package org.gridgain.grid.util;

import java.util.List;
import java.util.Objects;
import java.util.function.Consumer;
import org.apache.ignite.Ignite;
import org.apache.ignite.IgniteCluster;
import org.apache.ignite.configuration.ConnectorConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.internal.commandline.CommandHandler;
import org.apache.ignite.internal.util.typedef.F;
import org.apache.ignite.plugin.PluginConfiguration;
import org.apache.ignite.plugin.security.SecurityCredentials;
import org.apache.ignite.plugin.security.SecurityCredentialsBasicProvider;
import org.apache.ignite.testframework.GridTestUtils;
import org.apache.ignite.testframework.junits.SystemPropertiesList;
import org.apache.ignite.testframework.junits.WithSystemProperty;
import org.apache.ignite.util.GridCommandHandlerTest;
import org.gridgain.grid.configuration.GridGainConfiguration;
import org.gridgain.grid.security.passcode.AuthenticationAclBasicProvider;
import org.gridgain.grid.security.passcode.PasscodeAuthenticator;
import org.jetbrains.annotations.Nullable;
import org.junit.Test;

/* loaded from: input_file:org/gridgain/grid/util/GridCommandHandlerPasscodeAuthenticatorTest.class */
public class GridCommandHandlerPasscodeAuthenticatorTest extends GridCommandHandlerTest {
    private static final String DEFAULT_DS_GROUP_NAME = "default-ds-group";
    private boolean addSsl;
    static final /* synthetic */ boolean $assertionsDisabled;
    private final String user = "testUser";
    private final String pwd = "testPassword";
    private boolean addCredentialsToArgs = true;
    private String taskPermissions = "TASK_EXECUTE";
    private String systemPermissions = "ADMIN_OPS,ADMIN_VIEW,JOIN_AS_SERVER,CACHE_PUT,CACHE_CREATE";

    protected IgniteConfiguration getConfiguration(String str) throws Exception {
        IgniteConfiguration configuration = super.getConfiguration(str);
        PasscodeAuthenticator passcodeAuthenticator = new PasscodeAuthenticator();
        SecurityCredentials securityCredentials = new SecurityCredentials("testUser", "testPassword");
        passcodeAuthenticator.setAclProvider(new AuthenticationAclBasicProvider(F.asMap(securityCredentials, "{defaultAllow:false,{cache:'default',permissions:[CACHE_READ,CACHE_PUT,CACHE_REMOVE]},{cache:'default0',permissions:[CACHE_READ,CACHE_PUT,CACHE_REMOVE]},{cache:'repl_cache',permissions:[CACHE_READ,CACHE_PUT,CACHE_REMOVE]},{cache:'part_cache',permissions:[CACHE_READ,CACHE_PUT,CACHE_REMOVE]},{cache:'ignite-sys-atomic-cache@default-volatile-ds-group',permissions:[CACHE_READ,CACHE_PUT]},{cache:'ignite-sys-atomic-cache@default-ds-group',permissions:[CACHE_READ,CACHE_PUT,CACHE_REMOVE]},{task:'*',permissions:[" + this.taskPermissions + "]}, {system:[" + this.systemPermissions + "]}}")));
        configuration.setPluginConfigurations(new PluginConfiguration[]{new GridGainConfiguration().setAuthenticator(passcodeAuthenticator).setSecurityCredentialsProvider(new SecurityCredentialsBasicProvider(securityCredentials))});
        if (this.addSsl) {
            configuration.setSslContextFactory(str.contains("client") ? GridTestUtils.sslTrustedFactory("client", "trustone") : GridTestUtils.sslTrustedFactory("server", "trustone")).setConnectorConfiguration(new ConnectorConfiguration().setSslEnabled(true).setSslFactory(GridTestUtils.sslTrustedFactory("connectorServer", "trustthree")));
        }
        return configuration;
    }

    protected void addExtraArguments(List<String> list) {
        super.addExtraArguments(list);
        if (this.addCredentialsToArgs) {
            list.add("--user");
            list.add("testUser");
            list.add("--password");
            list.add("testPassword");
        }
    }

