package org.infinispan.server.security;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.stream.Stream;
import org.infinispan.client.hotrod.RemoteCache;
import org.infinispan.client.hotrod.configuration.ConfigurationBuilder;
import org.infinispan.client.hotrod.exceptions.HotRodClientException;
import org.infinispan.client.rest.RestClient;
import org.infinispan.client.rest.RestResponse;
import org.infinispan.client.rest.configuration.Protocol;
import org.infinispan.client.rest.configuration.RestClientConfigurationBuilder;
import org.infinispan.configuration.cache.CacheMode;
import org.infinispan.server.test.core.Common;
import org.infinispan.server.test.core.tags.Security;
import org.infinispan.server.test.junit5.InfinispanServerExtension;
import org.infinispan.server.test.junit5.InfinispanServerExtensionBuilder;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.extension.ExtensionContext;
import org.junit.jupiter.api.extension.ParameterContext;
import org.junit.jupiter.api.extension.RegisterExtension;
import org.junit.jupiter.params.ParameterizedTest;
import org.junit.jupiter.params.aggregator.AggregateWith;
import org.junit.jupiter.params.aggregator.ArgumentsAccessor;
import org.junit.jupiter.params.aggregator.ArgumentsAggregationException;
import org.junit.jupiter.params.aggregator.ArgumentsAggregator;
import org.junit.jupiter.params.provider.Arguments;
import org.junit.jupiter.params.provider.ArgumentsProvider;
import org.junit.jupiter.params.provider.ArgumentsSource;

@Security
/* loaded from: input_file:org/infinispan/server/security/AuthenticationMultiEndpointIT.class */
public class AuthenticationMultiEndpointIT {

    @RegisterExtension
    public static InfinispanServerExtension SERVERS = InfinispanServerExtensionBuilder.config("configuration/AuthenticationServerMultipleEndpoints.xml").addListener(new SecurityRealmServerListener("alternate")).numServers(1).build();

    /* loaded from: input_file:org/infinispan/server/security/AuthenticationMultiEndpointIT$ArgsProvider.class */
    static class ArgsProvider implements ArgumentsProvider {
        ArgsProvider() {
        }

        public Stream<? extends Arguments> provideArguments(ExtensionContext extensionContext) {
            boolean z;
            boolean z2;
            boolean z3;
            boolean z4;
            boolean z5;
            String str;
            ArrayList arrayList = new ArrayList();
            for (String str2 : Arrays.asList("default", "alternate")) {
                String str3 = "alternate".equals(str2) ? "alternate_" : "";
                for (int i = 11222; i < 11227; i++) {
                    switch (i) {
                        case 11222:
                            z = false;
                            z2 = true;
                            z3 = true;
                            z4 = false;
                            z5 = false;
                            str = "/rest";
                            break;
                        case 11223:
                            z = true;
                            z2 = false;
                            z3 = false;
                            z4 = false;
                            z5 = false;
                            str = "/rest";
                            break;
                        case 11224:
                            z = false;
                            z2 = false;
                            z3 = true;
                            z4 = true;
                            z5 = true;
                            str = "/rest";
                            break;
                        case 11225:
                            z = false;
                            z2 = true;
                            z3 = false;
                            z4 = true;
                            z5 = false;
                            str = "/relax";
                            break;
                        case 11226:
                            z = false;
                            z2 = true;
                            z3 = false;
                            z4 = false;
                            z5 = false;
                            str = "/rest";
                            break;
                        default:
                            throw new IllegalArgumentException();
                    }
                    String str4 = str;
                    int i2 = i;
                    boolean z6 = z;
                    boolean z7 = z2;
                    boolean z8 = z3;
                    boolean z9 = z4;
                    Common.SASL_MECHS.forEach(str5 -> {
                        arrayList.add(Arguments.of(new Object[]{"Hot Rod", str5, str2, str3, Integer.valueOf(i2), Boolean.valueOf(z6), Boolean.valueOf(z7), Boolean.valueOf(z8), Boolean.valueOf(z9), null}));
                    });
                    boolean z10 = z;
                    boolean z11 = z2;
                    boolean z12 = z3;
                    boolean z13 = z5;
                    Common.HTTP_MECHS.forEach(str6 -> {
                        arrayList.add(Arguments.of(new Object[]{Protocol.HTTP_11.name(), str6, str2, str3, Integer.valueOf(i2), Boolean.valueOf(z10), Boolean.valueOf(z11), Boolean.valueOf(z12), Boolean.valueOf(z13), str4}));
                    });
                }
            }
            return arrayList.stream();
        }
    }

