package org.wildfly.httpclient.common;

import io.undertow.Undertow;
import io.undertow.UndertowOptions;
import io.undertow.connector.ByteBufferPool;
import io.undertow.security.api.AuthenticationMode;
import io.undertow.security.handlers.AuthenticationCallHandler;
import io.undertow.security.handlers.AuthenticationConstraintHandler;
import io.undertow.security.handlers.AuthenticationMechanismsHandler;
import io.undertow.security.handlers.SecurityInitialHandler;
import io.undertow.security.idm.Account;
import io.undertow.security.idm.Credential;
import io.undertow.security.idm.DigestCredential;
import io.undertow.security.idm.IdentityManager;
import io.undertow.security.idm.PasswordCredential;
import io.undertow.security.idm.X509CertificateCredential;
import io.undertow.security.impl.BasicAuthenticationMechanism;
import io.undertow.security.impl.ClientCertAuthenticationMechanism;
import io.undertow.security.impl.DigestAuthenticationMechanism;
import io.undertow.server.DefaultByteBufferPool;
import io.undertow.server.HttpHandler;
import io.undertow.server.handlers.PathHandler;
import io.undertow.util.HexConverter;
import io.undertow.util.NetworkUtils;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.junit.runner.Description;
import org.junit.runner.Result;
import org.junit.runner.notification.RunListener;
import org.junit.runner.notification.RunNotifier;
import org.junit.runners.BlockJUnit4ClassRunner;
import org.junit.runners.model.InitializationError;
import org.wildfly.security.WildFlyElytronProvider;
import org.xnio.IoUtils;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.SslClientAuthMode;
import org.xnio.Xnio;
import org.xnio.XnioWorker;

/* loaded from: input_file:org/wildfly/httpclient/common/HTTPTestServer.class */
public class HTTPTestServer extends BlockJUnit4ClassRunner {
    public static final String WILDFLY_SERVICES = "/wildfly-services";
    public static final String INITIAL_SESSION_AFFINITY = "initial-session-affinity";
    private static final String SERVER_KEY_STORE = "server.keystore";
    private static final String SERVER_TRUST_STORE = "server.truststore";
    public static final String CLIENT_KEY_STORE = "client.keystore";
    public static final String CLIENT_TRUST_STORE = "client.truststore";
    private static Undertow undertow;
    private static XnioWorker worker;
    public static final int BUFFER_SIZE = Integer.getInteger("test.bufferSize", 24576).intValue();
    private static final PathHandler PATH_HANDLER = new PathHandler();
    private static final PathHandler SERVICES_HANDLER = new PathHandler();
    public static final char[] STORE_PASSWORD = "password".toCharArray();
    private static boolean first = true;
    private static final DefaultByteBufferPool pool = new DefaultByteBufferPool(true, BUFFER_SIZE, 1000, 10, 100);
    private static final Set<String> registeredPaths = new HashSet();
    private static final Set<String> registeredServices = new HashSet();

    /* loaded from: input_file:org/wildfly/httpclient/common/HTTPTestServer$TestAccount.class */
    private static class TestAccount implements Account {
        private TestAccount() {
        }

        public Principal getPrincipal() {
            return () -> {
                return "administrator";
            };
        }

        public Set<String> getRoles() {
            return Collections.emptySet();
        }
    }

    public static String getDefaultServerURL() {
        return getDefaultRootServerURL() + WILDFLY_SERVICES;
    }

    public static String getDefaultRootServerURL() {
        return "http://" + NetworkUtils.formatPossibleIpv6Address(getHostAddress()) + ":" + getHostPort();
    }

    public static String getDefaultSSLRootServerURL() {
        return "https://" + NetworkUtils.formatPossibleIpv6Address(getHostAddress()) + ":" + getSSLHostPort();
    }

    public static String getDefaultSSLServerURL() {
        return getDefaultSSLRootServerURL() + WILDFLY_SERVICES;
    }

    public HTTPTestServer(Class<?> cls) throws InitializationError {
        super(cls);
    }

    public static ByteBufferPool getBufferPool() {
        return pool;
    }

    public Description getDescription() {
        return super.getDescription();
    }

    public void run(RunNotifier runNotifier) {
        runInternal(runNotifier);
        runNotifier.addListener(new RunListener() { // from class: org.wildfly.httpclient.common.HTTPTestServer.1
            public void testFinished(Description description) throws Exception {
                Iterator it = HTTPTestServer.registeredPaths.iterator();
                while (it.hasNext()) {
                    HTTPTestServer.PATH_HANDLER.removePrefixPath((String) it.next());
                }
                HTTPTestServer.registeredPaths.clear();
                Iterator it2 = HTTPTestServer.registeredServices.iterator();
                while (it2.hasNext()) {
                    HTTPTestServer.SERVICES_HANDLER.removePrefixPath((String) it2.next());
                }
                HTTPTestServer.registeredServices.clear();
            }
        });
        super.run(runNotifier);
    }

    public static void registerPathHandler(String str, HttpHandler httpHandler) {
        PATH_HANDLER.addPrefixPath(str, httpHandler);
        registeredPaths.add(str);
    }

    public static void registerServicesHandler(String str, HttpHandler httpHandler) {
        SERVICES_HANDLER.addPrefixPath(str, httpHandler);
        registeredServices.add(str);
    }

