package org.infinispan.server.security;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import org.infinispan.client.hotrod.RemoteCache;
import org.infinispan.client.hotrod.configuration.ConfigurationBuilder;
import org.infinispan.client.hotrod.exceptions.HotRodClientException;
import org.infinispan.client.rest.RestClient;
import org.infinispan.client.rest.RestResponse;
import org.infinispan.client.rest.configuration.Protocol;
import org.infinispan.client.rest.configuration.RestClientConfigurationBuilder;
import org.infinispan.configuration.cache.CacheMode;
import org.infinispan.server.test.core.Common;
import org.infinispan.server.test.core.LdapServerListener;
import org.infinispan.server.test.core.category.Security;
import org.infinispan.server.test.junit4.InfinispanServerRule;
import org.infinispan.server.test.junit4.InfinispanServerRuleBuilder;
import org.infinispan.server.test.junit4.InfinispanServerTestMethodRule;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;

@RunWith(Parameterized.class)
@Category({Security.class})
/* loaded from: input_file:org/infinispan/server/security/AuthenticationMultiEndpointIT.class */
public class AuthenticationMultiEndpointIT {

    @ClassRule
    public static InfinispanServerRule SERVERS = InfinispanServerRuleBuilder.config("configuration/AuthenticationServerMultipleEndpoints.xml").addListener(new SecurityRealmServerListener("alternate")).addListener(new LdapServerListener()).build();

    @Rule
    public InfinispanServerTestMethodRule SERVER_TEST = new InfinispanServerTestMethodRule(SERVERS);
    private final String mechanism;
    private final String protocol;
    private final String realm;
    private final String userPrefix;
    private final int port;
    private final boolean isAnonymous;
    private final boolean isAdmin;
    private final boolean isPlain;
    private final boolean isAlternateRealm;
    private final boolean useAuth;
    private final boolean isMechanismClearText;

    @Parameterized.Parameters(name = "protocol={0}, mech={1}, realm={2}, userPrefix={3}, port={4}, anon={5}, admin={6}, plain={7}")
    public static Collection<Object[]> data() {
        boolean z;
        boolean z2;
        boolean z3;
        boolean z4;
        boolean z5;
        ArrayList arrayList = new ArrayList();
        for (String str : Arrays.asList("default", "alternate")) {
            String str2 = "alternate".equals(str) ? "alternate_" : "";
            for (int i = 11222; i < 11227; i++) {
                Integer valueOf = Integer.valueOf(i);
                switch (i) {
                    case 11222:
                        z = false;
                        z2 = true;
                        z3 = true;
                        z4 = false;
                        z5 = false;
                        break;
                    case 11223:
                        z = true;
                        z2 = false;
                        z3 = false;
                        z4 = false;
                        z5 = false;
                        break;
                    case 11224:
                        z = false;
                        z2 = false;
                        z3 = true;
                        z4 = true;
                        z5 = true;
                        break;
                    case 11225:
                        z = false;
                        z2 = true;
                        z3 = false;
                        z4 = true;
                        z5 = false;
                        break;
                    case 11226:
                        z = false;
                        z2 = true;
                        z3 = false;
                        z4 = false;
                        z5 = false;
                        break;
                    default:
                        throw new IllegalArgumentException();
                }
                boolean z6 = z5;
                boolean z7 = z;
                boolean z8 = z2;
                boolean z9 = z3;
                boolean z10 = z4;
                Common.SASL_MECHS.stream().map(objArr -> {
                    return objArr[0];
                }).forEach(obj -> {
                    arrayList.add(new Object[]{"Hot Rod", obj, str, str2, valueOf, Boolean.valueOf(z7), Boolean.valueOf(z8), Boolean.valueOf(z9), Boolean.valueOf(z10)});
                });
                boolean z11 = z;
                boolean z12 = z2;
                boolean z13 = z3;
                Common.HTTP_MECHS.stream().map(objArr2 -> {
                    return objArr2[0];
                }).forEach(obj2 -> {
                    arrayList.add(new Object[]{Protocol.HTTP_11.name(), obj2, str, str2, valueOf, Boolean.valueOf(z11), Boolean.valueOf(z12), Boolean.valueOf(z13), Boolean.valueOf(z6)});
                });
            }
        }
        return arrayList;
    }

