package org.keycloak.testsuite.arquillian;

import java.io.File;
import java.io.FileFilter;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.file.Path;
import java.security.Provider;
import java.security.Security;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.ws.rs.NotFoundException;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.commons.io.filefilter.WildcardFileFilter;
import org.apache.commons.lang.StringUtils;
import org.jboss.arquillian.container.spi.ContainerRegistry;
import org.jboss.arquillian.container.spi.client.container.DeploymentException;
import org.jboss.arquillian.container.spi.client.container.LifecycleException;
import org.jboss.arquillian.container.spi.event.StartContainer;
import org.jboss.arquillian.container.spi.event.StartSuiteContainers;
import org.jboss.arquillian.container.spi.event.StopContainer;
import org.jboss.arquillian.container.spi.event.container.AfterStart;
import org.jboss.arquillian.container.spi.event.container.BeforeStop;
import org.jboss.arquillian.container.test.api.ContainerController;
import org.jboss.arquillian.core.api.Event;
import org.jboss.arquillian.core.api.Instance;
import org.jboss.arquillian.core.api.InstanceProducer;
import org.jboss.arquillian.core.api.annotation.ApplicationScoped;
import org.jboss.arquillian.core.api.annotation.Inject;
import org.jboss.arquillian.core.api.annotation.Observes;
import org.jboss.arquillian.test.spi.annotation.ClassScoped;
import org.jboss.arquillian.test.spi.annotation.SuiteScoped;
import org.jboss.arquillian.test.spi.event.suite.After;
import org.jboss.arquillian.test.spi.event.suite.AfterClass;
import org.jboss.arquillian.test.spi.event.suite.AfterSuite;
import org.jboss.arquillian.test.spi.event.suite.Before;
import org.jboss.arquillian.test.spi.event.suite.BeforeClass;
import org.jboss.arquillian.test.spi.event.suite.BeforeSuite;
import org.jboss.logging.Logger;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.importer.ZipImporter;
import org.jboss.shrinkwrap.api.spec.JavaArchive;
import org.jboss.shrinkwrap.resolver.api.maven.Maven;
import org.junit.Assert;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.common.util.StringPropertyReplacer;
import org.keycloak.representations.idm.RealmRepresentation;
import org.keycloak.services.error.KeycloakErrorHandler;
import org.keycloak.testsuite.arquillian.annotation.EnableVault;
import org.keycloak.testsuite.arquillian.annotation.SetDefaultProvider;
import org.keycloak.testsuite.arquillian.annotation.UncaughtServerErrorExpected;
import org.keycloak.testsuite.auth.page.AuthRealm;
import org.keycloak.testsuite.broker.BrokerTestConstants;
import org.keycloak.testsuite.client.KeycloakTestingClient;
import org.keycloak.testsuite.util.LogChecker;
import org.keycloak.testsuite.util.MailServerConfiguration;
import org.keycloak.testsuite.util.OAuthClient;
import org.keycloak.testsuite.util.ServerURLs;
import org.keycloak.testsuite.util.SpiProvidersSwitchingUtils;
import org.keycloak.testsuite.util.SqlUtils;
import org.keycloak.testsuite.util.SystemInfoHelper;
import org.keycloak.testsuite.util.TextFileChecker;
import org.keycloak.testsuite.util.VaultUtils;
import org.w3c.dom.NodeList;
import org.wildfly.extras.creaper.core.ManagementClient;
import org.wildfly.extras.creaper.core.online.OnlineManagementClient;
import org.wildfly.extras.creaper.core.online.OnlineOptions;
import org.wildfly.extras.creaper.core.online.operations.Address;
import org.wildfly.extras.creaper.core.online.operations.Operations;
import org.wildfly.extras.creaper.core.online.operations.admin.Administration;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/keycloak/testsuite/arquillian/AuthServerTestEnricher.class */
public class AuthServerTestEnricher {

    @Inject
    private Instance<ContainerController> containerConroller;

    @Inject
    private Instance<ContainerRegistry> containerRegistry;

    @Inject
    private Event<StartContainer> startContainerEvent;

    @Inject
    private Event<StopContainer> stopContainerEvent;
    private JavaArchive testsuiteProvidersArchive;
    private String currentContainerName;
    public static final String AUTH_SERVER_LEGACY = "auth-server-legacy";
    public static final String AUTH_SERVER_HOME_PROPERTY = "auth.server.home";
    private static final String MIGRATION_MODE_PROPERTY = "migration.mode";
    private static final String MIGRATION_MODE_AUTO = "auto";
    private static final String MIGRATION_MODE_MANUAL = "manual";
    public static final Boolean START_MIGRATION_CONTAINER;

