package org.keycloak.testsuite.federation.ldap.base;

import java.util.Iterator;
import java.util.Map;
import org.junit.Assert;
import org.junit.ClassRule;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.rules.RuleChain;
import org.junit.rules.TestRule;
import org.junit.runners.MethodSorters;
import org.keycloak.common.util.Time;
import org.keycloak.federation.ldap.LDAPFederationProvider;
import org.keycloak.federation.ldap.idm.model.LDAPObject;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.models.UserFederationProvider;
import org.keycloak.models.UserFederationProviderModel;
import org.keycloak.models.UserFederationSyncResult;
import org.keycloak.models.UserModel;
import org.keycloak.models.UserProvider;
import org.keycloak.models.utils.KeycloakModelUtils;
import org.keycloak.services.managers.RealmManager;
import org.keycloak.services.managers.UsersSyncManager;
import org.keycloak.testsuite.federation.ldap.FederationTestUtils;
import org.keycloak.testsuite.rule.KeycloakRule;
import org.keycloak.testsuite.rule.LDAPRule;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
/* loaded from: input_file:org/keycloak/testsuite/federation/ldap/base/LDAPSyncTest.class */
public class LDAPSyncTest {
    private static LDAPRule ldapRule = new LDAPRule();
    private static UserFederationProviderModel ldapModel = null;
    private static KeycloakRule keycloakRule = new KeycloakRule(new KeycloakRule.KeycloakSetup() { // from class: org.keycloak.testsuite.federation.ldap.base.LDAPSyncTest.1
        @Override // org.keycloak.testsuite.rule.KeycloakRule.KeycloakSetup
        public void config(RealmManager realmManager, RealmModel realmModel, RealmModel realmModel2) {
            Time.setOffset(0);
            Map<String, String> config = LDAPSyncTest.ldapRule.getConfig();
            config.put("syncRegistrations", "false");
            config.put("editMode", UserFederationProvider.EditMode.WRITABLE.toString());
            UserFederationProviderModel unused = LDAPSyncTest.ldapModel = realmModel2.addUserFederationProvider("ldap", config, 0, "test-ldap", -1, -1, 0);
            FederationTestUtils.addZipCodeLDAPMapper(realmModel2, LDAPSyncTest.ldapModel);
            LDAPFederationProvider ldapProvider = FederationTestUtils.getLdapProvider(this.session, LDAPSyncTest.ldapModel);
            FederationTestUtils.removeAllLDAPUsers(ldapProvider, realmModel2);
            for (int i = 1; i <= 5; i++) {
                FederationTestUtils.updateLDAPPassword(ldapProvider, FederationTestUtils.addLDAPUser(ldapProvider, realmModel2, "user" + i, "User" + i + "FN", "User" + i + "LN", "user" + i + "@email.org", null, "12" + i), "Password1");
            }
        }
    });

    @ClassRule
    public static TestRule chain = RuleChain.outerRule(ldapRule).around(keycloakRule);

    @Test
    public void test01LDAPSync() {
        UsersSyncManager usersSyncManager = new UsersSyncManager();
        sleep(ldapRule.getSleepTime());
        KeycloakSession startSession = keycloakRule.startSession();
        try {
            FederationTestUtils.assertSyncEquals(usersSyncManager.syncAllUsers(startSession.getKeycloakSessionFactory(), "test", ldapModel), 5, 0, 0, 0);
            keycloakRule.stopSession(startSession, false);
            KeycloakSession startSession2 = keycloakRule.startSession();
            try {
                RealmModel realm = startSession2.realms().getRealm("test");
                UserProvider userStorage = startSession2.userStorage();
                FederationTestUtils.assertUserImported(userStorage, realm, "user1", "User1FN", "User1LN", "user1@email.org", "121");
                FederationTestUtils.assertUserImported(userStorage, realm, "user2", "User2FN", "User2LN", "user2@email.org", "122");
                FederationTestUtils.assertUserImported(userStorage, realm, "user3", "User3FN", "User3LN", "user3@email.org", "123");
                FederationTestUtils.assertUserImported(userStorage, realm, "user4", "User4FN", "User4LN", "user4@email.org", "124");
                FederationTestUtils.assertUserImported(userStorage, realm, "user5", "User5FN", "User5LN", "user5@email.org", "125");
                Assert.assertTrue(ldapModel.getLastSync() > 0);
                for (UserFederationProviderModel userFederationProviderModel : realm.getUserFederationProviders()) {
                    if ("ldap".equals(userFederationProviderModel.getProviderName())) {
                        Assert.assertTrue(userFederationProviderModel.getLastSync() > 0);
                    } else {
                        Assert.assertEquals(0L, userFederationProviderModel.getLastSync());
                    }
                }
                sleep(ldapRule.getSleepTime());
                LDAPFederationProvider ldapProvider = FederationTestUtils.getLdapProvider(startSession2, ldapModel);
                FederationTestUtils.addLDAPUser(ldapProvider, realm, "user6", "User6FN", "User6LN", "user6@email.org", null, "126");
                LDAPObject loadLDAPUserByUsername = ldapProvider.loadLDAPUserByUsername(realm, "user5");
                loadLDAPUserByUsername.setSingleAttribute("mail", "user5Updated@email.org");
                loadLDAPUserByUsername.setSingleAttribute("postalCode", "521");
                ldapProvider.getLdapIdentityStore().update(loadLDAPUserByUsername);
                FederationTestUtils.assertUserImported(userStorage, realm, "user5", "User5FN", "User5LN", "user5@email.org", "125");
                Assert.assertNull(userStorage.getUserByUsername("user6", realm));
                FederationTestUtils.assertSyncEquals(usersSyncManager.syncChangedUsers(startSession2.getKeycloakSessionFactory(), "test", ldapModel), 1, 1, 0, 0);
                keycloakRule.stopSession(startSession2, false);
                startSession = keycloakRule.startSession();
                try {
                    RealmModel realm2 = startSession.realms().getRealm("test");
                    UserProvider userStorage2 = startSession.userStorage();
                    FederationTestUtils.assertUserImported(userStorage2, realm2, "user5", "User5FN", "User5LN", "user5updated@email.org", "521");
                    FederationTestUtils.assertUserImported(userStorage2, realm2, "user6", "User6FN", "User6LN", "user6@email.org", "126");
                    keycloakRule.stopSession(startSession, false);
                } finally {
                    keycloakRule.stopSession(startSession, false);
                }
            } finally {
            }
        } finally {
        }
    }

