package org.keycloak.testsuite.arquillian.containers;

import java.io.File;
import java.io.IOException;
import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.commons.io.FileUtils;
import org.jboss.arquillian.container.spi.client.container.DeployableContainer;
import org.jboss.arquillian.container.spi.client.container.DeploymentException;
import org.jboss.arquillian.container.spi.client.container.LifecycleException;
import org.jboss.arquillian.container.spi.client.protocol.ProtocolDescription;
import org.jboss.arquillian.container.spi.client.protocol.metadata.ProtocolMetaData;
import org.jboss.arquillian.core.api.Instance;
import org.jboss.arquillian.core.api.annotation.Inject;
import org.jboss.logging.Logger;
import org.jboss.shrinkwrap.api.Archive;
import org.jboss.shrinkwrap.descriptor.api.Descriptor;
import org.keycloak.testsuite.arquillian.SuiteContext;
import org.keycloak.testsuite.auth.page.AuthRealm;

/* loaded from: input_file:org/keycloak/testsuite/arquillian/containers/KeycloakQuarkusServerDeployableContainer.class */
public class KeycloakQuarkusServerDeployableContainer implements DeployableContainer<KeycloakQuarkusConfiguration> {
    private KeycloakQuarkusConfiguration configuration;
    private Process container;

    @Inject
    private Instance<SuiteContext> suiteContext;
    private boolean forceReaugmentation;
    private List<String> additionalArgs = Collections.emptyList();
    protected static final Logger log = Logger.getLogger(KeycloakQuarkusServerDeployableContainer.class);
    private static AtomicBoolean restart = new AtomicBoolean();

    public Class<KeycloakQuarkusConfiguration> getConfigurationClass() {
        return KeycloakQuarkusConfiguration.class;
    }

    public void setup(KeycloakQuarkusConfiguration keycloakQuarkusConfiguration) {
        this.configuration = keycloakQuarkusConfiguration;
    }

    public void start() throws LifecycleException {
        try {
            this.container = startContainer();
            waitForReadiness();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public void stop() throws LifecycleException {
        this.container.destroy();
        try {
            this.container.waitFor(10L, TimeUnit.SECONDS);
        } catch (InterruptedException e) {
            this.container.destroyForcibly();
        }
    }

    public ProtocolDescription getDefaultProtocol() {
        return null;
    }

    public ProtocolMetaData deploy(Archive<?> archive) throws DeploymentException {
        return null;
    }

    public void undeploy(Archive<?> archive) throws DeploymentException {
    }

    public void deploy(Descriptor descriptor) throws DeploymentException {
    }

    public void undeploy(Descriptor descriptor) throws DeploymentException {
    }

    private Process startContainer() throws IOException {
        ProcessBuilder processBuilder = new ProcessBuilder(getProcessCommands());
        File file = this.configuration.getProvidersPath().resolve("bin").toFile();
        ProcessBuilder redirectErrorStream = processBuilder.directory(file).inheritIO().redirectErrorStream(true);
        String javaOpts = this.configuration.getJavaOpts();
        if (javaOpts != null) {
            redirectErrorStream.environment().put("JAVA_OPTS", javaOpts);
        }
        redirectErrorStream.environment().put("KEYCLOAK_ADMIN", AuthRealm.ADMIN);
        redirectErrorStream.environment().put("KEYCLOAK_ADMIN_PASSWORD", AuthRealm.ADMIN);
        if (restart.compareAndSet(false, true)) {
            FileUtils.deleteDirectory(this.configuration.getProvidersPath().resolve("data").toFile());
        }
        if (isReaugmentBeforeStart()) {
            ArrayList arrayList = new ArrayList(Arrays.asList("./kc.sh", "config", "-Dquarkus.http.root-path=/auth"));
            addAdditionalCommands(arrayList);
            ProcessBuilder processBuilder2 = new ProcessBuilder(arrayList);
            processBuilder2.directory(file).inheritIO();
            try {
                log.infof("Re-building the server with the new configuration", new Object[0]);
                processBuilder2.start().waitFor(10L, TimeUnit.SECONDS);
            } catch (InterruptedException e) {
                throw new RuntimeException("Timeout while waiting for re-augmentation", e);
            }
        }
        return redirectErrorStream.start();
    }

    private boolean isReaugmentBeforeStart() {
        return this.configuration.isReaugmentBeforeStart() || this.forceReaugmentation;
    }