    @Inject
    @SuiteScoped
    private InstanceProducer<SuiteContext> suiteContextProducer;
    private SuiteContext suiteContext;

    @ApplicationScoped
    @Inject
    private InstanceProducer<TestContext> testContextProducer;

    @Inject
    @ClassScoped
    private InstanceProducer<OAuthClient> oAuthClientProducer;
    private static final Pattern RECOGNIZED_ERRORS;
    private static final Pattern IGNORED;
    private static final Pattern UNEXPECTED_UNCAUGHT_ERROR;
    protected static final Logger log = Logger.getLogger(AuthServerTestEnricher.class);
    public static final String AUTH_SERVER_CONTAINER_PROPERTY = "auth.server.container";
    public static final String AUTH_SERVER_CONTAINER_DEFAULT = "auth-server-undertow";
    public static final String AUTH_SERVER_CONTAINER = System.getProperty(AUTH_SERVER_CONTAINER_PROPERTY, AUTH_SERVER_CONTAINER_DEFAULT);
    public static final String AUTH_SERVER_BACKEND_DEFAULT = AUTH_SERVER_CONTAINER + "-backend";
    public static final String AUTH_SERVER_BACKEND_PROPERTY = "auth.server.backend";
    public static final String AUTH_SERVER_BACKEND = System.getProperty(AUTH_SERVER_BACKEND_PROPERTY, AUTH_SERVER_BACKEND_DEFAULT);
    public static final String AUTH_SERVER_BALANCER_PROPERTY = "auth.server.balancer";
    public static final String AUTH_SERVER_BALANCER_DEFAULT = "auth-server-balancer";
    public static final String AUTH_SERVER_BALANCER = System.getProperty(AUTH_SERVER_BALANCER_PROPERTY, AUTH_SERVER_BALANCER_DEFAULT);
    public static final String AUTH_SERVER_CLUSTER_PROPERTY = "auth.server.cluster";
    public static final boolean AUTH_SERVER_CLUSTER = Boolean.parseBoolean(System.getProperty(AUTH_SERVER_CLUSTER_PROPERTY, "false"));
    public static final String AUTH_SERVER_CROSS_DC_PROPERTY = "auth.server.crossdc";
    public static final boolean AUTH_SERVER_CROSS_DC = Boolean.parseBoolean(System.getProperty(AUTH_SERVER_CROSS_DC_PROPERTY, "false"));
    public static final String CACHE_SERVER_LIFECYCLE_SKIP_PROPERTY = "cache.server.lifecycle.skip";
    public static final boolean CACHE_SERVER_LIFECYCLE_SKIP = Boolean.parseBoolean(System.getProperty(CACHE_SERVER_LIFECYCLE_SKIP_PROPERTY, "false"));

    public static boolean isAuthServerRemote() {
        return AUTH_SERVER_CONTAINER.equals("auth-server-remote");
    }

    public static boolean isAuthServerQuarkus() {
        return AUTH_SERVER_CONTAINER.equals("auth-server-quarkus");
    }

    public static String getHttpAuthServerContextRoot() {
        return ServerURLs.removeDefaultPorts(String.format("%s://%s:%s", "http", System.getProperty("auth.server.host", MailServerConfiguration.HOST), Integer.valueOf(Integer.parseInt(System.getProperty("auth.server.http.port")))));
    }

    public static String getHttpsAuthServerContextRoot() {
        return ServerURLs.removeDefaultPorts(String.format("%s://%s:%s", "https", System.getProperty("auth.server.host", MailServerConfiguration.HOST), Integer.valueOf(Integer.parseInt(System.getProperty("auth.server.https.port")))));
    }

    public static String getAuthServerBrowserContextRoot() throws MalformedURLException {
        return getAuthServerBrowserContextRoot(new URL(ServerURLs.getAuthServerContextRoot()));
    }

    public static String getAuthServerBrowserContextRoot(URL url) {
        String property = System.getProperty("auth.server.browserHost");
        if (StringUtils.isEmpty(property)) {
            property = url.getHost();
        }
        Object[] objArr = new Object[3];
        objArr[0] = url.getProtocol();
        objArr[1] = property;
        objArr[2] = (url.getPort() == -1 || url.getPort() == url.getDefaultPort()) ? "" : ":" + url.getPort();
        return String.format("%s://%s%s", objArr);
    }

