package io.trino.plugin.password.ldap;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.io.Closer;
import io.trino.plugin.base.jndi.JndiUtils;
import io.trino.testing.TestingProperties;
import java.io.Closeable;
import java.io.IOException;
import java.time.Duration;
import java.util.Objects;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.containers.Network;
import org.testcontainers.containers.startupcheck.IsRunningStartupCheckStrategy;
import org.testcontainers.containers.wait.strategy.HostPortWaitStrategy;

/* loaded from: input_file:io/trino/plugin/password/ldap/TestingOpenLdapServer.class */
public class TestingOpenLdapServer implements Closeable {
    private static final String BASE_DISTINGUISED_NAME = "dc=trino,dc=testldap,dc=com";
    public static final int LDAP_PORT = 389;
    private final Closer closer = Closer.create();
    private final GenericContainer<?> openLdapServer;

    /* loaded from: input_file:io/trino/plugin/password/ldap/TestingOpenLdapServer$DisposableSubContext.class */
    public class DisposableSubContext implements AutoCloseable {
        private final String distinguishedName;

        public DisposableSubContext(String str) {
            this.distinguishedName = (String) Objects.requireNonNull(str, "distinguishedName is null");
        }

        public String getDistinguishedName() {
            return this.distinguishedName;
        }

        @Override // java.lang.AutoCloseable
        public void close() throws Exception {
            DirContext createContext = TestingOpenLdapServer.this.createContext();
            createContext.destroySubcontext(this.distinguishedName);
            createContext.close();
        }
    }

    public TestingOpenLdapServer(Network network) {
        this.openLdapServer = new GenericContainer("ghcr.io/trinodb/testing/centos7-oj11-openldap:" + TestingProperties.getDockerImagesVersion()).withNetwork(network).withExposedPorts(new Integer[]{Integer.valueOf(LDAP_PORT)}).withStartupCheckStrategy(new IsRunningStartupCheckStrategy()).waitingFor(new HostPortWaitStrategy()).withStartupTimeout(Duration.ofMinutes(5L));
        Closer closer = this.closer;
        GenericContainer<?> genericContainer = this.openLdapServer;
        Objects.requireNonNull(genericContainer);
        closer.register(genericContainer::close);
    }

    public void start() {
        this.openLdapServer.start();
    }

    public String getNetworkAlias() {
        return (String) this.openLdapServer.getNetworkAliases().get(0);
    }

    public String getLdapUrl() {
        return String.format("ldap://%s:%s", this.openLdapServer.getContainerIpAddress(), this.openLdapServer.getMappedPort(LDAP_PORT));
    }

    public DisposableSubContext createOrganization() throws NamingException {
        DirContext createContext = createContext();
        try {
            return new DisposableSubContext(LdapUtil.addLdapDefinition(LdapUtil.buildLdapOrganizationObject("organization_" + LdapUtil.randomSuffix(), BASE_DISTINGUISED_NAME), createContext));
        } finally {
            createContext.close();
        }
    }

    public DisposableSubContext createGroup(DisposableSubContext disposableSubContext) throws Exception {
        DirContext createContext = createContext();
        try {
            DisposableSubContext disposableSubContext2 = new DisposableSubContext(LdapUtil.addLdapDefinition(LdapUtil.buildLdapGroupObject(disposableSubContext.getDistinguishedName(), "group_" + LdapUtil.randomSuffix()), createContext));
            createContext.close();
            return disposableSubContext2;
        } catch (Throwable th) {
            createContext.close();
            throw th;
        }
    }

    public DisposableSubContext createUser(DisposableSubContext disposableSubContext, String str, String str2) throws Exception {
        DirContext createContext = createContext();
        try {
            DisposableSubContext disposableSubContext2 = new DisposableSubContext(LdapUtil.addLdapDefinition(LdapUtil.buildLdapUserObject(disposableSubContext.getDistinguishedName(), str, str2), createContext));
            createContext.close();
            return disposableSubContext2;
        } catch (Throwable th) {
            createContext.close();
            throw th;
        }
    }

    public void addUserToGroup(DisposableSubContext disposableSubContext, DisposableSubContext disposableSubContext2) throws Exception {
        DirContext createContext = createContext();
        try {
            LdapUtil.addAttributesToExistingLdapObjects(disposableSubContext2.getDistinguishedName(), ImmutableMap.of(LdapUtil.MEMBER, ImmutableList.of(disposableSubContext.getDistinguishedName())), createContext);
            createContext.close();
        } catch (Throwable th) {
            createContext.close();
            throw th;
        }
    }

    private DirContext createContext() {
        try {
            return JndiUtils.createDirContext(ImmutableMap.builder().put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory").put("java.naming.provider.url", getLdapUrl()).put("java.naming.security.authentication", "simple").put("java.naming.security.principal", "cn=admin,dc=trino,dc=testldap,dc=com").put("java.naming.security.credentials", "admin").buildOrThrow());
        } catch (NamingException e) {
            throw new RuntimeException("Connection to LDAP server failed", e);
        }
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        this.closer.close();
    }
}
