package org.infinispan.server.security.authentication;

import java.net.InetSocketAddress;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Stream;
import org.infinispan.client.rest.RestClient;
import org.infinispan.client.rest.RestResponse;
import org.infinispan.client.rest.configuration.Protocol;
import org.infinispan.client.rest.configuration.RestClientConfigurationBuilder;
import org.infinispan.commons.test.Exceptions;
import org.infinispan.commons.util.Util;
import org.infinispan.server.test.core.Common;
import org.infinispan.server.test.core.tags.Security;
import org.infinispan.server.test.junit5.InfinispanServerExtension;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Assumptions;
import org.junit.jupiter.api.extension.ExtensionContext;
import org.junit.jupiter.api.extension.RegisterExtension;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.ArgumentsProvider;
import org.junit.jupiter.params.provider.ArgumentsSource;
import org.wildfly.security.mechanism._private.ElytronMessages;
import org.wildfly.security.mechanism.digest.DigestUtil;

@Security
/* loaded from: input_file:org/infinispan/server/security/authentication/RestAuthentication.class */
public class RestAuthentication {

    @RegisterExtension
    public static InfinispanServerExtension SERVERS = AuthenticationIT.SERVERS;

    /* loaded from: input_file:org/infinispan/server/security/authentication/RestAuthentication$ArgsProvider.class */
    static class ArgsProvider implements ArgumentsProvider {
        ArgsProvider() {
        }

        public Stream<? extends Arguments> provideArguments(ExtensionContext extensionContext) throws Exception {
            ArrayList arrayList = new ArrayList(Common.HTTP_MECHS.size() * Common.HTTP_PROTOCOLS.size());
            for (Protocol protocol : Common.HTTP_PROTOCOLS) {
                Iterator<String> it = Common.HTTP_MECHS.iterator();
                while (it.hasNext()) {
                    arrayList.add(Arguments.of(new Object[]{protocol, it.next()}));
                }
            }
            return arrayList.stream();
        }
    }

    @ArgumentsSource(ArgsProvider.class)
    @ParameterizedTest(name = "{1}({0})")
    public void testStaticResourcesAnonymously(Protocol protocol, String str) throws Exception {
        InetSocketAddress serverSocket = SERVERS.getServerDriver().getServerSocket(0, 11222);
        RestClientConfigurationBuilder followRedirects = new RestClientConfigurationBuilder().followRedirects(false);
        followRedirects.addServer().host(serverSocket.getHostString()).port(serverSocket.getPort());
        RestClient forConfiguration = RestClient.forConfiguration(followRedirects.build());
        try {
            Common.assertStatus(307, forConfiguration.raw().get("/"));
            if (forConfiguration != null) {
                forConfiguration.close();
            }
        } catch (Throwable th) {
            if (forConfiguration != null) {
                try {
                    forConfiguration.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @ArgumentsSource(ArgsProvider.class)
    @ParameterizedTest(name = "{1}({0})")
    public void testMalformedDigestHeader(Protocol protocol, String str) throws Exception {
        Assumptions.assumeTrue(str.startsWith("DIGEST"));
        InetSocketAddress serverSocket = SERVERS.getServerDriver().getServerSocket(0, 11222);
        RestClientConfigurationBuilder followRedirects = new RestClientConfigurationBuilder().followRedirects(false);
        followRedirects.addServer().host(serverSocket.getHostString()).port(serverSocket.getPort());
        RestClient forConfiguration = RestClient.forConfiguration(followRedirects.build());
        try {
            RestResponse restResponse = (RestResponse) Common.sync(forConfiguration.raw().get("/rest/v2/caches"));
            try {
                Assertions.assertEquals(401, restResponse.status());
                HashMap parseResponse = DigestUtil.parseResponse(((String) ((List) restResponse.headers().get("Www-Authenticate")).stream().filter(str2 -> {
                    return str2.startsWith("Digest");
                }).findFirst().get()).substring(7).getBytes(StandardCharsets.UTF_8), StandardCharsets.UTF_8, false, ElytronMessages.httpDigest);
                String str3 = new String((byte[]) parseResponse.get("realm"), StandardCharsets.UTF_8);
                String str4 = new String((byte[]) parseResponse.get("nonce"), StandardCharsets.UTF_8);
                String str5 = new String((byte[]) parseResponse.get("opaque"), StandardCharsets.UTF_8);
                String str6 = new String((byte[]) parseResponse.get("algorithm"), StandardCharsets.UTF_8);
                String name = StandardCharsets.ISO_8859_1.name();
                MessageDigest messageDigest = MessageDigest.getInstance(str6);
                Common.assertStatus(400, forConfiguration.raw().get("/rest/v2/caches", Collections.singletonMap("Authorization", String.format("Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\", qop=auth, nc=%s, cnonce=%s, algorithm=%s, opaque=\"%s\"", "h4ck0rz", str3, str4, "/backdoor", Util.toHexString(messageDigest.digest((Util.toHexString(messageDigest.digest(("h4ck0rz:" + str3 + ":letmein").getBytes(name))) + ":" + str4 + ":00000001:00000000:auth:" + Util.toHexString(messageDigest.digest("GET:/backdoor".getBytes(name)))).getBytes(StandardCharsets.US_ASCII))), "00000001", "00000000", str6, str5))));
                if (restResponse != null) {
                    restResponse.close();
                }
                if (forConfiguration != null) {
                    forConfiguration.close();
                }
            } finally {
            }
        } catch (Throwable th) {
            if (forConfiguration != null) {
                try {
                    forConfiguration.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @ArgumentsSource(ArgsProvider.class)
    @ParameterizedTest(name = "{1}({0})")
    public void testRestReadWrite(Protocol protocol, String str) {
        RestClientConfigurationBuilder restClientConfigurationBuilder = new RestClientConfigurationBuilder();
        if (!str.isEmpty()) {
            restClientConfigurationBuilder.protocol(protocol).security().authentication().mechanism(str).realm("default").username("all_user").password("all");
        }
        if (str.isEmpty()) {
            Exceptions.expectException(SecurityException.class, () -> {
                SERVERS.rest().withClientConfiguration(restClientConfigurationBuilder).create();
            });
            return;
        }
        RestClient create = SERVERS.rest().withClientConfiguration(restClientConfigurationBuilder).create();
        RestResponse restResponse = (RestResponse) Common.sync(create.cache(SERVERS.getMethodName()).post("k1", "v1"));
        try {
            Assertions.assertEquals(204, restResponse.status());
            Assertions.assertEquals(protocol, restResponse.protocol());
            if (restResponse != null) {
                restResponse.close();
            }
            restResponse = (RestResponse) Common.sync(create.cache(SERVERS.getMethodName()).get("k1"));
            try {
                Assertions.assertEquals(200, restResponse.status());
                Assertions.assertEquals(protocol, restResponse.protocol());
                Assertions.assertEquals("v1", restResponse.body());
                if (restResponse != null) {
                    restResponse.close();
                }
            } finally {
            }
        } finally {
        }
    }
}
