package org.neo4j.commandline.admin.security;

import java.io.IOException;
import java.io.PrintStream;
import java.nio.ByteBuffer;
import java.nio.file.Path;
import org.apache.commons.lang3.SystemUtils;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.Mockito;
import org.neo4j.cli.ExecutionContext;
import org.neo4j.configuration.Config;
import org.neo4j.configuration.GraphDatabaseInternalSettings;
import org.neo4j.configuration.GraphDatabaseSettings;
import org.neo4j.io.fs.FileSystemAbstraction;
import org.neo4j.kernel.impl.security.User;
import org.neo4j.logging.NullLogProvider;
import org.neo4j.memory.EmptyMemoryTracker;
import org.neo4j.server.security.auth.FileUserRepository;
import org.neo4j.string.UTF8;
import org.neo4j.test.extension.DefaultFileSystemExtension;
import org.neo4j.test.extension.Inject;
import org.neo4j.test.extension.testdirectory.TestDirectoryExtension;
import org.neo4j.test.utils.TestDirectory;
import picocli.CommandLine;

@ExtendWith({DefaultFileSystemExtension.class})
@TestDirectoryExtension
/* loaded from: input_file:org/neo4j/commandline/admin/security/SetInitialPasswordCommandIT.class */
class SetInitialPasswordCommandIT {

    @Inject
    private FileSystemAbstraction fileSystem;

    @Inject
    private TestDirectory testDirectory;
    private Path confDir;
    private Path homeDir;
    private PrintStream out;
    private PrintStream err;
    private Path authStoreDirectory;
    private Config config;
    private Path configPath;
    private static final String password = "password";
    private static final String successMessage = "Changed password for user 'neo4j'. IMPORTANT: this change will only take effect if performed before the database is started for the first time.";

    SetInitialPasswordCommandIT() {
    }

    @BeforeEach
    void setup() {
        Path resolve = this.testDirectory.homePath().resolve("neo4j");
        this.confDir = resolve.resolve("conf");
        this.homeDir = resolve.resolve("home");
        this.out = (PrintStream) Mockito.mock(PrintStream.class);
        this.err = (PrintStream) Mockito.mock(PrintStream.class);
        this.authStoreDirectory = this.homeDir.resolve("data").resolve("dbms");
        this.config = Config.newBuilder().set(GraphDatabaseInternalSettings.auth_store_directory, this.authStoreDirectory).build();
        this.configPath = this.confDir.resolve("neo4j.conf");
        try {
            createFile(this.configPath, this.config.toString(false));
            createFile(getAuthFile("auth.ini"), "");
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    @AfterEach
    void tearDown() throws Exception {
        this.fileSystem.close();
    }

    @Test
    void shouldSetPassword() throws Throwable {
        executeCommand(password);
        assertAuthIniFile(password, false);
        ((PrintStream) Mockito.verify(this.out)).println(successMessage);
    }

    @Test
    void shouldSetPasswordWithRequirePasswordChange() throws Throwable {
        executeCommand(password, "--require-password-change");
        assertAuthIniFile(password, true);
        ((PrintStream) Mockito.verify(this.out)).println(successMessage);
    }

    @Test
    void shouldSetPasswordWithRequirePasswordChangeOtherOrder() throws Throwable {
        executeCommand("--require-password-change", password);
        assertAuthIniFile(password, true);
        ((PrintStream) Mockito.verify(this.out)).println(successMessage);
    }

    @Test
    void shouldOverwriteIfSetPasswordAgain() throws Throwable {
        executeCommand(password);
        assertAuthIniFile(password, false);
        executeCommand("muchBetter");
        assertAuthIniFile("muchBetter", false);
        ((PrintStream) Mockito.verify(this.out, Mockito.times(2))).println(successMessage);
    }

    @Test
    void shouldWorkWithSamePassword() throws Throwable {
        executeCommand(password);
        assertAuthIniFile(password, false);
        executeCommand(password);
        assertAuthIniFile(password, false);
        ((PrintStream) Mockito.verify(this.out, Mockito.times(2))).println(successMessage);
    }

    @Test
    void shouldNotErrorIfOnlyTheUnmodifiedDefaultNeo4jUserAlreadyExists() throws Throwable {
        this.config.set(GraphDatabaseSettings.auth_minimum_password_length, 1);
        createFile(this.configPath, this.config.toString(false));
        executeCommand("neo4j");
        this.fileSystem.copyFile(getAuthFile("auth.ini"), getAuthFile("auth"));
        executeCommand("should-not-be-ignored");
        assertAuthIniFile("should-not-be-ignored", false);
        ((PrintStream) Mockito.verify(this.out, Mockito.times(2))).println(successMessage);
    }

    private void assertAuthIniFile(String str, boolean z) throws Throwable {
        Path authFile = getAuthFile("auth.ini");
        Assertions.assertTrue(this.fileSystem.fileExists(authFile));
        FileUserRepository fileUserRepository = new FileUserRepository(this.fileSystem, authFile, NullLogProvider.getInstance(), EmptyMemoryTracker.INSTANCE);
        fileUserRepository.start();
        User userByName = fileUserRepository.getUserByName("neo4j");
        Assertions.assertNotNull(userByName);
        Assertions.assertTrue(userByName.credentials().matchesPassword(UTF8.encode(str)));
        org.assertj.core.api.Assertions.assertThat(userByName.hasFlag("password_change_required")).isEqualTo(z);
    }

    private Path getAuthFile(String str) {
        return this.authStoreDirectory.resolve(str);
    }

    private void executeCommand(String... strArr) throws IOException {
        SetInitialPasswordCommand setInitialPasswordCommand = new SetInitialPasswordCommand(new ExecutionContext(this.homeDir, this.confDir, this.out, this.err, this.fileSystem));
        CommandLine.populateCommand(setInitialPasswordCommand, strArr);
        setInitialPasswordCommand.execute();
    }

    private void createFile(Path path, String str) throws IOException {
        String replace = SystemUtils.IS_OS_WINDOWS ? str.replace("\\", "/") : str;
        Path createTempFile = this.fileSystem.createTempFile(this.testDirectory.homePath(), "", "");
        this.fileSystem.write(createTempFile).write(ByteBuffer.wrap(replace.getBytes()));
        this.fileSystem.copyFile(createTempFile, path);
        this.fileSystem.delete(createTempFile);
    }
}
