package com.evolveum.midpoint.model.impl.security;

import com.evolveum.midpoint.TerminateSessionEvent;
import com.evolveum.midpoint.common.Clock;
import com.evolveum.midpoint.common.LocalizationMessageSource;
import com.evolveum.midpoint.model.api.AuthenticationEvaluator;
import com.evolveum.midpoint.model.api.authentication.MidPointUserProfilePrincipal;
import com.evolveum.midpoint.model.api.authentication.UserProfileService;
import com.evolveum.midpoint.model.api.context.AbstractAuthenticationContext;
import com.evolveum.midpoint.model.impl.AbstractInternalModelIntegrationTest;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.delta.ItemDelta;
import com.evolveum.midpoint.prism.xml.XmlTypeConverter;
import com.evolveum.midpoint.schema.constants.SchemaConstants;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.security.api.Authorization;
import com.evolveum.midpoint.security.api.AuthorizationTransformer;
import com.evolveum.midpoint.security.api.ConnectionEnvironment;
import com.evolveum.midpoint.security.api.HttpConnectionInformation;
import com.evolveum.midpoint.security.api.MidPointPrincipal;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.test.util.MidPointAsserts;
import com.evolveum.midpoint.test.util.MidPointTestConstants;
import com.evolveum.midpoint.test.util.TestUtil;
import com.evolveum.midpoint.tools.testng.AlphabeticalMethodInterceptor;
import com.evolveum.midpoint.util.exception.CommunicationException;
import com.evolveum.midpoint.util.exception.ConfigurationException;
import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
import com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.PolicyViolationException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.util.exception.SecurityViolationException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.api_types_3.UserSessionManagementType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AbstractCredentialType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.AuthorizationType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.LoginEventType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
import java.io.File;
import java.util.Collection;
import java.util.List;
import java.util.Locale;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.namespace.QName;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.CredentialsExpiredException;
import org.springframework.security.authentication.DisabledException;
import org.springframework.security.authentication.LockedException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
import org.testng.AssertJUnit;
import org.testng.annotations.Listeners;
import org.testng.annotations.Test;

@ContextConfiguration(locations = {"classpath:ctx-model-test-main.xml"})
@Listeners({AlphabeticalMethodInterceptor.class})
@DirtiesContext
/* loaded from: input_file:com/evolveum/midpoint/model/impl/security/TestAbstractAuthenticationEvaluator.class */
public abstract class TestAbstractAuthenticationEvaluator<V, AC extends AbstractAuthenticationContext, T extends AuthenticationEvaluator<AC>> extends AbstractInternalModelIntegrationTest {
    protected static final File TEST_DIR = new File(MidPointTestConstants.TEST_RESOURCES_DIR, "security");
    private static final Trace LOGGER = TraceManager.getTrace(TestAbstractAuthenticationEvaluator.class);
    protected static final String USER_GUYBRUSH_PASSWORD = "XmarksTHEspot";

    @Autowired
    private LocalizationMessageSource messageSource;

    @Autowired
    private UserProfileService userProfileService;

    @Autowired
    private Clock clock;
    private MessageSourceAccessor messages;

    public abstract T getAuthenticationEvaluator();

    public abstract AC getAuthenticationContext(String str, V v);

    public abstract V getGoodPasswordJack();

    public abstract V getBadPasswordJack();

    public abstract V getGoodPasswordGuybrush();

    public abstract V getBadPasswordGuybrush();

    public abstract V get103EmptyPasswordJack();

    public abstract AbstractCredentialType getCredentialUsedForAuthentication(UserType userType);

    public abstract QName getCredentialType();

    public abstract void modifyUserCredential(Task task, OperationResult operationResult) throws ObjectNotFoundException, SchemaException, ExpressionEvaluationException, CommunicationException, ConfigurationException, ObjectAlreadyExistsException, PolicyViolationException, SecurityViolationException;

