package com.atlassian.crowd.acceptance.tests.rest.service.client;

import com.atlassian.crowd.acceptance.tests.applications.crowd.CrowdAcceptanceTestCase;
import com.atlassian.crowd.embedded.api.PasswordCredential;
import com.atlassian.crowd.exception.ApplicationPermissionException;
import com.atlassian.crowd.exception.InvalidAuthenticationException;
import com.atlassian.crowd.exception.InvalidCredentialException;
import com.atlassian.crowd.exception.InvalidTokenException;
import com.atlassian.crowd.exception.MembershipAlreadyExistsException;
import com.atlassian.crowd.exception.OperationFailedException;
import com.atlassian.crowd.exception.WebhookNotFoundException;
import com.atlassian.crowd.integration.rest.service.RestCrowdClient;
import com.atlassian.crowd.model.authentication.Session;
import com.atlassian.crowd.model.authentication.UserAuthenticationContext;
import com.atlassian.crowd.model.authentication.ValidationFactor;
import com.atlassian.crowd.model.group.Group;
import com.atlassian.crowd.model.group.GroupWithAttributes;
import com.atlassian.crowd.model.user.User;
import com.atlassian.crowd.model.user.UserTemplate;
import com.atlassian.crowd.model.user.UserWithAttributes;
import com.atlassian.crowd.password.encoder.AtlassianSHA1PasswordEncoder;
import com.atlassian.crowd.search.builder.Restriction;
import com.atlassian.crowd.search.query.entity.restriction.constants.GroupTermKeys;
import com.atlassian.crowd.search.query.entity.restriction.constants.UserTermKeys;
import com.atlassian.crowd.service.client.ClientPropertiesImpl;
import com.atlassian.crowd.service.client.CrowdClient;
import com.atlassian.crowd.test.matchers.CrowdMatchers;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import org.hamcrest.Matchers;
import org.hamcrest.number.OrderingComparison;
import org.junit.Assert;

/* loaded from: input_file:com/atlassian/crowd/acceptance/tests/rest/service/client/RestCrowdClientTest.class */
public class RestCrowdClientTest extends CrowdAcceptanceTestCase {
    private static final String APPLICATION_NAME = "crowd";
    private static final String APPLICATION_PASSWORD = "qybhDMZh";
    private static final ValidationFactor[] NO_VALIDATION_FACTORS = new ValidationFactor[0];
    private static final String NON_EXISTENT_TOKEN = "this-token-key-does-not-exist";
    private static final long NON_EXISTENT_WEBHOOKID = 999;
    private CrowdClient crowdClient;

    @Override // com.atlassian.crowd.acceptance.tests.applications.crowd.CrowdAcceptanceTestCase
    public void setUp() throws Exception {
        super.setUp();
        Properties properties = new Properties();
        properties.setProperty("crowd.base.url", HOST_PATH);
        properties.setProperty("application.name", APPLICATION_NAME);
        properties.setProperty("application.password", APPLICATION_PASSWORD);
        this.crowdClient = new RestCrowdClient(ClientPropertiesImpl.newInstanceFromProperties(properties));
        restoreCrowdFromXML("remotecrowddirectory.xml");
    }

    public void testGetUser() throws Exception {
        User user = this.crowdClient.getUser("admin");
        assertEquals("admin", user.getName());
        assertEquals("bob", user.getFirstName());
        assertEquals("the builder", user.getLastName());
        assertEquals("bob@example.net", user.getEmailAddress());
        assertTrue(user.isActive());
        assertEquals("2:externalId", user.getExternalId());
    }

    public void testGetUserByKey() throws Exception {
        User userByKey = this.crowdClient.getUserByKey("2:externalId");
        assertEquals("admin", userByKey.getName());
        assertEquals("bob", userByKey.getFirstName());
        assertEquals("the builder", userByKey.getLastName());
        assertEquals("bob@example.net", userByKey.getEmailAddress());
        assertTrue(userByKey.isActive());
        assertEquals("2:externalId", userByKey.getExternalId());
    }

