package pl.edu.icm.unity.ldap;

import com.unboundid.ldap.listener.InMemoryDirectoryServer;
import com.unboundid.ldap.sdk.LDAPException;
import eu.emi.security.authn.x509.impl.KeystoreCredential;
import eu.unicore.util.httpclient.ServerHostnameCheckingMode;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Pattern;
import org.hamcrest.CoreMatchers;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Ignore;
import org.junit.Test;
import pl.edu.icm.unity.engine.api.PKIManagement;
import pl.edu.icm.unity.engine.api.authn.remote.RemoteAttribute;
import pl.edu.icm.unity.engine.api.authn.remote.RemoteGroupMembership;
import pl.edu.icm.unity.engine.api.authn.remote.RemoteIdentity;
import pl.edu.icm.unity.engine.api.authn.remote.RemotelyAuthenticatedInput;
import pl.edu.icm.unity.ldap.client.LdapAuthenticationException;
import pl.edu.icm.unity.ldap.client.LdapClient;
import pl.edu.icm.unity.ldap.client.LdapUtils;
import pl.edu.icm.unity.ldap.client.config.LdapClientConfiguration;
import pl.edu.icm.unity.ldap.client.config.LdapProperties;

/* loaded from: input_file:pl/edu/icm/unity/ldap/LdapTest.class */
public class LdapTest {
    private static InMemoryDirectoryServer ds;
    private static String port;
    private static String hostname;
    private static String sslPort;
    private static String sslHostname;
    private static PKIManagement pkiManagement;

    @BeforeClass
    public static void startEmbeddedServer() throws Exception {
        EmbeddedDirectoryServer embeddedDirectoryServer = new EmbeddedDirectoryServer(new KeystoreCredential("src/test/resources/pki/demo-localhost.p12", "the!unity".toCharArray(), "the!unity".toCharArray(), "unity-demo", "PKCS12"), "src/test/resources", ServerHostnameCheckingMode.WARN);
        ds = embeddedDirectoryServer.startEmbeddedServer();
        hostname = embeddedDirectoryServer.getPlainConnection().getConnectedAddress();
        port = embeddedDirectoryServer.getPlainConnection().getConnectedPort();
        sslHostname = embeddedDirectoryServer.getSSLConnection().getConnectedAddress();
        sslPort = embeddedDirectoryServer.getSSLConnection().getConnectedPort();
        pkiManagement = embeddedDirectoryServer.getPKIManagement4Client();
    }

    @AfterClass
    public static void shutdown() {
        ds.shutDown(true);
    }

    @Test
    public void shouldNotBindOnlyAsUserWithWrongPassword() {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.authenticateOnly", "true");
        properties.setProperty("ldap.translationProfile", "dummy");
        try {
            new LdapClient("test").bindAndSearch("user1", "wrong", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
            Assert.fail("authenticated with a wrong password");
        } catch (Exception e) {
            e.printStackTrace();
            Assert.fail("authn only failed");
        } catch (LdapAuthenticationException e2) {
        }
    }

    @Test
    public void shouldNotBindOnlyAsUserWithWrongUsername() {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.authenticateOnly", "true");
        properties.setProperty("ldap.translationProfile", "dummy");
        try {
            new LdapClient("test").bindAndSearch("wrong", "wrong", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
            Assert.fail("authenticated with a wrong username");
        } catch (Exception e) {
            e.printStackTrace();
            Assert.fail("authn only failed");
        } catch (LdapAuthenticationException e2) {
        }
    }

    @Test
    public void shouldBindOnlyAsUserWithCorrectCredentials() {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.authenticateOnly", "true");
        properties.setProperty("ldap.translationProfile", "dummy");
        try {
            RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
            Assert.assertEquals("test", bindAndSearch.getIdpName());
            Assert.assertEquals(0L, bindAndSearch.getAttributes().size());
            Assert.assertEquals(0L, bindAndSearch.getGroups().size());
            Assert.assertEquals(1L, bindAndSearch.getIdentities().size());
            Assert.assertEquals("cn=user1,ou=users,dc=unity-example,dc=com", ((RemoteIdentity) bindAndSearch.getIdentities().values().iterator().next()).getName());
        } catch (Exception e) {
            e.printStackTrace();
            Assert.fail("authn only failed");
        }
    }