    /* loaded from: input_file:org/infinispan/server/security/AuthenticationMultiEndpointIT$Endpoint.class */
    static class Endpoint {
        private final String protocol;
        private final String mechanism;
        private final String realm;
        private final String userPrefix;
        private final int port;
        private final boolean isAnonymous;
        private final boolean isAdmin;
        private final boolean isPlain;
        private final boolean isAlternateRealm;
        private final boolean useAuth;
        private final boolean isMechanismClearText;
        private final String contextPath;

        public Endpoint(String str, String str2, String str3, String str4, int i, boolean z, boolean z2, boolean z3, boolean z4, String str5) {
            this.protocol = str;
            this.mechanism = str2;
            this.realm = str3;
            this.userPrefix = str4;
            this.port = i;
            this.isAnonymous = z;
            this.isAdmin = z2;
            this.isPlain = z3;
            this.isAlternateRealm = z4;
            this.useAuth = !str2.isEmpty();
            this.isMechanismClearText = "PLAIN".equals(str2) || "BASIC".equals(str2);
            this.contextPath = str5;
        }

        public void test() {
            if (this.protocol.equals("Hot Rod")) {
                testHotRod();
            } else {
                testRest();
            }
        }

        private void testHotRod() {
            ConfigurationBuilder configurationBuilder = new ConfigurationBuilder();
            if (this.useAuth) {
                configurationBuilder.security().authentication().saslMechanism(this.mechanism).realm(this.realm).username(this.userPrefix + "all_user").password("all");
            }
            try {
                RemoteCache create = AuthenticationMultiEndpointIT.SERVERS.hotrod().withClientConfiguration(configurationBuilder).withPort(this.port).withCacheMode(CacheMode.DIST_SYNC).create();
                validateSuccess();
                create.put("k1", "v1");
                Assertions.assertEquals(1, create.size());
                Assertions.assertEquals("v1", create.get("k1"));
            } catch (HotRodClientException e) {
                validateException(e);
            }
        }

        private void testRest() {
            Protocol valueOf = Protocol.valueOf(this.protocol);
            RestClientConfigurationBuilder protocol = new RestClientConfigurationBuilder().followRedirects(false).contextPath(this.contextPath).protocol(valueOf);
            if (this.useAuth) {
                protocol.security().authentication().mechanism(this.mechanism).realm(this.realm).username(this.userPrefix + "all_user").password("all");
            }
            try {
                RestClient create = AuthenticationMultiEndpointIT.SERVERS.rest().withClientConfiguration(protocol).withPort(this.port).create();
                validateSuccess();
                RestResponse restResponse = (RestResponse) Common.sync(create.cache(AuthenticationMultiEndpointIT.SERVERS.getMethodName()).post("k1", "v1"));
                try {
                    Assertions.assertEquals(204, restResponse.status());
                    Assertions.assertEquals(valueOf, restResponse.protocol());
                    if (restResponse != null) {
                        restResponse.close();
                    }
                    restResponse = (RestResponse) Common.sync(create.cache(AuthenticationMultiEndpointIT.SERVERS.getMethodName()).get("k1"));
                    try {
                        Assertions.assertEquals(200, restResponse.status());
                        Assertions.assertEquals(valueOf, restResponse.protocol());
                        Assertions.assertEquals("v1", restResponse.body());
                        if (restResponse != null) {
                            restResponse.close();
                        }
                        Common.assertStatus(this.isAdmin ? 307 : 404, create.raw().get("/"));
                        Common.assertStatus(this.isAdmin ? 200 : 404, create.server().info());
                    } finally {
                        if (restResponse != null) {
                            try {
                                restResponse.close();
                            } catch (Throwable th) {
                                th.addSuppressed(th);
                            }
                        }
                    }
                } finally {
                }
            } catch (SecurityException e) {
                validateException(e);
            }
        }

        private void validateSuccess() {
            if (this.isAnonymous && this.useAuth) {
                throw new IllegalStateException("Authenticated client should not be allowed to connect to anonymous server");
            }
            if (!this.isAnonymous && !this.useAuth) {
                throw new IllegalStateException("Unauthenticated client should not be allowed to connect to authenticated server");
            }
        }

        private void validateException(Throwable th) {
            if (this.useAuth && this.isAnonymous) {
                return;
            }
            if (this.useAuth || this.isAnonymous) {
                if (this.isAlternateRealm && "default".equals(this.realm)) {
                    return;
                }
                if (this.isAlternateRealm || "default".equals(this.realm)) {
                    if (!this.isPlain || this.isMechanismClearText) {
                        if (this.isPlain || !this.isMechanismClearText) {
                            if (!(th instanceof RuntimeException)) {
                                throw new RuntimeException(th);
                            }
                        }
                    }
                }
            }
        }
    }

    /* loaded from: input_file:org/infinispan/server/security/AuthenticationMultiEndpointIT$EndpointAggregator.class */
    static class EndpointAggregator implements ArgumentsAggregator {
        EndpointAggregator() {
        }

        public Object aggregateArguments(ArgumentsAccessor argumentsAccessor, ParameterContext parameterContext) throws ArgumentsAggregationException {
            return new Endpoint(argumentsAccessor.getString(0), argumentsAccessor.getString(1), argumentsAccessor.getString(2), argumentsAccessor.getString(3), argumentsAccessor.getInteger(4).intValue(), argumentsAccessor.getBoolean(5).booleanValue(), argumentsAccessor.getBoolean(6).booleanValue(), argumentsAccessor.getBoolean(7).booleanValue(), argumentsAccessor.getBoolean(8).booleanValue(), argumentsAccessor.getString(9));
        }
    }

    @ArgumentsSource(ArgsProvider.class)
    @ParameterizedTest(name = "protocol={0}, mech={1}, realm={2}, userPrefix={3}, port={4}, anon={5}, admin={6}, plain={7}, contextPath={9}")
    public void testProtocol(@AggregateWith(EndpointAggregator.class) Endpoint endpoint) {
        endpoint.test();
    }
}
