package org.infinispan.security;

import java.io.IOException;
import java.io.ObjectInput;
import java.io.ObjectOutput;
import java.io.Serializable;
import java.security.Principal;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
import java.util.function.Function;
import javax.security.auth.Subject;
import org.infinispan.Cache;
import org.infinispan.commons.marshall.AbstractExternalizer;
import org.infinispan.configuration.cache.AuthorizationConfigurationBuilder;
import org.infinispan.configuration.cache.CacheMode;
import org.infinispan.configuration.cache.ConfigurationBuilder;
import org.infinispan.configuration.global.GlobalAuthorizationConfigurationBuilder;
import org.infinispan.configuration.global.GlobalConfigurationBuilder;
import org.infinispan.manager.ClusterExecutor;
import org.infinispan.manager.EmbeddedCacheManager;
import org.infinispan.persistence.ActivationDuringEvictTest;
import org.infinispan.security.mappers.IdentityRoleMapper;
import org.infinispan.test.MultipleCacheManagersTest;
import org.infinispan.test.TestingUtil;
import org.testng.AssertJUnit;
import org.testng.annotations.AfterClass;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.Test;

@Test(groups = {"functional"}, testName = "security.ClusteredSecureCacheTest")
/* loaded from: input_file:org/infinispan/security/ClusteredSecureCacheTest.class */
public class ClusteredSecureCacheTest extends MultipleCacheManagersTest {
    static final Map<AuthorizationPermission, Subject> SUBJECTS = TestingUtil.makeAllSubjects();
    static final Subject ADMIN = SUBJECTS.get(AuthorizationPermission.ALL);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/infinispan/security/ClusteredSecureCacheTest$SecureConsumer.class */
    public static class SecureConsumer implements Function<EmbeddedCacheManager, Subject>, Serializable {

        /* loaded from: input_file:org/infinispan/security/ClusteredSecureCacheTest$SecureConsumer$Externalizer.class */
        public static class Externalizer extends AbstractExternalizer<SecureConsumer> {
            public Set<Class<? extends SecureConsumer>> getTypeClasses() {
                return Collections.singleton(SecureConsumer.class);
            }

            public void writeObject(ObjectOutput objectOutput, SecureConsumer secureConsumer) throws IOException {
            }

            /* renamed from: readObject, reason: merged with bridge method [inline-methods] */
            public SecureConsumer m391readObject(ObjectInput objectInput) throws IOException, ClassNotFoundException {
                return new SecureConsumer();
            }
        }

        SecureConsumer() {
        }

        @Override // java.util.function.Function
        public Subject apply(EmbeddedCacheManager embeddedCacheManager) {
            return Security.getSubject();
        }
    }

    public CacheMode getCacheMode() {
        return CacheMode.REPL_SYNC;
    }

    @Override // org.infinispan.test.MultipleCacheManagersTest
    protected void createCacheManagers() throws Throwable {
        GlobalConfigurationBuilder defaultClusteredBuilder = GlobalConfigurationBuilder.defaultClusteredBuilder();
        ConfigurationBuilder defaultClusteredCacheConfig = getDefaultClusteredCacheConfig(getCacheMode());
        GlobalAuthorizationConfigurationBuilder principalRoleMapper = defaultClusteredBuilder.security().authorization().enable().principalRoleMapper(new IdentityRoleMapper());
        for (AuthorizationPermission authorizationPermission : AuthorizationPermission.values()) {
            principalRoleMapper.role(authorizationPermission.toString()).permission(authorizationPermission);
        }
        defaultClusteredBuilder.serialization().addAdvancedExternalizer(4321, new SecureConsumer.Externalizer());
        AuthorizationConfigurationBuilder enable = defaultClusteredCacheConfig.security().authorization().enable();
        for (AuthorizationPermission authorizationPermission2 : AuthorizationPermission.values()) {
            enable.role(authorizationPermission2.toString());
        }
        Security.doAs(ADMIN, () -> {
            createCluster(defaultClusteredBuilder, defaultClusteredCacheConfig, 2);
            waitForClusterToForm();
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.infinispan.test.MultipleCacheManagersTest
    @AfterClass(alwaysRun = true)
    public void destroy() {
        Security.doAs(ADMIN, () -> {
            super.destroy();
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.infinispan.test.MultipleCacheManagersTest
    @AfterMethod(alwaysRun = true)
    public void clearContent() throws Throwable {
        Security.doAs(ADMIN, () -> {
            try {
                super.clearContent();
            } catch (Throwable th) {
                throw new RuntimeException(th);
            }
        });
    }

    public void testClusteredSecureCache() {
        Security.doAs(ADMIN, () -> {
            Cache cache = mo375cache(0);
            Cache cache2 = mo375cache(1);
            cache.put(ActivationDuringEvictTest.KEY, ActivationDuringEvictTest.KEY);
            cache2.put(ActivationDuringEvictTest.VALUE, ActivationDuringEvictTest.VALUE);
            AssertJUnit.assertEquals(ActivationDuringEvictTest.KEY, (String) cache2.get(ActivationDuringEvictTest.KEY));
            AssertJUnit.assertEquals(ActivationDuringEvictTest.VALUE, (String) cache.get(ActivationDuringEvictTest.VALUE));
        });
    }

    public void testSecureClusteredExecutor() {
        ClusterExecutor clusterExecutor = (ClusterExecutor) Security.doAs(SUBJECTS.get(AuthorizationPermission.EXEC), () -> {
            return mo175manager(0).executor();
        });
        for (AuthorizationPermission authorizationPermission : AuthorizationPermission.values()) {
            Subject subject = SUBJECTS.get(authorizationPermission);
            Security.doAs(subject, () -> {
                clusterExecutor.allNodeSubmission().submitConsumer(new SecureConsumer(), (address, subject2, th) -> {
                    if (th != null) {
                        throw new RuntimeException(th);
                    }
                    for (Principal principal : subject2.getPrincipals()) {
                        subject.getPrincipals().stream().filter(principal2 -> {
                            return principal2.getName().equals(principal.getName());
                        }).findFirst().orElseThrow();
                    }
                });
            });
        }
    }
}