    @Test
    public void shouldConnectToSSLServerWithTruststore() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", sslHostname);
        properties.setProperty("ldap.ports.1", sslPort);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.authenticateOnly", "true");
        properties.setProperty("ldap.connectionMode", "ssl");
        properties.setProperty("ldap.trustAllServerCertificates", "false");
        properties.setProperty("ldap.truststore", "REGULAR");
        properties.setProperty("ldap.translationProfile", "dummy");
        new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
    }

    @Test
    public void shouldConnectToSSLServerWithTrustAllSetting() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", sslHostname);
        properties.setProperty("ldap.ports.1", sslPort);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.authenticateOnly", "true");
        properties.setProperty("ldap.connectionMode", "ssl");
        properties.setProperty("ldap.trustAllServerCertificates", "true");
        properties.setProperty("ldap.translationProfile", "dummy");
        try {
            RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
            Assert.assertEquals("test", bindAndSearch.getIdpName());
            Assert.assertEquals(0L, bindAndSearch.getAttributes().size());
            Assert.assertEquals(0L, bindAndSearch.getGroups().size());
            Assert.assertEquals(1L, bindAndSearch.getIdentities().size());
            Assert.assertEquals("cn=user1,ou=users,dc=unity-example,dc=com", ((RemoteIdentity) bindAndSearch.getIdentities().values().iterator().next()).getName());
        } catch (Exception e) {
            e.printStackTrace();
            Assert.fail("authn only failed");
        }
    }

    @Test
    @Ignore
    public void testStartTls() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.authenticateOnly", "true");
        properties.setProperty("ldap.connectionMode", "startTLS");
        properties.setProperty("ldap.trustAllServerCertificates", "false");
        properties.setProperty("ldap.truststore", "REGULAR");
        properties.setProperty("ldap.translationProfile", "dummy");
        new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        properties.setProperty("ldap.truststore", "EMPTY");
        try {
            new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
            Assert.fail("Managed to establish a TLS connection to a server with not trusted cert");
        } catch (LDAPException e) {
        }
    }

    @Test
    public void shouldNotbindAsUserNotMatchingValidUserFilter() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.validUsersFilter", "(!(cn=user2))");
        properties.setProperty("ldap.translationProfile", "dummy");
        try {
            new LdapClient("test").bindAndSearch("user2", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
            Assert.fail("authenticated with a username which should be filtered out");
        } catch (LdapAuthenticationException e) {
        }
    }

    @Test
    public void shouldReturnDirectAttributesWithoutFilter() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.translationProfile", "dummy");
        RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(0L, bindAndSearch.getGroups().size());
        Assert.assertEquals(4L, bindAndSearch.getAttributes().size());
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "sn", "User1 surname"));
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "cn", "user1"));
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "userPassword", "user1"));
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "objectClass", "inetOrgPerson", "organizationalPerson", "person", "top"));
    }

    @Test
    public void shouldReturnDirectAttributesWithOptions() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.translationProfile", "dummy");
        properties.setProperty("ldap.attributes.1", "l");
        RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user2", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(0L, bindAndSearch.getGroups().size());
        Assert.assertEquals(2L, bindAndSearch.getAttributes().size());
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "l", "locality"));
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "l;x-foo-option", "foo locality"));
    }

    @Test
    public void shouldFilterAttributes() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.validUsersFilter", "(!(cn=user2))");
        properties.setProperty("ldap.translationProfile", "dummy");
        properties.setProperty("ldap.attributes.1", "sn");
        properties.setProperty("ldap.attributes.2", "cn");
        RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(2L, bindAndSearch.getAttributes().size());
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "sn", "User1 surname"));
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "cn", "user1"));
    }

