package io.trino.plugin.password.ldap;

import com.google.common.io.Closer;
import eu.rekawek.toxiproxy.model.ToxicDirection;
import io.airlift.units.Duration;
import io.trino.plugin.base.ldap.JdkLdapClient;
import io.trino.plugin.base.ldap.LdapClientConfig;
import io.trino.plugin.password.ldap.TestingOpenLdapServer;
import io.trino.spi.security.BasicPrincipal;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
import org.assertj.core.api.Assertions;
import org.testcontainers.containers.Network;
import org.testcontainers.containers.ToxiproxyContainer;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;

/* loaded from: input_file:io/trino/plugin/password/ldap/TestLdapAuthenticatorWithTimeouts.class */
public class TestLdapAuthenticatorWithTimeouts {
    private final Closer closer = Closer.create();
    private TestingOpenLdapServer openLdapServer;
    private String proxyLdapUrl;

    @BeforeClass
    public void setup() throws Exception {
        Network newNetwork = Network.newNetwork();
        Closer closer = this.closer;
        Objects.requireNonNull(newNetwork);
        closer.register(newNetwork::close);
        ToxiproxyContainer withNetwork = new ToxiproxyContainer("shopify/toxiproxy:2.1.0").withNetwork(newNetwork);
        Closer closer2 = this.closer;
        Objects.requireNonNull(withNetwork);
        closer2.register(withNetwork::close);
        withNetwork.start();
        this.openLdapServer = new TestingOpenLdapServer(newNetwork);
        this.closer.register(this.openLdapServer);
        this.openLdapServer.start();
        ToxiproxyContainer.ContainerProxy proxy = withNetwork.getProxy(this.openLdapServer.getNetworkAlias(), TestingOpenLdapServer.LDAP_PORT);
        proxy.toxics().latency("latency", ToxicDirection.DOWNSTREAM, 5000L);
        this.proxyLdapUrl = String.format("ldap://%s:%s", proxy.getContainerIpAddress(), Integer.valueOf(proxy.getProxyPort()));
    }

    @AfterClass(alwaysRun = true)
    public void close() throws Exception {
        this.closer.close();
    }

    @Test
    public void testConnectTimeout() throws Exception {
        TestingOpenLdapServer.DisposableSubContext createOrganization = this.openLdapServer.createOrganization();
        try {
            TestingOpenLdapServer.DisposableSubContext createUser = this.openLdapServer.createUser(createOrganization, "alice", "alice-pass");
            try {
                LdapClientConfig ldapConnectionTimeout = new LdapClientConfig().setLdapUrl(this.proxyLdapUrl).setLdapConnectionTimeout(new Duration(1.0d, TimeUnit.SECONDS));
                LdapAuthenticatorConfig userBindSearchPatterns = new LdapAuthenticatorConfig().setUserBindSearchPatterns("uid=${USER}," + createOrganization.getDistinguishedName());
                LdapAuthenticator ldapAuthenticator = new LdapAuthenticator(new LdapAuthenticatorClient(new JdkLdapClient(ldapConnectionTimeout)), userBindSearchPatterns);
                Assertions.assertThatThrownBy(() -> {
                    ldapAuthenticator.createAuthenticatedPrincipal("alice", "alice-pass");
                }).isInstanceOf(RuntimeException.class).hasMessageMatching(".*Authentication error.*");
                Assert.assertEquals(new LdapAuthenticator(new LdapAuthenticatorClient(new JdkLdapClient(ldapConnectionTimeout.setLdapConnectionTimeout(new Duration(30.0d, TimeUnit.SECONDS)))), userBindSearchPatterns).createAuthenticatedPrincipal("alice", "alice-pass"), new BasicPrincipal("alice"));
                if (createUser != null) {
                    createUser.close();
                }
                if (createOrganization != null) {
                    createOrganization.close();
                }
            } finally {
            }
        } catch (Throwable th) {
            if (createOrganization != null) {
                try {
                    createOrganization.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Test
    public void testReadTimeout() throws Exception {
        TestingOpenLdapServer.DisposableSubContext createOrganization = this.openLdapServer.createOrganization();
        try {
            TestingOpenLdapServer.DisposableSubContext createGroup = this.openLdapServer.createGroup(createOrganization);
            try {
                TestingOpenLdapServer.DisposableSubContext createUser = this.openLdapServer.createUser(createOrganization, "alice", "alice-pass");
                try {
                    this.openLdapServer.addUserToGroup(createUser, createGroup);
                    LdapClientConfig ldapReadTimeout = new LdapClientConfig().setLdapUrl(this.proxyLdapUrl).setLdapReadTimeout(new Duration(1.0d, TimeUnit.SECONDS));
                    LdapAuthenticatorConfig groupAuthorizationSearchPattern = new LdapAuthenticatorConfig().setUserBindSearchPatterns("uid=${USER}," + createOrganization.getDistinguishedName()).setUserBaseDistinguishedName(createOrganization.getDistinguishedName()).setGroupAuthorizationSearchPattern(String.format("(&(objectClass=groupOfNames)(cn=group_*)(member=uid=${USER},%s))", createOrganization.getDistinguishedName()));
                    LdapAuthenticator ldapAuthenticator = new LdapAuthenticator(new LdapAuthenticatorClient(new JdkLdapClient(ldapReadTimeout)), groupAuthorizationSearchPattern);
                    Assertions.assertThatThrownBy(() -> {
                        ldapAuthenticator.createAuthenticatedPrincipal("alice", "alice-pass");
                    }).isInstanceOf(RuntimeException.class).hasMessageMatching(".*Authentication error.*");
                    Assert.assertEquals(new LdapAuthenticator(new LdapAuthenticatorClient(new JdkLdapClient(ldapReadTimeout.setLdapReadTimeout(new Duration(30.0d, TimeUnit.SECONDS)))), groupAuthorizationSearchPattern).createAuthenticatedPrincipal("alice", "alice-pass"), new BasicPrincipal("alice"));
                    if (createUser != null) {
                        createUser.close();
                    }
                    if (createGroup != null) {
                        createGroup.close();
                    }
                    if (createOrganization != null) {
                        createOrganization.close();
                    }
                } catch (Throwable th) {
                    if (createUser != null) {
                        try {
                            createUser.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (Throwable th3) {
            if (createOrganization != null) {
                try {
                    createOrganization.close();
                } catch (Throwable th4) {
                    th3.addSuppressed(th4);
                }
            }
            throw th3;
        }
    }
}
