package org.apache.ignite.internal.processors.authentication;

import java.util.Base64;
import java.util.Random;
import java.util.concurrent.Callable;
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.ignite.IgniteCheckedException;
import org.apache.ignite.cache.store.GridStoreLoadCacheTest;
import org.apache.ignite.configuration.DataRegionConfiguration;
import org.apache.ignite.configuration.DataStorageConfiguration;
import org.apache.ignite.configuration.IgniteConfiguration;
import org.apache.ignite.internal.IgniteEx;
import org.apache.ignite.internal.IgniteInternalFuture;
import org.apache.ignite.internal.util.typedef.internal.U;
import org.apache.ignite.testframework.GridTestUtils;
import org.apache.ignite.testframework.junits.common.GridCommonAbstractTest;
import org.junit.Test;

/* loaded from: input_file:org/apache/ignite/internal/processors/authentication/AuthenticationProcessorSelfTest.class */
public class AuthenticationProcessorSelfTest extends GridCommonAbstractTest {
    protected static final int NODES_COUNT = 4;
    private static final int ITERATIONS = 10;
    protected static final int CLI_NODE = 3;
    private static final Random RND = new Random(System.currentTimeMillis());
    protected AuthorizationContext actxDflt;

    private static String randomString(int i) {
        byte[] bArr = new byte[i / 2];
        RND.nextBytes(bArr);
        return Base64.getEncoder().encodeToString(bArr);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public IgniteConfiguration getConfiguration(String str) throws Exception {
        IgniteConfiguration configuration = super.getConfiguration(str);
        if (getTestIgniteInstanceIndex(str) == 3) {
            configuration.setClientMode(true);
        }
        configuration.setAuthenticationEnabled(true);
        configuration.setDataStorageConfiguration(new DataStorageConfiguration().setDefaultDataRegionConfiguration(new DataRegionConfiguration().setMaxSize(209715200L).setPersistenceEnabled(true)));
        return configuration;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public void beforeTestsStarted() throws Exception {
        super.beforeTestsStarted();
        GridTestUtils.setFieldValue(User.class, "bCryptGensaltLog2Rounds", 4);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public void afterTestsStopped() throws Exception {
        super.afterTestsStopped();
        GridTestUtils.setFieldValue(User.class, "bCryptGensaltLog2Rounds", 10);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.common.GridCommonAbstractTest, org.apache.ignite.testframework.junits.GridAbstractTest
    public void beforeTest() throws Exception {
        super.beforeTest();
        U.resolveWorkDirectory(U.defaultWorkDirectory(), "db", true);
        startGrids(4);
        grid(0).cluster().active(true);
        this.actxDflt = grid(0).context().authentication().authenticate("ignite", "ignite");
        assertNotNull(this.actxDflt);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.ignite.testframework.junits.GridAbstractTest
    public void afterTest() throws Exception {
        stopAllGrids();
        super.afterTest();
    }

    @Test
    public void testDefaultUser() throws Exception {
        for (int i = 0; i < 4; i++) {
            AuthorizationContext authenticate = grid(i).context().authentication().authenticate("ignite", "ignite");
            assertNotNull(authenticate);
            assertEquals("ignite", authenticate.userName());
        }
    }

    @Test
    public void testDefaultUserUpdate() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        for (int i = 0; i < 4; i++) {
            try {
                grid(i).context().authentication().updateUser("ignite", "ignite" + i);
                for (int i2 = 0; i2 < 4; i2++) {
                    AuthorizationContext authenticate = grid(i2).context().authentication().authenticate("ignite", "ignite" + i);
                    assertNotNull(authenticate);
                    assertEquals("ignite", authenticate.userName());
                }
            } finally {
                AuthorizationContext.clear();
            }
        }
    }