    public static OnlineManagementClient getManagementClient() {
        try {
            return ManagementClient.online(OnlineOptions.standalone().hostAndPort(System.getProperty("auth.server.management.host", MailServerConfiguration.HOST), Integer.parseInt(System.getProperty("auth.server.management.port", "10090"))).auth(AuthRealm.ADMIN, AuthRealm.ADMIN).build());
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    public void distinguishContainersInConsoleOutput(@Observes(precedence = 5) StartContainer startContainer) {
        log.info("************************" + startContainer.getContainer().getName() + "*****************************************************************************");
        this.currentContainerName = startContainer.getContainer().getName();
    }

    public void initializeSuiteContext(@Observes(precedence = 2) BeforeSuite beforeSuite) {
        Set set = (Set) ((ContainerRegistry) this.containerRegistry.get()).getContainers().stream().map(ContainerInfo::new).collect(Collectors.toSet());
        this.suiteContext = new SuiteContext(set);
        if (AUTH_SERVER_CROSS_DC) {
            set.stream().filter(containerInfo -> {
                return containerInfo.getQualifier().startsWith(AUTH_SERVER_BALANCER + "-cross-dc");
            }).forEach(containerInfo2 -> {
                String str = (String) containerInfo2.getArquillianContainer().getContainerConfiguration().getContainerProperties().getOrDefault("bindHttpPortOffset", "0");
                String str2 = (String) containerInfo2.getArquillianContainer().getContainerConfiguration().getContainerProperties().getOrDefault("dataCenter", "0");
                updateWithAuthServerInfo(containerInfo2, Integer.valueOf(str).intValue());
                this.suiteContext.addAuthServerInfo(Integer.valueOf(str2).intValue(), containerInfo2);
            });
            if (this.suiteContext.getDcAuthServerInfo().isEmpty()) {
                throw new IllegalStateException("Not found frontend container (load balancer): " + AUTH_SERVER_BALANCER);
            }
            if (this.suiteContext.getDcAuthServerInfo().stream().anyMatch((v0) -> {
                return Objects.isNull(v0);
            })) {
                throw new IllegalStateException("Frontend container (load balancer) misconfiguration");
            }
            set.stream().filter(containerInfo3 -> {
                return containerInfo3.getQualifier().startsWith("auth-server-" + System.getProperty("node.name") + "-");
            }).sorted((containerInfo4, containerInfo5) -> {
                return containerInfo4.getQualifier().compareTo(containerInfo5.getQualifier());
            }).forEach(containerInfo6 -> {
                updateWithAuthServerInfo(containerInfo6, Integer.valueOf((String) containerInfo6.getArquillianContainer().getContainerConfiguration().getContainerProperties().getOrDefault("bindHttpPortOffset", "0")).intValue());
                this.suiteContext.addAuthServerBackendsInfo(Integer.valueOf((String) containerInfo6.getArquillianContainer().getContainerConfiguration().getContainerProperties().getOrDefault("dataCenter", "0")).intValue(), containerInfo6);
            });
            set.stream().filter(containerInfo7 -> {
                return containerInfo7.getQualifier().startsWith("cache-server-");
            }).sorted((containerInfo8, containerInfo9) -> {
                return containerInfo8.getQualifier().compareTo(containerInfo9.getQualifier());
            }).forEach(containerInfo10 -> {
                log.info(String.format("cache container: %s", containerInfo10.getQualifier()));
                this.suiteContext.addCacheServerInfo(Integer.parseInt(containerInfo10.getQualifier().substring(containerInfo10.getQualifier().lastIndexOf("-") + 1)) - 1, containerInfo10);
            });
            if (this.suiteContext.getDcAuthServerInfo().isEmpty()) {
                throw new RuntimeException(String.format("No auth server container matching '%s' found in arquillian.xml.", AUTH_SERVER_BACKEND));
            }
            if (this.suiteContext.getDcAuthServerBackendsInfo().stream().anyMatch((v0) -> {
                return Objects.isNull(v0);
            })) {
                throw new IllegalStateException("Frontend container (load balancer) misconfiguration");
            }
            if (this.suiteContext.getDcAuthServerBackendsInfo().stream().anyMatch((v0) -> {
                return v0.isEmpty();
