package org.keycloak.testsuite.federation.ldap;

import java.io.IOException;
import java.lang.invoke.SerializedLambda;
import java.util.List;
import java.util.stream.Collectors;
import javax.mail.MessagingException;
import org.hamcrest.CoreMatchers;
import org.hamcrest.Matchers;
import org.jboss.arquillian.graphene.page.Page;
import org.junit.Assume;
import org.junit.ClassRule;
import org.junit.FixMethodOrder;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runners.MethodSorters;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserProvider;
import org.keycloak.representations.idm.UserRepresentation;
import org.keycloak.storage.CacheableStorageProviderModel;
import org.keycloak.storage.ldap.LDAPStorageProvider;
import org.keycloak.storage.ldap.idm.model.LDAPObject;
import org.keycloak.testsuite.Assert;
import org.keycloak.testsuite.client.KeycloakTestingClient;
import org.keycloak.testsuite.pages.AppPage;
import org.keycloak.testsuite.pages.LoginPage;
import org.keycloak.testsuite.pages.LoginPasswordResetPage;
import org.keycloak.testsuite.pages.LoginPasswordUpdatePage;
import org.keycloak.testsuite.util.GreenMailRule;
import org.keycloak.testsuite.util.LDAPRule;
import org.keycloak.testsuite.util.LDAPTestUtils;
import org.keycloak.testsuite.util.MailUtils;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
/* loaded from: input_file:org/keycloak/testsuite/federation/ldap/LDAPNoCacheTest.class */
public class LDAPNoCacheTest extends AbstractLDAPTest {

    @ClassRule
    public static LDAPRule ldapRule = new LDAPRule();

    @Rule
    public GreenMailRule greenMail = new GreenMailRule();

    @Page
    protected AppPage appPage;

    @Page
    protected LoginPage loginPage;

    @Page
    protected LoginPasswordResetPage resetPasswordPage;

    @Page
    protected LoginPasswordUpdatePage updatePasswordPage;

    @Override // org.keycloak.testsuite.federation.ldap.AbstractLDAPTest
    protected LDAPRule getLDAPRule() {
        return ldapRule;
    }

    @Override // org.keycloak.testsuite.federation.ldap.AbstractLDAPTest
    protected void afterImportTestRealm() {
        this.testingClient.server().run(keycloakSession -> {
            LDAPTestContext init = LDAPTestContext.init(keycloakSession);
            RealmModel realm = init.getRealm();
            init.getLdapModel().setCachePolicy(CacheableStorageProviderModel.CachePolicy.NO_CACHE);
            realm.updateComponent(init.getLdapModel());
            realm.getComponentsStream(init.getLdapModel().getId()).filter(componentModel -> {
                return "user-attribute-ldap-mapper".equals(componentModel.getProviderId());
            }).forEach(componentModel2 -> {
                componentModel2.put("always.read.value.from.ldap", true);
                realm.updateComponent(componentModel2);
            });
            LDAPTestUtils.removeAllLDAPUsers(init.getLdapProvider(), realm);
            LDAPTestUtils.updateLDAPPassword(init.getLdapProvider(), LDAPTestUtils.addLDAPUser(init.getLdapProvider(), realm, "johnkeycloak", "John", "Doe", "john_old@email.org", (String) null, new String[]{"1234"}), "Password1");
        });
    }

    @Test
    public void resetPasswordLink() throws IOException, MessagingException {
        this.loginPage.open();
        triggerForgetPasswordForUser("john_old@email.org", 1, "john_old@email.org");
        changeEmailAddressInLDAP(this.testingClient, "john_new@email.org");
        try {
            Assert.assertEquals("john_new@email.org", ((UserRepresentation) testRealm().users().search("johnkeycloak").get(0)).getEmail());
            triggerForgetPasswordForUser("johnkeycloak", 2, "john_new@email.org");
            triggerForgetPasswordForUser("john_old@email.org", 2, "john_new@email.org");
            triggerForgetPasswordForUser("john_new@email.org", 3, "john_new@email.org");
        } finally {
            changeEmailAddressInLDAP(this.testingClient, "john_old@email.org");
        }
    }

    @Test
    public void resetPasswordLinkCheckOldAddressLast() throws IOException, MessagingException {
        this.loginPage.open();
        triggerForgetPasswordForUser("john_old@email.org", 1, "john_old@email.org");
        changeEmailAddressInLDAP(this.testingClient, "john_new@email.org");
        try {
            triggerForgetPasswordForUser("johnkeycloak", 2, "john_new@email.org");
            triggerForgetPasswordForUser("john_new@email.org", 3, "john_new@email.org");
            triggerForgetPasswordForUser("john_old@email.org", 3, "john_new@email.org");
        } finally {
            changeEmailAddressInLDAP(this.testingClient, "john_old@email.org");
        }
    }

    private void triggerForgetPasswordForUser(String str, int i, String str2) throws MessagingException {
        this.loginPage.resetPassword();
        this.resetPasswordPage.assertCurrent();
        this.resetPasswordPage.changePassword(str);
        this.loginPage.assertCurrent();
        org.junit.Assert.assertEquals("You should receive an email shortly with further instructions.", this.loginPage.getSuccessMessage());
        Assert.assertEquals(i, this.greenMail.getReceivedMessages().length);
        Assert.assertEquals(str2, MailUtils.getRecipient(this.greenMail.getReceivedMessages()[i - 1]));
    }

    private static void changeEmailAddressInLDAP(KeycloakTestingClient keycloakTestingClient, String str) {
        keycloakTestingClient.server().run(keycloakSession -> {
            LDAPTestContext init = LDAPTestContext.init(keycloakSession);
            LDAPObject loadLDAPUserByUsername = init.getLdapProvider().loadLDAPUserByUsername(init.getRealm(), "johnkeycloak");
            loadLDAPUserByUsername.setSingleAttribute("mail", str);
            init.getLdapProvider().getLdapIdentityStore().update(loadLDAPUserByUsername);
        });
    }

