package org.apache.hadoop.hbase.http;

import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.URL;
import org.apache.commons.codec.binary.Base64;
import org.apache.directory.server.annotations.CreateLdapServer;
import org.apache.directory.server.annotations.CreateTransport;
import org.apache.directory.server.core.annotations.ApplyLdifs;
import org.apache.directory.server.core.annotations.ContextEntry;
import org.apache.directory.server.core.annotations.CreateDS;
import org.apache.directory.server.core.annotations.CreatePartition;
import org.apache.directory.server.core.integ.CreateLdapServerRule;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseClassTestRule;
import org.apache.hadoop.hbase.http.TestHttpServer;
import org.apache.hadoop.hbase.http.resource.JerseyResource;
import org.apache.hadoop.hbase.testclassification.MiscTests;
import org.apache.hadoop.hbase.testclassification.SmallTests;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@CreateLdapServer(transports = {@CreateTransport(protocol = "LDAP", address = LdapConstants.LDAP_SERVER_ADDR)})
@Category({MiscTests.class, SmallTests.class})
@CreateDS(allowAnonAccess = true, partitions = {@CreatePartition(name = "Test_Partition", suffix = LdapConstants.LDAP_BASE_DN, contextEntry = @ContextEntry(entryLdif = "dn: dc=example,dc=com \ndc: example\nobjectClass: top\nobjectClass: domain\n\n"))})
@ApplyLdifs({"dn: uid=bjones,dc=example,dc=com", "cn: Bob Jones", "sn: Jones", "objectClass: inetOrgPerson", "uid: bjones", "userPassword: p@ssw0rd"})
/* loaded from: input_file:org/apache/hadoop/hbase/http/TestLdapHttpServer.class */
public class TestLdapHttpServer extends HttpServerFunctionalTest {

    @ClassRule
    public static final HBaseClassTestRule CLASS_RULE = HBaseClassTestRule.forClass(TestLdapHttpServer.class);

    @ClassRule
    public static CreateLdapServerRule serverRule = new CreateLdapServerRule();
    private static final Logger LOG = LoggerFactory.getLogger(TestLdapHttpServer.class);
    private static HttpServer server;
    private static URL baseUrl;

    @BeforeClass
    public static void setupServer() throws Exception {
        Configuration configuration = new Configuration();
        buildLdapConfiguration(configuration);
        server = createTestServer(configuration);
        server.addUnprivilegedServlet("echo", "/echo", TestHttpServer.EchoServlet.class);
        server.addJerseyResourcePackage(JerseyResource.class.getPackage().getName(), "/jersey/*");
        server.start();
        baseUrl = getServerURL(server);
        LOG.info("HTTP server started: " + baseUrl);
    }

    @AfterClass
    public static void stopServer() throws Exception {
        try {
            if (null != server) {
                server.stop();
            }
        } catch (Exception e) {
            LOG.info("Failed to stop info server", e);
        }
    }

    private static Configuration buildLdapConfiguration(Configuration configuration) {
        configuration.setInt("hbase.http.max.threads", 16);
        configuration.set("hbase.security.authentication.ui", "ldap");
        configuration.set("hbase.http.filter.initializers", "org.apache.hadoop.hbase.http.lib.AuthenticationFilterInitializer");
        configuration.set("hadoop.http.authentication.type", "ldap");
        configuration.set("hadoop.http.authentication.ldap.providerurl", String.format("ldap://%s:%s", LdapConstants.LDAP_SERVER_ADDR, Integer.valueOf(serverRule.getLdapServer().getPort())));
        configuration.set("hadoop.http.authentication.ldap.enablestarttls", "false");
        configuration.set("hadoop.http.authentication.ldap.basedn", LdapConstants.LDAP_BASE_DN);
        return configuration;
    }

    @Test
    public void testUnauthorizedClientsDisallowed() throws IOException {
        Assert.assertEquals(401L, ((HttpURLConnection) new URL(getServerURL(server), "/echo?a=b").openConnection()).getResponseCode());
    }

    @Test
    public void testAllowedClient() throws IOException {
        ((HttpURLConnection) new URL(getServerURL(server), "/echo?a=b").openConnection()).setRequestProperty("Authorization", "Basic " + new Base64(0).encodeToString("bjones:p@ssw0rd".getBytes()));
        Assert.assertEquals(200L, r0.getResponseCode());
    }

    @Test
    public void testWrongAuthClientsDisallowed() throws IOException {
        ((HttpURLConnection) new URL(getServerURL(server), "/echo?a=b").openConnection()).setRequestProperty("Authorization", "Basic " + new Base64(0).encodeToString("bjones:password".getBytes()));
        Assert.assertEquals(403L, r0.getResponseCode());
    }
}