            })) {
                throw new RuntimeException(String.format("Some data center has no auth server container matching '%s' defined in arquillian.xml.", AUTH_SERVER_BACKEND));
            }
            if (this.suiteContext.getCacheServersInfo().isEmpty() && !CACHE_SERVER_LIFECYCLE_SKIP) {
                throw new IllegalStateException("Cache containers misconfiguration");
            }
            log.info("Using frontend containers: " + ((String) this.suiteContext.getDcAuthServerInfo().stream().map((v0) -> {
                return v0.getQualifier();
            }).collect(Collectors.joining(", "))));
        } else if (AUTH_SERVER_CLUSTER) {
            ContainerInfo containerInfo11 = (ContainerInfo) set.stream().filter(containerInfo12 -> {
                return containerInfo12.getQualifier().startsWith(AUTH_SERVER_BALANCER);
            }).findAny().orElseThrow(() -> {
                return new IllegalStateException("Not found frontend container: " + AUTH_SERVER_BALANCER);
            });
            updateWithAuthServerInfo(containerInfo11);
            this.suiteContext.setAuthServerInfo(containerInfo11);
            set.stream().filter(containerInfo13 -> {
                return containerInfo13.getQualifier().startsWith(AUTH_SERVER_BACKEND);
            }).sorted((containerInfo14, containerInfo15) -> {
                return containerInfo14.getQualifier().compareTo(containerInfo15.getQualifier());
            }).forEach(containerInfo16 -> {
                updateWithAuthServerInfo(containerInfo16, Integer.parseInt(containerInfo16.getQualifier().substring(AUTH_SERVER_BACKEND.length())));
                this.suiteContext.addAuthServerBackendsInfo(0, containerInfo16);
            });
            if (Boolean.parseBoolean(System.getProperty("auth.server.jboss.legacy"))) {
                ContainerInfo containerInfo17 = (ContainerInfo) set.stream().filter(containerInfo18 -> {
                    return containerInfo18.getQualifier().startsWith(AUTH_SERVER_LEGACY);
                }).findAny().orElseThrow(() -> {
                    return new IllegalStateException("Not found legacy container: auth-server-legacy");
                });
                updateWithAuthServerInfo(containerInfo17, 500);
                this.suiteContext.setLegacyAuthServerInfo(containerInfo17);
            }
            if (this.suiteContext.getAuthServerBackendsInfo().isEmpty()) {
                throw new RuntimeException(String.format("No auth server container matching '%s' found in arquillian.xml.", AUTH_SERVER_BACKEND));
            }
            log.info("Using frontend container: " + containerInfo11.getQualifier());
        } else {
            ContainerInfo containerInfo19 = (ContainerInfo) set.stream().filter(containerInfo20 -> {
                return containerInfo20.getQualifier().startsWith(AUTH_SERVER_CONTAINER);
            }).findAny().orElseThrow(() -> {
                return new IllegalStateException("Not found frontend container: " + AUTH_SERVER_CONTAINER);
            });
            updateWithAuthServerInfo(containerInfo19);
            this.suiteContext.setAuthServerInfo(containerInfo19);
        }
        if (START_MIGRATION_CONTAINER.booleanValue()) {
            for (ContainerInfo containerInfo21 : this.suiteContext.getContainers()) {
                if (containerInfo21.getQualifier().equals("auth-server-jboss-migration")) {
                    updateWithAuthServerInfo(containerInfo21);
                    this.suiteContext.setMigratedAuthServerInfo(containerInfo21);
                }
            }
            if (this.suiteContext.getMigratedAuthServerInfo() == null) {
                throw new RuntimeException(String.format("Migration test was enabled but no auth server from which to migrate was activated. A container matching auth-server-jboss-migration needs to be enabled in arquillian.xml.", new Object[0]));
            }
        }
        this.suiteContextProducer.set(this.suiteContext);
        CrossDCTestEnricher.initializeSuiteContext(this.suiteContext);
        log.info("\n\n" + this.suiteContext);
        log.info("\n\n" + SystemInfoHelper.getSystemInfo());
        File[] listFiles = new File(System.getProperty("project.build.directory", "target")).listFiles((FileFilter) new WildcardFileFilter("map-*.json"));
        if (listFiles != null) {
            for (File file : listFiles) {
                file.delete();
            }
        }
    }