    @Test
    public void test02duplicateUsernameAndEmailSync() {
        KeycloakSession startSession = keycloakRule.startSession();
        try {
            RealmModel realm = startSession.realms().getRealm("test");
            FederationTestUtils.addLocalUser(startSession, realm, "user7", "user7@email.org", "password");
            LDAPObject addLDAPUser = FederationTestUtils.addLDAPUser(FederationTestUtils.getLdapProvider(startSession, ldapModel), realm, "user7", "User7FN", "User7LN", "user7-something@email.org", null, "126");
            keycloakRule.stopSession(startSession, true);
            startSession = keycloakRule.startSession();
            try {
                RealmModel realm2 = startSession.realms().getRealm("test");
                Assert.assertEquals(1L, new UsersSyncManager().syncAllUsers(startSession.getKeycloakSessionFactory(), "test", ldapModel).getFailed());
                LDAPFederationProvider ldapProvider = FederationTestUtils.getLdapProvider(startSession, ldapModel);
                ldapProvider.getLdapIdentityStore().remove(addLDAPUser);
                LDAPObject addLDAPUser2 = FederationTestUtils.addLDAPUser(ldapProvider, realm2, "user7-something", "User7FNN", "User7LNL", "user7@email.org", null, "126");
                keycloakRule.stopSession(startSession, true);
                KeycloakSession startSession2 = keycloakRule.startSession();
                try {
                    RealmModel realm3 = startSession2.realms().getRealm("test");
                    Assert.assertEquals(1L, new UsersSyncManager().syncAllUsers(startSession2.getKeycloakSessionFactory(), "test", ldapModel).getFailed());
                    Assert.assertNull(startSession2.userStorage().getUserByUsername("user7-something", realm3));
                    addLDAPUser2.setSingleAttribute("mail", "user7-changed@email.org");
                    FederationTestUtils.getLdapProvider(startSession2, ldapModel).getLdapIdentityStore().update(addLDAPUser2);
                    Assert.assertEquals(0L, new UsersSyncManager().syncAllUsers(startSession2.getKeycloakSessionFactory(), "test", ldapModel).getFailed());
                    keycloakRule.stopSession(startSession2, true);
                    KeycloakSession startSession3 = keycloakRule.startSession();
                    try {
                        FederationTestUtils.assertUserImported(startSession3.userStorage(), startSession3.realms().getRealm("test"), "user7-something", "User7FNN", "User7LNL", "user7-changed@email.org", "126");
                        keycloakRule.stopSession(startSession3, false);
                    } finally {
                        keycloakRule.stopSession(startSession3, false);
                    }
                } finally {
                    keycloakRule.stopSession(startSession2, true);
                }
            } finally {
            }
        } finally {
        }
    }

