package org.jboss.test.gravia.itests;

import java.io.IOException;
import java.io.InputStream;
import java.io.PrintWriter;
import java.util.Collections;
import java.util.Dictionary;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.login.LoginContext;
import javax.servlet.Servlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.junit.Arquillian;
import org.jboss.arquillian.osgi.StartLevelAware;
import org.jboss.gravia.container.tomcat.extension.UserDatabaseLoginModule;
import org.jboss.gravia.resource.ManifestBuilder;
import org.jboss.gravia.runtime.Module;
import org.jboss.gravia.runtime.ModuleContext;
import org.jboss.gravia.runtime.RuntimeLocator;
import org.jboss.gravia.runtime.RuntimeType;
import org.jboss.gravia.runtime.ServiceReference;
import org.jboss.gravia.runtime.WebAppContextListener;
import org.jboss.gravia.utils.Base64Encoder;
import org.jboss.osgi.metadata.OSGiManifestBuilder;
import org.jboss.shrinkwrap.api.Archive;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.asset.Asset;
import org.jboss.shrinkwrap.api.asset.StringAsset;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.jboss.shrinkwrap.resolver.api.maven.Maven;
import org.jboss.test.gravia.itests.support.AnnotatedContextListener;
import org.jboss.test.gravia.itests.support.AnnotatedProxyListener;
import org.jboss.test.gravia.itests.support.AnnotatedProxyServlet;
import org.jboss.test.gravia.itests.support.ArchiveBuilder;
import org.jboss.test.gravia.itests.support.HttpRequest;
import org.jboss.test.gravia.itests.support.SecureHttpContext;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.osgi.service.http.HttpService;
import org.slf4j.Logger;

@RunWith(Arquillian.class)
/* loaded from: input_file:org/jboss/test/gravia/itests/HttpServiceSecureTestCase.class */
public class HttpServiceSecureTestCase {
    static StringAsset STRING_ASSET = new StringAsset("Hello from Resource");

    /* loaded from: input_file:org/jboss/test/gravia/itests/HttpServiceSecureTestCase$HttpServiceServlet.class */
    static final class HttpServiceServlet extends HttpServlet {
        private final Module module;

        HttpServiceServlet(Module module) {
            this.module = module;
        }

        protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
            PrintWriter writer = httpServletResponse.getWriter();
            String parameter = httpServletRequest.getParameter("test");
            if ("param".equals(parameter)) {
                writer.print("Hello: " + httpServletRequest.getParameter("param"));
            } else if ("init".equals(parameter)) {
                String parameter2 = httpServletRequest.getParameter("init");
                writer.print(parameter2 + "=" + getInitParameter(parameter2));
            } else {
                if (!"instance".equals(parameter)) {
                    throw new IllegalArgumentException("Invalid 'test' parameter: " + parameter);
                }
                writer.print(this.module.getIdentity());
            }
            writer.close();
        }
    }

    @StartLevelAware(autostart = true)
    @Deployment
    public static Archive<?> deployment() {
        final WebArchive create = ShrinkWrap.create(WebArchive.class, "http-service-secure.war");
        create.addClasses(new Class[]{AnnotatedProxyServlet.class, AnnotatedProxyListener.class});
        create.addClasses(new Class[]{AnnotatedContextListener.class, WebAppContextListener.class});
        create.addClasses(new Class[]{HttpRequest.class, SecureHttpContext.class, Base64Encoder.class});
        create.addClasses(new Class[]{UserDatabaseLoginModule.class});
        create.addAsResource(STRING_ASSET, "res/message.txt");
        create.addAsWebResource("OSGI-INF/blueprint/gravia-jaas-realm.xml", "OSGI-INF/blueprint/gravia-jaas-realm.xml");
        create.setManifest(new Asset() { // from class: org.jboss.test.gravia.itests.HttpServiceSecureTestCase.1
            public InputStream openStream() {
                if (ArchiveBuilder.getTargetContainer() != RuntimeType.KARAF) {
                    ManifestBuilder manifestBuilder = new ManifestBuilder();
                    manifestBuilder.addIdentityCapability("http-service-secure", "1.0.0");
                    return manifestBuilder.openStream();
                }
                OSGiManifestBuilder newInstance = OSGiManifestBuilder.newInstance();
                newInstance.addBundleManifestVersion(2);
                newInstance.addBundleSymbolicName(create.getName());
                newInstance.addBundleVersion("1.0.0");
                newInstance.addManifestHeader("Gravia-Enabled", Boolean.TRUE.toString());
                newInstance.addImportPackages(new Class[]{RuntimeLocator.class, Servlet.class, HttpServlet.class, HttpService.class});
                newInstance.addImportPackages(new Class[]{Subject.class, Callback.class, LoginContext.class});
                newInstance.addImportPackage("org.apache.karaf.jaas.config");
                newInstance.addImportPackage("org.apache.karaf.jaas.modules");
                newInstance.addImportPackage("org.apache.karaf.jaas.modules.encryption");
                newInstance.addImportPackage("org.apache.karaf.jaas.modules.properties");
                newInstance.addImportPackages(new Class[]{Logger.class});
                newInstance.addBundleClasspath("WEB-INF/classes");
                return newInstance.openStream();
            }
        });
        create.addAsLibraries(Maven.resolver().loadPomFromFile("pom.xml").resolve("org.apache.felix:org.apache.felix.http.proxy").withoutTransitivity().asFile());
        return create;
    }

