package org.wildfly.camel.test.cxf;

import java.io.File;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.arquillian.container.test.api.RunAsClient;
import org.jboss.arquillian.junit.Arquillian;
import org.jboss.as.arquillian.api.ServerSetup;
import org.jboss.as.arquillian.api.ServerSetupTask;
import org.jboss.as.arquillian.container.ManagementClient;
import org.jboss.dmr.ModelNode;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.wildfly.camel.test.common.ServerReload;
import org.wildfly.camel.test.common.UserManager;
import org.wildfly.camel.test.common.http.HttpRequest;
import org.wildfly.camel.test.common.utils.DMRUtils;

@RunAsClient
@ServerSetup({ServerSecuritySetup.class})
@RunWith(Arquillian.class)
/* loaded from: input_file:org/wildfly/camel/test/cxf/CxfWsCdiSecureExampleTest.class */
public class CxfWsCdiSecureExampleTest {
    private static final String HTTPS_HOST = "https://localhost:8443";
    private static final String ENDPOINT_ADDRESS = "http://localhost:8080/example-camel-cxf-jaxws-cdi-secure/cxf/";

    /* loaded from: input_file:org/wildfly/camel/test/cxf/CxfWsCdiSecureExampleTest$ServerSecuritySetup.class */
    static class ServerSecuritySetup implements ServerSetupTask {
        private static final String APPLICATION_USER = "CN=localhost";
        private static final String APPLICATION_PASSWORD = "testPassword1+";
        private static final String APPLICATION_ROLE = "testRole";
        private static final String TRUSTSTORE_PASSWORD = "password";
        private static final String TRUSTSTORE_PATH = "${jboss.home.dir}/standalone/configuration/application.keystore";
        private static final String ADDRESS_SYSTEM_PROPERTY_TRUST_STORE_PASSWORD = "system-property=javax.net.ssl.trustStorePassword";
        private static final String ADDRESS_SYSTEM_PROPERTY_TRUST_STORE = "system-property=javax.net.ssl.trustStore";
        private static final String ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CERTIFICATE_TRUST_DOMAIN = "subsystem=security/security-domain=certificate-trust-domain";
        private static final String ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CERTIFICATE_TRUST_DOMAIN_JSSE_CLASSIC = "subsystem=security/security-domain=certificate-trust-domain/jsse=classic";
        private static final String ADDRESS_ATTRIBUTE_TRUSTSTORE = "truststore";
        private static final String ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CLIENT_CERT = "subsystem=security/security-domain=client-cert";
        private static final String ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CLIENT_CERT_AUTH_CLASSIC = "subsystem=security/security-domain=client-cert/authentication=classic";
        private static final String ADDRESS_SUBSYSTEM_UNDERTOW_HTTPS_LISTENER = "subsystem=undertow/server=default-server/https-listener=https";

        ServerSecuritySetup() {
        }

        public void setup(ManagementClient managementClient, String str) throws Exception {
            HttpRequest.post(CxfWsCdiSecureExampleTest.HTTPS_HOST).getResponse();
            UserManager.addApplicationUser(APPLICATION_USER, APPLICATION_PASSWORD);
            UserManager.addRoleToApplicationUser(APPLICATION_USER, APPLICATION_ROLE);
            r0[0].get("value").set(TRUSTSTORE_PATH);
            r0[1].get("value").set(TRUSTSTORE_PASSWORD);
            r0[4].get("name").set(ADDRESS_ATTRIBUTE_TRUSTSTORE);
            r0[4].get("value").get(TRUSTSTORE_PASSWORD).set(TRUSTSTORE_PASSWORD);
            r0[4].get("value").get("url").set(TRUSTSTORE_PATH);
            r0[6].get("login-modules").get(0).get("code").set("CertificateRoles");
            r0[6].get("login-modules").get(0).get("flag").set("required");
            r0[6].get("login-modules").get(0).get(new String[]{"module-options", "securityDomain"}).set("certificate-trust-domain");
            r0[6].get("login-modules").get(0).get(new String[]{"module-options", "verifier"}).set("org.jboss.security.auth.certs.AnyCertVerifier");
            r0[6].get("login-modules").get(0).get(new String[]{"module-options", "rolesProperties"}).set("${jboss.home.dir}/standalone/configuration/application-roles.properties");
            ModelNode[] modelNodeArr = {DMRUtils.createOpNode(ADDRESS_SYSTEM_PROPERTY_TRUST_STORE, "add"), DMRUtils.createOpNode(ADDRESS_SYSTEM_PROPERTY_TRUST_STORE_PASSWORD, "add"), DMRUtils.createOpNode(ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CERTIFICATE_TRUST_DOMAIN, "add"), DMRUtils.createOpNode(ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CERTIFICATE_TRUST_DOMAIN_JSSE_CLASSIC, "add"), DMRUtils.createOpNode(ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CERTIFICATE_TRUST_DOMAIN_JSSE_CLASSIC, "write-attribute"), DMRUtils.createOpNode(ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CLIENT_CERT, "add"), DMRUtils.createOpNode(ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CLIENT_CERT_AUTH_CLASSIC, "add"), DMRUtils.createOpNode(ADDRESS_SUBSYSTEM_UNDERTOW_HTTPS_LISTENER, "write-attribute")};
            modelNodeArr[7].get("name").set("verify-client");
            modelNodeArr[7].get("value").set("REQUESTED");
            managementClient.getControllerClient().execute(DMRUtils.createCompositeNode(modelNodeArr));
            reload(managementClient);
        }

        public void tearDown(ManagementClient managementClient, String str) throws Exception {
            r0[0].get("name").set("verify-client");
            ModelNode[] modelNodeArr = {DMRUtils.createOpNode(ADDRESS_SUBSYSTEM_UNDERTOW_HTTPS_LISTENER, "undefine-attribute"), DMRUtils.createOpNode(ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CLIENT_CERT, "remove"), DMRUtils.createOpNode(ADDRESS_SUBSYSTEM_SECURITY_SECURITY_DOMAIN_CERTIFICATE_TRUST_DOMAIN, "remove"), DMRUtils.createOpNode(ADDRESS_SYSTEM_PROPERTY_TRUST_STORE, "remove"), DMRUtils.createOpNode(ADDRESS_SYSTEM_PROPERTY_TRUST_STORE_PASSWORD, "remove")};
            managementClient.getControllerClient().execute(DMRUtils.createCompositeNode(modelNodeArr));
            UserManager.removeApplicationUser(APPLICATION_USER);
            UserManager.revokeRoleFromApplicationUser(APPLICATION_USER, APPLICATION_ROLE);
        }

        public void reload(ManagementClient managementClient) throws Exception {
            ServerReload.executeReloadAndWaitForCompletion(managementClient.getControllerClient(), 60000);
        }
    }

    @Deployment
    public static WebArchive createDeployment() {
        return ShrinkWrap.createFromZipFile(WebArchive.class, new File("target/examples/example-camel-cxf-jaxws-cdi-secure.war"));
    }

    @Test
    public void testSecureCxfSoapRoute() throws Exception {
        Assert.assertTrue(HttpRequest.post(ENDPOINT_ADDRESS).header("Content-Type", "application/x-www-form-urlencoded").content("message=Hello&name=Kermit").getResponse().getBody().contains("Hello Kermit"));
    }
}
