package org.apache.activemq.artemis.tests.integration.amqp.connect;

import java.lang.invoke.MethodHandles;
import java.net.URI;
import java.util.concurrent.TimeUnit;
import org.apache.activemq.artemis.core.config.amqpBrokerConnectivity.AMQPBrokerConnectConfiguration;
import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.tests.integration.amqp.AmqpClientTestSupport;
import org.apache.qpid.protonj2.test.driver.ProtonTestServer;
import org.apache.qpid.protonj2.test.driver.ProtonTestServerOptions;
import org.apache.qpid.protonj2.test.driver.codec.security.SaslCode;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.Timeout;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/activemq/artemis/tests/integration/amqp/connect/AMQPConnectSaslTest.class */
public class AMQPConnectSaslTest extends AmqpClientTestSupport {
    private static final Logger logger = LoggerFactory.getLogger(MethodHandles.lookup().lookupClass());
    private static final int BROKER_PORT_NUM = 5673;
    private static final String SERVER_KEYSTORE_NAME = "server-keystore.jks";
    private static final String UNKNOWN_SERVER_KEYSTORE_NAME = "unknown-server-keystore.jks";
    private static final String SERVER_KEYSTORE_PASSWORD = "securepass";
    private static final String CLIENT_KEYSTORE_NAME = "client-keystore.jks";
    private static final String CLIENT_KEYSTORE_PASSWORD = "securepass";
    private static final String SERVER_TRUSTSTORE_NAME = "server-ca-truststore.jks";
    private static final String SERVER_TRUSTSTORE_PASSWORD = "securepass";
    private static final String CLIENT_TRUSTSTORE_NAME = "client-ca-truststore.jks";
    private static final String CLIENT_TRUSTSTORE_PASSWORD = "securepass";
    private static final String USER = "MY_USER";
    private static final String PASSWD = "PASSWD_VALUE";
    private static final String PLAIN = "PLAIN";
    private static final String ANONYMOUS = "ANONYMOUS";
    private static final String EXTERNAL = "EXTERNAL";
    private static final String SCRAM_SHA_512 = "SCRAM-SHA-512";

    @Override // org.apache.activemq.artemis.tests.integration.amqp.AmqpClientTestSupport
    protected ActiveMQServer createServer() throws Exception {
        return createServer(BROKER_PORT_NUM, false);
    }

    @Timeout(20)
    @Test
    public void testConnectsWithAnonymous() throws Exception {
        ProtonTestServer protonTestServer = new ProtonTestServer();
        try {
            protonTestServer.expectSASLAnonymousConnect(new String[]{"PLAIN", ANONYMOUS});
            protonTestServer.expectOpen().respond();
            protonTestServer.expectBegin().respond();
            protonTestServer.start();
            URI serverURI = protonTestServer.getServerURI();
            logger.debug("Connect test started, peer listening on: {}", serverURI);
            AMQPBrokerConnectConfiguration aMQPBrokerConnectConfiguration = new AMQPBrokerConnectConfiguration(getTestName(), "tcp://localhost:" + serverURI.getPort());
            aMQPBrokerConnectConfiguration.setReconnectAttempts(0);
            this.server.getConfiguration().addAMQPConnection(aMQPBrokerConnectConfiguration);
            this.server.start();
            protonTestServer.waitForScriptToComplete(5L, TimeUnit.SECONDS);
            protonTestServer.close();
        } catch (Throwable th) {
            try {
                protonTestServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Timeout(20)
    @Test
    public void testConnectsWithPlain() throws Exception {
        ProtonTestServer protonTestServer = new ProtonTestServer();
        try {
            protonTestServer.expectSASLPlainConnect(USER, PASSWD, new String[]{"PLAIN", ANONYMOUS});
            protonTestServer.expectOpen().respond();
            protonTestServer.expectBegin().respond();
            protonTestServer.start();
            URI serverURI = protonTestServer.getServerURI();
            logger.debug("Connect test started, peer listening on: {}", serverURI);