    public void testGetGroupNameMembershipsForGroup() throws Exception {
        List asList = Arrays.asList("crowd-testers", "crowd-users");
        List namesOfParentGroupsForGroup = this.crowdClient.getNamesOfParentGroupsForGroup("badgers", 0, 50);
        assertNotNull(namesOfParentGroupsForGroup);
        assertEquals(asList.size(), namesOfParentGroupsForGroup.size());
        assertTrue(namesOfParentGroupsForGroup.containsAll(asList));
    }

    public void testGetGroupNameMembershipsForGroup_InvalidStartIndex() throws Exception {
        try {
            this.crowdClient.getNamesOfParentGroupsForGroup("badgers", -1, 50);
            fail("Expected OperationFailedException");
        } catch (OperationFailedException e) {
        }
    }

    public void testGetGroupNameMembershipsForGroup_NonExistentGroup() throws Exception {
        List namesOfParentGroupsForGroup = this.crowdClient.getNamesOfParentGroupsForGroup("non-existent", 0, 50);
        assertNotNull(namesOfParentGroupsForGroup);
        assertTrue(namesOfParentGroupsForGroup.isEmpty());
    }

    public void testGetNestedUserNameMembersOfGroup() throws Exception {
        List asList = Arrays.asList("secondadmin", "penny", "admin", "eeeep");
        List namesOfNestedUsersOfGroup = this.crowdClient.getNamesOfNestedUsersOfGroup("crowd-administrators", 0, 50);
        assertNotNull(namesOfNestedUsersOfGroup);
        assertEquals(asList.size(), namesOfNestedUsersOfGroup.size());
        assertTrue(namesOfNestedUsersOfGroup.containsAll(asList));
    }

    public void testGetNestedUserNameMembersOfGroup_NonExistentGroup() throws Exception {
        List namesOfNestedUsersOfGroup = this.crowdClient.getNamesOfNestedUsersOfGroup("non-existent", 0, 50);
        assertNotNull(namesOfNestedUsersOfGroup);
        assertTrue(namesOfNestedUsersOfGroup.isEmpty());
    }

    public void testGetNestedGroupMembersOfGroup() throws Exception {
        List asList = Arrays.asList("crowd-testers", "badgers");
        List nestedChildGroupsOfGroup = this.crowdClient.getNestedChildGroupsOfGroup("crowd-administrators", 0, 50);
        assertNotNull(nestedChildGroupsOfGroup);
        ArrayList arrayList = new ArrayList(nestedChildGroupsOfGroup.size());
        Iterator it = nestedChildGroupsOfGroup.iterator();
        while (it.hasNext()) {
            arrayList.add(((Group) it.next()).getName());
        }
        assertEquals(asList.size(), arrayList.size());
        assertTrue(arrayList.containsAll(asList));
    }

    public void testGetNestedGroupMembersOfGroup_NonExistentGroup() throws Exception {
        List nestedChildGroupsOfGroup = this.crowdClient.getNestedChildGroupsOfGroup("non-existent", 0, 50);
        assertNotNull(nestedChildGroupsOfGroup);
        assertTrue(nestedChildGroupsOfGroup.isEmpty());
    }

    public void testGetNestedGroupNameMembersOfGroup() throws Exception {
        List asList = Arrays.asList("crowd-testers", "badgers");
        List namesOfNestedChildGroupsOfGroup = this.crowdClient.getNamesOfNestedChildGroupsOfGroup("crowd-administrators", 0, 50);
        assertNotNull(namesOfNestedChildGroupsOfGroup);
        assertEquals(asList.size(), namesOfNestedChildGroupsOfGroup.size());
        assertTrue(namesOfNestedChildGroupsOfGroup.containsAll(asList));
    }

    public void testGetNestedGroupNameMembersOfGroup_NonExistent() throws Exception {
        List asList = Arrays.asList("crowd-testers", "badgers");
        List namesOfNestedChildGroupsOfGroup = this.crowdClient.getNamesOfNestedChildGroupsOfGroup("crowd-administrators", 0, 50);
        assertNotNull(namesOfNestedChildGroupsOfGroup);
        assertEquals(asList.size(), namesOfNestedChildGroupsOfGroup.size());
        assertTrue(namesOfNestedChildGroupsOfGroup.containsAll(asList));
    }

