package org.alfresco.repo.security.authentication;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.transaction.UserTransaction;
import junit.framework.TestCase;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.cache.SimpleCache;
import org.alfresco.repo.policy.PolicyComponent;
import org.alfresco.repo.tenant.TenantService;
import org.alfresco.repo.transaction.AlfrescoTransactionSupport;
import org.alfresco.service.ServiceRegistry;
import org.alfresco.service.cmr.repository.InvalidNodeRefException;
import org.alfresco.service.cmr.repository.NodeRef;
import org.alfresco.service.cmr.repository.NodeService;
import org.alfresco.util.ApplicationContextHelper;
import org.springframework.context.ApplicationContext;

/* loaded from: input_file:org/alfresco/repo/security/authentication/UpgradePasswordHashTest.class */
public class UpgradePasswordHashTest extends TestCase {
    private static ApplicationContext ctx = ApplicationContextHelper.getApplicationContext();
    private UserTransaction userTransaction;
    private ServiceRegistry serviceRegistry;
    private NodeService nodeService;
    private RepositoryAuthenticationDao repositoryAuthenticationDao;
    private CompositePasswordEncoder compositePasswordEncoder;
    private UpgradePasswordHashWorker upgradePasswordHashWorker;
    private List<String> testUserNames;
    private List<NodeRef> testUsers;

    public UpgradePasswordHashTest() {
    }

    public UpgradePasswordHashTest(String str) {
        super(str);
    }

    public void setUp() throws Exception {
        if (AlfrescoTransactionSupport.getTransactionReadState() != AlfrescoTransactionSupport.TxnReadState.TXN_NONE) {
            throw new AlfrescoRuntimeException("A previous tests did not clean up transaction: " + AlfrescoTransactionSupport.getTransactionId());
        }
        this.serviceRegistry = (ServiceRegistry) ctx.getBean("ServiceRegistry");
        SimpleCache simpleCache = (SimpleCache) ctx.getBean("authenticationCache");
        SimpleCache simpleCache2 = (SimpleCache) ctx.getBean("immutableSingletonCache");
        TenantService tenantService = (TenantService) ctx.getBean("tenantService");
        this.compositePasswordEncoder = (CompositePasswordEncoder) ctx.getBean("compositePasswordEncoder");
        PolicyComponent policyComponent = (PolicyComponent) ctx.getBean("policyComponent");
        this.repositoryAuthenticationDao = new RepositoryAuthenticationDao();
        this.repositoryAuthenticationDao.setTransactionService(this.serviceRegistry.getTransactionService());
        this.repositoryAuthenticationDao.setAuthorityService(this.serviceRegistry.getAuthorityService());
        this.repositoryAuthenticationDao.setTenantService(tenantService);
        this.repositoryAuthenticationDao.setNodeService(this.serviceRegistry.getNodeService());
        this.repositoryAuthenticationDao.setNamespaceService(this.serviceRegistry.getNamespaceService());
        this.repositoryAuthenticationDao.setCompositePasswordEncoder(this.compositePasswordEncoder);
        this.repositoryAuthenticationDao.setPolicyComponent(policyComponent);
        this.repositoryAuthenticationDao.setAuthenticationCache(simpleCache);
        this.repositoryAuthenticationDao.setSingletonCache(simpleCache2);
        this.upgradePasswordHashWorker = (UpgradePasswordHashWorker) ctx.getBean("upgradePasswordHashWorker");
        this.nodeService = this.serviceRegistry.getNodeService();
        AuthenticationUtil.setFullyAuthenticatedUser(AuthenticationUtil.getSystemUserName());
    }

    protected void createTestUsers(String str) throws Exception {
        this.userTransaction = this.serviceRegistry.getTransactionService().getUserTransaction();
        this.userTransaction.begin();
        this.testUsers = new ArrayList(5);
        this.testUsers.add(createUser("king" + str, "king".toCharArray(), str));
        this.testUsers.add(createUser("kin" + str, "Kong".toCharArray(), str));
        this.testUsers.add(createUser("ding" + str, "dong".toCharArray(), str));
        this.testUsers.add(createUser("ping" + str, "pong".toCharArray(), str));
        this.testUsers.add(createUser("pin" + str, "pop".toCharArray(), str));
        this.userTransaction.commit();
    }

