package org.apache.activemq.artemis.tests.integration.amqp;

import jakarta.jms.JMSSecurityException;
import java.io.IOException;
import java.util.Objects;
import java.util.Set;
import java.util.UUID;
import org.apache.activemq.artemis.api.core.QueueConfiguration;
import org.apache.activemq.artemis.api.core.RoutingType;
import org.apache.activemq.artemis.core.config.Configuration;
import org.apache.activemq.artemis.core.security.Role;
import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.core.server.Queue;
import org.apache.activemq.artemis.spi.core.security.ActiveMQJAASSecurityManager;
import org.apache.activemq.artemis.tests.util.Wait;
import org.apache.activemq.artemis.utils.CompositeAddress;
import org.apache.activemq.transport.amqp.client.AmqpMessage;
import org.apache.activemq.transport.amqp.client.AmqpReceiver;
import org.apache.activemq.transport.amqp.client.AmqpSender;
import org.apache.activemq.transport.amqp.client.AmqpSession;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Timeout;

@Timeout(20)
/* loaded from: input_file:org/apache/activemq/artemis/tests/integration/amqp/AmqpTargetedFQQNSecurityTest.class */
public class AmqpTargetedFQQNSecurityTest extends AmqpClientTestSupport {
    private final String FQQN_SENDER_1 = "fqqnSender1";
    private final String FQQN_SENDER_2 = "fqqnSender2";
    private final String FQQN_RECEIVER_1 = "fqqnReceiver1";
    private final String FQQN_RECEIVER_2 = "fqqnReceiver2";
    private final String FQQN_SENDER1_ROLE = "fqqnSender1Role";
    private final String FQQN_SENDER2_ROLE = "fqqnSender2Role";
    private final String FQQN_RECEIVER1_ROLE = "fqqnReceiver1Role";
    private final String FQQN_RECEIVER2_ROLE = "fqqnReceiver2Role";
    private final String FQQN_ADDRESS = "fqqnAddress";
    private final String FQQN_QUEUE1 = "fqqnQueue1";
    private final String FQQN_QUEUE2 = "fqqnQueue2";
    private final String FQQN_1 = CompositeAddress.toFullyQualified("fqqnAddress", "fqqnQueue1");
    private final String FQQN_2 = CompositeAddress.toFullyQualified("fqqnAddress", "fqqnQueue2");
    private final String PASS = UUID.randomUUID().toString();

    @Override // org.apache.activemq.artemis.tests.integration.amqp.AmqpClientTestSupport
    protected boolean isSecurityEnabled() {
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.activemq.artemis.tests.integration.amqp.AmqpClientTestSupport
    public void enableSecurity(ActiveMQServer activeMQServer, String... strArr) {
        ActiveMQJAASSecurityManager securityManager = activeMQServer.getSecurityManager();
        Configuration configuration = activeMQServer.getConfiguration();
        Role role = new Role("fqqnSender1Role", true, false, false, false, false, false, false, false, false, false, false, false);
        Role role2 = new Role("fqqnSender2Role", true, false, false, false, false, false, false, false, false, false, false, false);
        Role role3 = new Role("fqqnReceiver1Role", false, true, false, false, false, false, false, false, false, false, true, false);
        Role role4 = new Role("fqqnReceiver2Role", false, true, false, false, false, false, false, false, false, false, true, false);
        securityManager.getConfiguration().addUser("fqqnSender1", this.PASS);
        securityManager.getConfiguration().addRole("fqqnSender1", "fqqnSender1Role");
        securityManager.getConfiguration().addUser("fqqnSender2", this.PASS);
        securityManager.getConfiguration().addRole("fqqnSender2", "fqqnSender2Role");
        securityManager.getConfiguration().addUser("fqqnReceiver1", this.PASS);
        securityManager.getConfiguration().addRole("fqqnReceiver1", "fqqnReceiver1Role");
        securityManager.getConfiguration().addUser("fqqnReceiver2", this.PASS);
        securityManager.getConfiguration().addRole("fqqnReceiver2", "fqqnReceiver2Role");
        configuration.putSecurityRoles(this.FQQN_1, Set.of(role, role3));
        configuration.putSecurityRoles(this.FQQN_2, Set.of(role2, role4));
        configuration.addQueueConfiguration(QueueConfiguration.of(this.FQQN_1).setAddress("fqqnAddress").setRoutingType(RoutingType.ANYCAST));
        configuration.addQueueConfiguration(QueueConfiguration.of(this.FQQN_2).setAddress("fqqnAddress").setRoutingType(RoutingType.ANYCAST));
        activeMQServer.getConfiguration().setSecurityEnabled(true);
    }

    @Test
    public void testSender1CanWriteToAssignedFQQN() throws Exception {
        doTestSenderCanWriteToAssignedFQQN("fqqnSender1", this.FQQN_1);
    }