    @Override // com.evolveum.midpoint.model.impl.AbstractInternalModelIntegrationTest, com.evolveum.midpoint.model.impl.AbstractModelImplementationIntegrationTest
    public void initSystem(Task task, OperationResult operationResult) throws Exception {
        super.initSystem(task, operationResult);
        this.messages = new MessageSourceAccessor(this.messageSource);
        getAuthenticationEvaluator().userProfileService = new UserProfileService() { // from class: com.evolveum.midpoint.model.impl.security.TestAbstractAuthenticationEvaluator.1
            public <F extends FocusType, O extends ObjectType> PrismObject<F> resolveOwner(PrismObject<O> prismObject) throws CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
                return TestAbstractAuthenticationEvaluator.this.userProfileService.resolveOwner(prismObject);
            }

            public void updateUser(MidPointPrincipal midPointPrincipal, Collection<? extends ItemDelta<?, ?>> collection) {
                TestAbstractAuthenticationEvaluator.this.userProfileService.updateUser(midPointPrincipal, collection);
            }

            public MidPointUserProfilePrincipal getPrincipal(PrismObject<UserType> prismObject) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
                return getPrincipal(prismObject, (AuthorizationTransformer) null, (OperationResult) null);
            }

            public MidPointUserProfilePrincipal getPrincipal(PrismObject<UserType> prismObject, AuthorizationTransformer authorizationTransformer, OperationResult operationResult2) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
                MidPointUserProfilePrincipal principal = TestAbstractAuthenticationEvaluator.this.userProfileService.getPrincipal(prismObject);
                TestAbstractAuthenticationEvaluator.this.addFakeAuthorization(principal);
                return principal;
            }

            /* renamed from: getPrincipal, reason: merged with bridge method [inline-methods] */
            public MidPointUserProfilePrincipal m27getPrincipal(String str) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
                MidPointUserProfilePrincipal principal = TestAbstractAuthenticationEvaluator.this.userProfileService.getPrincipal(str);
                TestAbstractAuthenticationEvaluator.this.addFakeAuthorization(principal);
                return principal;
            }

            /* renamed from: getPrincipalByOid, reason: merged with bridge method [inline-methods] */
            public MidPointUserProfilePrincipal m26getPrincipalByOid(String str) throws ObjectNotFoundException, SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
                MidPointUserProfilePrincipal principalByOid = TestAbstractAuthenticationEvaluator.this.userProfileService.getPrincipalByOid(str);
                TestAbstractAuthenticationEvaluator.this.addFakeAuthorization(principalByOid);
                return principalByOid;
            }

            public List<UserSessionManagementType> getLocalLoggedInPrincipals() {
                return null;
            }

            public void terminateLocalSessions(TerminateSessionEvent terminateSessionEvent) {
            }

            /* renamed from: getPrincipal, reason: collision with other method in class */
            public /* bridge */ /* synthetic */ MidPointPrincipal m24getPrincipal(PrismObject prismObject, AuthorizationTransformer authorizationTransformer, OperationResult operationResult2) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
                return getPrincipal((PrismObject<UserType>) prismObject, authorizationTransformer, operationResult2);
            }

            /* renamed from: getPrincipal, reason: collision with other method in class */
            public /* bridge */ /* synthetic */ MidPointPrincipal m25getPrincipal(PrismObject prismObject) throws SchemaException, CommunicationException, ConfigurationException, SecurityViolationException, ExpressionEvaluationException {
                return getPrincipal((PrismObject<UserType>) prismObject);
            }
        };
    }

    @Test
    public void test000Sanity() throws Exception {
        TestUtil.displayTestTitle("test000Sanity");
        AssertJUnit.assertNotNull(getAuthenticationEvaluator());
        assertPrincipalJack(this.userProfileService.getPrincipal(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME));
    }

    @Test
    public void test100PasswordLoginGoodPasswordJack() throws Exception {
        TestUtil.displayTestTitle("test100PasswordLoginGoodPasswordJack");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen("test100PasswordLoginGoodPasswordJack");
        UsernamePasswordAuthenticationToken authenticate = getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getGoodPasswordJack()));
        TestUtil.displayThen("test100PasswordLoginGoodPasswordJack");
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        assertGoodPasswordAuthentication(authenticate, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 0);
        assertLastSuccessfulLogin(user, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
    }

    @Test
    public void test101PasswordLoginBadPasswordJack() throws Exception {
        TestUtil.displayTestTitle("test101PasswordLoginBadPasswordJack");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        try {
            TestUtil.displayWhen("test101PasswordLoginBadPasswordJack");
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e) {
            TestUtil.displayThen("test101PasswordLoginBadPasswordJack");
            display("expected exception", e);
            assertBadPasswordException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 1);
        assertUserLockout(user, LockoutStatusType.NORMAL);
        assertLastFailedLogin(user, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
    }