    public static void executeCli(String... strArr) throws Exception {
        OnlineManagementClient managementClient = getManagementClient();
        Administration administration = new Administration(managementClient);
        for (String str : strArr) {
            managementClient.execute(str).assertSuccess();
        }
        administration.reload();
        managementClient.close();
    }

    private ContainerInfo updateWithAuthServerInfo(ContainerInfo containerInfo) {
        return updateWithAuthServerInfo(containerInfo, 0);
    }

    private ContainerInfo updateWithAuthServerInfo(ContainerInfo containerInfo, int i) {
        try {
            URL url = new URL(ServerURLs.getAuthServerContextRoot(i));
            containerInfo.setContextRoot(url);
            containerInfo.setBrowserContextRoot(new URL(getAuthServerBrowserContextRoot(url)));
            return containerInfo;
        } catch (MalformedURLException e) {
            throw new IllegalArgumentException(e);
        }
    }

    public void startMigratedContainer(@Observes(precedence = 3) StartSuiteContainers startSuiteContainers) {
        if (this.suiteContext.isAuthServerMigrationEnabled()) {
            log.info("\n\n### Starting keycloak " + System.getProperty("migrated.auth.server.version", "- previous") + " ###\n\n");
            this.startContainerEvent.fire(new StartContainer(this.suiteContext.getMigratedAuthServerInfo().getArquillianContainer()));
            initializeTLS(this.suiteContext.getMigratedAuthServerInfo());
        }
    }

    public void deployProviders(@Observes(precedence = -1) AfterStart afterStart) throws DeploymentException {
        if (isAuthServerRemote() && this.currentContainerName.contains("auth-server")) {
            this.testsuiteProvidersArchive = ShrinkWrap.create(ZipImporter.class, "testsuiteProviders.jar").importFrom(Maven.configureResolverViaPlugin().resolve("org.keycloak.testsuite:integration-arquillian-testsuite-providers").withoutTransitivity().asSingleFile()).as(JavaArchive.class).addAsManifestResource("jboss-deployment-structure.xml");
            afterStart.getDeployableContainer().deploy(this.testsuiteProvidersArchive);
        }
    }

    public void unDeployProviders(@Observes(precedence = 20) BeforeStop beforeStop) throws DeploymentException {
        if (this.testsuiteProvidersArchive != null) {
            beforeStop.getDeployableContainer().undeploy(this.testsuiteProvidersArchive);
        }
    }

    public void runPreMigrationTask(@Observes(precedence = 2) StartSuiteContainers startSuiteContainers) throws Exception {
        if (this.suiteContext.isAuthServerMigrationEnabled()) {
            log.info("\n\n### Run preMigration task on keycloak " + System.getProperty("migrated.auth.server.version", "- previous") + " ###\n\n");
            this.suiteContext.getMigrationContext().runPreMigrationTask();
        }
    }

    public void stopMigratedContainer(@Observes(precedence = 1) StartSuiteContainers startSuiteContainers) {
        if (this.suiteContext.isAuthServerMigrationEnabled()) {
            log.info("## STOP old container: " + this.suiteContext.getMigratedAuthServerInfo().getQualifier());
            this.stopContainerEvent.fire(new StopContainer(this.suiteContext.getMigratedAuthServerInfo().getArquillianContainer()));
        }
    }

    public void startAuthContainer(@Observes(precedence = 0) StartSuiteContainers startSuiteContainers) {
        log.debug("Starting auth server before suite");
        try {
            this.startContainerEvent.fire(new StartContainer(this.suiteContext.getAuthServerInfo().getArquillianContainer()));
        } catch (Exception e) {
            if (!(e instanceof LifecycleException) || !handleManualMigration()) {
                throw e;
            }
            log.info("Set log file checker to end of file.");
            try {
                if (this.suiteContext.getServerLogChecker() == null) {
                    setServerLogChecker();
                }
                this.suiteContext.getServerLogChecker().updateLastCheckedPositionsOfAllFilesToEndOfFile();
            } catch (IOException e2) {
                log.warn("Server log checker failed to update position:", e2);
            }
            log.info("Starting server again after manual DB migration was finished");
            this.startContainerEvent.fire(new StartContainer(this.suiteContext.getAuthServerInfo().getArquillianContainer()));
        }
    }

    private boolean handleManualMigration() {
        if (!MIGRATION_MODE_MANUAL.equals(System.getProperty(MIGRATION_MODE_PROPERTY))) {
            return false;
        }
        String property = System.getProperty(AUTH_SERVER_HOME_PROPERTY);
        if (property == null) {
            log.warnf("Property '%s' was missing during manual mode migration test", AUTH_SERVER_HOME_PROPERTY);
            return false;
        }
        String str = property + File.separator + "keycloak-database-update.sql";
        if (!new File(str).exists()) {
            log.warnf("File '%s' didn't exists during manual mode migration test", str);
            return false;
        }
        log.infof("Running SQL script created by liquibase during manual migration flow", str);
        SqlUtils.runSqlScript(str, System.getProperty("keycloak.connectionsJpa.driver"), StringPropertyReplacer.replaceProperties(System.getProperty("keycloak.connectionsJpa.url")), System.getProperty("keycloak.connectionsJpa.user"), System.getProperty("keycloak.connectionsJpa." + BrokerTestConstants.USER_PASSWORD));
        return true;
    }

    private static final boolean isRecognizedErrorLog(String str) {
        return RECOGNIZED_ERRORS.matcher(str).find() && !IGNORED.matcher(str).find();
    }