    @Test
    public void lookupByAttributeAfterImportWithAttributeValueAlwaysReadFromLdapMustSucceed() {
        this.testingClient.server().run(keycloakSession -> {
            LDAPTestContext init = LDAPTestContext.init(keycloakSession);
            RealmModel realm = init.getRealm();
            init.getLdapModel().setImportEnabled(true);
            realm.updateComponent(init.getLdapModel());
            UserProvider userLocalStorage = keycloakSession.userLocalStorage();
            LDAPStorageProvider ldapProvider = init.getLdapProvider();
            Assume.assumeThat(userLocalStorage.getUserByUsername(realm, "johnkeycloak"), CoreMatchers.is(Matchers.nullValue()));
            Assume.assumeThat((List) ldapProvider.searchForUserByUserAttributeStream(realm, "email", "john_old@email.org").collect(Collectors.toList()), Matchers.hasSize(1));
            Assume.assumeThat(userLocalStorage.getUserByUsername(realm, "johnkeycloak"), CoreMatchers.is(CoreMatchers.not(Matchers.nullValue())));
            org.junit.Assert.assertThat((List) ldapProvider.searchForUserByUserAttributeStream(realm, "email", "john_old@email.org").collect(Collectors.toList()), Matchers.hasSize(1));
        });
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -972241730:
                if (implMethodName.equals("lambda$lookupByAttributeAfterImportWithAttributeValueAlwaysReadFromLdapMustSucceed$26a8868a$1")) {
                    z = false;
                    break;
                }
                break;
            case -856366662:
                if (implMethodName.equals("lambda$afterImportTestRealm$26a8868a$1")) {
                    z = 2;
                    break;
                }
                break;
            case 746743050:
                if (implMethodName.equals("lambda$changeEmailAddressInLDAP$f83efe3$1")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPNoCacheTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession -> {
                        LDAPTestContext init = LDAPTestContext.init(keycloakSession);
                        RealmModel realm = init.getRealm();
                        init.getLdapModel().setImportEnabled(true);
                        realm.updateComponent(init.getLdapModel());
                        UserProvider userLocalStorage = keycloakSession.userLocalStorage();
                        LDAPStorageProvider ldapProvider = init.getLdapProvider();
                        Assume.assumeThat(userLocalStorage.getUserByUsername(realm, "johnkeycloak"), CoreMatchers.is(Matchers.nullValue()));
                        Assume.assumeThat((List) ldapProvider.searchForUserByUserAttributeStream(realm, "email", "john_old@email.org").collect(Collectors.toList()), Matchers.hasSize(1));
                        Assume.assumeThat(userLocalStorage.getUserByUsername(realm, "johnkeycloak"), CoreMatchers.is(CoreMatchers.not(Matchers.nullValue())));
                        org.junit.Assert.assertThat((List) ldapProvider.searchForUserByUserAttributeStream(realm, "email", "john_old@email.org").collect(Collectors.toList()), Matchers.hasSize(1));
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPNoCacheTest") && serializedLambda.getImplMethodSignature().equals("(Ljava/lang/String;Lorg/keycloak/models/KeycloakSession;)V")) {
                    String str = (String) serializedLambda.getCapturedArg(0);
                    return keycloakSession2 -> {
                        LDAPTestContext init = LDAPTestContext.init(keycloakSession2);
                        LDAPObject loadLDAPUserByUsername = init.getLdapProvider().loadLDAPUserByUsername(init.getRealm(), "johnkeycloak");
                        loadLDAPUserByUsername.setSingleAttribute("mail", str);
                        init.getLdapProvider().getLdapIdentityStore().update(loadLDAPUserByUsername);
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/keycloak/testsuite/runonserver/RunOnServer") && serializedLambda.getFunctionalInterfaceMethodName().equals("run") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V") && serializedLambda.getImplClass().equals("org/keycloak/testsuite/federation/ldap/LDAPNoCacheTest") && serializedLambda.getImplMethodSignature().equals("(Lorg/keycloak/models/KeycloakSession;)V")) {
                    return keycloakSession3 -> {
                        LDAPTestContext init = LDAPTestContext.init(keycloakSession3);
                        RealmModel realm = init.getRealm();
                        init.getLdapModel().setCachePolicy(CacheableStorageProviderModel.CachePolicy.NO_CACHE);
                        realm.updateComponent(init.getLdapModel());
                        realm.getComponentsStream(init.getLdapModel().getId()).filter(componentModel -> {
                            return "user-attribute-ldap-mapper".equals(componentModel.getProviderId());
                        }).forEach(componentModel2 -> {
                            componentModel2.put("always.read.value.from.ldap", true);
                            realm.updateComponent(componentModel2);
                        });
                        LDAPTestUtils.removeAllLDAPUsers(init.getLdapProvider(), realm);
                        LDAPTestUtils.updateLDAPPassword(init.getLdapProvider(), LDAPTestUtils.addLDAPUser(init.getLdapProvider(), realm, "johnkeycloak", "John", "Doe", "john_old@email.org", (String) null, new String[]{"1234"}), "Password1");
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