    @Test
    public void test102PasswordLoginNullPasswordJack() throws Exception {
        TestUtil.displayTestTitle("test102PasswordLoginNullPasswordJack");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        try {
            TestUtil.displayWhen("test102PasswordLoginNullPasswordJack");
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, null));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e) {
            TestUtil.displayThen("test102PasswordLoginNullPasswordJack");
            display("expected exception", e);
            assertPasswordEncodingException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 1);
        assertUserLockout(user, LockoutStatusType.NORMAL);
    }

    @Test
    public void test103PasswordLoginEmptyPasswordJack() throws Exception {
        TestUtil.displayTestTitle("test103PasswordLoginEmptyPasswordJack");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        try {
            TestUtil.displayWhen("test103PasswordLoginEmptyPasswordJack");
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, get103EmptyPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e) {
            TestUtil.displayThen("test103PasswordLoginEmptyPasswordJack");
            display("expected exception", e);
            assertPasswordEncodingException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 1);
        assertUserLockout(user, LockoutStatusType.NORMAL);
    }

    @Test
    public void test105PasswordLoginNullUsernameNullPassword() throws Exception {
        TestUtil.displayTestTitle("test105PasswordLoginNullUsernameNullPassword");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        try {
            TestUtil.displayWhen("test105PasswordLoginNullUsernameNullPassword");
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(null, null));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e) {
            TestUtil.displayThen("test105PasswordLoginNullUsernameNullPassword");
            display("expected exception", e);
            assertPasswordEncodingException(e, null);
        }
    }

    @Test
    public void test106PasswordLoginEmptyUsernameBadPassword() throws Exception {
        TestUtil.displayTestTitle("test106PasswordLoginEmptyUsernameBadPassword");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        try {
            TestUtil.displayWhen("test106PasswordLoginEmptyUsernameBadPassword");
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext("", getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (UsernameNotFoundException e) {
            TestUtil.displayThen("test106PasswordLoginEmptyUsernameBadPassword");
            display("expected exception", e);
            assertNoUserException(e, null);
        }
    }

    @Test
    public void test107PasswordLoginBadUsernameBadPassword() throws Exception {
        TestUtil.displayTestTitle("test107PasswordLoginBadUsernameBadPassword");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        try {
            TestUtil.displayWhen("test107PasswordLoginBadUsernameBadPassword");
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext("NoSuchUser", getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (UsernameNotFoundException e) {
            TestUtil.displayThen("test107PasswordLoginBadUsernameBadPassword");
            display("expected exception", e);
            assertNoUserException(e, null);
        }
    }

    @Test
    public void test125PasswordLoginBadPasswordJackAfterLockoutFailedAttemptsDuration() throws Exception {
        TestUtil.displayTestTitle("test125PasswordLoginBadPasswordJackAfterLockoutFailedAttemptsDuration");
        this.clock.overrideDuration("PT5M");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        try {
            TestUtil.displayWhen("test125PasswordLoginBadPasswordJackAfterLockoutFailedAttemptsDuration");
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e) {
            TestUtil.displayThen("test125PasswordLoginBadPasswordJackAfterLockoutFailedAttemptsDuration");
            display("expected exception", e);
            assertBadPasswordException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 1);
        assertLastFailedLogin(user, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
        assertUserLockout(user, LockoutStatusType.NORMAL);
    }

    @Test
    public void test130PasswordLoginLockout() throws Exception {
        TestUtil.displayTestTitle("test130PasswordLoginLockout");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen("test130PasswordLoginLockout");
        try {
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e) {
            display("expected exception", e);
            assertBadPasswordException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 2);
        assertUserLockout(user, LockoutStatusType.NORMAL);
        try {
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e2) {
            display("expected exception", e2);
            assertBadPasswordException(e2, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayThen("test130PasswordLoginLockout");
        PrismObject<UserType> user2 = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user2);
        assertFailedLogins(user2, 3);
        assertLastFailedLogin(user2, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
        assertUserLockout(user2, LockoutStatusType.LOCKED);
    }

    @Test
    public void test132PasswordLoginLockedoutGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test132PasswordLoginLockedoutGoodPassword");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        TestUtil.displayWhen("test132PasswordLoginLockedoutGoodPassword");
        try {
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getGoodPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (LockedException e) {
            TestUtil.displayThen("test132PasswordLoginLockedoutGoodPassword");
            display("expected exception", e);
            assertLockedException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 3);
        assertUserLockout(user, LockoutStatusType.LOCKED);
    }