    private static final void failOnRecognizedErrorInLog(Stream<String> stream) {
        Optional<String> findAny = stream.filter(AuthServerTestEnricher::isRecognizedErrorLog).findAny();
        if (findAny.isPresent()) {
            throw new RuntimeException(String.format("Server log file contains ERROR: '%s'", findAny.get()));
        }
    }

    private void setServerLogChecker() throws IOException {
        this.suiteContext.setServerLogChecker(LogChecker.getJBossServerLogsChecker(this.suiteContext.getAuthServerInfo().getProperties().get("jbossHome")));
    }

    public void checkServerLogs(@Observes(precedence = -1) BeforeSuite beforeSuite) throws IOException, InterruptedException {
        if (!this.suiteContext.getAuthServerInfo().isJBossBased()) {
            this.suiteContext.setServerLogChecker(new TextFileChecker(new Path[0]));
            return;
        }
        if (this.suiteContext.getServerLogChecker() == null) {
            setServerLogChecker();
        }
        if (Boolean.parseBoolean(System.getProperty("auth.server.log.check", MailServerConfiguration.STARTTLS))) {
            this.suiteContext.getServerLogChecker().checkFiles(true, AuthServerTestEnricher::failOnRecognizedErrorInLog);
        }
    }

    public void restartAuthServer() throws Exception {
        if (!isAuthServerRemote()) {
            this.stopContainerEvent.fire(new StopContainer(this.suiteContext.getAuthServerInfo().getArquillianContainer()));
            this.startContainerEvent.fire(new StartContainer(this.suiteContext.getAuthServerInfo().getArquillianContainer()));
            return;
        }
        OnlineManagementClient managementClient = getManagementClient();
        Throwable th = null;
        try {
            new Administration(managementClient, Integer.getInteger(System.getProperty("auth.server.jboss.startup.timeout"), 300).intValue()).reload();
            if (managementClient != null) {
                if (0 == 0) {
                    managementClient.close();
                    return;
                }
                try {
                    managementClient.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
        } catch (Throwable th3) {
            if (managementClient != null) {
                if (0 != 0) {
                    try {
                        managementClient.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    managementClient.close();
                }
            }
            throw th3;
        }
    }

    public void initializeTestContext(@Observes(precedence = 2) BeforeClass beforeClass) throws Exception {
        TestContext testContext = new TestContext(this.suiteContext, beforeClass.getTestClass().getJavaClass());
        this.testContextProducer.set(testContext);
        if (isAuthServerRemote() || isAuthServerQuarkus()) {
            return;
        }
        boolean z = false;
        if (beforeClass.getTestClass().isAnnotationPresent(EnableVault.class)) {
            VaultUtils.enableVault(this.suiteContext, ((EnableVault) beforeClass.getTestClass().getAnnotation(EnableVault.class)).providerId());
            z = true;
        }
        if (beforeClass.getTestClass().isAnnotationPresent(SetDefaultProvider.class)) {
            SetDefaultProvider setDefaultProvider = (SetDefaultProvider) beforeClass.getTestClass().getAnnotation(SetDefaultProvider.class);
            if (setDefaultProvider.beforeEnableFeature()) {
                SpiProvidersSwitchingUtils.addProviderDefaultValue(this.suiteContext, setDefaultProvider);
                z = true;
            }
        }
        if (z) {
            restartAuthServer();
            testContext.reconnectAdminClient();
        }
    }

    public void initializeTLS(@Observes(precedence = 3) BeforeClass beforeClass) throws Exception {
        if (this.suiteContext.isAuthServerCrossDc() || this.suiteContext.isAuthServerCluster()) {
            return;
        }
        initializeTLS(this.suiteContext.getAuthServerInfo());
    }

    public static void initializeTLS(ContainerInfo containerInfo) {
        if (ServerURLs.AUTH_SERVER_SSL_REQUIRED && containerInfo.isJBossBased()) {
            log.infof("\n\n### Setting up TLS for %s ##\n\n", containerInfo);
            try {
                OnlineManagementClient managementClient = getManagementClient(containerInfo);
                Throwable th = null;
                try {
                    enableTLS(managementClient);
                    if (managementClient != null) {
                        if (0 != 0) {
                            try {
                                managementClient.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            managementClient.close();
                        }
                    }
                } finally {
                }
            } catch (Exception e) {
                log.warn("Failed to set up TLS for container '" + containerInfo.getQualifier() + "'. This may lead to unexpected behavior unless the test sets it up manually", e);
            }
        }
    }

