package org.apache.activemq.artemis.tests.integration.security;

import java.lang.management.ManagementFactory;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import org.apache.activemq.artemis.api.core.ActiveMQException;
import org.apache.activemq.artemis.api.core.QueueConfiguration;
import org.apache.activemq.artemis.api.core.RoutingType;
import org.apache.activemq.artemis.api.core.SimpleString;
import org.apache.activemq.artemis.api.core.client.ClientConsumer;
import org.apache.activemq.artemis.api.core.client.ClientMessage;
import org.apache.activemq.artemis.api.core.client.ClientProducer;
import org.apache.activemq.artemis.api.core.client.ClientSession;
import org.apache.activemq.artemis.api.core.client.ClientSessionFactory;
import org.apache.activemq.artemis.api.core.client.ServerLocator;
import org.apache.activemq.artemis.core.security.Role;
import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.core.server.ActiveMQServers;
import org.apache.activemq.artemis.core.server.impl.AddressInfo;
import org.apache.activemq.artemis.spi.core.security.ActiveMQBasicSecurityManager;
import org.apache.activemq.artemis.tests.extensions.parameterized.ParameterizedTestExtension;
import org.apache.activemq.artemis.tests.extensions.parameterized.Parameters;
import org.apache.activemq.artemis.tests.util.ActiveMQTestBase;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.TestTemplate;
import org.junit.jupiter.api.extension.ExtendWith;

@ExtendWith({ParameterizedTestExtension.class})
/* loaded from: input_file:org/apache/activemq/artemis/tests/integration/security/BasicSecurityManagerTest.class */
public class BasicSecurityManagerTest extends ActiveMQTestBase {
    private ServerLocator locator;
    private boolean bootstrapProperties;

    public BasicSecurityManagerTest(boolean z) {
        this.bootstrapProperties = z;
    }

    @Parameters(name = "bootstrapProperties={0}")
    public static Collection<Object[]> data() {
        return Arrays.asList(new Object[]{false}, new Object[]{true});
    }

    @Override // org.apache.activemq.artemis.tests.util.ActiveMQTestBase
    @BeforeEach
    public void setUp() throws Exception {
        super.setUp();
        this.locator = createInVMNonHALocator();
    }

    public ActiveMQServer initializeServer() throws Exception {
        HashMap hashMap = new HashMap();
        if (this.bootstrapProperties) {
            hashMap.put("bootstrapUserFile", "users.properties");
            hashMap.put("bootstrapRoleFile", "roles.properties");
        } else {
            hashMap.put("bootstrapUser", "first");
            hashMap.put("bootstrapPassword", "secret");
            hashMap.put("bootstrapRole", "programmers");
        }
        return addServer(ActiveMQServers.newActiveMQServer(createDefaultInVMConfig().setSecurityEnabled(true), ManagementFactory.getPlatformMBeanServer(), new ActiveMQBasicSecurityManager().init(hashMap), true));
    }

    @TestTemplate
    public void testAuthenticationForBootstrapUser() throws Exception {
        initializeServer().start();
        try {
            createSessionFactory(this.locator).createSession("first", "secret", false, true, true, false, 0).close();
        } catch (ActiveMQException e) {
            e.printStackTrace();
            Assertions.fail("should not throw exception");
        }
    }

    @TestTemplate
    public void testAuthenticationForAddedUserHashed() throws Exception {
        internalTestAuthenticationForAddedUser(false);
    }

    @TestTemplate
    public void testAuthenticationForAddedUserPlainText() throws Exception {
        internalTestAuthenticationForAddedUser(true);
    }

    private void internalTestAuthenticationForAddedUser(boolean z) throws Exception {
        ActiveMQServer initializeServer = initializeServer();
        initializeServer.start();
        ClientSessionFactory createSessionFactory = createSessionFactory(this.locator);
        initializeServer.getActiveMQServerControl().addUser("foo", "bar", "baz", z);
        try {
            createSessionFactory.createSession("foo", "bar", false, true, true, false, 0).close();
        } catch (ActiveMQException e) {
            e.printStackTrace();
            Assertions.fail("should not throw exception");
        }
    }

