package org.neo4j.server.security.enterprise.auth;

import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.function.Consumer;
import java.util.function.Supplier;
import org.hamcrest.MatcherAssert;
import org.junit.Assert;
import org.neo4j.bolt.security.auth.AuthenticationException;
import org.neo4j.bolt.v1.messaging.message.FailureMessage;
import org.neo4j.bolt.v1.messaging.message.InitMessage;
import org.neo4j.bolt.v1.messaging.message.PullAllMessage;
import org.neo4j.bolt.v1.messaging.message.RecordMessage;
import org.neo4j.bolt.v1.messaging.message.RequestMessage;
import org.neo4j.bolt.v1.messaging.message.ResetMessage;
import org.neo4j.bolt.v1.messaging.message.ResponseMessage;
import org.neo4j.bolt.v1.messaging.message.RunMessage;
import org.neo4j.bolt.v1.messaging.message.SuccessMessage;
import org.neo4j.bolt.v1.transport.integration.Neo4jWithSocket;
import org.neo4j.bolt.v1.transport.integration.TransportTestUtil;
import org.neo4j.bolt.v1.transport.socket.client.SocketConnection;
import org.neo4j.bolt.v1.transport.socket.client.TransportConnection;
import org.neo4j.function.Factory;
import org.neo4j.graphdb.ResourceIterator;
import org.neo4j.graphdb.factory.GraphDatabaseSettings;
import org.neo4j.graphdb.mockfs.EphemeralFileSystemAbstraction;
import org.neo4j.helpers.HostnamePort;
import org.neo4j.helpers.ValueUtils;
import org.neo4j.helpers.collection.MapUtil;
import org.neo4j.io.fs.FileSystemAbstraction;
import org.neo4j.kernel.api.KernelTransaction;
import org.neo4j.kernel.api.exceptions.Status;
import org.neo4j.kernel.api.security.AuthToken;
import org.neo4j.kernel.api.security.AuthenticationResult;
import org.neo4j.kernel.enterprise.api.security.EnterpriseAuthManager;
import org.neo4j.kernel.impl.coreapi.InternalTransaction;
import org.neo4j.kernel.impl.factory.GraphDatabaseFacade;
import org.neo4j.test.TestEnterpriseGraphDatabaseFactory;
import org.neo4j.values.AnyValue;
import org.neo4j.values.storable.Values;
import org.neo4j.values.virtual.MapValue;

/* loaded from: input_file:org/neo4j/server/security/enterprise/auth/BoltInteraction.class */
class BoltInteraction implements NeoInteractionLevel<BoltSubject> {
    private final Factory<TransportConnection> connectionFactory;
    private final Neo4jWithSocket server;
    private Map<String, BoltSubject> subjects;
    private FileSystemAbstraction fileSystem;
    private EnterpriseAuthManager authManager;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/neo4j/server/security/enterprise/auth/BoltInteraction$BoltResult.class */
    public static class BoltResult implements ResourceIterator<Map<String, Object>> {
        private int index;
        private List<Map<String, Object>> data;

        BoltResult(List<Map<String, Object>> list) {
            this.data = list;
        }

        public void close() {
            this.index = this.data.size();
        }

        public boolean hasNext() {
            return this.index < this.data.size();
        }

        /* renamed from: next, reason: merged with bridge method [inline-methods] */
        public Map<String, Object> m2next() {
            Map<String, Object> map = this.data.get(this.index);
            this.index++;
            return map;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/neo4j/server/security/enterprise/auth/BoltInteraction$BoltSubject.class */
    public static class BoltSubject {
        TransportConnection client;
        String username;
        String password;
        AuthenticationResult loginResult = AuthenticationResult.FAILURE;