    public static XnioWorker getWorker() {
        return worker;
    }

    private void runInternal(RunNotifier runNotifier) {
        try {
            if (first) {
                first = false;
                Xnio xnio = Xnio.getInstance("nio");
                PATH_HANDLER.addPrefixPath(WILDFLY_SERVICES, SERVICES_HANDLER);
                worker = xnio.createWorker(OptionMap.create(Options.WORKER_TASK_CORE_THREADS, 20, Options.WORKER_IO_THREADS, 10));
                registerPaths(SERVICES_HANDLER);
                undertow = Undertow.builder().addHttpListener(getHostPort(), getHostAddress()).addHttpsListener(getSSLHostPort(), getHostAddress(), createServerSslContext()).setServerOption(UndertowOptions.REQUIRE_HOST_HTTP11, true).setServerOption(UndertowOptions.NO_REQUEST_TIMEOUT, 1000).setSocketOption(Options.SSL_CLIENT_AUTH_MODE, SslClientAuthMode.REQUIRED).setHandler(new SecurityInitialHandler(AuthenticationMode.PRO_ACTIVE, new IdentityManager() { // from class: org.wildfly.httpclient.common.HTTPTestServer.2
                    public Account verify(Account account) {
                        return null;
                    }

                    public Account verify(String str, Credential credential) {
                        if (credential instanceof PasswordCredential) {
                            if (str.equals("administrator") && Arrays.equals(((PasswordCredential) credential).getPassword(), "password1!".toCharArray())) {
                                return new TestAccount();
                            }
                            return null;
                        }
                        if (!(credential instanceof DigestCredential)) {
                            return null;
                        }
                        DigestCredential digestCredential = (DigestCredential) credential;
                        MessageDigest messageDigest = null;
                        try {
                            try {
                                messageDigest = digestCredential.getAlgorithm().getMessageDigest();
                                messageDigest.update(str.getBytes(StandardCharsets.UTF_8));
                                messageDigest.update((byte) 58);
                                messageDigest.update(digestCredential.getRealm().getBytes(StandardCharsets.UTF_8));
                                messageDigest.update((byte) 58);
                                messageDigest.update(new String("password1!".toCharArray()).getBytes(StandardCharsets.UTF_8));
                                if (!digestCredential.verifyHA1(HexConverter.convertToHexBytes(messageDigest.digest()))) {
                                    messageDigest.reset();
                                    return null;
                                }
                                TestAccount testAccount = new TestAccount();
                                messageDigest.reset();
                                return testAccount;
                            } catch (NoSuchAlgorithmException e) {
                                throw new IllegalStateException("Unsupported Algorithm", e);
                            }
                        } catch (Throwable th) {
                            messageDigest.reset();
                            throw th;
                        }
                    }

                    public Account verify(Credential credential) {
                        final X509CertificateCredential x509CertificateCredential = (X509CertificateCredential) credential;
                        return new Account() { // from class: org.wildfly.httpclient.common.HTTPTestServer.2.1
                            public Principal getPrincipal() {
                                return x509CertificateCredential.getCertificate().getSubjectX500Principal();
                            }

                            public Set<String> getRoles() {
                                return Collections.emptySet();
                            }
                        };
                    }
                }, new AuthenticationConstraintHandler(new AuthenticationMechanismsHandler(new AuthenticationCallHandler(PATH_HANDLER), Arrays.asList(new BasicAuthenticationMechanism("myRealm", "BASIC", true), new DigestAuthenticationMechanism("test", "localhost", "DIGEST"), new ClientCertAuthenticationMechanism(true)))))).build();
                undertow.start();
                runNotifier.addListener(new RunListener() { // from class: org.wildfly.httpclient.common.HTTPTestServer.3
                    public void testRunFinished(Result result) throws Exception {
                        HTTPTestServer.undertow.stop();
                    }
                });
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private SSLContext createServerSslContext() {
        return createSSLContext(loadKeyStore(SERVER_KEY_STORE), loadKeyStore(SERVER_TRUST_STORE));
    }

    private static SSLContext createSSLContext(KeyStore keyStore, KeyStore keyStore2) {
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, STORE_PASSWORD);
            KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
            try {
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                trustManagerFactory.init(keyStore2);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                try {
                    SSLContext sSLContext = SSLContext.getInstance("TLS");
                    sSLContext.init(keyManagers, trustManagers, null);
                    return sSLContext;
                } catch (KeyManagementException | NoSuchAlgorithmException e) {
                    throw new RuntimeException("Unable to create and initialise the SSLContext", e);
                }
            } catch (KeyStoreException | NoSuchAlgorithmException e2) {
                throw new RuntimeException("Unable to initialise TrustManager[]", e2);
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e3) {
            throw new RuntimeException("Unable to initialise KeyManager[]", e3);
        }
    }

    public static KeyStore loadKeyStore(String str) {
        InputStream resourceAsStream = HTTPTestServer.class.getClassLoader().getResourceAsStream(str);
        try {
            if (resourceAsStream == null) {
                throw new RuntimeException("Could not load keystore");
            }
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(resourceAsStream, STORE_PASSWORD);
                IoUtils.safeClose(resourceAsStream);
                return keyStore;
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                throw new RuntimeException(String.format("Unable to load KeyStore %s", str), e);
            }
        } catch (Throwable th) {
            IoUtils.safeClose(resourceAsStream);
            throw th;
        }
    }

    protected void registerPaths(PathHandler pathHandler) {
    }

    public static String getHostAddress() {
        return System.getProperty("server.address", "localhost");
    }

    public static int getHostPort() {
        return Integer.getInteger("server.port", 7788).intValue();
    }

    public static int getSSLHostPort() {
        return getHostPort() + 1;
    }

    static {
        Security.addProvider(new WildFlyElytronProvider());
    }
}
