package com.facebook.presto.tests.jdbc;

import com.facebook.presto.tests.ImmutableLdapObjectDefinitions;
import com.facebook.presto.tests.TestGroups;
import com.facebook.presto.tests.TpchTableResults;
import com.teradata.tempto.Requires;
import com.teradata.tempto.assertions.QueryAssert;
import com.teradata.tempto.fulfillment.table.hive.tpch.ImmutableTpchTablesRequirements;
import java.sql.DriverManager;
import java.sql.SQLException;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:com/facebook/presto/tests/jdbc/LdapPrestoJdbcTests.class */
public class LdapPrestoJdbcTests extends LdapJdbcTests {
    @Override // com.facebook.presto.tests.jdbc.LdapJdbcTests
    protected String getLdapUrlFormat() {
        return "jdbc:presto://%s?SSL=true&SSLTrustStorePath=%s&SSLTrustStorePassword=%s";
    }

    @Requires({ImmutableTpchTablesRequirements.ImmutableNationTable.class})
    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldRunQueryWithLdap() throws SQLException {
        QueryAssert.assertThat(executeLdapQuery("select * from tpch.tiny.nation", this.ldapUserName, this.ldapUserPassword)).matches(TpchTableResults.PRESTO_NATION_RESULT);
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailQueryForLdapUserInChildGroup() {
        expectQueryToFailForUserNotInGroup(ImmutableLdapObjectDefinitions.CHILD_GROUP_USER.getAttributes().get("cn"));
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailQueryForLdapUserInParentGroup() {
        expectQueryToFailForUserNotInGroup(ImmutableLdapObjectDefinitions.PARENT_GROUP_USER.getAttributes().get("cn"));
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailQueryForOrphanLdapUser() {
        expectQueryToFailForUserNotInGroup(ImmutableLdapObjectDefinitions.ORPHAN_USER.getAttributes().get("cn"));
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailQueryForWrongLdapPassword() {
        expectQueryToFail(this.ldapUserName, "wrong_password", "Authentication failed: Invalid credentials: [LDAP: error code 49 - Invalid Credentials]");
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailQueryForWrongLdapUser() {
        expectQueryToFail("invalid_user", this.ldapUserPassword, "Authentication failed: Invalid credentials: [LDAP: error code 49 - Invalid Credentials]");
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailQueryForEmptyUser() {
        expectQueryToFail("", this.ldapUserPassword, "Connection property 'user' value is empty");
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailQueryForLdapWithoutPassword() {
        expectQueryToFail(this.ldapUserName, null, "Authentication failed: Unauthorized");
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailQueryForLdapWithoutSsl() {
        try {
            DriverManager.getConnection("jdbc:presto://" + prestoServer(), this.ldapUserName, this.ldapUserPassword);
            Assert.fail();
        } catch (SQLException e) {
            Assert.assertEquals(e.getMessage(), "Authentication using username/password requires SSL to be enabled");
        }
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailForIncorrectTrustStore() {
        try {
            DriverManager.getConnection(String.format("jdbc:presto://%s?SSL=true&SSLTrustStorePath=%s&SSLTrustStorePassword=%s", prestoServer(), this.ldapTruststorePath, "wrong_password"), this.ldapUserName, this.ldapUserPassword).createStatement().executeQuery("select * from tpch.tiny.nation");
            Assert.fail();
        } catch (SQLException e) {
            Assert.assertEquals(e.getMessage(), "Error setting up SSL: Keystore was tampered with, or password was incorrect");
        }
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.PRESTO_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = 30000)
    public void shouldFailForUserWithColon() {
        expectQueryToFail("UserWith:Colon", this.ldapUserPassword, "Illegal character ':' found in username");
    }

    private void expectQueryToFailForUserNotInGroup(String str) {
        expectQueryToFail(str, this.ldapUserPassword, String.format("Authentication failed: User [%s] not a member of the authorized group", str));
    }
}