    public void testGetNestedGroupMembershipsForUser() throws Exception {
        List asList = Arrays.asList("crowd-administrators", "crowd-testers", "badgers", "crowd-users");
        List groupsForNestedUser = this.crowdClient.getGroupsForNestedUser("admin", 0, 50);
        assertNotNull(groupsForNestedUser);
        ArrayList arrayList = new ArrayList();
        Iterator it = groupsForNestedUser.iterator();
        while (it.hasNext()) {
            arrayList.add(((Group) it.next()).getName());
        }
        assertEquals(asList.size(), arrayList.size());
        assertTrue(arrayList.containsAll(asList));
    }

    public void testGetNestedGroupMembershipsForUser_NonExistent() throws Exception {
        List groupsForNestedUser = this.crowdClient.getGroupsForNestedUser("non-existent", 0, 50);
        assertNotNull(groupsForNestedUser);
        assertTrue(groupsForNestedUser.isEmpty());
    }

    public void testGetNestedGroupNameMembershipsForUser() throws Exception {
        List asList = Arrays.asList("crowd-administrators", "crowd-testers", "badgers", "crowd-users");
        List namesOfGroupsForNestedUser = this.crowdClient.getNamesOfGroupsForNestedUser("admin", 0, 50);
        assertNotNull(namesOfGroupsForNestedUser);
        assertTrue(namesOfGroupsForNestedUser.containsAll(asList));
    }

    public void testGetNestedGroupNameMembershipsForUser_NonExistent() throws Exception {
        List namesOfGroupsForNestedUser = this.crowdClient.getNamesOfGroupsForNestedUser("non-existent", 0, 50);
        assertNotNull(namesOfGroupsForNestedUser);
        assertTrue(namesOfGroupsForNestedUser.isEmpty());
    }

    public void testGetNestedGroupMembershipsForGroup() throws Exception {
        List asList = Arrays.asList("crowd-administrators", "crowd-testers", "crowd-users");
        List parentGroupsForNestedGroup = this.crowdClient.getParentGroupsForNestedGroup("badgers", 0, 50);
        assertNotNull(parentGroupsForNestedGroup);
        ArrayList arrayList = new ArrayList();
        Iterator it = parentGroupsForNestedGroup.iterator();
        while (it.hasNext()) {
            arrayList.add(((Group) it.next()).getName());
        }
        assertEquals(asList.size(), arrayList.size());
        assertTrue(arrayList.containsAll(asList));
    }

    public void testGetNestedGroupMembershipsForGroup_NonExistent() throws Exception {
        List parentGroupsForNestedGroup = this.crowdClient.getParentGroupsForNestedGroup("non-existent", 0, 50);
        assertNotNull(parentGroupsForNestedGroup);
        assertTrue(parentGroupsForNestedGroup.isEmpty());
    }

    public void testGetNestedGroupNameMembershipsForGroup() throws Exception {
        List asList = Arrays.asList("crowd-administrators", "crowd-testers", "crowd-users");
        List namesOfParentGroupsForNestedGroup = this.crowdClient.getNamesOfParentGroupsForNestedGroup("badgers", 0, 50);
        assertNotNull(namesOfParentGroupsForNestedGroup);
        assertEquals(asList.size(), namesOfParentGroupsForNestedGroup.size());
        assertTrue(namesOfParentGroupsForNestedGroup.containsAll(asList));
    }

    public void testGetNestedGroupNameMembershipsForGroup_NonExistent() throws Exception {
        List namesOfParentGroupsForNestedGroup = this.crowdClient.getNamesOfParentGroupsForNestedGroup("non-existent", 0, 50);
        assertNotNull(namesOfParentGroupsForNestedGroup);
        assertTrue(namesOfParentGroupsForNestedGroup.isEmpty());
    }

    public void testAddUser() throws Exception {
        intendToModifyData();
        this.crowdClient.addUser(new UserTemplate("newuser", "fname", "lname", "dname"), PasswordCredential.unencrypted("newpassword"));
        assertNotNull("An identifier should be generated for the user", this.crowdClient.getUser("newuser").getExternalId());
    }

