package com.facebook.presto.tests.jdbc;

import com.facebook.presto.tests.ImmutableLdapObjectDefinitions;
import com.facebook.presto.tests.TestGroups;
import com.facebook.presto.tests.TpchTableResults;
import com.google.inject.Inject;
import com.google.inject.name.Named;
import com.teradata.tempto.BeforeTestWithContext;
import com.teradata.tempto.ProductTest;
import com.teradata.tempto.Requirement;
import com.teradata.tempto.RequirementsProvider;
import com.teradata.tempto.Requires;
import com.teradata.tempto.assertions.QueryAssert;
import com.teradata.tempto.configuration.Configuration;
import com.teradata.tempto.fulfillment.ldap.LdapObjectRequirement;
import com.teradata.tempto.fulfillment.table.hive.tpch.ImmutableTpchTablesRequirements;
import com.teradata.tempto.query.QueryResult;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
import java.util.Arrays;
import org.testng.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:com/facebook/presto/tests/jdbc/LdapTests.class */
public class LdapTests extends ProductTest implements RequirementsProvider {
    private static final long TIMEOUT = 300000;
    private static final String NATION_SELECT_ALL_QUERY = "select * from tpch.tiny.nation";
    private static final String JDBC_URL_FORMAT = "jdbc:presto://%s;AuthenticationType=LDAP Authentication;SSLTrustStorePath=%s;SSLTrustStorePwd=%s;AllowSelfSignedServerCert=1;AllowHostNameCNMismatch=1";
    private static final String SSL_CERTIFICATE_ERROR = "[Teradata][Presto](100140) SSL certificate error: Keystore was tampered with, or password was incorrect.";
    private static final String INVALID_CREDENTIALS_ERROR = "[Teradata][Presto](100240) Authentication failed: Invalid credentials.";
    private static final String MALFORMED_CREDENTIALS_ERROR = "[Teradata][Presto](100240) Authentication failed: Malformed decoded credentials.";
    private static final String UNAUTHORIZED_USER_ERROR = "[Teradata][Presto](100240) Authentication failed: Unauthorized user.";
    private static final String INVALID_SSL_PROPERTY = "[Teradata][Presto](100200) Connection string is invalid: SSL value is not valid for given AuthenticationType.";

    @Named("databases.presto.cli_ldap_truststore_path")
    @Inject
    private String ldapTruststorePath;

    @Named("databases.presto.cli_ldap_truststore_password")
    @Inject
    private String ldapTruststorePassword;

    @Named("databases.presto.cli_ldap_user_name")
    @Inject
    private String ldapUserName;

    @Named("databases.presto.cli_ldap_user_password")
    @Inject
    private String ldapUserPassword;

    @Named("databases.presto.cli_ldap_server_address")
    @Inject
    private String prestoServer;

    @BeforeTestWithContext
    public void setup() throws SQLException {
        this.prestoServer = this.prestoServer.substring(8);
    }

    @Override // com.teradata.tempto.RequirementsProvider
    public Requirement getRequirements(Configuration configuration) {
        return new LdapObjectRequirement(Arrays.asList(ImmutableLdapObjectDefinitions.AMERICA_ORG, ImmutableLdapObjectDefinitions.ASIA_ORG, ImmutableLdapObjectDefinitions.DEFAULT_GROUP, ImmutableLdapObjectDefinitions.PARENT_GROUP, ImmutableLdapObjectDefinitions.CHILD_GROUP, ImmutableLdapObjectDefinitions.DEFAULT_GROUP_USER, ImmutableLdapObjectDefinitions.PARENT_GROUP_USER, ImmutableLdapObjectDefinitions.CHILD_GROUP_USER, ImmutableLdapObjectDefinitions.ORPHAN_USER));
    }