    @Test
    public void testServletAccess() throws Exception {
        Module module = RuntimeLocator.getRequiredRuntime().getModule(getClass().getClassLoader());
        ModuleContext moduleContext = module.getModuleContext();
        ServiceReference serviceReference = moduleContext.getServiceReference(HttpService.class);
        HttpService httpService = (HttpService) moduleContext.getService(serviceReference);
        try {
            Map<String, String> singletonMap = Collections.singletonMap("Authorization", "Basic " + Base64Encoder.encode("graviaUser:graviaPass"));
            assertNotAvailable("/service?test=param&param=Kermit", singletonMap);
            httpService.registerServlet("/service", new HttpServiceServlet(module), (Dictionary) null, new SecureHttpContext(httpService.createDefaultHttpContext(), RuntimeType.getRuntimeType() == RuntimeType.KARAF ? "gravia" : "ApplicationRealm", "graviaRole"));
            Assert.assertEquals("Hello: Kermit", performCall("/service?test=param&param=Kermit", singletonMap));
            httpService.unregister("/service");
            assertNotAvailable("/service?test=param&param=Kermit", singletonMap);
            assertNotAvailable("/service?test=param&param=Kermit", singletonMap);
            moduleContext.ungetService(serviceReference);
        } catch (Throwable th) {
            moduleContext.ungetService(serviceReference);
            throw th;
        }
    }

    @Test
    public void testResourceAccess() throws Exception {
        ModuleContext moduleContext = RuntimeLocator.getRequiredRuntime().getModule(getClass().getClassLoader()).getModuleContext();
        ServiceReference serviceReference = moduleContext.getServiceReference(HttpService.class);
        HttpService httpService = (HttpService) moduleContext.getService(serviceReference);
        try {
            Map<String, String> singletonMap = Collections.singletonMap("Authorization", "Basic " + Base64Encoder.encode("graviaUser:graviaPass"));
            assertNotAvailable("/resource/message.txt", singletonMap);
            httpService.registerResources("/resource", "/res", new SecureHttpContext(httpService.createDefaultHttpContext(), RuntimeType.getRuntimeType() == RuntimeType.KARAF ? "gravia" : "ApplicationRealm", "graviaRole"));
            Assert.assertEquals("Hello from Resource", performCall("/resource/message.txt", singletonMap));
            httpService.unregister("/resource");
            assertNotAvailable("/resource/message.txt", singletonMap);
            moduleContext.ungetService(serviceReference);
        } catch (Throwable th) {
            moduleContext.ungetService(serviceReference);
            throw th;
        }
    }

    private void assertNotAvailable(String str, Map<String, String> map) throws Exception {
        try {
            performCall(str, map, 500L, TimeUnit.MILLISECONDS);
            Assert.fail("IOException expected");
        } catch (IOException e) {
        }
    }

    private String performCall(String str, Map<String, String> map) throws Exception {
        return performCall(str, map, 2L, TimeUnit.SECONDS);
    }

    private String performCall(String str, Map<String, String> map, long j, TimeUnit timeUnit) throws Exception {
        return HttpRequest.get("http://localhost:8080" + (RuntimeType.getRuntimeType() == RuntimeType.KARAF ? "" : "/http-service-secure") + str, map, j, timeUnit);
    }
}