    public void testAddUserWithEncryptedPassword() throws Exception {
        intendToModifyData();
        String encodePassword = new AtlassianSHA1PasswordEncoder().encodePassword("encoded-password", (Object) null);
        UserTemplate userTemplate = new UserTemplate("newuser", "fname", "lname", "dname");
        userTemplate.setActive(true);
        this.crowdClient.addUser(userTemplate, PasswordCredential.encrypted(encodePassword));
        this.crowdClient.addUserToGroup("newuser", "crowd-administrators");
        assertNotNull("An identifier should be generated for the user", this.crowdClient.authenticateUser("newuser", "encoded-password").getExternalId());
    }

    public void testRenameUser() throws Exception {
        intendToModifyData();
        Assert.assertThat(this.crowdClient.renameUser("eeeep", "abc123").getName(), Matchers.is("abc123"));
    }

    public void testUpdateUserCredential() throws Exception {
        intendToModifyData();
        this.crowdClient.authenticateUser("eeeep", "abc123");
        this.crowdClient.updateUserCredential("eeeep", "newpassword");
        try {
            this.crowdClient.authenticateUser("eeeep", "abc123");
            fail("User should no longer be able to authenticate with the old password");
        } catch (InvalidAuthenticationException e) {
        }
        this.crowdClient.authenticateUser("eeeep", "newpassword");
    }

    public void testUpdateUserCredentialToNone() throws Exception {
        intendToModifyData();
        this.crowdClient.authenticateUser("eeeep", "abc123");
        this.crowdClient.updateUserCredential("eeeep", (String) null);
        try {
            this.crowdClient.authenticateUser("eeeep", "abc123");
            fail("User should no longer be able to authenticate with the old password");
        } catch (InvalidAuthenticationException e) {
        }
    }

    public void testUpdateUserCredentialPasswordDoesNotMatchDirectoryComplexityRequirement() throws Exception {
        intendToModifyData();
        this.crowdClient.authenticateUser("eeeep", "abc123");
        try {
            this.crowdClient.updateUserCredential("eeeep", "PASSWORD-WITHOUT-LOWERCASE");
            fail("The password shouldn't be changed if it does not match the directory complexity requirements");
        } catch (InvalidCredentialException e) {
            Assert.assertThat(e.getMessage(), Matchers.containsString("Passwords must contain at least one lowercase character"));
        }
        this.crowdClient.authenticateUser("eeeep", "abc123");
    }

    public void testConnectToInvalidRestService() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("crowd.base.url", HOST_PATH + "/badservice");
        properties.setProperty("application.name", APPLICATION_NAME);
        properties.setProperty("application.password", APPLICATION_PASSWORD);
        try {
            new RestCrowdClient(ClientPropertiesImpl.newInstanceFromProperties(properties)).testConnection();
            fail("OperationFailedException expected.");
        } catch (OperationFailedException e) {
        }
    }

    public void testConnectToRestService_WrongPassword() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("crowd.base.url", HOST_PATH);
        properties.setProperty("application.name", APPLICATION_NAME);
        properties.setProperty("application.password", "blah");
        try {
            new RestCrowdClient(ClientPropertiesImpl.newInstanceFromProperties(properties)).testConnection();
            fail("OperationFailedException expected.");
        } catch (InvalidAuthenticationException e) {
            assertEquals("Application failed to authenticate", e.getMessage());
        }
    }

    public void testGetMemberships() throws Exception {
        Iterable memberships = this.crowdClient.getMemberships();
        assertNotNull(memberships);
        Iterator it = memberships.iterator();
        assertTrue(it.hasNext());
        assertNotNull(it.next());
    }

    public void testQueryForNullFirstNames() throws Exception {
        assertEquals(Collections.emptyList(), this.crowdClient.searchUsers(Restriction.on(UserTermKeys.FIRST_NAME).isNull(), 0, -1));
    }

    public void testSearchGroupsWithAttributes() throws Exception {
        Assert.assertThat(this.crowdClient.searchGroupsWithAttributes(Restriction.on(GroupTermKeys.NAME).exactlyMatching("badgers"), 0, -1), Matchers.contains(CrowdMatchers.entityWithAttributes(GroupWithAttributes.class).hasEntry("secret-location", "hollow")));
    }