    @Test
    @SystemPropertiesList({@WithSystemProperty(key = "IGNITE_CLUSTER_ID_AND_TAG_FEATURE", value = "true"), @WithSystemProperty(key = "IGNITE_DISTRIBUTED_META_STORAGE_FEATURE", value = "true")})
    public void testWithoutAuthentication() throws Exception {
        this.addCredentialsToArgs = false;
        startGrids(1);
        CommandHandler commandHandler = new CommandHandler();
        commandHandler.console = new PasswordConsole("testUser", null, null);
        assertEquals(3, execute(commandHandler, new String[]{"--activate"}));
        assertEquals(3, execute(commandHandler, new String[]{"--deactivate"}));
        assertEquals(3, execute(commandHandler, new String[]{"--state"}));
        assertEquals(3, execute(commandHandler, new String[]{"--set-state", "ACTIVE"}));
        assertEquals(3, execute(commandHandler, new String[]{"--set-state", "INACTIVE"}));
        assertEquals(3, execute(commandHandler, new String[]{"--set-state", "ACTIVE_READ_ONLY"}));
        assertEquals(3, execute(commandHandler, new String[]{"--baseline"}));
        assertEquals(3, execute(commandHandler, new String[]{"--wal", "print"}));
        assertEquals(3, execute(commandHandler, new String[]{"--wal", "delete"}));
        assertEquals(3, execute(commandHandler, new String[]{"--tx"}));
        assertEquals(3, execute(commandHandler, new String[]{"--cache", "idle_verify", "--dump"}));
        assertEquals(3, execute(commandHandler, new String[]{"--cache", "idle_verify"}));
        assertEquals(3, execute(commandHandler, new String[]{"--cache", "list", ".*"}));
        assertEquals(3, execute(commandHandler, new String[]{"--rolling-upgrade", "start"}));
        assertEquals(3, execute(commandHandler, new String[]{"--rolling-upgrade", "finish"}));
        assertEquals(3, execute(commandHandler, new String[]{"--rolling-upgrade", "force"}));
        assertEquals(3, execute(commandHandler, new String[]{"--rolling-upgrade", "status"}));
        assertEquals(3, execute(commandHandler, new String[]{"--change-tag", "new_tag_value"}));
        assertEquals(3, execute(commandHandler, new String[]{"--change-id", "11111111-1111-1111-1111-111111111111"}));
        assertEquals(3, execute(commandHandler, new String[]{"--diagnostic", "pageLocks", "dump"}));
        assertEquals(3, execute(commandHandler, new String[]{"--dr", "state"}));
        assertEquals(3, execute(commandHandler, new String[]{"--checkpoint"}));
    }

    @Test
    @SystemPropertiesList({@WithSystemProperty(key = "IGNITE_CLUSTER_ID_AND_TAG_FEATURE", value = "true"), @WithSystemProperty(key = "IGNITE_DISTRIBUTED_META_STORAGE_FEATURE", value = "true")})
    public void testWrongCredentials() throws Exception {
        this.addCredentialsToArgs = false;
        startGrids(1);
        CommandHandler commandHandler = new CommandHandler();
        assertEquals(3, execute(commandHandler, new String[]{"--activate", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--deactivate", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--state", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--set-state", "ACTIVE", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--set-state", "INACTIVE", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--set-state", "ACTIVE_READ_ONLY", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--baseline", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--wal", "print", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--wal", "delete", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--tx", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--cache", "idle_verify", "--dump", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--cache", "idle_verify", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--cache", "list", ".*", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--rolling-upgrade", "start", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--rolling-upgrade", "finish", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--rolling-upgrade", "force", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--rolling-upgrade", "status", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--change-tag", "new_tag_value", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--change-id", "11111111-1111-1111-1111-111111111111", "--user", "testUser", "--password", "testPassword0"}));
        assertEquals(3, execute(commandHandler, new String[]{"--checkpoint", "--user", "testUser", "--password", "testPassword0"}));
    }

    @Test
    @SystemPropertiesList({@WithSystemProperty(key = "IGNITE_CLUSTER_ID_AND_TAG_FEATURE", value = "true"), @WithSystemProperty(key = "IGNITE_DISTRIBUTED_META_STORAGE_FEATURE", value = "true")})
    public void testWithAdminOpsOnly() throws Exception {
        this.taskPermissions = "";
        this.systemPermissions = "ADMIN_OPS,JOIN_AS_SERVER";
        executeCommands(startGrids(2), 0);
    }

    @Test
    @SystemPropertiesList({@WithSystemProperty(key = "IGNITE_CLUSTER_ID_AND_TAG_FEATURE", value = "true"), @WithSystemProperty(key = "IGNITE_DISTRIBUTED_META_STORAGE_FEATURE", value = "true")})
    public void testWithoutAdminOps() throws Exception {
        this.systemPermissions = this.systemPermissions.replace("ADMIN_OPS,", "");
        executeCommands(startGrid(), 4);
    }

    @Test
    public void testIncorrectKeyStorePwd() throws Exception {
        checkInputKeyTrustStorePwd("testUser", new PasswordConsole("testPassword", "testPassword", GridTestUtils.keyStorePassword()), 4, null);
    }

    @Test
    public void testIncorrectTrustStorePwd() throws Exception {
        checkInputKeyTrustStorePwd("testUser", new PasswordConsole("testPassword", GridTestUtils.keyStorePassword(), "testPassword"), 4, null);
    }

    @Test
    public void testIncorrectAccountPwd() throws Exception {
        checkInputKeyTrustStorePwd("testUser", new PasswordConsole(GridTestUtils.keyStorePassword(), GridTestUtils.keyStorePassword(), GridTestUtils.keyStorePassword()), 3, passwordConsole -> {
            assertEquals(4, passwordConsole.pwdCnt());
        });
    }