    public static void setJsseSecurityProviderForOutboundSslConnectionsOfElytronClient(@Observes(precedence = 100) StartSuiteContainers startSuiteContainers) {
        log.info("Determining the JSSE security provider to use for outbound SSL/TLS connections of the Elytron client");
        String property = System.getProperty("wildfly-client.config.path");
        if (property == null) {
            log.debug("Scanning classpath to locate wildfly-config.xml");
            String[] split = System.getProperty("java.class.path").split(File.pathSeparator);
            int length = split.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                String str = split[i];
                if (!str.isEmpty()) {
                    String str2 = str + File.separator + "wildfly-config.xml";
                    if (new File(str2).exists()) {
                        property = str2;
                        log.debugf("Found wildfly-config.xml at '%s' location", property);
                        break;
                    }
                }
                i++;
            }
        }
        File file = property != null ? new File(property) : null;
        if (file == null || !file.exists()) {
            throw new RuntimeException("Failed to locate the wildfly-config.xml to use for the configuration of Elytron client");
        }
        log.debugf("Using wildfly-config.xml from '%s' location", property);
        try {
            NodeList elementsByTagName = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(file).getElementsByTagName("provider-name");
            if (elementsByTagName.getLength() != 1) {
                throw new RuntimeException("Failed to locate the 'provider-name' element in wildfly-config.xml XML file");
            }
            String replaceAll = elementsByTagName.item(0).getAttributes().getNamedItem("name").getNodeValue().replaceAll("(\\$|\\{|\\}|(:.*$))", new String());
            boolean z = false;
            if (replaceAll == null) {
                throw new RuntimeException("Failed to determine the name of system property holding JSSE security provider's name for Elytron client");
            }
            if (System.getProperty(replaceAll) == null) {
                z = true;
            }
            if (z) {
                boolean exists = new File(System.getProperty("java.home") + File.separator + "lib" + File.separator + "ext" + File.separator + "openjsse.jar").exists();
                Provider provider = Security.getProviders("SSLContext.TLSv1.2")[0];
                if (provider == null) {
                    throw new RuntimeException("Cannot identify a security provider for Elytron client offering the TLSv1.2 capability");
                }
                if (exists) {
                    Provider provider2 = (Provider) ((List) Stream.of((Object[]) Security.getProviders()).filter(provider3 -> {
                        return provider3.getName().equals("SunJSSE");
                    }).collect(Collectors.toList())).get(0);
                    if (provider2 == null) {
                        throw new RuntimeException("The SunJSSE provider is not present on the platform");
                    }
                    provider = provider2;
                }
                System.setProperty(replaceAll, provider.getName());
                log.infof("Using the '%s' JSSE provider", provider.getName());
            }
        } catch (IOException e) {
            throw new RuntimeException(String.format("Error reading the '%s' file. Please make sure the provided path is correct and retry", file.getAbsolutePath()));
        } catch (ParserConfigurationException | SAXException e2) {
            throw new RuntimeException(String.format("Failed to parse the '%s' XML file", file.getAbsolutePath()));
        }
    }

    private static OnlineManagementClient getManagementClient(ContainerInfo containerInfo) {
        try {
            return ManagementClient.online(OnlineOptions.standalone().hostAndPort(MailServerConfiguration.HOST, Integer.parseInt(containerInfo.getProperties().get("managementPort"))).build());
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private static void enableTLS(OnlineManagementClient onlineManagementClient) throws Exception {
        Administration administration = new Administration(onlineManagementClient);
        if (new Operations(onlineManagementClient).exists(Address.coreService("management").and("security-realm", "UndertowRealm"))) {
            log.info("## The Auth Server has already configured TLS. Skipping ##");
            return;
        }
        onlineManagementClient.execute("/core-service=management/security-realm=UndertowRealm:add()");
        onlineManagementClient.execute("/core-service=management/security-realm=UndertowRealm/server-identity=ssl:add(keystore-relative-to=jboss.server.config.dir,keystore-password=secret,keystore-path=keycloak.jks");
        onlineManagementClient.execute("/core-service=management/security-realm=UndertowRealm/authentication=truststore:add(keystore-relative-to=jboss.server.config.dir,keystore-password=secret,keystore-path=keycloak.truststore");
        ServerTestEnricherUtil.removeHttpsListener(onlineManagementClient, administration);
        ServerTestEnricherUtil.addHttpsListener(onlineManagementClient);
        ServerTestEnricherUtil.reloadOrRestartTimeoutClient(administration);
    }

    protected boolean isAuthServerJBossBased() {
        return ((ContainerRegistry) this.containerRegistry.get()).getContainers().stream().map(ContainerInfo::new).anyMatch((v0) -> {
            return v0.isJBossBased();
        });
    }