        BoltSubject(TransportConnection transportConnection, String str, String str2) {
            this.client = transportConnection;
            this.username = str;
            this.password = str2;
        }

        void setLoginResult(ResponseMessage responseMessage) {
            if (responseMessage instanceof SuccessMessage) {
                MapValue meta = ((SuccessMessage) responseMessage).meta();
                if (meta.containsKey("credentials_expired") && meta.get("credentials_expired").equals(Values.TRUE)) {
                    this.loginResult = AuthenticationResult.PASSWORD_CHANGE_REQUIRED;
                    return;
                } else {
                    this.loginResult = AuthenticationResult.SUCCESS;
                    return;
                }
            }
            if (responseMessage instanceof FailureMessage) {
                this.loginResult = AuthenticationResult.FAILURE;
                if (((FailureMessage) responseMessage).status().equals(Status.Security.AuthenticationRateLimit)) {
                    this.loginResult = AuthenticationResult.TOO_MANY_ATTEMPTS;
                }
            }
        }

        boolean isAuthenticated() {
            return this.loginResult.equals(AuthenticationResult.SUCCESS);
        }

        boolean passwordChangeRequired() {
            return this.loginResult.equals(AuthenticationResult.PASSWORD_CHANGE_REQUIRED);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BoltInteraction(Map<String, String> map) throws IOException {
        this(map, EphemeralFileSystemAbstraction::new);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public BoltInteraction(Map<String, String> map, Supplier<FileSystemAbstraction> supplier) throws IOException {
        this.connectionFactory = SocketConnection::new;
        this.subjects = new HashMap();
        TestEnterpriseGraphDatabaseFactory testEnterpriseGraphDatabaseFactory = new TestEnterpriseGraphDatabaseFactory();
        this.fileSystem = supplier.get();
        this.server = new Neo4jWithSocket(getClass(), testEnterpriseGraphDatabaseFactory, () -> {
            return this.fileSystem;
        }, map2 -> {
            map2.put(GraphDatabaseSettings.auth_enabled.name(), "true");
            map2.putAll(map);
        });
        this.server.ensureDatabase(map3 -> {
        });
        this.authManager = (EnterpriseAuthManager) this.server.graphDatabaseService().getDependencyResolver().resolveDependency(EnterpriseAuthManager.class);
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public EnterpriseUserManager getLocalUserManager() throws Exception {
        if (this.authManager instanceof EnterpriseAuthAndUserManager) {
            return this.authManager.getUserManager();
        }
        throw new Exception("The used configuration does not have a user manager");
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public GraphDatabaseFacade getLocalGraph() {
        return this.server.graphDatabaseService();
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public FileSystemAbstraction fileSystem() {
        return this.fileSystem;
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public InternalTransaction beginLocalTransactionAsUser(BoltSubject boltSubject, KernelTransaction.Type type) throws Throwable {
        return getLocalGraph().beginTransaction(type, this.authManager.login(AuthToken.newBasicAuthToken(boltSubject.username, boltSubject.password)));
    }