    @TestTemplate
    public void testWithValidatedUser() throws Exception {
        ActiveMQServer initializeServer = initializeServer();
        initializeServer.getConfiguration().setPopulateValidatedUser(true);
        initializeServer.start();
        Role role = new Role("programmers", true, true, true, true, true, true, true, true, true, true, false, false);
        HashSet hashSet = new HashSet();
        hashSet.add(role);
        initializeServer.getSecurityRepository().addMatch("#", hashSet);
        try {
            ClientSession createSession = createSessionFactory(this.locator).createSession("first", "secret", false, true, true, false, 0);
            initializeServer.createQueue(QueueConfiguration.of("queue").setAddress("address").setRoutingType(RoutingType.ANYCAST));
            ClientProducer createProducer = createSession.createProducer("address");
            createProducer.send(createSession.createMessage(true));
            createSession.commit();
            createProducer.close();
            ClientConsumer createConsumer = createSession.createConsumer("queue");
            createSession.start();
            ClientMessage receive = createConsumer.receive(1000L);
            Assertions.assertNotNull(receive);
            Assertions.assertEquals("first", receive.getValidatedUserID());
            createSession.close();
        } catch (ActiveMQException e) {
            e.printStackTrace();
            Assertions.fail("should not throw exception");
        }
    }

    @TestTemplate
    public void testAuthenticationBadPassword() throws Exception {
        initializeServer().start();
        try {
            createSessionFactory(this.locator).createSession("first", "badpassword", false, true, true, false, 0);
            Assertions.fail("should throw exception here");
        } catch (Exception e) {
        }
    }

    @TestTemplate
    public void testAuthorizationNegative() throws Exception {
        SimpleString of = SimpleString.of("address");
        SimpleString of2 = SimpleString.of("durableQueue");
        SimpleString of3 = SimpleString.of("nonDurableQueue");
        ActiveMQServer initializeServer = initializeServer();
        HashSet hashSet = new HashSet();
        hashSet.add(new Role("programmers", false, false, false, false, false, false, false, false, false, false, false, false));
        initializeServer.getConfiguration().putSecurityRoles("#", hashSet);
        initializeServer.start();
        initializeServer.addAddressInfo(new AddressInfo(of, RoutingType.ANYCAST));
        initializeServer.createQueue(QueueConfiguration.of(of2).setAddress(of).setRoutingType(RoutingType.ANYCAST));
        initializeServer.createQueue(QueueConfiguration.of(of3).setAddress(of).setRoutingType(RoutingType.ANYCAST).setDurable(false));
        ClientSession addClientSession = addClientSession(createSessionFactory(this.locator).createSession("first", "secret", false, true, true, false, 0));
        try {
            addClientSession.createQueue(QueueConfiguration.of(of2).setAddress(of));
            Assertions.fail("should throw exception here");
        } catch (ActiveMQException e) {
            Assertions.assertTrue(e.getMessage().contains("User: first does not have permission='CREATE_DURABLE_QUEUE' for queue durableQueue on address address"), "Unexpected exception message: " + e.getMessage());
        }
        try {
            addClientSession.deleteQueue(of2);
            Assertions.fail("should throw exception here");
        } catch (ActiveMQException e2) {
            Assertions.assertTrue(e2.getMessage().contains("User: first does not have permission='DELETE_DURABLE_QUEUE' for queue durableQueue on address address"), "Unexpected exception message: " + e2.getMessage());
        }
        try {
            addClientSession.createQueue(QueueConfiguration.of(of3).setAddress(of).setDurable(false));
            Assertions.fail("should throw exception here");
        } catch (ActiveMQException e3) {
            Assertions.assertTrue(e3.getMessage().contains("User: first does not have permission='CREATE_NON_DURABLE_QUEUE' for queue nonDurableQueue on address address"), "Unexpected exception message: " + e3.getMessage());
        }
        try {
            addClientSession.deleteQueue(of3);
            Assertions.fail("should throw exception here");
        } catch (ActiveMQException e4) {
            Assertions.assertTrue(e4.getMessage().contains("User: first does not have permission='DELETE_NON_DURABLE_QUEUE' for queue nonDurableQueue on address address"), "Unexpected exception message: " + e4.getMessage());
        }
        try {
            addClientSession.createProducer(of).send(addClientSession.createMessage(true));
            Assertions.fail("should throw exception here");
        } catch (ActiveMQException e5) {
            Assertions.assertTrue(e5.getMessage().contains("User: first does not have permission='SEND' on address address"), "Unexpected exception message: " + e5.getMessage());
        }
        try {
            addClientSession.createConsumer(of2);
            Assertions.fail("should throw exception here");
        } catch (ActiveMQException e6) {
            Assertions.assertTrue(e6.getMessage().contains("User: first does not have permission='CONSUME' for queue durableQueue on address address"), "Unexpected exception message: " + e6.getMessage());
        }
        try {
            addClientSession.createProducer(initializeServer.getConfiguration().getManagementAddress()).send(addClientSession.createMessage(true));
            Assertions.fail("should throw exception here");
        } catch (ActiveMQException e7) {
            Assertions.assertTrue(e7.getMessage().contains("User: first does not have permission='MANAGE' on address activemq.management"), "Unexpected exception message: " + e7.getMessage());
        }
        try {
            addClientSession.createConsumer(of2, true);
            Assertions.fail("should throw exception here");
        } catch (ActiveMQException e8) {
            Assertions.assertTrue(e8.getMessage().contains("User: first does not have permission='BROWSE' for queue durableQueue on address address"), "Unexpected exception message: " + e8.getMessage());
        }
    }