            AMQPBrokerConnectConfiguration aMQPBrokerConnectConfiguration = new AMQPBrokerConnectConfiguration(getTestName(), "tcp://localhost:" + serverURI.getPort());
            aMQPBrokerConnectConfiguration.setReconnectAttempts(0);
            aMQPBrokerConnectConfiguration.setUser(USER);
            aMQPBrokerConnectConfiguration.setPassword(PASSWD);
            this.server.getConfiguration().addAMQPConnection(aMQPBrokerConnectConfiguration);
            this.server.start();
            protonTestServer.waitForScriptToComplete(5L, TimeUnit.SECONDS);
            protonTestServer.close();
        } catch (Throwable th) {
            try {
                protonTestServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Timeout(20)
    @Test
    public void testAnonymousSelectedWhenNoCredentialsSupplied() throws Exception {
        doMechanismSelectedTestImpl(null, null, ANONYMOUS, new String[]{SCRAM_SHA_512, "PLAIN", ANONYMOUS});
    }

    @Timeout(20)
    @Test
    public void testSelectsSCRAMWhenCredentialsPresent() throws Exception {
        doMechanismSelectedTestImpl(USER, PASSWD, SCRAM_SHA_512, new String[]{SCRAM_SHA_512, "PLAIN", ANONYMOUS});
    }

    private void doMechanismSelectedTestImpl(String str, String str2, String str3, String[] strArr) throws Exception {
        ProtonTestServer protonTestServer = new ProtonTestServer();
        try {
            protonTestServer.expectSaslConnectThatAlwaysFailsAuthentication(strArr, str3);
            protonTestServer.start();
            URI serverURI = protonTestServer.getServerURI();
            logger.debug("Connect test started, peer listening on: {}", serverURI);
            AMQPBrokerConnectConfiguration aMQPBrokerConnectConfiguration = new AMQPBrokerConnectConfiguration(getTestName(), "tcp://localhost:" + serverURI.getPort());
            aMQPBrokerConnectConfiguration.setReconnectAttempts(0);
            if (str != null) {
                aMQPBrokerConnectConfiguration.setUser(str);
            }
            if (str2 != null) {
                aMQPBrokerConnectConfiguration.setPassword(str2);
            }
            this.server.getConfiguration().addAMQPConnection(aMQPBrokerConnectConfiguration);
            this.server.start();
            protonTestServer.waitForScriptToComplete(5L, TimeUnit.SECONDS);
            protonTestServer.close();
        } catch (Throwable th) {
            try {
                protonTestServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Timeout(20)
    @Test
    public void testConnectsWithExternal() throws Exception {
        doConnectWithExternalTestImpl(true);
    }

    @Timeout(20)
    @Test
    public void testExternalIgnoredWhenNoClientCertSupplied() throws Exception {
        doConnectWithExternalTestImpl(false);
    }

    private void doConnectWithExternalTestImpl(boolean z) throws Exception {
        String file = getClass().getClassLoader().getResource(SERVER_KEYSTORE_NAME).getFile();
        String file2 = getClass().getClassLoader().getResource(CLIENT_TRUSTSTORE_NAME).getFile();
        ProtonTestServerOptions protonTestServerOptions = new ProtonTestServerOptions();
        protonTestServerOptions.setSecure(true);
        protonTestServerOptions.setKeyStoreLocation(file);
        protonTestServerOptions.setKeyStorePassword("securepass");
        protonTestServerOptions.setVerifyHost(false);
        if (z) {
            protonTestServerOptions.setNeedClientAuth(true);
            protonTestServerOptions.setTrustStoreLocation(file2);
            protonTestServerOptions.setTrustStorePassword("securepass");
        }
        ProtonTestServer protonTestServer = new ProtonTestServer(protonTestServerOptions);
        try {
            protonTestServer.expectSASLHeader().respondWithSASLHeader();
            protonTestServer.remoteSaslMechanisms().withMechanisms(new String[]{EXTERNAL, "PLAIN"}).queue();
            if (z) {