    @Test
    public void test133PasswordLoginLockedoutBadPassword() throws Exception {
        TestUtil.displayTestTitle("test133PasswordLoginLockedoutBadPassword");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        TestUtil.displayWhen("test133PasswordLoginLockedoutBadPassword");
        try {
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (LockedException e) {
            TestUtil.displayThen("test133PasswordLoginLockedoutBadPassword");
            display("expected exception", e);
            assertLockedException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 3);
        assertUserLockout(user, LockoutStatusType.LOCKED);
    }

    @Test
    public void test135PasswordLoginLockedoutLockExpires() throws Exception {
        TestUtil.displayTestTitle("test135PasswordLoginLockedoutLockExpires");
        this.clock.overrideDuration("PT30M");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen("test135PasswordLoginLockedoutLockExpires");
        UsernamePasswordAuthenticationToken authenticate = getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getGoodPasswordJack()));
        TestUtil.displayThen("test135PasswordLoginLockedoutLockExpires");
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        assertGoodPasswordAuthentication(authenticate, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 0);
        assertLastSuccessfulLogin(user, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
        assertUserLockout(user, LockoutStatusType.NORMAL);
    }

    @Test
    public void test136PasswordLoginLockoutAgain() throws Exception {
        TestUtil.displayTestTitle("test136PasswordLoginLockoutAgain");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen("test136PasswordLoginLockoutAgain");
        try {
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e) {
            TestUtil.displayThen("test136PasswordLoginLockoutAgain");
            display("expected exception", e);
            assertBadPasswordException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 1);
        assertUserLockout(user, LockoutStatusType.NORMAL);
        try {
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e2) {
            TestUtil.displayThen("test136PasswordLoginLockoutAgain");
            display("expected exception", e2);
            assertBadPasswordException(e2, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        PrismObject<UserType> user2 = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user2);
        assertFailedLogins(user2, 2);
        assertUserLockout(user2, LockoutStatusType.NORMAL);
        try {
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getBadPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e3) {
            TestUtil.displayThen("test136PasswordLoginLockoutAgain");
            display("expected exception", e3);
            assertBadPasswordException(e3, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        PrismObject<UserType> user3 = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user3);
        assertFailedLogins(user3, 3);
        assertLastFailedLogin(user3, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
        assertUserLockout(user3, LockoutStatusType.LOCKED);
    }

    @Test
    public void test137PasswordLoginLockedoutGoodPasswordAgain() throws Exception {
        TestUtil.displayTestTitle("test137PasswordLoginLockedoutGoodPasswordAgain");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        TestUtil.displayWhen("test137PasswordLoginLockedoutGoodPasswordAgain");
        try {
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getGoodPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (LockedException e) {
            TestUtil.displayThen("test137PasswordLoginLockedoutGoodPasswordAgain");
            display("expected exception", e);
            assertLockedException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 3);
        assertUserLockout(user, LockoutStatusType.LOCKED);
    }

    @Test
    public void test138UnlockUserGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test138UnlockUserGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test138UnlockUserGoodPassword");
        OperationResult result = createTask.getResult();
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        TestUtil.displayWhen("test138UnlockUserGoodPassword");
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, createTask, result, new Object[]{LockoutStatusType.NORMAL});
        TestUtil.displayThen("test138UnlockUserGoodPassword");
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 0);
        assertUserLockout(user, LockoutStatusType.NORMAL);
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen("test138UnlockUserGoodPassword");
        UsernamePasswordAuthenticationToken authenticate = getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getGoodPasswordJack()));
        TestUtil.displayThen("test138UnlockUserGoodPassword");
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        assertGoodPasswordAuthentication(authenticate, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        PrismObject<UserType> user2 = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user2);
        assertFailedLogins(user2, 0);
        assertLastSuccessfulLogin(user2, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
        assertUserLockout(user2, LockoutStatusType.NORMAL);
    }

    @Test
    public void test139TryToLockByModelService() throws Exception {
        TestUtil.displayTestTitle("test139TryToLockByModelService");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test139TryToLockByModelService");
        OperationResult result = createTask.getResult();
        TestUtil.displayWhen("test139TryToLockByModelService");
        try {
            modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, createTask, result, new Object[]{LockoutStatusType.LOCKED});
            AssertJUnit.fail("Unexpected success");
        } catch (SchemaException e) {
            TestUtil.displayThen("test139TryToLockByModelService");
            display("expected exception", e);
        }
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 0);
        assertUserLockout(user, LockoutStatusType.NORMAL);
    }

