package org.infinispan.test.integration.security.embedded;

import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import org.infinispan.Cache;
import org.infinispan.configuration.cache.AuthorizationConfigurationBuilder;
import org.infinispan.configuration.cache.ConfigurationBuilder;
import org.infinispan.configuration.global.GlobalAuthorizationConfigurationBuilder;
import org.infinispan.configuration.global.GlobalConfigurationBuilder;
import org.infinispan.configuration.global.GlobalRoleConfigurationBuilder;
import org.infinispan.manager.DefaultCacheManager;
import org.infinispan.manager.EmbeddedCacheManager;
import org.infinispan.security.AuthorizationPermission;
import org.infinispan.security.PrincipalRoleMapper;
import org.infinispan.security.Security;
import org.infinispan.test.integration.security.utils.LoginHandler;
import org.infinispan.transaction.LockingMode;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:org/infinispan/test/integration/security/embedded/AbstractAuthentication.class */
public abstract class AbstractAuthentication {
    public static final String DEFAULT_DEPLOY_CONTAINER = "testnode";
    public static final String CACHE_NAME = "secureCache";
    public static final String TEST_ENTRY_VALUE = "predefined value";
    protected EmbeddedCacheManager manager;
    public static final String TEST_ENTRY_KEY = "predefined key";
    protected Cache<Object, Object> secureCache;
    private GlobalConfigurationBuilder globalConfig;
    private ConfigurationBuilder cacheConfig;

    public abstract String getSecurityDomainName();

    public abstract Map<String, AuthorizationPermission[]> getRolePermissionMap();

    public abstract PrincipalRoleMapper getPrincipalRoleMapper();

    public abstract Subject getAdminSubject() throws LoginException;

    public abstract Subject getWriterSubject() throws LoginException;

    public abstract Subject getReaderSubject() throws LoginException;

    public abstract Subject getUnprivilegedSubject() throws LoginException;

    public Subject authenticate(String str, String str2) throws LoginException {
        LoginContext loginContext = new LoginContext(System.getProperty("jboss.security.domain", getSecurityDomainName()), new LoginHandler(str, str2));
        loginContext.login();
        return loginContext.getSubject();
    }

    public Subject authenticateWithKrb(String str) throws LoginException {
        LoginContext loginContext = new LoginContext(str, new LoginHandler(null, null));
        loginContext.login();
        return loginContext.getSubject();
    }

    @Before
    public void setupCache() throws Exception {
        this.globalConfig = new GlobalConfigurationBuilder();
        GlobalAuthorizationConfigurationBuilder principalRoleMapper = this.globalConfig.security().authorization().enable().principalRoleMapper(getPrincipalRoleMapper());
        this.cacheConfig = new ConfigurationBuilder();
        this.cacheConfig.transaction().lockingMode(LockingMode.PESSIMISTIC);
        this.cacheConfig.invocationBatching().enable();
        AuthorizationConfigurationBuilder enable = this.cacheConfig.security().authorization().enable();
        for (Map.Entry<String, AuthorizationPermission[]> entry : getRolePermissionMap().entrySet()) {
            enable = enable.role(entry.getKey());
            GlobalRoleConfigurationBuilder role = principalRoleMapper.role(entry.getKey());
            for (AuthorizationPermission authorizationPermission : entry.getValue()) {
                role = role.permission(authorizationPermission);
            }
        }
        Security.doAs(getAdminSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                AbstractAuthentication.this.manager = new DefaultCacheManager(AbstractAuthentication.this.globalConfig.build());
                AbstractAuthentication.this.manager.defineConfiguration(AbstractAuthentication.CACHE_NAME, AbstractAuthentication.this.cacheConfig.build());
                AbstractAuthentication.this.secureCache = AbstractAuthentication.this.manager.getCache(AbstractAuthentication.CACHE_NAME);
                AbstractAuthentication.this.secureCache.put(AbstractAuthentication.TEST_ENTRY_KEY, AbstractAuthentication.TEST_ENTRY_VALUE);
                return null;
            }
        });
    }

    @After
    public void tearDown() throws Exception {
        if (this.manager != null) {
            Security.doAs(getAdminSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.2
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public Void run() {
                    AbstractAuthentication.this.manager.stop();
                    return null;
                }
            });
        }
    }