    @Test
    public void testRemoveDefault() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        for (int i = 0; i < 4; i++) {
            try {
                final int i2 = i;
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.1
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().authentication().removeUser("ignite");
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "Default user cannot be removed");
                assertNotNull(grid(i2).context().authentication().authenticate("ignite", "ignite"));
            } catch (Throwable th) {
                AuthorizationContext.context((AuthorizationContext) null);
                throw th;
            }
        }
        AuthorizationContext.context((AuthorizationContext) null);
    }

    @Test
    public void testUserManagementPermission() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        try {
            grid(0).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME);
            AuthorizationContext authenticate = grid(0).context().authentication().authenticate(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME);
            for (int i = 0; i < 4; i++) {
                final int i2 = i;
                AuthorizationContext.context(authenticate);
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.2
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().authentication().addUser("test1", "test1");
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "User management operations are not allowed for user");
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.3
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().authentication().removeUser(GridStoreLoadCacheTest.CACHE_NAME);
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "User management operations are not allowed for user");
                grid(i2).context().authentication().updateUser(GridStoreLoadCacheTest.CACHE_NAME, "new_password");
                grid(i2).context().authentication().updateUser(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME);
                AuthorizationContext.context((AuthorizationContext) null);
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.4
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().authentication().removeUser(GridStoreLoadCacheTest.CACHE_NAME);
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "Operation not allowed: authorized context is empty");
            }
        } finally {
            AuthorizationContext.context((AuthorizationContext) null);
        }
    }

    @Test
    public void testProceedUsersOnJoinNode() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        try {
            grid(0).context().authentication().addUser("test0", GridStoreLoadCacheTest.CACHE_NAME);
            grid(0).context().authentication().addUser("test1", GridStoreLoadCacheTest.CACHE_NAME);
            startGrid(4);
            AuthorizationContext authenticate = grid(4).context().authentication().authenticate("test0", GridStoreLoadCacheTest.CACHE_NAME);
            AuthorizationContext authenticate2 = grid(4).context().authentication().authenticate("test1", GridStoreLoadCacheTest.CACHE_NAME);
            assertNotNull(authenticate);
            assertEquals("test0", authenticate.userName());
            assertNotNull(authenticate2);
            assertEquals("test1", authenticate2.userName());
            AuthorizationContext.context((AuthorizationContext) null);
        } catch (Throwable th) {
            AuthorizationContext.context((AuthorizationContext) null);
            throw th;
        }
    }

    @Test
    public void testAuthenticationInvalidUser() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        for (int i = 0; i < 4; i++) {
            try {
                final int i2 = i;
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.5
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().authentication().authenticate("invalid_name", GridStoreLoadCacheTest.CACHE_NAME);
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "The user name or password is incorrect");
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.6
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().authentication().authenticate(GridStoreLoadCacheTest.CACHE_NAME, "invalid_password");
                        return null;
                    }
                }, (Class<? extends Throwable>) IgniteAccessControlException.class, "The user name or password is incorrect");
            } catch (Throwable th) {
                AuthorizationContext.context((AuthorizationContext) null);
                throw th;
            }
        }
        AuthorizationContext.context((AuthorizationContext) null);
    }

    @Test
    public void testAddUpdateRemoveUser() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        for (int i = 0; i < 4; i++) {
            for (int i2 = 0; i2 < 4; i2++) {
                try {
                    checkAddUpdateRemoveUser(grid(i), grid(i2));
                } catch (Throwable th) {
                    AuthorizationContext.context((AuthorizationContext) null);
                    throw th;
                }
            }
        }
        AuthorizationContext.context((AuthorizationContext) null);
    }

    @Test
    public void testUpdateUser() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        try {
            grid(0).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME);
            AuthorizationContext authenticate = grid(0).context().authentication().authenticate(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME);
            for (int i = 0; i < 4; i++) {
                for (int i2 = 0; i2 < 4; i2++) {
                    checkUpdateUser(authenticate, grid(i), grid(i2));
                }
            }
        } finally {
            AuthorizationContext.context((AuthorizationContext) null);
        }
    }