    @Test
    public void test150PasswordLoginDisabledGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test150PasswordLoginDisabledGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test150PasswordLoginDisabledGoodPassword");
        OperationResult result = createTask.getResult();
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", ACTIVATION_ADMINISTRATIVE_STATUS_PATH, createTask, result, new Object[]{ActivationStatusType.DISABLED});
        loginJackGoodPasswordExpectDenied("test150PasswordLoginDisabledGoodPassword", createTask, result);
    }

    @Test
    public void test152PasswordLoginEnabledGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test152PasswordLoginEnabledGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test152PasswordLoginEnabledGoodPassword");
        OperationResult result = createTask.getResult();
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", ACTIVATION_ADMINISTRATIVE_STATUS_PATH, createTask, result, new Object[]{ActivationStatusType.ENABLED});
        loginJackGoodPasswordExpectSuccess("test152PasswordLoginEnabledGoodPassword", createTask, result);
    }

    @Test
    public void test154PasswordLoginNotValidYetGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test154PasswordLoginNotValidYetGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test154PasswordLoginNotValidYetGoodPassword");
        OperationResult result = createTask.getResult();
        XMLGregorianCalendar addDuration = XmlTypeConverter.addDuration(this.clock.currentTimeXMLGregorianCalendar(), "PT1H");
        XMLGregorianCalendar addDuration2 = XmlTypeConverter.addDuration(this.clock.currentTimeXMLGregorianCalendar(), "P2D");
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", ACTIVATION_ADMINISTRATIVE_STATUS_PATH, createTask, result, new Object[0]);
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", ACTIVATION_VALID_FROM_PATH, createTask, result, new Object[]{addDuration});
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", ACTIVATION_VALID_TO_PATH, createTask, result, new Object[]{addDuration2});
        loginJackGoodPasswordExpectDenied("test154PasswordLoginNotValidYetGoodPassword", createTask, result);
    }

    @Test
    public void test155PasswordLoginValidGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test155PasswordLoginValidGoodPassword");
        this.clock.overrideDuration("PT2H");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test155PasswordLoginValidGoodPassword");
        loginJackGoodPasswordExpectSuccess("test155PasswordLoginValidGoodPassword", createTask, createTask.getResult());
    }

    @Test
    public void test156PasswordLoginNotValidAnyLongerGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test156PasswordLoginNotValidAnyLongerGoodPassword");
        this.clock.overrideDuration("P2D");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test156PasswordLoginNotValidAnyLongerGoodPassword");
        loginJackGoodPasswordExpectDenied("test156PasswordLoginNotValidAnyLongerGoodPassword", createTask, createTask.getResult());
    }

    @Test
    public void test159PasswordLoginNoLongerValidEnabledGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test159PasswordLoginNoLongerValidEnabledGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test159PasswordLoginNoLongerValidEnabledGoodPassword");
        OperationResult result = createTask.getResult();
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", ACTIVATION_ADMINISTRATIVE_STATUS_PATH, createTask, result, new Object[]{ActivationStatusType.ENABLED});
        loginJackGoodPasswordExpectSuccess("test159PasswordLoginNoLongerValidEnabledGoodPassword", createTask, result);
    }

    @Test
    public void test160PasswordLoginLifecycleActiveGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test160PasswordLoginLifecycleActiveGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test160PasswordLoginLifecycleActiveGoodPassword");
        OperationResult result = createTask.getResult();
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", UserType.F_LIFECYCLE_STATE, createTask, result, new Object[]{"active"});
        loginJackGoodPasswordExpectSuccess("test160PasswordLoginLifecycleActiveGoodPassword", createTask, result);
    }

    @Test
    public void test162PasswordLoginLifecycleDraftGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test162PasswordLoginLifecycleDraftGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test162PasswordLoginLifecycleDraftGoodPassword");
        OperationResult result = createTask.getResult();
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", UserType.F_LIFECYCLE_STATE, createTask, result, new Object[]{"draft"});
        loginJackGoodPasswordExpectDenied("test162PasswordLoginLifecycleDraftGoodPassword", createTask, result);
    }