    @Test
    public void testAdminCRUD() throws Exception {
        Security.doAs(getAdminSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                Assert.assertEquals(AbstractAuthentication.TEST_ENTRY_VALUE, AbstractAuthentication.this.secureCache.get(AbstractAuthentication.TEST_ENTRY_KEY));
                AbstractAuthentication.this.secureCache.putIfAbsent("test", "test value");
                Assert.assertEquals("test value", AbstractAuthentication.this.secureCache.get("test"));
                AbstractAuthentication.this.secureCache.put("test", "test value2");
                Assert.assertEquals("test value2", AbstractAuthentication.this.secureCache.get("test"));
                AbstractAuthentication.this.secureCache.remove("test");
                Assert.assertEquals((Object) null, AbstractAuthentication.this.secureCache.get("test"));
                AbstractAuthentication.this.secureCache.clear();
                Assert.assertEquals(0L, AbstractAuthentication.this.secureCache.size());
                return null;
            }
        });
    }

    @Test
    public void testWriterWrite() throws Exception {
        Security.doAs(getWriterSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.4
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                AbstractAuthentication.this.secureCache.put("test", "test value");
                return null;
            }
        });
    }

    @Test
    public void testWriterRemove() throws Exception {
        Security.doAs(getWriterSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.5
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                AbstractAuthentication.this.secureCache.remove(AbstractAuthentication.TEST_ENTRY_KEY);
                return null;
            }
        });
    }

    @Test(expected = PrivilegedActionException.class)
    public void testWriterRead() throws Exception {
        Security.doAs(getWriterSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.6
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                AbstractAuthentication.this.secureCache.get(AbstractAuthentication.TEST_ENTRY_KEY);
                return null;
            }
        });
    }

    @Test
    public void testReaderRead() throws Exception {
        Security.doAs(getReaderSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.7
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                Assert.assertEquals(AbstractAuthentication.TEST_ENTRY_VALUE, AbstractAuthentication.this.secureCache.get(AbstractAuthentication.TEST_ENTRY_KEY));
                return null;
            }
        });
    }

    @Test(expected = PrivilegedActionException.class)
    public void testReaderWrite() throws Exception {
        Security.doAs(getReaderSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.8
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                AbstractAuthentication.this.secureCache.put("test", "test value");
                return null;
            }
        });
    }

    @Test(expected = PrivilegedActionException.class)
    public void testReaderRemove() throws Exception {
        Security.doAs(getReaderSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.9
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                AbstractAuthentication.this.secureCache.remove(AbstractAuthentication.TEST_ENTRY_KEY);
                return null;
            }
        });
    }

    @Test(expected = PrivilegedActionException.class)
    public void testUnprivilegedRead() throws Exception {
        Security.doAs(getUnprivilegedSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.10
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                AbstractAuthentication.this.secureCache.get(AbstractAuthentication.TEST_ENTRY_KEY);
                return null;
            }
        });
    }

    @Test(expected = PrivilegedActionException.class)
    public void testUnprivilegedWrite() throws Exception {
        Security.doAs(getUnprivilegedSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.11
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                AbstractAuthentication.this.secureCache.put("test", "test value");
                return null;
            }
        });
    }

    @Test(expected = PrivilegedActionException.class)
    public void testUnprivilegedRemove() throws Exception {
        Security.doAs(getUnprivilegedSubject(), new PrivilegedExceptionAction<Void>() { // from class: org.infinispan.test.integration.security.embedded.AbstractAuthentication.12
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedExceptionAction
            public Void run() {
                AbstractAuthentication.this.secureCache.remove(AbstractAuthentication.TEST_ENTRY_KEY);
                return null;
            }
        });
    }

    @Test(expected = SecurityException.class)
    public void testUnauthenticatedRead() {
        this.secureCache.get(TEST_ENTRY_KEY);
    }

    @Test(expected = SecurityException.class)
    public void testUnauthenticatedWrite() {
        this.secureCache.put("test", "value");
    }

    @Test(expected = SecurityException.class)
    public void testUnauthenticatedRemove() {
        this.secureCache.remove(TEST_ENTRY_KEY);
    }
}
