package org.infinispan.server.configuration;

import java.io.IOException;
import java.net.URL;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.FileAttribute;
import java.security.Provider;
import java.security.Security;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;
import java.util.function.Supplier;
import org.infinispan.commons.configuration.io.ConfigurationWriter;
import org.infinispan.commons.dataconversion.MediaType;
import org.infinispan.commons.io.StringBuilderWriter;
import org.infinispan.commons.test.Exceptions;
import org.infinispan.commons.test.junit.JUnitThreadTrackerRule;
import org.infinispan.commons.util.FileLookupFactory;
import org.infinispan.configuration.parsing.ParserRegistry;
import org.infinispan.rest.configuration.RestServerConfiguration;
import org.infinispan.server.configuration.endpoint.EndpointConfiguration;
import org.infinispan.server.configuration.security.LdapRealmConfiguration;
import org.infinispan.server.configuration.security.RealmConfiguration;
import org.infinispan.server.configuration.security.RealmProvider;
import org.infinispan.server.configuration.security.TokenRealmConfiguration;
import org.infinispan.server.core.configuration.ProtocolServerConfiguration;
import org.infinispan.server.hotrod.configuration.HotRodServerConfiguration;
import org.infinispan.server.memcached.configuration.MemcachedServerConfiguration;
import org.infinispan.server.network.NetworkAddress;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.ClassRule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.wildfly.security.auth.server.IdentityCredentials;
import org.wildfly.security.credential.PasswordCredential;
import org.wildfly.security.credential.store.CredentialStore;
import org.wildfly.security.credential.store.CredentialStoreException;
import org.wildfly.security.credential.store.WildFlyElytronCredentialStoreProvider;
import org.wildfly.security.credential.store.impl.KeyStoreCredentialStore;
import org.wildfly.security.password.interfaces.ClearPassword;

@RunWith(Parameterized.class)
/* loaded from: input_file:org/infinispan/server/configuration/ServerConfigurationParserTest.class */
public class ServerConfigurationParserTest {

    @ClassRule
    public static final JUnitThreadTrackerRule tracker = new JUnitThreadTrackerRule();
    private final MediaType type;

    @BeforeClass
    public static void setup() {
        System.setProperty("org.infinispan.configuration.clear-text-secrets", "true");
        registerSecurityProviders();
        createCredentialStore(getConfigPath().resolve("credentials.pfx"), "secret");
    }

    @AfterClass
    public static void cleanup() {
        System.clearProperty("org.infinispan.configuration.clear-text-secrets");
    }

    @Parameterized.Parameters(name = "{0}")
    public static Iterable<MediaType> data() {
        return Arrays.asList(MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, MediaType.APPLICATION_YAML);
    }

    public ServerConfigurationParserTest(MediaType mediaType) {
        this.type = mediaType;
    }

    @Test
    public void testParser() throws IOException {
        URL lookupFileLocation = FileLookupFactory.newInstance().lookupFileLocation("configuration/" + getClass().getSimpleName() + "." + this.type.getSubType().toLowerCase(Locale.ROOT), ServerConfigurationParserTest.class.getClassLoader());
        Properties properties = new Properties();
        properties.setProperty("infinispan.server.config.path", getConfigPath().toString());
        properties.setProperty("infinispan.server.home.path", Paths.get(System.getProperty("build.directory"), new String[0]).toString());
        ServerConfiguration serverConfiguration = (ServerConfiguration) new ParserRegistry(getClass().getClassLoader(), false, properties).parse(lookupFileLocation).getGlobalConfigurationBuilder().build().module(ServerConfiguration.class);
        validateConfiguration(serverConfiguration);
        Iterator<MediaType> it = data().iterator();
        while (it.hasNext()) {
            ConfigurationWriter build = ConfigurationWriter.to(new StringBuilderWriter()).withType(it.next()).build();
            try {
                new ServerConfigurationSerializer().serialize(build, serverConfiguration);
                if (build != null) {
                    build.close();
                }
            } catch (Throwable th) {
                if (build != null) {
                    try {
                        build.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
    }