    /* JADX WARN: Finally extract failed */
    @Test
    public void test03SameUUIDAndUsernameSync() {
        KeycloakSession startSession = keycloakRule.startSession();
        try {
            RealmModel realm = startSession.realms().getRealm("test");
            Iterator it = startSession.userStorage().getUsers(realm, true).iterator();
            while (it.hasNext()) {
                startSession.userStorage().removeUser(realm, (UserModel) it.next());
            }
            UserFederationProviderModel findUserFederationProviderByDisplayName = KeycloakModelUtils.findUserFederationProviderByDisplayName(ldapModel.getDisplayName(), realm);
            String usernameLdapAttribute = FederationTestUtils.getLdapProvider(startSession, ldapModel).getLdapIdentityStore().getConfig().getUsernameLdapAttribute();
            String str = (String) findUserFederationProviderByDisplayName.getConfig().get("uuidLDAPAttribute");
            findUserFederationProviderByDisplayName.getConfig().put("uuidLDAPAttribute", usernameLdapAttribute);
            findUserFederationProviderByDisplayName.getConfig().put("batchSizeForSync", "10");
            realm.updateUserFederationProvider(findUserFederationProviderByDisplayName);
            keycloakRule.stopSession(startSession, true);
            KeycloakSession startSession2 = keycloakRule.startSession();
            try {
                UserFederationProviderModel findUserFederationProviderByDisplayName2 = KeycloakModelUtils.findUserFederationProviderByDisplayName(ldapModel.getDisplayName(), startSession2.realms().getRealm("test"));
                Assert.assertEquals(0L, new UsersSyncManager().syncAllUsers(startSession2.getKeycloakSessionFactory(), "test", findUserFederationProviderByDisplayName2).getFailed());
                keycloakRule.stopSession(startSession2, false);
                startSession = keycloakRule.startSession();
                try {
                    RealmModel realm2 = startSession.realms().getRealm("test");
                    FederationTestUtils.assertUserImported(startSession.users(), realm2, "user1", "User1FN", "User1LN", "user1@email.org", "121");
                    FederationTestUtils.assertUserImported(startSession.users(), realm2, "user2", "User2FN", "User2LN", "user2@email.org", "122");
                    Assert.assertEquals("user1", startSession.users().getUserByUsername("user1", realm2).getFirstAttribute("LDAP_ID"));
                    UserFederationProviderModel findUserFederationProviderByDisplayName3 = KeycloakModelUtils.findUserFederationProviderByDisplayName(ldapModel.getDisplayName(), realm2);
                    findUserFederationProviderByDisplayName3.getConfig().put("uuidLDAPAttribute", str);
                    realm2.updateUserFederationProvider(findUserFederationProviderByDisplayName3);
                    keycloakRule.stopSession(startSession, true);
                } finally {
                    keycloakRule.stopSession(startSession, true);
                }
            } finally {
                keycloakRule.stopSession(startSession2, false);
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    @Test
    public void test04MissingLDAPUsernameSync() {
        KeycloakSession startSession = keycloakRule.startSession();
        try {
            RealmModel realm = startSession.realms().getRealm("test");
            Iterator it = startSession.userStorage().getUsers(realm, true).iterator();
            while (it.hasNext()) {
                startSession.userStorage().removeUser(realm, (UserModel) it.next());
            }
            UserFederationProviderModel findUserFederationProviderByDisplayName = KeycloakModelUtils.findUserFederationProviderByDisplayName(ldapModel.getDisplayName(), realm);
            FederationTestUtils.addUserAttributeMapper(realm, ldapModel, "streetMapper", "street", "street");
            FederationTestUtils.addLDAPUser(FederationTestUtils.getLdapProvider(startSession, ldapModel), realm, "user8", "User8FN", "User8LN", "user8@email.org", "user8street", "126");
            String str = (String) findUserFederationProviderByDisplayName.getConfig().get("usernameLDAPAttribute");
            findUserFederationProviderByDisplayName.getConfig().put("usernameLDAPAttribute", "street");
            findUserFederationProviderByDisplayName.getConfig().put("batchSizeForSync", "10");
            realm.updateUserFederationProvider(findUserFederationProviderByDisplayName);
            keycloakRule.stopSession(startSession, true);
            KeycloakSession startSession2 = keycloakRule.startSession();
            try {
                UserFederationSyncResult syncAllUsers = new UsersSyncManager().syncAllUsers(startSession2.getKeycloakSessionFactory(), "test", KeycloakModelUtils.findUserFederationProviderByDisplayName(ldapModel.getDisplayName(), startSession2.realms().getRealm("test")));
                Assert.assertEquals(1L, syncAllUsers.getAdded());
                Assert.assertTrue(syncAllUsers.getFailed() > 0);
                keycloakRule.stopSession(startSession2, false);
                startSession = keycloakRule.startSession();
                try {
                    RealmModel realm2 = startSession.realms().getRealm("test");
                    UserFederationProviderModel findUserFederationProviderByDisplayName2 = KeycloakModelUtils.findUserFederationProviderByDisplayName(ldapModel.getDisplayName(), realm2);
                    findUserFederationProviderByDisplayName2.getConfig().put("usernameLDAPAttribute", str);
                    realm2.updateUserFederationProvider(findUserFederationProviderByDisplayName2);
                    realm2.removeUserFederationMapper(realm2.getUserFederationMapperByName(findUserFederationProviderByDisplayName2.getId(), "streetMapper"));
                    keycloakRule.stopSession(startSession, true);
                } finally {
                    keycloakRule.stopSession(startSession, true);
                }
            } finally {
                keycloakRule.stopSession(startSession2, false);
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    private void sleep(int i) {
        try {
            Thread.sleep(i);
        } catch (InterruptedException e) {
            throw new RuntimeException(e);
        }
    }
}