    @Test
    public void shouldReturnAttributeFromAdvancedSearch() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.validUsersFilter", "(!(cn=user2))");
        properties.setProperty("ldap.translationProfile", "dummy");
        properties.setProperty("ldap.additionalSearch.1.baseName", "ou=groups,dc=unity-example,dc=com");
        properties.setProperty("ldap.additionalSearch.1.filter", "(memberUid={USERNAME})");
        properties.setProperty("ldap.additionalSearch.1.selectedAttributes", "dummy  gidNumber");
        Assert.assertTrue(containsAttribute(new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement)).getAttributes(), "gidNumber", "1"));
    }

    @Test
    public void shouldReturnAttributeWithOptionsFromAdvancedSearch() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.validUsersFilter", "(!(cn=user2))");
        properties.setProperty("ldap.translationProfile", "dummy");
        properties.setProperty("ldap.additionalSearch.1.baseName", "ou=groups,dc=unity-example,dc=com");
        properties.setProperty("ldap.additionalSearch.1.filter", "(memberUid={USERNAME})");
        properties.setProperty("ldap.additionalSearch.1.selectedAttributes", "dummy  gidNumber;x-foo-option");
        Assert.assertTrue(containsAttribute(new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement)).getAttributes(), "gidNumber;x-foo-option", "99"));
    }

    @Test
    public void shouldExtractMemberOfGroups() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.memberOfAttribute", "secretary");
        properties.setProperty("ldap.translationProfile", "dummy");
        RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user2", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(2L, bindAndSearch.getGroups().size());
        Assert.assertTrue(containsGroup(bindAndSearch.getGroups(), "cn=nice,dc=org"));
        Assert.assertTrue(containsGroup(bindAndSearch.getGroups(), "cn=nicer,dc=org"));
    }

    @Test
    public void shouldExtractMemberOfGroupsConvertingToSimpleName() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.memberOfAttribute", "secretary");
        properties.setProperty("ldap.translationProfile", "dummy");
        properties.setProperty("ldap.memberOfGroupAttribute", "cn");
        RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user2", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(2L, bindAndSearch.getGroups().size());
        Assert.assertTrue(containsGroup(bindAndSearch.getGroups(), "nice"));
        Assert.assertTrue(containsGroup(bindAndSearch.getGroups(), "nicer"));
    }

    @Test
    public void testGroupsScanning() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.groupsBaseName", "dc=unity-example,dc=com");
        properties.setProperty("ldap.groups.1.objectClass", "posixGroup");
        properties.setProperty("ldap.groups.1.memberAttribute", "memberUid");
        properties.setProperty("ldap.groups.1.nameAttribute", "cn");
        properties.setProperty("ldap.groups.1.matchByMemberAttribute", "cn");
        properties.setProperty("ldap.groups.2.objectClass", "groupOfNames");
        properties.setProperty("ldap.groups.2.memberAttribute", "member");
        properties.setProperty("ldap.groups.2.nameAttribute", "cn");
        properties.setProperty("ldap.groups.3.objectClass", "groupOfUniqueNames");
        properties.setProperty("ldap.groups.3.memberAttribute", "uniqueMember");
        properties.setProperty("ldap.groups.3.nameAttribute", "cn");
        properties.setProperty("ldap.translationProfile", "dummy");
        RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user1", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(3L, bindAndSearch.getGroups().size());
        Assert.assertTrue(containsGroup(bindAndSearch.getGroups(), "gr1"));
        Assert.assertTrue(containsGroup(bindAndSearch.getGroups(), "g1"));
        Assert.assertTrue(containsGroup(bindAndSearch.getGroups(), "g2"));
    }

    @Test
    public void shouldReturnAttributesFromExtraSearch() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.attributes.1", "sn");
        properties.setProperty("ldap.additionalSearch.1.baseName", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.additionalSearch.1.filter", "(sn={USERNAME})");
        properties.setProperty("ldap.additionalSearch.1.selectedAttributes", "secretary");
        properties.setProperty("ldap.translationProfile", "dummy");
        RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user2", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(2L, bindAndSearch.getAttributes().size());
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "secretary", "cn=extra2,dc=org"));
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "sn", "User2 Surname"));
    }