    private void validateConfiguration(ServerConfiguration serverConfiguration) {
        Assert.assertEquals(2L, serverConfiguration.networkInterfaces().size());
        NetworkAddress networkAddress = ((InterfaceConfiguration) serverConfiguration.networkInterfaces().get("default")).getNetworkAddress();
        Assert.assertNotNull(networkAddress);
        Assert.assertTrue(networkAddress.getAddress().isLoopbackAddress());
        Map socketBindings = serverConfiguration.socketBindings();
        Assert.assertEquals(5L, socketBindings.size());
        Assert.assertEquals(11221L, ((SocketBindingConfiguration) socketBindings.get("memcached")).port());
        Assert.assertEquals(12221L, ((SocketBindingConfiguration) socketBindings.get("memcached-2")).port());
        Assert.assertEquals(11222L, ((SocketBindingConfiguration) socketBindings.get("default")).port());
        Assert.assertEquals(11223L, ((SocketBindingConfiguration) socketBindings.get("hotrod")).port());
        Assert.assertEquals(8080L, ((SocketBindingConfiguration) socketBindings.get("rest")).port());
        Map realms = serverConfiguration.security().realms().realms();
        Assert.assertEquals(3L, realms.size());
        Assert.assertEquals("default", ((RealmConfiguration) realms.get("default")).name());
        RealmConfiguration realmConfiguration = (RealmConfiguration) realms.get("using-credentials");
        Assert.assertEquals("using-credentials", realmConfiguration.name());
        Map dataSources = serverConfiguration.dataSources();
        Assert.assertEquals(2L, dataSources.size());
        DataSourceConfiguration dataSourceConfiguration = (DataSourceConfiguration) dataSources.get("database");
        Assert.assertEquals("jdbc/database", dataSourceConfiguration.jndiName());
        Assert.assertEquals("jdbc:h2:tcp://${org.infinispan.test.host.address}:1521/test", dataSourceConfiguration.url());
        Assert.assertEquals("test", dataSourceConfiguration.username());
        Assert.assertEquals("test", new String(dataSourceConfiguration.password()));
        Assert.assertEquals("SELECT 1", dataSourceConfiguration.initialSql());
        Assert.assertEquals("org.h2.Driver", dataSourceConfiguration.driver());
        Assert.assertEquals(10L, dataSourceConfiguration.maxSize());
        Assert.assertEquals(1L, dataSourceConfiguration.minSize());
        Assert.assertEquals(1L, dataSourceConfiguration.initialSize());
        Assert.assertEquals(1L, dataSourceConfiguration.connectionProperties().size());
        Assert.assertEquals(10000L, dataSourceConfiguration.leakDetection());
        Assert.assertEquals(1000L, dataSourceConfiguration.backgroundValidation());
        Assert.assertEquals(500L, dataSourceConfiguration.validateOnAcquisition());
        Assert.assertEquals("somevalue", dataSourceConfiguration.connectionProperties().get("someproperty"));
        Assert.assertEquals("test", new String(((DataSourceConfiguration) dataSources.get("database-with-credential")).password()));
        List connectors = ((EndpointConfiguration) serverConfiguration.endpoints().endpoints().get(0)).connectors();
        Assert.assertEquals(3L, connectors.size());
        Assert.assertTrue(connectors.get(0) instanceof HotRodServerConfiguration);
        Assert.assertTrue(connectors.get(1) instanceof RestServerConfiguration);
        Assert.assertTrue(connectors.get(2) instanceof MemcachedServerConfiguration);
        Assert.assertEquals(((SocketBindingConfiguration) socketBindings.get("default")).interfaceConfiguration().getNetworkAddress().getAddress().getHostAddress(), ((EndpointConfiguration) serverConfiguration.endpoints().endpoints().get(0)).singlePortRouter().host());
        Assert.assertEquals(((SocketBindingConfiguration) socketBindings.get("default")).port(), r0.port());
        Assert.assertEquals(((SocketBindingConfiguration) socketBindings.get("memcached")).port(), ((ProtocolServerConfiguration) ((EndpointConfiguration) serverConfiguration.endpoints().endpoints().get(0)).connectors().get(2)).port());
        Assert.assertEquals("strongPassword", new String((char[]) ((Supplier) realmProvider(realmConfiguration, LdapRealmConfiguration.class).attributes().attribute(Attribute.CREDENTIAL).get()).get()));
        Assert.assertEquals("secret", new String((char[]) ((Supplier) realmConfiguration.serverIdentitiesConfiguration().sslConfiguration().trustStore().attributes().attribute(Attribute.PASSWORD).get()).get()));
        Assert.assertEquals("1fdca4ec-c416-47e0-867a-3d471af7050f", new String((char[]) ((Supplier) realmProvider(realmConfiguration, TokenRealmConfiguration.class).oauth2Configuration().attributes().attribute(Attribute.CLIENT_SECRET).get()).get()));
        Assert.assertEquals("password", new String((char[]) ((Supplier) realmConfiguration.serverIdentitiesConfiguration().sslConfiguration().keyStore().attributes().attribute(Attribute.KEYSTORE_PASSWORD).get()).get()));
    }

