package com.evolveum.midpoint.model.impl.lens;

import com.evolveum.midpoint.model.impl.AbstractInternalModelIntegrationTest;
import com.evolveum.midpoint.prism.PrismObject;
import com.evolveum.midpoint.prism.crypto.EncryptionException;
import com.evolveum.midpoint.schema.constants.SchemaConstants;
import com.evolveum.midpoint.schema.result.OperationResult;
import com.evolveum.midpoint.task.api.Task;
import com.evolveum.midpoint.test.TestResource;
import com.evolveum.midpoint.test.util.TestUtil;
import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
import com.evolveum.midpoint.util.exception.PolicyViolationException;
import com.evolveum.midpoint.util.exception.SchemaException;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.FocusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SecurityPolicyType;
import com.evolveum.prism.xml.ns._public.types_3.ProtectedStringType;
import java.io.File;
import org.jetbrains.annotations.NotNull;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
import org.testng.AssertJUnit;
import org.testng.annotations.Test;

@ContextConfiguration(locations = {"classpath:ctx-model-test-main.xml"})
@DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
/* loaded from: input_file:com/evolveum/midpoint/model/impl/lens/TestPasswordPolicyProcessor.class */
public abstract class TestPasswordPolicyProcessor<F extends FocusType> extends AbstractLensTest {
    static final File TEST_DIR = new File(AbstractLensTest.TEST_DIR, "ppolicy");
    private static final String OLD_PASSWORD = "deadmentellnotales";
    private static final String PASSWORD1 = "ch4nGedPa33word1";
    private static final String PASSWORD2 = "ch4nGedPa33word2";
    private static final String PASSWORD3 = "ch4nGedPa33word3";

    @Override // com.evolveum.midpoint.model.impl.lens.AbstractLensTest, com.evolveum.midpoint.model.impl.AbstractInternalModelIntegrationTest, com.evolveum.midpoint.model.impl.AbstractModelImplementationIntegrationTest
    public void initSystem(Task task, OperationResult operationResult) throws Exception {
        super.initSystem(task, operationResult);
    }

    abstract Class<F> getType();

    abstract TestResource getTestResource();

    private String getOid() {
        return getTestResource().oid;
    }

    @Test
    public void test000initPasswordPolicyForHistory() throws Exception {
        setPasswordHistoryLength(3);
    }

    @Test
    public void test100CreateFocusWithPassword() throws Exception {
        addObject(getTestResource(), getTestTask(), getTestOperationResult());
        assertPasswordHistoryEntries(getFocus(), new String[0]);
    }

    @NotNull
    private PrismObject<F> getFocus() throws Exception {
        PrismObject<F> object = getObject(getType(), getOid());
        AssertJUnit.assertNotNull("Focus was not found.", object);
        return object;
    }

    @Test
    public void test110ModifyPassword() throws Exception {
        modifyFocusChangePassword(getType(), getOid(), PASSWORD1, getTestTask(), getTestOperationResult());
        CredentialsType credentials = getFocus().asObjectable().getCredentials();
        AssertJUnit.assertNotNull("No credentials found", credentials);
        PasswordType password = credentials.getPassword();
        AssertJUnit.assertNotNull("No password found", password);
        ProtectedStringType value = password.getValue();
        AssertJUnit.assertNotNull("Password mustn't be null", value);
        assertPasswords(PASSWORD1, value);
        assertPasswordHistoryEntries(password, new String[]{OLD_PASSWORD});
    }

    @Test
    public void test120ModifyPasswordSecondTime() throws Exception {
        modifyFocusChangePassword(getType(), getOid(), PASSWORD2, getTestTask(), getTestOperationResult());
        CredentialsType credentials = getFocus().asObjectable().getCredentials();
        AssertJUnit.assertNotNull("No credentials found", credentials);
        PasswordType password = credentials.getPassword();
        AssertJUnit.assertNotNull("No password found", password);
        ProtectedStringType value = password.getValue();
        AssertJUnit.assertNotNull("Password mustn't be null", value);
        assertPasswords(PASSWORD2, value);
        assertPasswordHistoryEntries(password, new String[]{OLD_PASSWORD, PASSWORD1});
    }

