(), new String[]{"ldap.attribute.name", "userpassword", "ldap.attribute.value", "${RANDOM}"}));
        });
        this.testingClient.server().run(keycloakSession2 -> {
            LDAPTestContext init = LDAPTestContext.init(keycloakSession2);
            RealmModel realm = init.getRealm();
            LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(keycloakSession2, init.getLdapModel());
            LDAPTestUtils.removeAllLDAPUsers(ldapProvider, realm);
            LDAPTestUtils.updateLDAPPassword(ldapProvider, LDAPTestUtils.addLDAPUser(ldapProvider, realm, "johnkeycloak", "John", "Doe", "john@email.org", (String) null, new String[]{"1234"}), "Password1");
            realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID).setDirectAccessGrantsEnabled(true);
        });
    }

    @Test
    @DisableFeature(value = Profile.Feature.ACCOUNT2, skipRestart = true)
    public void ldapPasswordChangeWithAccountConsole() throws Exception {
        this.changePasswordPage.open();
        this.loginPage.login("johnkeycloak", "Password1");
        this.changePasswordPage.changePassword("Password1", "New-password1", "New-password1");
        Assert.assertEquals("Your password has been updated.", this.profilePage.getSuccess());
        this.changePasswordPage.logout();
        this.loginPage.open();
        this.loginPage.login("johnkeycloak", "Bad-password1");
        Assert.assertEquals("Invalid username or password.", this.loginPage.getInputError());
        this.loginPage.open();
        this.loginPage.login("johnkeycloak", "New-password1");
        Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, this.appPage.getRequestType());
        this.changePasswordPage.open();
        this.changePasswordPage.changePassword("New-password1", "Password1", "Password1");
        Assert.assertEquals("Your password has been updated.", this.profilePage.getSuccess());
    }

    @Test
    public void registerUserLdapSuccess() {
        this.loginPage.open();
        this.loginPage.clickRegister();
        this.registerPage.assertCurrent();
        this.registerPage.register("firstName", "lastName", "email2@check.cz", "registerUserSuccess2", "Password1", "Password1");
        Assert.assertEquals(AppPage.RequestType.AUTH_RESPONSE, this.appPage.getRequestType());
        UserRepresentation findUserByUsername = ApiUtil.findUserByUsername(testRealm(), "registerUserSuccess2");
        Assert.assertNotNull(findUserByUsername);
        assertFederatedUserLink(findUserByUsername);
        Assert.assertEquals("registerusersuccess2", findUserByUsername.getUsername());
        Assert.assertEquals("firstName", findUserByUsername.getFirstName());
        Assert.assertEquals("lastName", findUserByUsername.getLastName());
        Assert.assertTrue(findUserByUsername.isEnabled().booleanValue());
    }

    protected void assertFederatedUserLink(UserRepresentation userRepresentation) {
        Assert.assertTrue(StorageId.isLocalStorage(userRepresentation.getId()));
        Assert.assertNotNull(userRepresentation.getFederationLink());
        Assert.assertEquals(userRepresentation.getFederationLink(), ldapModelId);
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -856366662:
                if (implMethodName.equals("lambda$afterImportTestRealm$26a8868a$1")) {
                    z = false;
                    break;
                }
                break;
            case -856366661:
                if (implMethodName.equals("lambda$afterImportTestRealm$26a8868a$2")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPPasswordModifyExtensionTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession -> {
                        LDAPTestContext init = LDAPTestContext.init(keycloakSession);
                        RealmModel realm = init.getRealm();
                        UserStorageProviderModel ldapModel = init.getLdapModel();
                        ldapModel.put("usePasswordModifyExtendedOp", true);
                        realm.updateComponent(ldapModel);
                        realm.addComponentModel(KeycloakModelUtils.createComponentModel("random initial password", ldapModel.getId(), "hardcoded-ldap-attribute-mapper", LDAPStorageMapper.class.getName(), new String[]{"ldap.attribute.name", "userpassword", "ldap.attribute.value", "${RANDOM}"}));
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPPasswordModifyExtensionTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession2 -> {
                        LDAPTestContext init = LDAPTestContext.init(keycloakSession2);
                        RealmModel realm = init.getRealm();
                        LDAPStorageProvider ldapProvider = LDAPTestUtils.getLdapProvider(keycloakSession2, init.getLdapModel());
                        LDAPTestUtils.removeAllLDAPUsers(ldapProvider, realm);
                        LDAPTestUtils.updateLDAPPassword(ldapProvider, LDAPTestUtils.addLDAPUser(ldapProvider, realm, "johnkeycloak", "John", "Doe", "john@email.org", (String) null, new String[]{"1234"}), "Password1");
                        realm.getClientByClientId(AssertEvents.DEFAULT_CLIENT_ID).setDirectAccessGrantsEnabled(true);
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