                protonTestServer.expectSaslInit().withMechanism(EXTERNAL).withInitialResponse(new byte[0]);
            } else {
                protonTestServer.expectSaslInit().withMechanism("PLAIN").withInitialResponse(protonTestServer.saslPlainInitialResponse(USER, PASSWD));
            }
            protonTestServer.remoteSaslOutcome().withCode(SaslCode.OK).queue();
            protonTestServer.expectAMQPHeader().respondWithAMQPHeader();
            protonTestServer.expectOpen().respond();
            protonTestServer.expectBegin().respond();
            protonTestServer.start();
            URI serverURI = protonTestServer.getServerURI();
            logger.debug("Connect test started, peer listening on: {}", serverURI);
            String str = "tcp://localhost:" + serverURI.getPort() + "?sslEnabled=true;trustStorePath=server-ca-truststore.jks;trustStorePassword=securepass";
            if (z) {
                str = str + ";keyStorePath=client-keystore.jks;keyStorePassword=securepass";
            }
            AMQPBrokerConnectConfiguration aMQPBrokerConnectConfiguration = new AMQPBrokerConnectConfiguration(getTestName(), str);
            aMQPBrokerConnectConfiguration.setReconnectAttempts(0);
            aMQPBrokerConnectConfiguration.setUser(USER);
            aMQPBrokerConnectConfiguration.setPassword(PASSWD);
            this.server.getConfiguration().addAMQPConnection(aMQPBrokerConnectConfiguration);
            this.server.start();
            protonTestServer.waitForScriptToComplete(5L, TimeUnit.SECONDS);
            protonTestServer.close();
        } catch (Throwable th) {
            try {
                protonTestServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Timeout(20)
    @Test
    public void testReconnectConnectsWithVerifyHostOffOnSecondURI() throws Exception {
        String file = getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile();
        ProtonTestServerOptions protonTestServerOptions = new ProtonTestServerOptions();
        protonTestServerOptions.setSecure(true);
        protonTestServerOptions.setKeyStoreLocation(file);
        protonTestServerOptions.setKeyStorePassword("securepass");
        protonTestServerOptions.setVerifyHost(false);
        ProtonTestServerOptions protonTestServerOptions2 = new ProtonTestServerOptions();
        protonTestServerOptions2.setSecure(true);
        protonTestServerOptions2.setKeyStoreLocation(file);
        protonTestServerOptions2.setKeyStorePassword("securepass");
        protonTestServerOptions2.setVerifyHost(false);
        ProtonTestServer protonTestServer = new ProtonTestServer(protonTestServerOptions);
        try {
            ProtonTestServer protonTestServer2 = new ProtonTestServer(protonTestServerOptions2);
            try {
                protonTestServer.expectConnectionToDrop();
                protonTestServer.start();
                protonTestServer2.expectSASLHeader().respondWithSASLHeader();
                protonTestServer2.remoteSaslMechanisms().withMechanisms(new String[]{EXTERNAL, "PLAIN"}).queue();
                protonTestServer2.expectSaslInit().withMechanism("PLAIN").withInitialResponse(protonTestServer2.saslPlainInitialResponse(USER, PASSWD));
                protonTestServer2.remoteSaslOutcome().withCode(SaslCode.OK).queue();
                protonTestServer2.expectAMQPHeader().respondWithAMQPHeader();
                protonTestServer2.expectOpen().respond();
                protonTestServer2.expectBegin().respond();
                protonTestServer2.start();
                URI serverURI = protonTestServer.getServerURI();
                logger.debug("Connect test started, first peer listening on: {}", serverURI);
                URI serverURI2 = protonTestServer2.getServerURI();
                logger.debug("Connect test started, second peer listening on: {}", serverURI2);