    @Test
    public void testUpdateRemoveDoesNotExistsUser() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        for (int i = 0; i < 4; i++) {
            try {
                final int i2 = i;
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.7
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().authentication().updateUser("invalid_name", GridStoreLoadCacheTest.CACHE_NAME);
                        return null;
                    }
                }, (Class<? extends Throwable>) UserManagementException.class, "User doesn't exist");
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.8
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().authentication().removeUser("invalid_name");
                        return null;
                    }
                }, (Class<? extends Throwable>) UserManagementException.class, "User doesn't exist");
            } catch (Throwable th) {
                AuthorizationContext.context((AuthorizationContext) null);
                throw th;
            }
        }
        AuthorizationContext.context((AuthorizationContext) null);
    }

    @Test
    public void testAddAlreadyExistsUser() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        try {
            grid(0).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME);
            for (int i = 0; i < 4; i++) {
                final int i2 = i;
                GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.9
                    @Override // java.util.concurrent.Callable
                    public Object call() throws Exception {
                        AuthenticationProcessorSelfTest.this.grid(i2).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, "new_passwd");
                        return null;
                    }
                }, (Class<? extends Throwable>) UserManagementException.class, "User already exists");
            }
            AuthorizationContext.context((AuthorizationContext) null);
        } catch (Throwable th) {
            AuthorizationContext.context((AuthorizationContext) null);
            throw th;
        }
    }

    @Test
    public void testAuthorizeOnClientDisconnect() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        grid(3).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME);
        AuthorizationContext.context((AuthorizationContext) null);
        final IgniteInternalFuture runAsync = GridTestUtils.runAsync(new Runnable() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.10
            @Override // java.lang.Runnable
            public void run() {
                for (int i = 0; i < 3; i++) {
                    try {
                        Thread.sleep(500L);
                        AuthenticationProcessorSelfTest.this.stopGrid(i);
                    } catch (Exception e) {
                        e.printStackTrace();
                        AuthenticationProcessorSelfTest.fail("Unexpected exception");
                        return;
                    }
                }
            }
        });
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.11
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                while (!runAsync.isDone()) {
                    AuthenticationProcessorSelfTest.assertNotNull(AuthenticationProcessorSelfTest.this.grid(3).context().authentication().authenticate(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME));
                }
                return null;
            }
        }, (Class<? extends Throwable>) IgniteCheckedException.class, "Client node was disconnected from topology (operation result is unknown)");
        runAsync.get();
    }

    @Test
    public void testConcurrentAddRemove() throws Exception {
        final AtomicInteger atomicInteger = new AtomicInteger();
        GridTestUtils.runMultiThreaded(new Runnable() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.12
            @Override // java.lang.Runnable
            public void run() {
                AuthorizationContext.context(AuthenticationProcessorSelfTest.this.actxDflt);
                String str = GridStoreLoadCacheTest.CACHE_NAME + atomicInteger.getAndIncrement();
                for (int i = 0; i < 10; i++) {
                    try {
                        AuthenticationProcessorSelfTest.this.grid(3).context().authentication().addUser(str, "passwd_" + str);
                        AuthenticationProcessorSelfTest.this.grid(3).context().authentication().removeUser(str);
                    } catch (Exception e) {
                        e.printStackTrace();
                        AuthenticationProcessorSelfTest.fail("Unexpected exception");
                        return;
                    }
                }
            }
        }, 10, "user-op");
    }

    @Test
    public void testUserPersistence() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        for (int i = 0; i < 4; i++) {
            try {
                grid(i).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME + i, "passwd" + i);
            } finally {
                AuthorizationContext.clear();
            }
        }
        grid(3).context().authentication().updateUser("ignite", "new_passwd");
        stopAllGrids();
        startGrids(4);
        for (int i2 = 0; i2 < 4; i2++) {
            for (int i3 = 0; i3 < 4; i3++) {
                AuthorizationContext authenticate = grid(i2).context().authentication().authenticate(GridStoreLoadCacheTest.CACHE_NAME + i3, "passwd" + i3);
                assertNotNull(authenticate);
                assertEquals(GridStoreLoadCacheTest.CACHE_NAME + i3, authenticate.userName());
            }
            AuthorizationContext authenticate2 = grid(i2).context().authentication().authenticate("ignite", "new_passwd");
            assertNotNull(authenticate2);
            assertEquals("ignite", authenticate2.userName());
        }
    }