    @Test
    public void test164PasswordLoginLifecycleDeprecatedGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test164PasswordLoginLifecycleDeprecatedGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test164PasswordLoginLifecycleDeprecatedGoodPassword");
        OperationResult result = createTask.getResult();
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", UserType.F_LIFECYCLE_STATE, createTask, result, new Object[]{"deprecated"});
        loginJackGoodPasswordExpectSuccess("test164PasswordLoginLifecycleDeprecatedGoodPassword", createTask, result);
    }

    @Test
    public void test166PasswordLoginLifecycleProposedGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test166PasswordLoginLifecycleProposedGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test166PasswordLoginLifecycleProposedGoodPassword");
        OperationResult result = createTask.getResult();
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", UserType.F_LIFECYCLE_STATE, createTask, result, new Object[]{"proposed"});
        loginJackGoodPasswordExpectDenied("test166PasswordLoginLifecycleProposedGoodPassword", createTask, result);
    }

    @Test
    public void test168PasswordLoginLifecycleArchivedGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test168PasswordLoginLifecycleArchivedGoodPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test168PasswordLoginLifecycleArchivedGoodPassword");
        OperationResult result = createTask.getResult();
        modifyUserReplace("c0c010c0-d34d-b33f-f00d-111111111111", UserType.F_LIFECYCLE_STATE, createTask, result, new Object[]{"archived"});
        loginJackGoodPasswordExpectDenied("test168PasswordLoginLifecycleArchivedGoodPassword", createTask, result);
    }

    @Test
    public void test200UserGuybrushSetCredentials() throws Exception {
        TestUtil.displayTestTitle("test200UserGuybrushSetPassword");
        Task createTask = createTask(TestAbstractAuthenticationEvaluator.class.getName() + ".test200UserGuybrushSetPassword");
        OperationResult result = createTask.getResult();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen("test200UserGuybrushSetPassword");
        modifyUserCredential(createTask, result);
        TestUtil.displayThen("test200UserGuybrushSetPassword");
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111116");
        display("user after", user);
        assertPasswordMetadata(user, getCredentialType(), false, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2, null, SchemaConstants.CHANNEL_GUI_USER_URI);
        assertFailedLogins(user, 0);
    }

    @Test
    public void test201UserGuybrushPasswordLoginGoodPassword() throws Exception {
        TestUtil.displayTestTitle("test201UserGuybrushPasswordLoginGoodPassword");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen("test201UserGuybrushPasswordLoginGoodPassword");
        UsernamePasswordAuthenticationToken authenticate = getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_GUYBRUSH_DUMMY_USERNAME, getGoodPasswordGuybrush()));
        TestUtil.displayThen("test201UserGuybrushPasswordLoginGoodPassword");
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        assertGoodPasswordAuthentication(authenticate, AbstractInternalModelIntegrationTest.ACCOUNT_GUYBRUSH_DUMMY_USERNAME);
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111116");
        display("user after", user);
        assertFailedLogins(user, 0);
        assertLastSuccessfulLogin(user, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
    }

    @Test
    public void test202UserGuybrushPasswordLoginBadPassword() throws Exception {
        TestUtil.displayTestTitle("test202UserGuybrushPasswordLoginBadPassword");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        try {
            TestUtil.displayWhen("test202UserGuybrushPasswordLoginBadPassword");
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_GUYBRUSH_DUMMY_USERNAME, getBadPasswordGuybrush()));
            AssertJUnit.fail("Unexpected success");
        } catch (BadCredentialsException e) {
            TestUtil.displayThen("test202UserGuybrushPasswordLoginBadPassword");
            display("expected exception", e);
            assertBadPasswordException(e, AbstractInternalModelIntegrationTest.ACCOUNT_GUYBRUSH_DUMMY_USERNAME);
        }
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111116");
        display("user after", user);
        assertFailedLogins(user, 1);
        assertLastFailedLogin(user, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
    }

