package org.infinispan.client.hotrod;

import java.io.IOException;
import java.io.InputStream;
import java.security.PrivilegedAction;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.HashMap;
import javax.security.auth.Subject;
import org.infinispan.client.hotrod.configuration.Configuration;
import org.infinispan.client.hotrod.configuration.ConfigurationBuilder;
import org.infinispan.configuration.global.GlobalConfigurationBuilder;
import org.infinispan.manager.EmbeddedCacheManager;
import org.infinispan.scripting.ScriptingManager;
import org.infinispan.security.AuthorizationPermission;
import org.infinispan.security.Security;
import org.infinispan.security.impl.IdentityRoleMapper;
import org.infinispan.server.hotrod.test.HotRodTestingUtil;
import org.infinispan.server.hotrod.test.TestCallbackHandler;
import org.infinispan.test.TestingUtil;
import org.infinispan.test.fwk.CleanupAfterMethod;
import org.infinispan.test.fwk.TestCacheManagerFactory;
import org.testng.AssertJUnit;
import org.testng.annotations.Test;

@CleanupAfterMethod
@Test(testName = "client.hotrod.SecureExecTest", groups = {"functional"})
/* loaded from: input_file:org/infinispan/client/hotrod/SecureExecTest.class */
public class SecureExecTest extends AuthenticationTest {
    static final Subject ADMIN = TestingUtil.makeSubject(new String[]{"admin", "___script_manager"});
    static final Subject RUNNER = TestingUtil.makeSubject(new String[]{"runner", "runner"});
    static final Subject PHEIDIPPIDES = TestingUtil.makeSubject(new String[]{"pheidippides", "pheidippides"});
    private RemoteCacheManager remoteCacheManager;

    @Override // org.infinispan.client.hotrod.AuthenticationTest
    protected EmbeddedCacheManager createCacheManager() throws Exception {
        GlobalConfigurationBuilder globalConfigurationBuilder = new GlobalConfigurationBuilder();
        globalConfigurationBuilder.security().authorization().enable().principalRoleMapper(new IdentityRoleMapper()).role("runner").permission(AuthorizationPermission.EXEC).permission(AuthorizationPermission.READ).permission(AuthorizationPermission.WRITE).permission(AuthorizationPermission.ADMIN).role("pheidippides").permission(AuthorizationPermission.READ).permission(AuthorizationPermission.WRITE).permission(AuthorizationPermission.ADMIN).role("admin").permission(AuthorizationPermission.ALL);
        TestCacheManagerFactory.getDefaultCacheConfiguration(true).security().authorization().enable().role("runner").role("pheidippides").role("admin");
        this.cacheManager = TestCacheManagerFactory.createCacheManager(globalConfigurationBuilder, HotRodTestingUtil.hotRodCacheConfiguration());
        this.cacheManager.getCache();
        return this.cacheManager;
    }

    protected void setup() throws Exception {
        Security.doAs(ADMIN, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.client.hotrod.SecureExecTest.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                SecureExecTest.super.setup();
                return null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.infinispan.client.hotrod.AuthenticationTest
    public void teardown() {
        Security.doAs(ADMIN, new PrivilegedAction<Void>() { // from class: org.infinispan.client.hotrod.SecureExecTest.2
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Void run() {
                SecureExecTest.super.teardown();
                return null;
            }
        });
    }

    protected void clearContent() {
        Security.doAs(ADMIN, new PrivilegedAction<Void>() { // from class: org.infinispan.client.hotrod.SecureExecTest.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Void run() {
                SecureExecTest.this.cacheManager.getCache().clear();
                return null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.infinispan.client.hotrod.AuthenticationTest
    public ConfigurationBuilder initServerAndClient() {
        return (ConfigurationBuilder) Security.doAs(ADMIN, new PrivilegedAction<ConfigurationBuilder>() { // from class: org.infinispan.client.hotrod.SecureExecTest.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public ConfigurationBuilder run() {
                return SecureExecTest.super.initServerAndClient();
            }
        });
    }

    @Test(enabled = false, description = "Disabled until issue ISPN-6210 is fixed.")
    public void testSimpleScriptExecutionWithValidAuth() throws IOException, PrivilegedActionException {
        ConfigurationBuilder initServerAndClient = initServerAndClient();
        initServerAndClient.security().authentication().callbackHandler(new TestCallbackHandler("user", "realm", "password".toCharArray()));
        runTestWithGivenConfig(initServerAndClient.build(), RUNNER);
    }

    @Test(enabled = false, description = "Disabled until issue ISPN-6210 is fixed.")
    public void testSimpleScriptExecutionWithInValidAuth() throws IOException, PrivilegedActionException {
        ConfigurationBuilder initServerAndClient = initServerAndClient();
        initServerAndClient.security().authentication().callbackHandler(new TestCallbackHandler("user", "realm", "password".toCharArray()));
        runTestWithGivenConfig(initServerAndClient.build(), PHEIDIPPIDES);
    }

    private void runTestWithGivenConfig(Configuration configuration, Subject subject) throws IOException, PrivilegedActionException {
        this.remoteCacheManager = new RemoteCacheManager(configuration);
        final HashMap hashMap = new HashMap();
        hashMap.put("a", "guinness");
        Security.doAs(ADMIN, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.client.hotrod.SecureExecTest.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                ScriptingManager scriptingManager = (ScriptingManager) SecureExecTest.this.hotrodServer.getCacheManager().getGlobalComponentRegistry().getComponent(ScriptingManager.class);
                InputStream resourceAsStream = getClass().getResourceAsStream("/testRole.js");
                Throwable th = null;
                try {
                    try {
                        scriptingManager.addScript("testRole.js", TestingUtil.loadFileAsString(resourceAsStream));
                        if (resourceAsStream == null) {
                            return null;
                        }
                        if (0 == 0) {
                            resourceAsStream.close();
                            return null;
                        }
                        try {
                            resourceAsStream.close();
                            return null;
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                            return null;
                        }
                    } catch (Throwable th3) {
                        th = th3;
                        throw th3;
                    }
                } catch (Throwable th4) {
                    if (resourceAsStream != null) {
                        if (th != null) {
                            try {
                                resourceAsStream.close();
                            } catch (Throwable th5) {
                                th.addSuppressed(th5);
                            }
                        } else {
                            resourceAsStream.close();
                        }
                    }
                    throw th4;
                }
            }
        });
        Security.doAs(subject, new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.client.hotrod.SecureExecTest.6
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() throws Exception {
                AssertJUnit.assertEquals("guinness", SecureExecTest.this.remoteCacheManager.getCache().get("a"));
                return null;
            }
        });
    }
}