    @Test
    public void testDefaultUserPersistence() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        try {
            grid(3).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, "passwd");
            stopAllGrids();
            U.sleep(500L);
            startGrids(4);
            for (int i = 0; i < 4; i++) {
                AuthorizationContext authenticate = grid(i).context().authentication().authenticate("ignite", "ignite");
                assertNotNull(authenticate);
                assertEquals("ignite", authenticate.userName());
                AuthorizationContext authenticate2 = grid(i).context().authentication().authenticate(GridStoreLoadCacheTest.CACHE_NAME, "passwd");
                assertNotNull(authenticate2);
                assertEquals(GridStoreLoadCacheTest.CACHE_NAME, authenticate2.userName());
            }
        } finally {
            AuthorizationContext.clear();
        }
    }

    @Test
    public void testInvalidUserNamePassword() throws Exception {
        AuthorizationContext.context(this.actxDflt);
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.13
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().authentication().addUser((String) null, GridStoreLoadCacheTest.CACHE_NAME);
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "User name is empty");
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.14
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().authentication().addUser("", GridStoreLoadCacheTest.CACHE_NAME);
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "User name is empty");
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.15
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, (String) null);
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "Password is empty");
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.16
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, "");
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "Password is empty");
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.17
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().authentication().addUser("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "a");
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "User name is too long");
    }

    private void checkInvalidUsername(String str) {
    }

    private void checkInvalidPassword(final String str) {
        AuthorizationContext.context(this.actxDflt);
        GridTestUtils.assertThrows(log, (Callable<?>) new Callable<Object>() { // from class: org.apache.ignite.internal.processors.authentication.AuthenticationProcessorSelfTest.18
            @Override // java.util.concurrent.Callable
            public Object call() throws Exception {
                AuthenticationProcessorSelfTest.this.grid(3).context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, str);
                return null;
            }
        }, (Class<? extends Throwable>) UserManagementException.class, "Invalid user name");
    }

    private void checkAddUpdateRemoveUser(IgniteEx igniteEx, IgniteEx igniteEx2) throws Exception {
        igniteEx.context().authentication().addUser(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME);
        AuthorizationContext authenticate = igniteEx2.context().authentication().authenticate(GridStoreLoadCacheTest.CACHE_NAME, GridStoreLoadCacheTest.CACHE_NAME);
        assertNotNull(authenticate);
        assertEquals(GridStoreLoadCacheTest.CACHE_NAME, authenticate.userName());
        igniteEx.context().authentication().updateUser(GridStoreLoadCacheTest.CACHE_NAME, "newpasswd");
        AuthorizationContext authenticate2 = igniteEx2.context().authentication().authenticate(GridStoreLoadCacheTest.CACHE_NAME, "newpasswd");
        assertNotNull(authenticate2);
        assertEquals(GridStoreLoadCacheTest.CACHE_NAME, authenticate2.userName());
        igniteEx.context().authentication().removeUser(GridStoreLoadCacheTest.CACHE_NAME);
    }

    private void checkUpdateUser(AuthorizationContext authorizationContext, IgniteEx igniteEx, IgniteEx igniteEx2) throws Exception {
        String randomString = randomString(16);
        igniteEx.context().authentication().updateUser(GridStoreLoadCacheTest.CACHE_NAME, randomString);
        AuthorizationContext authenticate = igniteEx2.context().authentication().authenticate(GridStoreLoadCacheTest.CACHE_NAME, randomString);
        assertNotNull(authenticate);
        assertEquals(GridStoreLoadCacheTest.CACHE_NAME, authenticate.userName());
    }
}