    public void testMailUsernamesFailsWithUnknownAddress() throws Exception {
        try {
            this.crowdClient.requestUsernames("no-user-with@this-email-address.invalid");
            fail("Request for usernames should fail for unused email address.");
        } catch (OperationFailedException e) {
            assertEquals("Not Found", e.getMessage());
        }
    }

    public void testUpdateGroupWithAttributes() throws Exception {
        intendToModifyData();
        this.crowdClient.storeGroupAttributes("badgers", ImmutableMap.of("favourite-colour", ImmutableSet.of("green")));
        Assert.assertThat(this.crowdClient.getGroupWithAttributes("badgers"), CrowdMatchers.entityWithAttributes(UserWithAttributes.class).hasEntry("favourite-colour", "green"));
    }

    public void testSSOUserWithDefaultTokenDuration() throws Exception {
        intendToModifyData();
        _invalidateExistingSessions("admin");
        String authenticateSSOUser = this.crowdClient.authenticateSSOUser(new UserAuthenticationContext("admin", new PasswordCredential("admin"), NO_VALIDATION_FACTORS, APPLICATION_NAME));
        this.crowdClient.validateSSOAuthentication(authenticateSSOUser, Arrays.asList(NO_VALIDATION_FACTORS));
        Session validateSSOAuthenticationAndGetSession = this.crowdClient.validateSSOAuthenticationAndGetSession(authenticateSSOUser, Arrays.asList(NO_VALIDATION_FACTORS));
        assertNotNull("Session should have a token key", validateSSOAuthenticationAndGetSession.getToken());
        assertNotNull("Session should have a creation date", validateSSOAuthenticationAndGetSession.getCreatedDate());
        assertNotNull("Session should have a expiry date", validateSSOAuthenticationAndGetSession.getExpiryDate());
        Assert.assertThat("Session should have some duration", validateSSOAuthenticationAndGetSession.getCreatedDate(), OrderingComparison.lessThan(validateSSOAuthenticationAndGetSession.getExpiryDate()));
        this.crowdClient.invalidateSSOToken(authenticateSSOUser);
        try {
            this.crowdClient.validateSSOAuthentication(authenticateSSOUser, Arrays.asList(NO_VALIDATION_FACTORS));
            fail("Token should no longer be valid");
        } catch (InvalidTokenException e) {
        }
    }

    public void testSSOUserWithZeroLivedToken() throws Exception {
        intendToModifyData();
        _invalidateExistingSessions("admin");
        try {
            this.crowdClient.validateSSOAuthentication(this.crowdClient.authenticateSSOUser(new UserAuthenticationContext("admin", new PasswordCredential("admin"), NO_VALIDATION_FACTORS, APPLICATION_NAME), 0L), Arrays.asList(NO_VALIDATION_FACTORS));
            fail("Token should have expired already");
        } catch (InvalidTokenException e) {
        }
    }

    public void testInvalidateAllSSOTokensForUser() throws Exception {
        intendToModifyData();
        _invalidateExistingSessions("admin");
        String authenticateSSOUser = this.crowdClient.authenticateSSOUser(new UserAuthenticationContext("admin", new PasswordCredential("admin"), NO_VALIDATION_FACTORS, APPLICATION_NAME));
        this.crowdClient.validateSSOAuthentication(authenticateSSOUser, Arrays.asList(NO_VALIDATION_FACTORS));
        this.crowdClient.invalidateSSOTokensForUser("admin");
        try {
            this.crowdClient.validateSSOAuthentication(authenticateSSOUser, Arrays.asList(NO_VALIDATION_FACTORS));
            fail("Token should no longer be valid");
        } catch (InvalidTokenException e) {
        }
    }

    public void testInvalidateAllOtherSSOTokensForUser() throws Exception {
        intendToModifyData();
        _invalidateExistingSessions("admin");
        String authenticateSSOUser = this.crowdClient.authenticateSSOUser(new UserAuthenticationContext("admin", new PasswordCredential("admin"), NO_VALIDATION_FACTORS, APPLICATION_NAME));
        this.crowdClient.validateSSOAuthentication(authenticateSSOUser, Arrays.asList(NO_VALIDATION_FACTORS));
        this.crowdClient.invalidateSSOTokensForUser("admin", authenticateSSOUser);
        this.crowdClient.validateSSOAuthentication(authenticateSSOUser, Arrays.asList(NO_VALIDATION_FACTORS));
    }