    @Test
    public void test209UserGuybrushPasswordLoginGoodPasswordBeforeExpiration() throws Exception {
        TestUtil.displayTestTitle("test209UserGuybrushPasswordLoginGoodPasswordBeforeExpiration");
        this.clock.overrideDuration("P29D");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen("test209UserGuybrushPasswordLoginGoodPasswordBeforeExpiration");
        UsernamePasswordAuthenticationToken authenticate = getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_GUYBRUSH_DUMMY_USERNAME, getGoodPasswordGuybrush()));
        TestUtil.displayThen("test209UserGuybrushPasswordLoginGoodPasswordBeforeExpiration");
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        assertGoodPasswordAuthentication(authenticate, AbstractInternalModelIntegrationTest.ACCOUNT_GUYBRUSH_DUMMY_USERNAME);
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111116");
        display("user after", user);
        assertFailedLogins(user, 0);
        assertLastSuccessfulLogin(user, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
    }

    @Test
    public void test210UserGuybrushPasswordLoginGoodPasswordExpired() throws Exception {
        TestUtil.displayTestTitle("test210UserGuybrushPasswordLoginGoodPasswordExpired");
        this.clock.overrideDuration("P2D");
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        this.clock.currentTimeXMLGregorianCalendar();
        try {
            TestUtil.displayWhen("test210UserGuybrushPasswordLoginGoodPasswordExpired");
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_GUYBRUSH_DUMMY_USERNAME, getGoodPasswordGuybrush()));
            AssertJUnit.fail("Unexpected success");
        } catch (CredentialsExpiredException e) {
            TestUtil.displayThen("test210UserGuybrushPasswordLoginGoodPasswordExpired");
            display("expected exception", e);
            assertExpiredException(e, AbstractInternalModelIntegrationTest.ACCOUNT_GUYBRUSH_DUMMY_USERNAME);
        }
        this.clock.currentTimeXMLGregorianCalendar();
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111116");
        display("user after", user);
        assertFailedLogins(user, 0);
    }

    private void assertGoodPasswordAuthentication(Authentication authentication, String str) {
        AssertJUnit.assertNotNull("No authentication", authentication);
        AssertJUnit.assertTrue("authentication: not authenticated", authentication.isAuthenticated());
        MidPointAsserts.assertInstanceOf("authentication", authentication, UsernamePasswordAuthenticationToken.class);
        AssertJUnit.assertEquals("authentication: principal mismatch", str, ((MidPointPrincipal) authentication.getPrincipal()).getUsername());
    }

    private void assertBadPasswordException(BadCredentialsException badCredentialsException, String str) {
        AssertJUnit.assertEquals("Wrong exception meessage (key)", this.messages.getMessage("web.security.provider.invalid"), getTranslatedMessage(badCredentialsException));
    }

    private String getTranslatedMessage(Throwable th) {
        return this.localizationService.translate(th.getMessage(), new Object[0], Locale.getDefault());
    }

    private void assertPasswordEncodingException(BadCredentialsException badCredentialsException, String str) {
        AssertJUnit.assertEquals("Wrong exception meessage (key)", this.messages.getMessage("web.security.provider.password.encoding"), getTranslatedMessage(badCredentialsException));
    }

    private void assertDeniedException(AccessDeniedException accessDeniedException, String str) {
        AssertJUnit.assertEquals("Wrong exception meessage (key)", this.messages.getMessage("web.security.provider.access.denied"), getTranslatedMessage(accessDeniedException));
    }

    private void assertLockedException(LockedException lockedException, String str) {
        AssertJUnit.assertEquals("Wrong exception meessage (key)", this.messages.getMessage("web.security.provider.locked"), getTranslatedMessage(lockedException));
    }

    private void assertDisabledException(DisabledException disabledException, String str) {
        AssertJUnit.assertEquals("Wrong exception meessage (key)", this.messages.getMessage("web.security.provider.disabled"), getTranslatedMessage(disabledException));
    }

    private void assertExpiredException(CredentialsExpiredException credentialsExpiredException, String str) {
        AssertJUnit.assertEquals("Wrong exception meessage (key)", this.messages.getMessage("web.security.provider.credential.expired"), getTranslatedMessage(credentialsExpiredException));
    }

    private void assertNoUserException(UsernameNotFoundException usernameNotFoundException, String str) {
        AssertJUnit.assertEquals("Wrong exception meessage (key)", this.messages.getMessage("web.security.provider.invalid"), getTranslatedMessage(usernameNotFoundException));
    }

    private ConnectionEnvironment createConnectionEnvironment() {
        HttpConnectionInformation httpConnectionInformation = new HttpConnectionInformation();
        httpConnectionInformation.setRemoteHostAddress("remote.example.com");
        return new ConnectionEnvironment((String) null, httpConnectionInformation);
    }