    <T extends RealmProvider> T realmProvider(RealmConfiguration realmConfiguration, Class<T> cls) {
        return (T) realmConfiguration.realmProviders().stream().filter(realmProvider -> {
            return cls.isAssignableFrom(realmProvider.getClass());
        }).findFirst().get();
    }

    public static Path getConfigPath() {
        return Paths.get(System.getProperty("build.directory"), "test-classes", "configuration");
    }

    public static void registerSecurityProviders() {
        WildFlyElytronCredentialStoreProvider wildFlyElytronCredentialStoreProvider = WildFlyElytronCredentialStoreProvider.getInstance();
        if (Security.getProvider(wildFlyElytronCredentialStoreProvider.getName()) == null) {
            Security.insertProviderAt(wildFlyElytronCredentialStoreProvider, 1);
        }
    }

    static void addCredential(KeyStoreCredentialStore keyStoreCredentialStore, String str, String str2) {
        try {
            keyStoreCredentialStore.store(str, new PasswordCredential(ClearPassword.createRaw("clear", str2.toCharArray())), (CredentialStore.ProtectionParameter) null);
            keyStoreCredentialStore.flush();
        } catch (CredentialStoreException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    static KeyStoreCredentialStore newCredentialStore(Path path, String str) {
        Exceptions.unchecked(() -> {
            Files.deleteIfExists(path);
            Files.createDirectories(path.getParent(), new FileAttribute[0]);
        });
        KeyStoreCredentialStore keyStoreCredentialStore = new KeyStoreCredentialStore();
        HashMap hashMap = new HashMap();
        hashMap.put("location", path.toString());
        hashMap.put("create", "true");
        try {
            keyStoreCredentialStore.initialize(hashMap, new CredentialStore.CredentialSourceProtectionParameter(IdentityCredentials.NONE.withCredential(new PasswordCredential(ClearPassword.createRaw("clear", str.toCharArray())))), (Provider[]) null);
            return keyStoreCredentialStore;
        } catch (CredentialStoreException e) {
            throw new RuntimeException((Throwable) e);
        }
    }

    static void createCredentialStore(Path path, String str) {
        KeyStoreCredentialStore newCredentialStore = newCredentialStore(path, str);
        addCredential(newCredentialStore, "ldap", "strongPassword");
        addCredential(newCredentialStore, "db", "test");
        addCredential(newCredentialStore, "keystore", "password");
        addCredential(newCredentialStore, "oauth2", "1fdca4ec-c416-47e0-867a-3d471af7050f");
        addCredential(newCredentialStore, "trust", "secret");
    }
}
