package org.infinispan.server.hotrod;

import java.lang.reflect.Method;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLParameters;
import org.infinispan.commons.util.SslContextFactory;
import org.infinispan.manager.EmbeddedCacheManager;
import org.infinispan.server.core.test.ServerTestingUtil;
import org.infinispan.server.hotrod.configuration.HotRodServerConfigurationBuilder;
import org.infinispan.server.hotrod.test.HotRodClient;
import org.infinispan.server.hotrod.test.HotRodTestingUtil;
import org.infinispan.server.hotrod.test.Op;
import org.testng.Assert;
import org.testng.annotations.AfterMethod;
import org.testng.annotations.Test;

@Test(groups = {"functional"}, testName = "server.hotrod.HotRodSniFunctionalTest")
/* loaded from: input_file:org/infinispan/server/hotrod/HotRodSniFunctionalTest.class */
public class HotRodSniFunctionalTest extends HotRodSingleNodeTest {
    private String defaultServerKeystore = getClass().getClassLoader().getResource("default_server_keystore.p12").getPath();
    private String sniServerKeystore = getClass().getClassLoader().getResource("sni_server_keystore.p12").getPath();
    private String noAuthorizedClientsServerKeystore = getClass().getClassLoader().getResource("no_trusted_clients_keystore.p12").getPath();
    private String defaultTrustedClientTruststore = getClass().getClassLoader().getResource("default_client_truststore.p12").getPath();
    private String sniTrustedClientTruststore = getClass().getClassLoader().getResource("sni_client_truststore.p12").getPath();

    /* loaded from: input_file:org/infinispan/server/hotrod/HotRodSniFunctionalTest$HotrodClientBuilder.class */
    class HotrodClientBuilder {
        private final HotRodServer hotRodServer;
        SSLContext sslContext;
        SSLEngine sslEngine;

        public HotrodClientBuilder(HotRodServer hotRodServer) {
            this.hotRodServer = hotRodServer;
        }

        public HotrodClientBuilder useSslConfiguration(String str, String str2, String str3, String str4) {
            this.sslContext = SslContextFactory.getContext(str, "pkcs12", str2.toCharArray(), str3, "pkcs12", str4.toCharArray());
            this.sslEngine = SslContextFactory.getEngine(this.sslContext, true, false);
            return this;
        }

        public HotrodClientBuilder addSniDomain(List<String> list) {
            if (!list.isEmpty()) {
                SSLParameters sSLParameters = this.sslEngine.getSSLParameters();
                sSLParameters.setServerNames((List) list.stream().map(SNIHostName::new).collect(Collectors.toList()));
                this.sslEngine.setSSLParameters(sSLParameters);
            }
            return this;
        }

        public HotRodClient build() {
            return new HotRodClient("127.0.0.1", this.hotRodServer.getPort().intValue(), "HotRodCache", 60, (byte) 20, this.sslEngine);
        }
    }

    /* loaded from: input_file:org/infinispan/server/hotrod/HotRodSniFunctionalTest$HotrodServerBuilder.class */
    class HotrodServerBuilder {
        String ip = "127.0.0.1";
        HotRodServerConfigurationBuilder builder = new HotRodServerConfigurationBuilder().proxyHost("127.0.0.1").proxyPort(HotRodTestingUtil.serverPort()).idleTimeout(0);

        HotrodServerBuilder() {
        }

        public HotrodServerBuilder addSniDomain(String str, String str2, String str3, String str4, String str5) {
            this.builder.ssl().enable().sniHostName(str).keyStoreFileName(str2).keyStorePassword(str3.toCharArray()).trustStoreFileName(str4).trustStorePassword(str5.toCharArray());
            return this;
        }

        public HotRodServer build() {
            return HotRodTestingUtil.startHotRodServer(HotRodSniFunctionalTest.this.cacheManager, HotRodTestingUtil.serverPort(), -1L, this.builder);
        }
    }

    @AfterMethod(alwaysRun = true)
    public void afterMethod() {
        HotRodTestingUtil.killClient(this.hotRodClient);
        ServerTestingUtil.killServer(this.hotRodServer);
    }

    public void testServerAndClientWithDefaultSslContext(Method method) {
        this.hotRodServer = new HotrodServerBuilder().addSniDomain("*", this.defaultServerKeystore, "secret", this.defaultTrustedClientTruststore, "secret").build();
        this.hotRodClient = new HotrodClientBuilder(this.hotRodServer).useSslConfiguration(this.defaultServerKeystore, "secret", this.defaultTrustedClientTruststore, "secret").build();
        client().assertPut(method);
        HotRodTestingUtil.assertSuccess(client().assertGet(method), HotRodTestingUtil.v(method));
    }

    public void testServerAndClientWithSniSslContext(Method method) {
        this.hotRodServer = new HotrodServerBuilder().addSniDomain("*", this.noAuthorizedClientsServerKeystore, "secret", this.sniTrustedClientTruststore, "secret").addSniDomain("sni", this.sniServerKeystore, "secret", this.sniTrustedClientTruststore, "secret").build();
        this.hotRodClient = new HotrodClientBuilder(this.hotRodServer).useSslConfiguration(this.sniServerKeystore, "secret", this.sniTrustedClientTruststore, "secret").addSniDomain(Collections.singletonList("sni")).build();
        client().assertPut(method);
        HotRodTestingUtil.assertSuccess(client().assertGet(method), HotRodTestingUtil.v(method));
    }

    public void testServerWithNotMatchingDefaultAndClientWithSNI(Method method) {
        this.hotRodServer = new HotrodServerBuilder().addSniDomain("*", this.noAuthorizedClientsServerKeystore, "secret", this.sniTrustedClientTruststore, "secret").build();
        this.hotRodClient = new HotrodClientBuilder(this.hotRodServer).useSslConfiguration(this.sniServerKeystore, "secret", this.sniTrustedClientTruststore, "secret").addSniDomain(Collections.singletonList("sni")).build();
        Assert.assertFalse(client().writeOp(new Op(160, (byte) 1, (byte) 20, client().defaultCacheName(), HotRodTestingUtil.k(method), 0, 0, HotRodTestingUtil.v(method), 0, 0L, (byte) 1, 0), false));
    }

    @Override // org.infinispan.server.hotrod.HotRodSingleNodeTest
    protected HotRodServer createStartHotRodServer(EmbeddedCacheManager embeddedCacheManager) {
        return null;
    }

    @Override // org.infinispan.server.hotrod.HotRodSingleNodeTest
    protected HotRodClient connectClient() {
        return null;
    }
}