    private void assertFailedLogins(PrismObject<UserType> prismObject, int i) {
        if (i == 0 && getCredentialUsedForAuthentication(prismObject.asObjectable()).getFailedLogins() == null) {
            return;
        }
        AssertJUnit.assertEquals("Wrong failed logins in " + prismObject, Integer.valueOf(i), getCredentialUsedForAuthentication(prismObject.asObjectable()).getFailedLogins());
    }

    private void assertLastSuccessfulLogin(PrismObject<UserType> prismObject, XMLGregorianCalendar xMLGregorianCalendar, XMLGregorianCalendar xMLGregorianCalendar2) {
        LoginEventType lastSuccessfulLogin = getCredentialUsedForAuthentication(prismObject.asObjectable()).getLastSuccessfulLogin();
        AssertJUnit.assertNotNull("no last successful login in " + prismObject, lastSuccessfulLogin);
        TestUtil.assertBetween("wrong last successful login timestamp", xMLGregorianCalendar, xMLGregorianCalendar2, lastSuccessfulLogin.getTimestamp());
    }

    private void assertLastFailedLogin(PrismObject<UserType> prismObject, XMLGregorianCalendar xMLGregorianCalendar, XMLGregorianCalendar xMLGregorianCalendar2) {
        LoginEventType lastFailedLogin = getCredentialUsedForAuthentication(prismObject.asObjectable()).getLastFailedLogin();
        AssertJUnit.assertNotNull("no last failed login in " + prismObject, lastFailedLogin);
        TestUtil.assertBetween("wrong last failed login timestamp", xMLGregorianCalendar, xMLGregorianCalendar2, lastFailedLogin.getTimestamp());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void addFakeAuthorization(MidPointPrincipal midPointPrincipal) {
        if (midPointPrincipal != null && midPointPrincipal.getAuthorities().isEmpty()) {
            AuthorizationType authorizationType = new AuthorizationType();
            authorizationType.getAction().add("FAKE");
            midPointPrincipal.getAuthorities().add(new Authorization(authorizationType));
        }
    }

    private void assertPrincipalJack(MidPointPrincipal midPointPrincipal) {
        display("principal", midPointPrincipal);
        AssertJUnit.assertEquals("Bad principal name", AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, midPointPrincipal.getName().getOrig());
        AssertJUnit.assertEquals("Bad principal name", AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, midPointPrincipal.getUsername());
        UserType user = midPointPrincipal.getUser();
        AssertJUnit.assertNotNull("No user in principal", user);
        AssertJUnit.assertEquals("Bad name in user in principal", AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, user.getName().getOrig());
    }

    private void loginJackGoodPasswordExpectSuccess(String str, Task task, OperationResult operationResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
        display("now", this.clock.currentTimeXMLGregorianCalendar());
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        XMLGregorianCalendar currentTimeXMLGregorianCalendar = this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen(str);
        UsernamePasswordAuthenticationToken authenticate = getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getGoodPasswordJack()));
        TestUtil.displayThen(str);
        XMLGregorianCalendar currentTimeXMLGregorianCalendar2 = this.clock.currentTimeXMLGregorianCalendar();
        assertGoodPasswordAuthentication(authenticate, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 0);
        assertLastSuccessfulLogin(user, currentTimeXMLGregorianCalendar, currentTimeXMLGregorianCalendar2);
    }

    private void loginJackGoodPasswordExpectDenied(String str, Task task, OperationResult operationResult) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException {
        display("now", this.clock.currentTimeXMLGregorianCalendar());
        ConnectionEnvironment createConnectionEnvironment = createConnectionEnvironment();
        this.clock.currentTimeXMLGregorianCalendar();
        TestUtil.displayWhen(str);
        try {
            getAuthenticationEvaluator().authenticate(createConnectionEnvironment, getAuthenticationContext(AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME, getGoodPasswordJack()));
            AssertJUnit.fail("Unexpected success");
        } catch (DisabledException e) {
            TestUtil.displayThen(str);
            display("expected exception", e);
            assertDisabledException(e, AbstractInternalModelIntegrationTest.ACCOUNT_JACK_DUMMY_USERNAME);
        }
        PrismObject<UserType> user = getUser("c0c010c0-d34d-b33f-f00d-111111111111");
        display("user after", user);
        assertFailedLogins(user, 0);
    }
}