    @Test
    public void testCorrectAllPwd() throws Exception {
        checkInputKeyTrustStorePwd("testUser", new PasswordConsole("testPassword", GridTestUtils.keyStorePassword(), GridTestUtils.keyStorePassword()), 0, null);
    }

    @Test
    public void testIncorrectAccountUsrAndPwd() throws Exception {
        checkInputKeyTrustStorePwd("testUser_test", new PasswordConsole(GridTestUtils.keyStorePassword(), GridTestUtils.keyStorePassword(), GridTestUtils.keyStorePassword()), 3, passwordConsole -> {
            assertEquals(4, passwordConsole.pwdCnt());
        });
    }

    private void checkInputKeyTrustStorePwd(String str, PasswordConsole passwordConsole, int i, @Nullable Consumer<PasswordConsole> consumer) throws Exception {
        Objects.requireNonNull(passwordConsole);
        this.addCredentialsToArgs = false;
        this.addSsl = true;
        CommandHandler commandHandler = new CommandHandler();
        commandHandler.console = passwordConsole;
        startGrid().cluster().active(true);
        assertEquals(i, execute(commandHandler, new String[]{"--deactivate", "--user", str, "--keystore", GridTestUtils.keyStorePath("connectorClient"), "--truststore", GridTestUtils.keyStorePath("trustthree")}));
        assertEquals(1, passwordConsole.keyStorePwdCnt());
        assertEquals(1, passwordConsole.trustStorePwdCnt());
        if (Objects.nonNull(consumer)) {
            consumer.accept(passwordConsole);
        }
    }

    private void executeCommands(Ignite ignite, int i) {
        if (!$assertionsDisabled && !Objects.nonNull(ignite)) {
            throw new AssertionError();
        }
        IgniteCluster cluster = ignite.cluster();
        if (!cluster.active()) {
            cluster.active(true);
        }
        CommandHandler commandHandler = new CommandHandler();
        String uuid = ignite.cluster().localNode().id().toString();
        assertEquals(i, execute(commandHandler, new String[]{"--cache", "find_garbage", uuid, "--delete"}));
        assertEquals(i, execute(commandHandler, new String[]{"--cache", "distribution", uuid}));
        assertEquals(i, execute(commandHandler, new String[]{"--cache", "reset_lost_partitions", "default"}));
        assertEquals(i, execute(commandHandler, new String[]{"--cache", "contention", "1", uuid}));
        assertEquals(i, execute(commandHandler, new String[]{"--dr", "state"}));
        assertEquals(i, execute(commandHandler, new String[]{"--diagnostic", "pageLocks", "dump"}));
        assertEquals(i, execute(commandHandler, new String[]{"--set-state", "ACTIVE"}));
        assertEquals(i, execute(commandHandler, new String[]{"--set-state", "INACTIVE"}));
        assertEquals(i, execute(commandHandler, new String[]{"--set-state", "ACTIVE_READ_ONLY"}));
        assertEquals(i, execute(commandHandler, new String[]{"--change-tag", "new_tag_value"}));
        assertEquals(i, execute(commandHandler, new String[]{"--change-id", "11111111-1111-1111-1111-111111111111"}));
        assertEquals(i, execute(commandHandler, new String[]{"--rolling-upgrade", "status"}));
        assertEquals(i, execute(commandHandler, new String[]{"--rolling-upgrade", "start"}));
        assertEquals(i, execute(commandHandler, new String[]{"--rolling-upgrade", "finish"}));
        assertEquals(i, execute(commandHandler, new String[]{"--rolling-upgrade", "force"}));
        assertEquals(i, execute(commandHandler, new String[]{"--cache", "validate_indexes"}));
        assertEquals(i, execute(commandHandler, new String[]{"--cache", "list", ".*"}));
        assertEquals(i, execute(commandHandler, new String[]{"--cache", "idle_verify"}));
        assertEquals(i, execute(commandHandler, new String[]{"--cache", "idle_verify", "--dump"}));
        assertEquals(i, execute(commandHandler, new String[]{"--tx"}));
        assertEquals(i, execute(commandHandler, new String[]{"--wal", "delete"}));
        assertEquals(i, execute(commandHandler, new String[]{"--wal", "print"}));
        assertEquals(i, execute(commandHandler, new String[]{"--baseline"}));
        assertEquals(i, execute(commandHandler, new String[]{"--deactivate"}));
        assertEquals(i, execute(commandHandler, new String[]{"--activate"}));
        assertEquals(i, execute(commandHandler, new String[]{"--state"}));
        assertEquals(i, execute(commandHandler, new String[]{"--checkpoint"}));
    }

    static {
        $assertionsDisabled = !GridCommandHandlerPasscodeAuthenticatorTest.class.desiredAssertionStatus();
    }
}