    private String[] getProcessCommands() {
        ArrayList arrayList = new ArrayList();
        arrayList.add("./kc.sh");
        if (this.configuration.getDebugPort() > 0) {
            arrayList.add("--debug");
            arrayList.add(Integer.toString(this.configuration.getDebugPort()));
        } else if (Boolean.valueOf(System.getProperty("auth.server.debug", "false")).booleanValue()) {
            arrayList.add("--debug");
            arrayList.add(System.getProperty("auth.server.debug.port", "5005"));
        }
        arrayList.add("--http-port=" + this.configuration.getBindHttpPort());
        arrayList.add("--https-port=" + this.configuration.getBindHttpsPort());
        if (this.configuration.getRoute() != null) {
            arrayList.add("-Djboss.node.name=" + this.configuration.getRoute());
        }
        arrayList.add("--cluster=" + System.getProperty("auth.server.quarkus.cluster.config", "local"));
        addAdditionalCommands(arrayList);
        return (String[]) arrayList.toArray(new String[arrayList.size()]);
    }

    private void addAdditionalCommands(List<String> list) {
        list.addAll(this.additionalArgs);
    }

    private void waitForReadiness() throws MalformedURLException, LifecycleException {
        HttpURLConnection httpURLConnection;
        URL url = new URL(getBaseUrl((SuiteContext) this.suiteContext.get()) + "/auth/realms/master/");
        long currentTimeMillis = System.currentTimeMillis();
        while (System.currentTimeMillis() - currentTimeMillis <= getStartTimeout()) {
            try {
                Thread.sleep(1000L);
                if ("https".equals(url.getProtocol())) {
                    HttpURLConnection httpURLConnection2 = (HttpURLConnection) url.openConnection();
                    httpURLConnection = httpURLConnection2;
                    HttpsURLConnection httpsURLConnection = (HttpsURLConnection) httpURLConnection2;
                    httpsURLConnection.setSSLSocketFactory(createInsecureSslSocketFactory());
                    httpsURLConnection.setHostnameVerifier(createInsecureHostnameVerifier());
                } else {
                    httpURLConnection = (HttpURLConnection) url.openConnection();
                }
                httpURLConnection.setReadTimeout((int) getStartTimeout());
                httpURLConnection.setConnectTimeout((int) getStartTimeout());
                httpURLConnection.connect();
            } catch (Exception e) {
            }
            if (httpURLConnection.getResponseCode() == 200) {
                log.infof("Keycloak is ready at %s", url);
                return;
            }
            httpURLConnection.disconnect();
        }
        stop();
        throw new IllegalStateException("Timeout [" + getStartTimeout() + "] while waiting for Quarkus server");
    }

    private URL getBaseUrl(SuiteContext suiteContext) throws MalformedURLException {
        URL contextRoot = suiteContext.getAuthServerInfo().getContextRoot();
        return "https".equals(contextRoot.getProtocol()) ? new URL(contextRoot.toString().replace(String.valueOf(contextRoot.getPort()), String.valueOf(this.configuration.getBindHttpsPort()))) : new URL(contextRoot.toString().replace(String.valueOf(contextRoot.getPort()), String.valueOf(this.configuration.getBindHttpPort())));
    }

    private HostnameVerifier createInsecureHostnameVerifier() {
        return new HostnameVerifier() { // from class: org.keycloak.testsuite.arquillian.containers.KeycloakQuarkusServerDeployableContainer.1
            @Override // javax.net.ssl.HostnameVerifier
            public boolean verify(String str, SSLSession sSLSession) {
                return true;
            }
        };
    }

    private SSLSocketFactory createInsecureSslSocketFactory() throws IOException {
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: org.keycloak.testsuite.arquillian.containers.KeycloakQuarkusServerDeployableContainer.2
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        }};
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, trustManagerArr, new SecureRandom());
            return sSLContext.getSocketFactory();
        } catch (KeyManagementException | NoSuchAlgorithmException e) {
            throw new IOException("Can't create unsecure trust manager");
        }
    }

    private long getStartTimeout() {
        return TimeUnit.SECONDS.toMillis(this.configuration.getStartupTimeoutInSeconds());
    }

    public void forceReAugmentation(String... strArr) {
        this.forceReaugmentation = true;
        this.additionalArgs = Arrays.asList(strArr);
    }

    public void resetConfiguration() {
        this.additionalArgs = Collections.emptyList();
        forceReAugmentation(new String[0]);
    }
}