    @Test
    public void test130ModifyPasswordThirdTime() throws Exception {
        modifyFocusChangePassword(getType(), getOid(), PASSWORD3, getTestTask(), getTestOperationResult());
        CredentialsType credentials = getFocus().asObjectable().getCredentials();
        AssertJUnit.assertNotNull("No credentials found", credentials);
        PasswordType password = credentials.getPassword();
        AssertJUnit.assertNotNull("No password found", password);
        ProtectedStringType value = password.getValue();
        AssertJUnit.assertNotNull("Password mustn't be null", value);
        assertPasswords(PASSWORD3, value);
        assertPasswordHistoryEntries(password, new String[]{PASSWORD1, PASSWORD2});
    }

    @Test
    public void test140ModifyPasswordOldPassword1() throws Exception {
        doTestModifyPasswordExpectFailure(PASSWORD1);
    }

    @Test
    public void test150ModifyPasswordOldPassword2() throws Exception {
        doTestModifyPasswordExpectFailure(PASSWORD2);
    }

    @Test
    public void test160ModifyPasswordSamePassword3() throws Exception {
        doTestModifyPasswordExpectFailure(PASSWORD3);
    }

    private void doTestModifyPasswordExpectFailure(String str) throws Exception {
        Task testTask = getTestTask();
        OperationResult testOperationResult = getTestOperationResult();
        try {
            modifyFocusChangePassword(getType(), getOid(), str, testTask, testOperationResult);
            fail("Expected PolicyViolationException but didn't get one.");
        } catch (PolicyViolationException e) {
            displayExpectedException(e);
            testOperationResult.computeStatus();
            TestUtil.assertFailure(testOperationResult);
        }
    }

    @Test
    public void test200InitNoHistoryPasswordPolicy() throws Exception {
        setPasswordHistoryLength(0);
    }

    @Test
    public void test201deleteFocus() throws Exception {
        deleteObject(getType(), getOid());
        try {
            getObject(getType(), getOid());
            fail("Unexpected focus object, should be deleted.");
        } catch (ObjectNotFoundException e) {
        }
    }

    @Test
    public void test210CreateFocusNoPasswordHistory() throws Exception {
        addObject(getTestResource(), getTestTask(), getTestOperationResult());
        CredentialsType credentials = getFocus().asObjectable().getCredentials();
        AssertJUnit.assertNotNull("Focus has no credentials", credentials);
        PasswordType password = credentials.getPassword();
        AssertJUnit.assertNotNull("Focus has no password", password);
        AssertJUnit.assertEquals("Wrong # of history entries", 0, password.getHistoryEntry().size());
    }

    @Test
    public void test220ModifyPasswordNoPasswordHistory() throws Exception {
        modifyPasswordNoHistory();
    }

    @Test
    public void test230ModifySamePasswordNoPasswordHistory() throws Exception {
        modifyPasswordNoHistory();
    }

    private void modifyPasswordNoHistory() throws Exception {
        Task testTask = getTestTask();
        OperationResult testOperationResult = getTestOperationResult();
        ProtectedStringType protectedStringType = new ProtectedStringType();
        protectedStringType.setClearValue("n0Hist0ryEntr7");
        modifyObjectReplaceProperty(getType(), getOid(), SchemaConstants.PATH_CREDENTIALS_PASSWORD_VALUE, testTask, testOperationResult, new Object[]{protectedStringType});
        CredentialsType credentials = getFocus().asObjectable().getCredentials();
        AssertJUnit.assertNotNull("Focus has no credentials", credentials);
        PasswordType password = credentials.getPassword();
        AssertJUnit.assertNotNull("Focus has no password", password);
        AssertJUnit.assertEquals("Wrong # of history entries", 0, password.getHistoryEntry().size());
    }

    private void assertPasswords(String str, ProtectedStringType protectedStringType) throws SchemaException, EncryptionException {
        ProtectedStringType protectedStringType2 = new ProtectedStringType();
        protectedStringType2.setClearValue(str);
        AssertJUnit.assertTrue("Password doesn't match", this.protector.compareCleartext(protectedStringType2, protectedStringType));
    }

    private void setPasswordHistoryLength(int i) throws Exception {
        modifyObjectReplaceProperty(SecurityPolicyType.class, AbstractInternalModelIntegrationTest.SECURITY_POLICY_OID, SchemaConstants.PATH_CREDENTIALS_PASSWORD_HISTORY_LENGTH, getTestTask(), getTestOperationResult(), new Object[]{Integer.valueOf(i)});
    }
}