                AMQPBrokerConnectConfiguration aMQPBrokerConnectConfiguration = new AMQPBrokerConnectConfiguration(getTestName(), "tcp://localhost:" + serverURI.getPort() + "?verifyHost=true;sslEnabled=true;trustStorePath=server-ca-truststore.jks;trustStorePassword=securepass#tcp://localhost:" + serverURI2.getPort() + "?verifyHost=false");
                aMQPBrokerConnectConfiguration.setReconnectAttempts(20);
                aMQPBrokerConnectConfiguration.setRetryInterval(100);
                aMQPBrokerConnectConfiguration.setUser(USER);
                aMQPBrokerConnectConfiguration.setPassword(PASSWD);
                this.server.getConfiguration().addAMQPConnection(aMQPBrokerConnectConfiguration);
                this.server.start();
                protonTestServer.waitForScriptToComplete(5L, TimeUnit.SECONDS);
                protonTestServer2.waitForScriptToComplete(5L, TimeUnit.SECONDS);
                protonTestServer2.close();
                protonTestServer.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                protonTestServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Timeout(20)
    @Test
    public void testReconnectionUsesConfigurationToReconnectToSecondHostAfterFirstFails() throws Exception {
        String file = getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile();
        String file2 = getClass().getClassLoader().getResource(SERVER_KEYSTORE_NAME).getFile();
        ProtonTestServerOptions protonTestServerOptions = new ProtonTestServerOptions();
        protonTestServerOptions.setSecure(true);
        protonTestServerOptions.setKeyStoreLocation(file);
        protonTestServerOptions.setKeyStorePassword("securepass");
        protonTestServerOptions.setVerifyHost(false);
        ProtonTestServerOptions protonTestServerOptions2 = new ProtonTestServerOptions();
        protonTestServerOptions2.setSecure(true);
        protonTestServerOptions2.setKeyStoreLocation(file2);
        protonTestServerOptions2.setKeyStorePassword("securepass");
        protonTestServerOptions2.setVerifyHost(false);
        ProtonTestServer protonTestServer = new ProtonTestServer(protonTestServerOptions);
        try {
            ProtonTestServer protonTestServer2 = new ProtonTestServer(protonTestServerOptions2);
            try {
                protonTestServer.expectConnectionToDrop();
                protonTestServer.start();
                protonTestServer2.expectSASLHeader().respondWithSASLHeader();
                protonTestServer2.remoteSaslMechanisms().withMechanisms(new String[]{EXTERNAL, "PLAIN"}).queue();
                protonTestServer2.expectSaslInit().withMechanism("PLAIN").withInitialResponse(protonTestServer2.saslPlainInitialResponse(USER, PASSWD));
                protonTestServer2.remoteSaslOutcome().withCode(SaslCode.OK).queue();
                protonTestServer2.expectAMQPHeader().respondWithAMQPHeader();
                protonTestServer2.expectOpen().respond();
                protonTestServer2.expectBegin().respond();
                protonTestServer2.start();
                URI serverURI = protonTestServer.getServerURI();
                logger.debug("Connect test started, first peer listening on: {}", serverURI);
                URI serverURI2 = protonTestServer2.getServerURI();
                logger.debug("Connect test started, second peer listening on: {}", serverURI2);
                AMQPBrokerConnectConfiguration aMQPBrokerConnectConfiguration = new AMQPBrokerConnectConfiguration(getTestName(), "tcp://127.0.0.1:" + serverURI.getPort() + "?sslEnabled=true;trustStorePath=server-ca-truststore.jks;trustStorePassword=securepass#tcp://localhost:" + serverURI2.getPort());
                aMQPBrokerConnectConfiguration.setReconnectAttempts(20);
                aMQPBrokerConnectConfiguration.setRetryInterval(100);
                aMQPBrokerConnectConfiguration.setUser(USER);
                aMQPBrokerConnectConfiguration.setPassword(PASSWD);