    private NodeRef createUser(String str, char[] cArr, String str2) {
        try {
            this.repositoryAuthenticationDao.createUser(str, cArr);
        } catch (AuthenticationException e) {
            if (!e.getMessage().contains("User already exists")) {
                throw e;
            }
        }
        NodeRef userOrNull = this.repositoryAuthenticationDao.getUserOrNull(str);
        if (userOrNull == null) {
            throw new AuthenticationException("User name does not exist: " + str);
        }
        Map properties = this.nodeService.getProperties(userOrNull);
        properties.remove(ContentModel.PROP_PASSWORD_HASH);
        properties.remove(ContentModel.PROP_HASH_INDICATOR);
        properties.remove(ContentModel.PROP_PASSWORD);
        properties.remove(ContentModel.PROP_PASSWORD_SHA256);
        properties.put("sha256".equals(str2) ? ContentModel.PROP_PASSWORD_SHA256 : ContentModel.PROP_PASSWORD, this.compositePasswordEncoder.encode(str2, new String(cArr), (Object) null));
        this.nodeService.setProperties(userOrNull, properties);
        return userOrNull;
    }

    protected void deleteTestUsers() throws Exception {
        Iterator<NodeRef> it = this.testUsers.iterator();
        while (it.hasNext()) {
            try {
                this.nodeService.deleteNode(it.next());
            } catch (InvalidNodeRefException unused) {
            }
        }
        this.testUsers.clear();
    }

    protected void tearDown() throws Exception {
        deleteTestUsers();
        if (this.userTransaction.getStatus() == 0 || this.userTransaction.getStatus() == 1) {
            this.userTransaction.rollback();
        }
        AuthenticationUtil.clearCurrentSecurityContext();
        super.tearDown();
    }

    public void testWorkerWithDefaultConfiguration() throws Exception {
        List<String> asList = Arrays.asList("md4", "bcrypt10");
        createTestUsers("md4");
        runWorker(asList);
    }

    public void testWorkerWithCloudDefaultConfiguration() throws Exception {
        List<String> asList = Arrays.asList("sha256", "bcrypt10");
        createTestUsers("sha256");
        runWorker(asList);
    }

    public void testWorkerWithLegacyConfiguration() throws Exception {
        List<String> asList = Arrays.asList("md4");
        createTestUsers("md4");
        runWorker(asList);
    }

    public void testWorkerWithLegacy256Configuration() throws Exception {
        List<String> asList = Arrays.asList("sha256");
        createTestUsers("sha256");
        runWorker(asList);
    }

    private void runWorker(List<String> list) throws Exception {
        this.compositePasswordEncoder.setPreferredEncoding(list.get(list.size() - 1));
        this.upgradePasswordHashWorker.setCompositePasswordEncoder(this.compositePasswordEncoder);
        this.userTransaction = this.serviceRegistry.getTransactionService().getUserTransaction();
        this.userTransaction.begin();
        for (NodeRef nodeRef : this.testUsers) {
            assertNull("The hash indicator should not be set", this.nodeService.getProperty(nodeRef, ContentModel.PROP_HASH_INDICATOR));
            assertNull("The password hash should not be set", this.nodeService.getProperty(nodeRef, ContentModel.PROP_PASSWORD_HASH));
        }
        this.upgradePasswordHashWorker.execute();
        this.userTransaction.commit();
        this.userTransaction = this.serviceRegistry.getTransactionService().getUserTransaction();
        this.userTransaction.begin();
        for (NodeRef nodeRef2 : this.testUsers) {
            assertNotNull("The password hash should be set", this.nodeService.getProperty(nodeRef2, ContentModel.PROP_PASSWORD_HASH));
            assertEquals(list, this.nodeService.getProperty(nodeRef2, ContentModel.PROP_HASH_INDICATOR));
            assertNull("The md4 password should not be set", this.nodeService.getProperty(nodeRef2, ContentModel.PROP_PASSWORD));
            assertNull("The sh256 password should not be set", this.nodeService.getProperty(nodeRef2, ContentModel.PROP_PASSWORD_SHA256));
        }
    }
}