    public void initializeOAuthClient(@Observes(precedence = 4) BeforeClass beforeClass) {
        OAuthClient.updateURLs(this.suiteContext.getAuthServerInfo().getContextRoot().toString());
        this.oAuthClientProducer.set(new OAuthClient());
    }

    public void beforeTest(@Observes(precedence = 100) Before before) throws IOException {
        this.suiteContext.getServerLogChecker().updateLastCheckedPositionsOfAllFilesToEndOfFile();
    }

    public void startTestClassProvider(@Observes(precedence = 1) BeforeSuite beforeSuite) {
        TestClassProvider testClassProvider = new TestClassProvider();
        testClassProvider.start();
        this.suiteContext.setTestClassProvider(testClassProvider);
    }

    public void stopTestClassProvider(@Observes(precedence = -1) AfterSuite afterSuite) {
        this.suiteContext.getTestClassProvider().stop();
    }

    private void checkForNoUnexpectedUncaughtError(Stream<String> stream) {
        Pattern pattern = UNEXPECTED_UNCAUGHT_ERROR;
        pattern.getClass();
        Optional findAny = stream.map((v1) -> {
            return r1.matcher(v1);
        }).filter((v0) -> {
            return v0.find();
        }).findAny();
        if (findAny.isPresent()) {
            Assert.fail("Uncaught server error detected: " + ((Matcher) findAny.get()).group(1));
        }
    }

    public void afterTest(@Observes(precedence = -1) After after) throws IOException {
        if (after.getTestMethod().getAnnotation(UncaughtServerErrorExpected.class) == null) {
            this.suiteContext.getServerLogChecker().checkFiles(false, this::checkForNoUnexpectedUncaughtError);
        }
    }

    public void afterClass(@Observes(precedence = 1) AfterClass afterClass) throws Exception {
        ContainerController containerController = (ContainerController) this.containerConroller.get();
        if (!containerController.isStarted(this.suiteContext.getAuthServerInfo().getQualifier())) {
            log.warn("Auth server wasn't running. Starting " + this.suiteContext.getAuthServerInfo().getQualifier());
            containerController.start(this.suiteContext.getAuthServerInfo().getQualifier());
        }
        TestContext testContext = (TestContext) this.testContextProducer.get();
        Keycloak adminClient = testContext.getAdminClient();
        KeycloakTestingClient testingClient = testContext.getTestingClient();
        removeTestRealms(testContext, adminClient);
        if (!isAuthServerRemote() && !isAuthServerQuarkus()) {
            boolean z = false;
            if (afterClass.getTestClass().isAnnotationPresent(EnableVault.class)) {
                VaultUtils.disableVault(this.suiteContext, ((EnableVault) afterClass.getTestClass().getAnnotation(EnableVault.class)).providerId());
                z = true;
            }
            if (afterClass.getTestClass().isAnnotationPresent(SetDefaultProvider.class)) {
                SpiProvidersSwitchingUtils.removeProvider(this.suiteContext, (SetDefaultProvider) afterClass.getTestClass().getAnnotation(SetDefaultProvider.class));
                z = true;
            }
            if (z) {
                restartAuthServer();
                testContext.reconnectAdminClient();
            }
        }
        if (adminClient != null) {
            adminClient.close();
        }
        if (testingClient != null) {
            testingClient.close();
        }
    }

    public static void removeTestRealms(TestContext testContext, Keycloak keycloak) {
        List<RealmRepresentation> testRealmReps = testContext.getTestRealmReps();
        if (testRealmReps == null || testRealmReps.isEmpty()) {
            return;
        }
        log.info("removing test realms after test class");
        StringBuilder sb = new StringBuilder();
        for (RealmRepresentation realmRepresentation : testRealmReps) {
            try {
                keycloak.realms().realm(realmRepresentation.getRealm()).remove();
                sb.append(realmRepresentation.getRealm()).append(", ");
            } catch (NotFoundException e) {
            }
        }
        log.info("removed realms: " + ((Object) sb));
    }

    static {
        START_MIGRATION_CONTAINER = Boolean.valueOf(MIGRATION_MODE_AUTO.equals(System.getProperty(MIGRATION_MODE_PROPERTY)) || MIGRATION_MODE_MANUAL.equals(System.getProperty(MIGRATION_MODE_PROPERTY)));
        RECOGNIZED_ERRORS = Pattern.compile("ERROR \\[|SEVERE \\[|Exception ");
        IGNORED = Pattern.compile("Jetty ALPN support not found|org.keycloak.events");
        UNEXPECTED_UNCAUGHT_ERROR = Pattern.compile(KeycloakErrorHandler.class.getSimpleName() + ".*" + Pattern.quote("Uncaught server error") + "[\\s:]*(.*)$");
    }
}