    @Test
    public void testSender2CanWriteToAssignedFQQN() throws Exception {
        doTestSenderCanWriteToAssignedFQQN("fqqnSender2", this.FQQN_2);
    }

    private void doTestSenderCanWriteToAssignedFQQN(String str, String str2) throws Exception {
        AmqpSender createSender = addConnection(createAmqpClient(str, this.PASS).connect()).createSession().createSender(str2);
        AmqpMessage amqpMessage = new AmqpMessage();
        amqpMessage.setText("Test-Message");
        createSender.send(amqpMessage);
        Queue proxyToQueue = getProxyToQueue(str2);
        Assertions.assertNotNull(proxyToQueue);
        Objects.requireNonNull(proxyToQueue);
        Wait.assertEquals(1L, proxyToQueue::getMessageCount);
    }

    @Test
    public void testReceiver1CanReadFromAssignedFQQN() throws Exception {
        doTestReceiverCanReadFromAssignedFQQN("fqqnSender1", "fqqnReceiver1", this.FQQN_1);
    }

    @Test
    public void testReceiver2CanReadFromAssignedFQQN() throws Exception {
        doTestReceiverCanReadFromAssignedFQQN("fqqnSender2", "fqqnReceiver2", this.FQQN_2);
    }

    private void doTestReceiverCanReadFromAssignedFQQN(String str, String str2, String str3) throws Exception {
        AmqpSender createSender = addConnection(createAmqpClient(str, this.PASS).connect()).createSession().createSender(str3);
        AmqpMessage amqpMessage = new AmqpMessage();
        amqpMessage.setText("Test-Message");
        createSender.send(amqpMessage);
        Queue proxyToQueue = getProxyToQueue(str3);
        Assertions.assertNotNull(proxyToQueue);
        Objects.requireNonNull(proxyToQueue);
        Wait.assertEquals(1L, proxyToQueue::getMessageCount);
        AmqpReceiver createReceiver = addConnection(createAmqpClient(str2, this.PASS).connect()).createSession().createReceiver(str3);
        createReceiver.flow(1);
        AmqpMessage receive = createReceiver.receive();
        Assertions.assertNotNull(receive);
        Assertions.assertEquals("Test-Message", receive.getText());
        receive.accept();
        Objects.requireNonNull(proxyToQueue);
        Wait.assertEquals(0L, proxyToQueue::getMessageCount);
    }

    @Test
    public void testReceiver1CannotReadFromFQQNAssignedToReceiver2() throws Exception {
        doTestReceiverCannotReadFromFQQNAssignedToAnotherReceiver("fqqnSender2", "fqqnReceiver1", this.FQQN_2);
    }

    @Test
    public void testReceiver2CannotReadFromFQQNAssignedToReceiver1() throws Exception {
        doTestReceiverCannotReadFromFQQNAssignedToAnotherReceiver("fqqnSender1", "fqqnReceiver2", this.FQQN_1);
    }

    private void doTestReceiverCannotReadFromFQQNAssignedToAnotherReceiver(String str, String str2, String str3) throws Exception {
        AmqpSender createSender = addConnection(createAmqpClient(str, this.PASS).connect()).createSession().createSender(str3);
        AmqpMessage amqpMessage = new AmqpMessage();
        amqpMessage.setText("Test-Message");
        createSender.send(amqpMessage);
        Queue proxyToQueue = getProxyToQueue(str3);
        Assertions.assertNotNull(proxyToQueue);
        Objects.requireNonNull(proxyToQueue);
        Wait.assertEquals(1L, proxyToQueue::getMessageCount);
        try {
            addConnection(createAmqpClient(str2, this.PASS).connect()).createSession().createReceiver(str3);
            Assertions.fail("Should not be able to attach to FQQN assigned to another user.");
        } catch (IOException e) {
            Assertions.assertNotNull(e.getCause());
            Assertions.assertTrue(e.getCause() instanceof JMSSecurityException);
        }
        Objects.requireNonNull(proxyToQueue);
        Wait.assertEquals(1L, proxyToQueue::getMessageCount);
    }

    @Test
    public void testAnonymousSender1CanWriteToAssignedFQQN() throws Exception {
        doTestAnonymousSendersCanWriteToAssignedFQQN("fqqnSender1", this.FQQN_1);
    }

    @Test
    public void testAnonymousSenders2CanWriteToAssignedFQQN() throws Exception {
        doTestAnonymousSendersCanWriteToAssignedFQQN("fqqnSender2", this.FQQN_2);
    }

    private void doTestAnonymousSendersCanWriteToAssignedFQQN(String str, String str2) throws Exception {
        AmqpSender createSender = addConnection(createAmqpClient(str, this.PASS).connect()).createSession().createSender();
        AmqpMessage amqpMessage = new AmqpMessage();
        amqpMessage.setText("Test-Message");
        amqpMessage.setAddress(str2);
        createSender.send(amqpMessage);
        Queue proxyToQueue = getProxyToQueue(str2);
        Assertions.assertNotNull(proxyToQueue);
        Objects.requireNonNull(proxyToQueue);
        Wait.assertEquals(1L, proxyToQueue::getMessageCount);
    }