    @TestTemplate
    public void testAuthorizationPositive() throws Exception {
        SimpleString of = SimpleString.of("address");
        SimpleString of2 = SimpleString.of("durableQueue");
        SimpleString of3 = SimpleString.of("nonDurableQueue");
        ActiveMQServer initializeServer = initializeServer();
        HashSet hashSet = new HashSet();
        hashSet.add(new Role("programmers", true, true, true, true, true, true, true, true, true, true, false, false));
        initializeServer.getConfiguration().putSecurityRoles("#", hashSet);
        initializeServer.start();
        ClientSession addClientSession = addClientSession(createSessionFactory(this.locator).createSession("first", "secret", false, true, true, false, 0));
        try {
            addClientSession.createQueue(QueueConfiguration.of(of2).setAddress(of));
        } catch (ActiveMQException e) {
            Assertions.fail("should not throw exception here");
        }
        try {
            addClientSession.deleteQueue(of2);
        } catch (ActiveMQException e2) {
            Assertions.fail("should not throw exception here");
        }
        try {
            addClientSession.createQueue(QueueConfiguration.of(of3).setAddress(of).setDurable(false));
        } catch (ActiveMQException e3) {
            Assertions.fail("should not throw exception here");
        }
        try {
            addClientSession.deleteQueue(of3);
        } catch (ActiveMQException e4) {
            Assertions.fail("should not throw exception here");
        }
        addClientSession.createQueue(QueueConfiguration.of(of2).setAddress(of));
        try {
            addClientSession.createProducer(of).send(addClientSession.createMessage(true));
        } catch (ActiveMQException e5) {
            Assertions.fail("should not throw exception here");
        }
        try {
            addClientSession.createConsumer(of2);
        } catch (ActiveMQException e6) {
            Assertions.fail("should not throw exception here");
        }
        try {
            addClientSession.createProducer(initializeServer.getConfiguration().getManagementAddress()).send(addClientSession.createMessage(true));
        } catch (ActiveMQException e7) {
            Assertions.fail("should not throw exception here");
        }
        try {
            addClientSession.createConsumer(of2, true);
        } catch (ActiveMQException e8) {
            Assertions.fail("should not throw exception here");
        }
    }
}