    /* renamed from: executeQuery, reason: avoid collision after fix types in other method */
    public String executeQuery2(BoltSubject boltSubject, String str, Map<String, Object> map, Consumer<ResourceIterator<Map<String, Object>>> consumer) {
        if (map == null) {
            map = Collections.emptyMap();
        }
        try {
            boltSubject.client.send(TransportTestUtil.chunk(new RequestMessage[]{RunMessage.run(str, ValueUtils.asMapValue(map)), PullAllMessage.pullAll()}));
            consumer.accept(collectResults(boltSubject.client));
            return "";
        } catch (Exception e) {
            return e.getMessage();
        }
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public BoltSubject login(String str, String str2) throws Exception {
        BoltSubject boltSubject = this.subjects.get(str);
        if (boltSubject == null) {
            boltSubject = new BoltSubject((TransportConnection) this.connectionFactory.newInstance(), str, str2);
            this.subjects.put(str, boltSubject);
        } else {
            boltSubject.client.disconnect();
            boltSubject.client = (TransportConnection) this.connectionFactory.newInstance();
        }
        boltSubject.client.connect(this.server.lookupDefaultConnector()).send(TransportTestUtil.acceptedVersions(1L, 0L, 0L, 0L)).send(TransportTestUtil.chunk(new RequestMessage[]{InitMessage.init("TestClient/1.1", MapUtil.map(new Object[]{"realm", "native", "principal", str, "credentials", str2, "scheme", "basic"}))}));
        MatcherAssert.assertThat(boltSubject.client, TransportTestUtil.eventuallyReceives(new byte[]{0, 0, 0, 1}));
        boltSubject.setLoginResult(TransportTestUtil.receiveOneResponseMessage(boltSubject.client));
        return boltSubject;
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public void logout(BoltSubject boltSubject) throws Exception {
        boltSubject.client.disconnect();
        boltSubject.client = (TransportConnection) this.connectionFactory.newInstance();
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public void updateAuthToken(BoltSubject boltSubject, String str, String str2) {
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public String nameOf(BoltSubject boltSubject) {
        return boltSubject.username;
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public void tearDown() throws Throwable {
        Iterator<BoltSubject> it = this.subjects.values().iterator();
        while (it.hasNext()) {
            it.next().client.disconnect();
        }
        this.subjects.clear();
        this.server.graphDatabaseService().shutdown();
        this.fileSystem.close();
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public void assertAuthenticated(BoltSubject boltSubject) {
        Assert.assertTrue("Should be authenticated", boltSubject.isAuthenticated());
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public void assertPasswordChangeRequired(BoltSubject boltSubject) {
        Assert.assertTrue("Should need to change password", boltSubject.passwordChangeRequired());
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public void assertInitFailed(BoltSubject boltSubject) {
        Assert.assertFalse("Should not be authenticated", boltSubject.isAuthenticated());
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public void assertSessionKilled(BoltSubject boltSubject) {
        MatcherAssert.assertThat(boltSubject.client, TransportTestUtil.eventuallyDisconnects());
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public String getConnectionProtocol() {
        return "bolt";
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public HostnamePort lookupConnector(String str) {
        return this.server.lookupConnector(str);
    }

    private static BoltResult collectResults(TransportConnection transportConnection) throws Exception {
        RecordMessage receiveOneResponseMessage;
        SuccessMessage receiveOneResponseMessage2 = TransportTestUtil.receiveOneResponseMessage(transportConnection);
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        if (receiveOneResponseMessage2 instanceof SuccessMessage) {
            Iterator it = receiveOneResponseMessage2.meta().get("fields").iterator();
            while (it.hasNext()) {
                arrayList.add(((AnyValue) it.next()).stringValue());
            }
        } else if (receiveOneResponseMessage2 instanceof FailureMessage) {
            FailureMessage failureMessage = (FailureMessage) receiveOneResponseMessage2;
            TransportTestUtil.receiveOneResponseMessage(transportConnection);
            transportConnection.send(TransportTestUtil.chunk(new RequestMessage[]{ResetMessage.reset()}));
            TransportTestUtil.receiveOneResponseMessage(transportConnection);
            throw new AuthenticationException(failureMessage.status(), failureMessage.message());
        }
        do {
            receiveOneResponseMessage = TransportTestUtil.receiveOneResponseMessage(transportConnection);
            if (receiveOneResponseMessage instanceof RecordMessage) {
                AnyValue[] fields = receiveOneResponseMessage.record().fields();
                HashMap hashMap = new HashMap();
                for (int i = 0; i < fields.length; i++) {
                    hashMap.put(arrayList.get(i), fields[i]);
                }
                arrayList2.add(hashMap);
            }
            if (receiveOneResponseMessage instanceof SuccessMessage) {
                break;
            }
        } while (!(receiveOneResponseMessage instanceof FailureMessage));
        if (!(receiveOneResponseMessage instanceof FailureMessage)) {
            return new BoltResult(arrayList2);
        }
        FailureMessage failureMessage2 = (FailureMessage) receiveOneResponseMessage;
        transportConnection.send(TransportTestUtil.chunk(new RequestMessage[]{ResetMessage.reset()}));
        TransportTestUtil.receiveOneResponseMessage(transportConnection);
        throw new AuthenticationException(failureMessage2.status(), failureMessage2.message());
    }

    @Override // org.neo4j.server.security.enterprise.auth.NeoInteractionLevel
    public /* bridge */ /* synthetic */ String executeQuery(BoltSubject boltSubject, String str, Map map, Consumer consumer) {
        return executeQuery2(boltSubject, str, (Map<String, Object>) map, (Consumer<ResourceIterator<Map<String, Object>>>) consumer);
    }
}