    @Test
    public void testSender1CannotAttachToUnassignedFQQN() throws Exception {
        doTestSendersCannotAttachToUnassignedFQQN("fqqnSender1", this.FQQN_2);
    }

    @Test
    public void testSender2CannotAttachToUnassignedFQQN() throws Exception {
        doTestSendersCannotAttachToUnassignedFQQN("fqqnSender2", this.FQQN_1);
    }

    private void doTestSendersCannotAttachToUnassignedFQQN(String str, String str2) throws Exception {
        try {
            addConnection(createAmqpClient(str, this.PASS).connect()).createSession().createSender(str2);
            Assertions.fail("Should not be able to attach to FQQN assigned to another user.");
        } catch (IOException e) {
            Assertions.assertNotNull(e.getCause());
            Assertions.assertTrue(e.getCause() instanceof JMSSecurityException);
        }
    }

    @Test
    public void testAnonymousSender1CannotWriteToUnassignedFQQN() throws Exception {
        doTestAnonymousSendersCannotWriteToUnassignedFQQN("fqqnSender1", this.FQQN_2);
    }

    @Test
    public void testAnonymousSender2CannotWriteToUnassignedFQQN() throws Exception {
        doTestAnonymousSendersCannotWriteToUnassignedFQQN("fqqnSender2", this.FQQN_1);
    }

    private void doTestAnonymousSendersCannotWriteToUnassignedFQQN(String str, String str2) throws Exception {
        AmqpSender createSender = addConnection(createAmqpClient(str, this.PASS).connect()).createSession().createSender();
        AmqpMessage amqpMessage = new AmqpMessage();
        amqpMessage.setText("Test-Message");
        amqpMessage.setAddress(str2);
        try {
            createSender.send(amqpMessage);
            Assertions.fail("Should not be able to send to FQQN assigned to another user.");
        } catch (IOException e) {
            Assertions.assertNotNull(e.getCause());
            Assertions.assertTrue(e.getCause() instanceof JMSSecurityException);
        }
    }

    @Test
    public void testReceiver1CannotAttachAsSenderToEitherFQQN() throws Exception {
        doTestReceiverCannotAttachAsSenderToEitherFQQN("fqqnReceiver1");
    }

    @Test
    public void testReceiver2CannotAttachAsSenderToEitherFQQN() throws Exception {
        doTestReceiverCannotAttachAsSenderToEitherFQQN("fqqnReceiver2");
    }

    private void doTestReceiverCannotAttachAsSenderToEitherFQQN(String str) throws Exception {
        AmqpSession createSession = addConnection(createAmqpClient(str, this.PASS).connect()).createSession();
        try {
            createSession.createSender(this.FQQN_1);
            Assertions.fail("Should not be able to attach to FQQN as sender from read only user.");
        } catch (IOException e) {
            Assertions.assertNotNull(e.getCause());
            Assertions.assertTrue(e.getCause() instanceof JMSSecurityException);
        }
        try {
            createSession.createSender(this.FQQN_2);
            Assertions.fail("Should not be able to attach to FQQN as sender from read only user.");
        } catch (IOException e2) {
            Assertions.assertNotNull(e2.getCause());
            Assertions.assertTrue(e2.getCause() instanceof JMSSecurityException);
        }
    }

    @Test
    public void testSender1CannotAttachAsReceiverToEitherFQQN() throws Exception {
        doTestSenderCannotAttachAsReceiverToEitherFQQN("fqqnSender1");
    }

    @Test
    public void testSender2CannotAttachAsReceiverToEitherFQQN() throws Exception {
        doTestSenderCannotAttachAsReceiverToEitherFQQN("fqqnSender2");
    }

    private void doTestSenderCannotAttachAsReceiverToEitherFQQN(String str) throws Exception {
        AmqpSession createSession = addConnection(createAmqpClient(str, this.PASS).connect()).createSession();
        try {
            createSession.createReceiver(this.FQQN_1);
            Assertions.fail("Should not be able to attach to FQQN as receiver from write only user.");
        } catch (IOException e) {
            Assertions.assertNotNull(e.getCause());
            Assertions.assertTrue(e.getCause() instanceof JMSSecurityException);
        }
        try {
            createSession.createReceiver(this.FQQN_2);
            Assertions.fail("Should not be able to attach to FQQN as receiver from write only user.");
        } catch (IOException e2) {
            Assertions.assertNotNull(e2.getCause());
            Assertions.assertTrue(e2.getCause() instanceof JMSSecurityException);
        }
    }
}