                this.server.getConfiguration().addAMQPConnection(aMQPBrokerConnectConfiguration);
                this.server.start();
                protonTestServer.waitForScriptToComplete(5L, TimeUnit.SECONDS);
                protonTestServer2.waitForScriptToComplete(5L, TimeUnit.SECONDS);
                protonTestServer2.close();
                protonTestServer.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                protonTestServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Timeout(20)
    @Test
    public void testReconnectionUsesHostSpecificConfigurationToReconnectToSecondHostAfterFirstFails() throws Exception {
        String file = getClass().getClassLoader().getResource(UNKNOWN_SERVER_KEYSTORE_NAME).getFile();
        String file2 = getClass().getClassLoader().getResource(SERVER_KEYSTORE_NAME).getFile();
        ProtonTestServerOptions protonTestServerOptions = new ProtonTestServerOptions();
        protonTestServerOptions.setSecure(true);
        protonTestServerOptions.setKeyStoreLocation(file);
        protonTestServerOptions.setKeyStorePassword("securepass");
        protonTestServerOptions.setVerifyHost(false);
        ProtonTestServerOptions protonTestServerOptions2 = new ProtonTestServerOptions();
        protonTestServerOptions2.setSecure(true);
        protonTestServerOptions2.setKeyStoreLocation(file2);
        protonTestServerOptions2.setKeyStorePassword("securepass");
        protonTestServerOptions2.setVerifyHost(false);
        ProtonTestServer protonTestServer = new ProtonTestServer(protonTestServerOptions);
        try {
            ProtonTestServer protonTestServer2 = new ProtonTestServer(protonTestServerOptions2);
            try {
                protonTestServer.expectConnectionToDrop();
                protonTestServer.start();
                protonTestServer2.expectSASLHeader().respondWithSASLHeader();
                protonTestServer2.remoteSaslMechanisms().withMechanisms(new String[]{EXTERNAL, "PLAIN"}).queue();
                protonTestServer2.expectSaslInit().withMechanism("PLAIN").withInitialResponse(protonTestServer2.saslPlainInitialResponse(USER, PASSWD));
                protonTestServer2.remoteSaslOutcome().withCode(SaslCode.OK).queue();
                protonTestServer2.expectAMQPHeader().respondWithAMQPHeader();
                protonTestServer2.expectOpen().respond();
                protonTestServer2.expectBegin().respond();
                protonTestServer2.start();
                URI serverURI = protonTestServer.getServerURI();
                logger.debug("Connect test started, first peer listening on: {}", serverURI);
                URI serverURI2 = protonTestServer2.getServerURI();
                logger.debug("Connect test started, second peer listening on: {}", serverURI2);
                AMQPBrokerConnectConfiguration aMQPBrokerConnectConfiguration = new AMQPBrokerConnectConfiguration(getTestName(), "tcp://localhost:" + serverURI.getPort() + "?sslEnabled=true;trustStorePath=client-ca-truststore.jks;trustStorePassword=securepass#tcp://localhost:" + serverURI2.getPort() + "?sslEnabled=true;trustStorePath=server-ca-truststore.jks;trustStorePassword=securepass");
                aMQPBrokerConnectConfiguration.setReconnectAttempts(20);
                aMQPBrokerConnectConfiguration.setRetryInterval(100);
                aMQPBrokerConnectConfiguration.setUser(USER);
                aMQPBrokerConnectConfiguration.setPassword(PASSWD);
                this.server.getConfiguration().addAMQPConnection(aMQPBrokerConnectConfiguration);
                this.server.start();
                protonTestServer.waitForScriptToComplete(5L, TimeUnit.SECONDS);
                protonTestServer2.waitForScriptToComplete(5L, TimeUnit.SECONDS);
                protonTestServer2.close();
                protonTestServer.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                protonTestServer.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
