package io.prestosql.plugin.password.ldap;

import com.google.common.collect.ImmutableMap;
import io.airlift.configuration.testing.ConfigAssertions;
import io.airlift.testing.ValidationAssertions;
import io.airlift.units.Duration;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.FileAttribute;
import java.util.concurrent.TimeUnit;
import javax.validation.constraints.AssertTrue;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Pattern;
import org.testng.annotations.Test;

/* loaded from: input_file:io/prestosql/plugin/password/ldap/TestLdapConfig.class */
public class TestLdapConfig {
    @Test
    public void testDefault() {
        ConfigAssertions.assertRecordedDefaults(((LdapConfig) ConfigAssertions.recordDefaults(LdapConfig.class)).setLdapUrl((String) null).setAllowInsecure(false).setTrustCertificate((File) null).setUserBindSearchPattern((String) null).setUserBaseDistinguishedName((String) null).setGroupAuthorizationSearchPattern((String) null).setBindDistingushedName((String) null).setBindPassword((String) null).setIgnoreReferrals(false).setLdapCacheTtl(new Duration(1.0d, TimeUnit.HOURS)));
    }

    @Test
    public void testExplicitConfig() throws IOException {
        Path createTempFile = Files.createTempFile(null, null, new FileAttribute[0]);
        ConfigAssertions.assertFullMapping(new ImmutableMap.Builder().put("ldap.url", "ldaps://localhost:636").put("ldap.allow-insecure", "true").put("ldap.ssl-trust-certificate", createTempFile.toString()).put("ldap.user-bind-pattern", "uid=${USER},ou=org,dc=test,dc=com").put("ldap.user-base-dn", "dc=test,dc=com").put("ldap.group-auth-pattern", "&(objectClass=user)(memberOf=cn=group)(user=username)").put("ldap.bind-dn", "CN=User Name,OU=CITY_OU,OU=STATE_OU,DC=domain,DC=domain_root").put("ldap.bind-password", "password1234").put("ldap.ignore-referrals", "true").put("ldap.cache-ttl", "2m").build(), new LdapConfig().setLdapUrl("ldaps://localhost:636").setAllowInsecure(true).setTrustCertificate(createTempFile.toFile()).setUserBindSearchPattern("uid=${USER},ou=org,dc=test,dc=com").setUserBaseDistinguishedName("dc=test,dc=com").setGroupAuthorizationSearchPattern("&(objectClass=user)(memberOf=cn=group)(user=username)").setBindDistingushedName("CN=User Name,OU=CITY_OU,OU=STATE_OU,DC=domain,DC=domain_root").setBindPassword("password1234").setIgnoreReferrals(true).setLdapCacheTtl(new Duration(2.0d, TimeUnit.MINUTES)));
    }

    @Test
    public void testValidation() {
        ValidationAssertions.assertValidates(new LdapConfig().setLdapUrl("ldaps://localhost").setUserBindSearchPattern("uid=${USER},ou=org,dc=test,dc=com").setUserBaseDistinguishedName("dc=test,dc=com").setGroupAuthorizationSearchPattern("&(objectClass=user)(memberOf=cn=group)(user=username)"));
        ValidationAssertions.assertValidates(new LdapConfig().setLdapUrl("ldap://localhost").setAllowInsecure(true).setUserBindSearchPattern("uid=${USER},ou=org,dc=test,dc=com").setUserBaseDistinguishedName("dc=test,dc=com").setGroupAuthorizationSearchPattern("&(objectClass=user)(memberOf=cn=group)(user=username)"));
        ValidationAssertions.assertFailsValidation(new LdapConfig().setLdapUrl("ldap://").setAllowInsecure(false), "urlConfigurationValid", "Connecting to the LDAP server without SSL enabled requires `ldap.allow-insecure=true`", AssertTrue.class);
        ValidationAssertions.assertFailsValidation(new LdapConfig().setLdapUrl("localhost"), "ldapUrl", "Invalid LDAP server URL. Expected ldap:// or ldaps://", Pattern.class);
        ValidationAssertions.assertFailsValidation(new LdapConfig().setLdapUrl("ldaps:/localhost"), "ldapUrl", "Invalid LDAP server URL. Expected ldap:// or ldaps://", Pattern.class);
        ValidationAssertions.assertFailsValidation(new LdapConfig(), "ldapUrl", "may not be null", NotNull.class);
    }
}