    @Test
    public void shouldReturnAttributesWithBindsAsUserAndDNSearchWithSystemCredentials() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNSearchKey", "1");
        properties.setProperty("ldap.attributes.1", "sn");
        properties.setProperty("ldap.systemDN", "cn=user1,ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.systemPassword", "user1");
        properties.setProperty("ldap.additionalSearch.1.baseName", "ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.additionalSearch.1.filter", "(sn={USERNAME})");
        properties.setProperty("ldap.translationProfile", "dummy");
        RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("User2 Surname", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(1L, bindAndSearch.getAttributes().size());
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "sn", "User2 Surname"));
    }

    @Test
    public void shouldSearchForAttributesWhenUsingBindsAsSystem() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.attributes.1", "sn");
        properties.setProperty("ldap.bindAs", "system");
        properties.setProperty("ldap.systemDN", "cn=user1,ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.systemPassword", "user1");
        properties.setProperty("ldap.translationProfile", "dummy");
        RemotelyAuthenticatedInput bindAndSearch = new LdapClient("test").bindAndSearch("user2", "user1", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(1L, bindAndSearch.getAttributes().size());
        Assert.assertTrue(containsAttribute(bindAndSearch.getAttributes(), "sn", "User2 Surname"));
    }

    @Test
    public void shouldReturnAttributesWithUserTemplateAndAnonymousConnect() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.attributes.1", "sn");
        properties.setProperty("ldap.bindAs", LdapProperties.BindAs.none.toString());
        properties.setProperty("ldap.translationProfile", "dummy");
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.translationProfile", "dummy");
        RemotelyAuthenticatedInput search = new LdapClient("test").search("user2", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(1L, search.getAttributes().size());
        Assert.assertTrue(containsAttribute(search.getAttributes(), "sn", "User2 Surname"));
    }

    @Test
    public void shouldReturnAttributesWithUserSearchAndAnonymousConnect() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.attributes.1", "ou");
        properties.setProperty("ldap.bindAs", LdapProperties.BindAs.none.toString());
        properties.setProperty("ldap.translationProfile", "dummy");
        properties.setProperty("ldap.userDNSearchKey", "1");
        properties.setProperty("ldap.additionalSearch.1.baseName", "ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.additionalSearch.1.filter", "(sn={USERNAME})");
        properties.setProperty("ldap.translationProfile", "dummy");
        RemotelyAuthenticatedInput search = new LdapClient("test").search("user2", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement));
        Assert.assertEquals(1L, search.getAttributes().size());
        Assert.assertTrue(containsAttribute(search.getAttributes(), "ou", "grant2"));
    }

    @Test
    public void shouldSearchSingleAttributeWhenUsingBindsAsSystem() throws Exception {
        Properties properties = new Properties();
        properties.setProperty("ldap.servers.1", hostname);
        properties.setProperty("ldap.ports.1", port);
        properties.setProperty("ldap.userDNTemplate", "cn={USERNAME},ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.attributes.1", "sn");
        properties.setProperty("ldap.bindAs", "system");
        properties.setProperty("ldap.systemDN", "cn=user1,ou=users,dc=unity-example,dc=com");
        properties.setProperty("ldap.systemPassword", "user1");
        Assert.assertEquals("User1 surname", new LdapClient("test").searchAttribute("user1", "sn", new LdapClientConfiguration(new LdapProperties(properties), pkiManagement)).get());
    }

    private boolean containsGroup(Map<String, RemoteGroupMembership> map, String str) {
        return map.containsKey(str);
    }

    private boolean containsAttribute(Map<String, RemoteAttribute> map, String str, String... strArr) {
        RemoteAttribute remoteAttribute = map.get(str);
        if (remoteAttribute == null) {
            return false;
        }
        for (int i = 0; i < strArr.length; i++) {
            if (!remoteAttribute.getValues().get(i).equals(strArr[i])) {
                return false;
            }
        }
        return true;
    }

    @Test
    public void extractorReturnsId() {
        Assert.assertThat(LdapUtils.extractUsername("CN=myId,CN=b,O=foo", Pattern.compile("CN=([^,]+),CN=.*")), CoreMatchers.is("myId"));
    }
}