    public AuthenticationMultiEndpointIT(String str, String str2, String str3, String str4, int i, boolean z, boolean z2, boolean z3, boolean z4) {
        this.protocol = str;
        this.mechanism = str2;
        this.realm = str3;
        this.userPrefix = str4;
        this.port = i;
        this.isAdmin = z2;
        this.isAnonymous = z;
        this.isPlain = z3;
        this.isAlternateRealm = z4;
        this.useAuth = !str2.isEmpty();
        this.isMechanismClearText = "PLAIN".equals(str2) || "BASIC".equals(str2);
    }

    @Test
    public void testProtocol() {
        String str = this.protocol;
        boolean z = -1;
        switch (str.hashCode()) {
            case -1533211852:
                if (str.equals("Hot Rod")) {
                    z = false;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                testHotRod();
                return;
            default:
                testRest();
                return;
        }
    }

    private void testHotRod() {
        ConfigurationBuilder configurationBuilder = new ConfigurationBuilder();
        if (this.useAuth) {
            configurationBuilder.security().authentication().saslMechanism(this.mechanism).realm(this.realm).username(this.userPrefix + "all_user").password("all");
        }
        try {
            RemoteCache create = this.SERVER_TEST.hotrod().withClientConfiguration(configurationBuilder).withPort(this.port).withCacheMode(CacheMode.DIST_SYNC).create();
            validateSuccess();
            create.put("k1", "v1");
            Assert.assertEquals(1L, create.size());
            Assert.assertEquals("v1", create.get("k1"));
        } catch (HotRodClientException e) {
            validateException(e);
        }
    }

    private void testRest() {
        Protocol valueOf = Protocol.valueOf(this.protocol);
        RestClientConfigurationBuilder followRedirects = new RestClientConfigurationBuilder().followRedirects(false);
        if (this.useAuth) {
            followRedirects.protocol(valueOf).security().authentication().mechanism(this.mechanism).realm(this.realm).username(this.userPrefix + "all_user").password("all");
        }
        try {
            RestClient create = this.SERVER_TEST.rest().withClientConfiguration(followRedirects).withPort(this.port).create();
            validateSuccess();
            RestResponse restResponse = (RestResponse) Common.sync(create.cache(this.SERVER_TEST.getMethodName()).post("k1", "v1"));
            Assert.assertEquals(204L, restResponse.getStatus());
            Assert.assertEquals(valueOf, restResponse.getProtocol());
            RestResponse restResponse2 = (RestResponse) Common.sync(create.cache(this.SERVER_TEST.getMethodName()).get("k1"));
            Assert.assertEquals(200L, restResponse2.getStatus());
            Assert.assertEquals(valueOf, restResponse2.getProtocol());
            Assert.assertEquals("v1", restResponse2.getBody());
            Assert.assertEquals(this.isAdmin ? 307L : 404L, ((RestResponse) Common.sync(create.raw().get("/"))).getStatus());
            Assert.assertEquals(this.isAdmin ? 200L : 404L, ((RestResponse) Common.sync(create.server().info())).getStatus());
        } catch (SecurityException e) {
            validateException(e);
        }
    }

    private void validateSuccess() {
        if (this.isAnonymous && this.useAuth) {
            throw new IllegalStateException("Authenticated client should not be allowed to connect to anonymous server");
        }
        if (!this.isAnonymous && !this.useAuth) {
            throw new IllegalStateException("Unauthenticated client should not be allowed to connect to authenticated server");
        }
    }

    private void validateException(RuntimeException runtimeException) {
        if (this.useAuth && this.isAnonymous) {
            return;
        }
        if (this.useAuth || this.isAnonymous) {
            if (this.isAlternateRealm && "default".equals(this.realm)) {
                return;
            }
            if (this.isAlternateRealm || "default".equals(this.realm)) {
                if (!this.isPlain || this.isMechanismClearText) {
                    if (this.isPlain || !this.isMechanismClearText) {
                        throw runtimeException;
                    }
                }
            }
        }
    }
}