    @Requires({ImmutableTpchTablesRequirements.ImmutableNationTable.class})
    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldRunQueryWithLdap() throws InterruptedException, SQLException {
        QueryAssert.assertThat(executeLdapQuery(NATION_SELECT_ALL_QUERY, this.ldapUserName, this.ldapUserPassword)).matches(TpchTableResults.PRESTO_NATION_RESULT);
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailQueryForLdapUserInChildGroup() throws InterruptedException {
        expectQueryToFailForUserNotInGroup(ImmutableLdapObjectDefinitions.CHILD_GROUP_USER.getAttributes().get("cn"));
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailQueryForLdapUserInParentGroup() throws InterruptedException {
        expectQueryToFailForUserNotInGroup(ImmutableLdapObjectDefinitions.PARENT_GROUP_USER.getAttributes().get("cn"));
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailQueryForOrphanLdapUser() throws InterruptedException {
        expectQueryToFailForUserNotInGroup(ImmutableLdapObjectDefinitions.ORPHAN_USER.getAttributes().get("cn"));
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailQueryForWrongLdapPassword() throws IOException, InterruptedException {
        expectQueryToFail(this.ldapUserName, "wrong_password", INVALID_CREDENTIALS_ERROR);
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailQueryForWrongLdapUser() throws IOException, InterruptedException {
        expectQueryToFail("invalid_user", this.ldapUserPassword, INVALID_CREDENTIALS_ERROR);
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailQueryForEmptyUser() throws IOException, InterruptedException {
        expectQueryToFail("", this.ldapUserPassword, MALFORMED_CREDENTIALS_ERROR);
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailQueryForLdapWithoutPassword() throws IOException, InterruptedException {
        expectQueryToFail(this.ldapUserName, "", MALFORMED_CREDENTIALS_ERROR);
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailQueryForLdapWithoutSsl() throws IOException, InterruptedException {
        try {
            DriverManager.getConnection(getLdapUrl() + ";SSL=0", this.ldapUserName, this.ldapUserPassword);
            Assert.fail();
        } catch (SQLException e) {
            Assert.assertEquals(e.getMessage(), INVALID_SSL_PROPERTY);
        }
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailForIncorrectTrustStore() throws IOException, InterruptedException {
        try {
            DriverManager.getConnection(String.format(JDBC_URL_FORMAT, this.prestoServer, this.ldapTruststorePath, "wrong_password"), this.ldapUserName, this.ldapUserPassword).createStatement().executeQuery(NATION_SELECT_ALL_QUERY);
            Assert.fail();
        } catch (SQLException e) {
            Assert.assertEquals(e.getMessage(), SSL_CERTIFICATE_ERROR);
        }
    }

    @Test(groups = {TestGroups.LDAP, TestGroups.SIMBA_JDBC, TestGroups.PROFILE_SPECIFIC_TESTS}, timeOut = TIMEOUT)
    public void shouldFailForUserWithColon() throws SQLException, InterruptedException {
        expectQueryToFail("UserWith:Colon", this.ldapUserPassword, MALFORMED_CREDENTIALS_ERROR);
    }

    private void expectQueryToFailForUserNotInGroup(String str) {
        expectQueryToFail(str, this.ldapUserPassword, UNAUTHORIZED_USER_ERROR);
    }

    private void expectQueryToFail(String str, String str2, String str3) {
        try {
            executeLdapQuery(NATION_SELECT_ALL_QUERY, str, str2);
            Assert.fail();
        } catch (SQLException e) {
            Assert.assertEquals(e.getMessage(), str3);
        }
    }

    private QueryResult executeLdapQuery(String str, String str2, String str3) throws SQLException {
        Connection ldapConnection = getLdapConnection(str2, str3);
        Throwable th = null;
        try {
            try {
                QueryResult forResultSet = QueryResult.forResultSet(ldapConnection.createStatement().executeQuery(str));
                if (ldapConnection != null) {
                    if (0 != 0) {
                        try {
                            ldapConnection.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        ldapConnection.close();
                    }
                }
                return forResultSet;
            } finally {
            }
        } catch (Throwable th3) {
            if (ldapConnection != null) {
                if (th != null) {
                    try {
                        ldapConnection.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    ldapConnection.close();
                }
            }
            throw th3;
        }
    }

    private Connection getLdapConnection(String str, String str2) throws SQLException {
        return DriverManager.getConnection(getLdapUrl(), str, str2);
    }

    private String getLdapUrl() {
        return String.format(JDBC_URL_FORMAT, this.prestoServer, this.ldapTruststorePath, this.ldapTruststorePassword);
    }
}