    public void testFindUserFromValidSSOToken() throws Exception {
        intendToModifyData();
        _invalidateExistingSessions("admin");
        User findUserFromSSOToken = this.crowdClient.findUserFromSSOToken(this.crowdClient.authenticateSSOUser(new UserAuthenticationContext("admin", new PasswordCredential("admin"), NO_VALIDATION_FACTORS, APPLICATION_NAME)));
        assertEquals("admin", findUserFromSSOToken.getName());
        assertEquals("bob the builder", findUserFromSSOToken.getDisplayName());
        assertEquals("bob", findUserFromSSOToken.getFirstName());
        assertEquals("the builder", findUserFromSSOToken.getLastName());
        assertEquals("bob@example.net", findUserFromSSOToken.getEmailAddress());
        assertTrue("User should be active", findUserFromSSOToken.isActive());
    }

    public void testFindUserFromInvalidSSOToken() throws Exception {
        intendToModifyData();
        _invalidateExistingSessions("admin");
        String authenticateSSOUser = this.crowdClient.authenticateSSOUser(new UserAuthenticationContext("admin", new PasswordCredential("admin"), NO_VALIDATION_FACTORS, APPLICATION_NAME));
        this.crowdClient.invalidateSSOToken(authenticateSSOUser);
        try {
            this.crowdClient.findUserFromSSOToken(authenticateSSOUser);
            fail("Should fail for an invalid token");
        } catch (InvalidTokenException e) {
        }
    }

    public void testFindUserFromNonExistentSSOToken() throws Exception {
        try {
            this.crowdClient.findUserFromSSOToken(NON_EXISTENT_TOKEN);
            fail("Should fail for a non existent token");
        } catch (InvalidTokenException e) {
        }
    }

    public void testGetNonExistingWebhook() throws Exception {
        try {
            this.crowdClient.getWebhook(NON_EXISTENT_WEBHOOKID);
            fail("Should fail for a non existent Webhook");
        } catch (WebhookNotFoundException e) {
            Assert.assertThat(e.getMessage(), Matchers.containsString("Webhook <999> not found"));
        }
    }

    public void testUnregisterNonExistingWebhook() throws Exception {
        try {
            this.crowdClient.unregisterWebhook(NON_EXISTENT_WEBHOOKID);
            fail("Should fail for a non existent Webhook");
        } catch (WebhookNotFoundException e) {
            Assert.assertThat(e.getMessage(), Matchers.containsString("Webhook <999> not found"));
        }
    }

    public void testAddUserToGroup() throws Exception {
        assertFalse(this.crowdClient.isUserDirectGroupMember("eeeep", "crowd-users"));
        this.crowdClient.addUserToGroup("eeeep", "crowd-users");
        assertTrue(this.crowdClient.isUserDirectGroupMember("eeeep", "crowd-users"));
    }

    public void testAddUserToGroupWhenMembershipAlreadyExists() throws Exception {
        assertTrue(this.crowdClient.isUserDirectGroupMember("eeeep", "badgers"));
        try {
            this.crowdClient.addUserToGroup("eeeep", "badgers");
            fail("Should fail for already existing membership");
        } catch (MembershipAlreadyExistsException e) {
        }
    }

    public void testAddGroupToGroup() throws Exception {
        assertFalse(this.crowdClient.isGroupDirectGroupMember("badgers", "crowd-administrators"));
        this.crowdClient.addGroupToGroup("badgers", "crowd-administrators");
        assertTrue(this.crowdClient.isGroupDirectGroupMember("badgers", "crowd-administrators"));
    }

    public void testAddGroupToGroupWhenMembershipAlreadyExists() throws Exception {
        assertTrue(this.crowdClient.isGroupDirectGroupMember("badgers", "crowd-users"));
        try {
            this.crowdClient.addGroupToGroup("badgers", "crowd-users");
            fail("Should fail for already existing membership");
        } catch (MembershipAlreadyExistsException e) {
        }
    }

    private void _invalidateExistingSessions(String str) throws OperationFailedException, ApplicationPermissionException, InvalidAuthenticationException {
        this.crowdClient.invalidateSSOTokensForUser(str);
    }
}
