package org.infinispan.server.security.authentication;

import java.net.InetSocketAddress;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import org.infinispan.client.rest.RestClient;
import org.infinispan.client.rest.RestResponse;
import org.infinispan.client.rest.configuration.Protocol;
import org.infinispan.client.rest.configuration.RestClientConfigurationBuilder;
import org.infinispan.commons.test.Exceptions;
import org.infinispan.commons.util.Util;
import org.infinispan.server.test.core.Common;
import org.infinispan.server.test.core.category.Security;
import org.infinispan.server.test.junit4.InfinispanServerRule;
import org.infinispan.server.test.junit4.InfinispanServerTestMethodRule;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.wildfly.security.mechanism._private.ElytronMessages;
import org.wildfly.security.mechanism.digest.DigestUtil;

@RunWith(Parameterized.class)
@Category({Security.class})
/* loaded from: input_file:org/infinispan/server/security/authentication/RestAuthentication.class */
public class RestAuthentication {

    @ClassRule
    public static InfinispanServerRule SERVERS = AuthenticationIT.SERVERS;

    @Rule
    public InfinispanServerTestMethodRule SERVER_TEST = new InfinispanServerTestMethodRule(SERVERS);
    private final Protocol protocol;
    private final String mechanism;

    @Parameterized.Parameters(name = "{1}({0})")
    public static Collection<Object[]> data() {
        ArrayList arrayList = new ArrayList(Common.HTTP_MECHS.size() * Common.HTTP_PROTOCOLS.size());
        for (Protocol protocol : Common.HTTP_PROTOCOLS) {
            Iterator<Object[]> it = Common.HTTP_MECHS.iterator();
            while (it.hasNext()) {
                arrayList.add(new Object[]{protocol, it.next()[0]});
            }
        }
        return arrayList;
    }

    public RestAuthentication(Protocol protocol, String str) {
        this.protocol = protocol;
        this.mechanism = str;
    }

    @Test
    public void testStaticResourcesAnonymously() {
        InetSocketAddress serverSocket = SERVERS.getServerDriver().getServerSocket(0, 11222);
        new RestClientConfigurationBuilder().followRedirects(false).addServer().host(serverSocket.getHostName()).port(serverSocket.getPort());
        Assert.assertEquals(307L, ((RestResponse) Common.sync(RestClient.forConfiguration(r0.build()).raw().get("/"))).getStatus());
    }

    @Test
    public void testMalformedDigestHeader() throws Exception {
        Assume.assumeTrue(this.mechanism.startsWith("DIGEST"));
        InetSocketAddress serverSocket = SERVERS.getServerDriver().getServerSocket(0, 11222);
        RestClientConfigurationBuilder followRedirects = new RestClientConfigurationBuilder().followRedirects(false);
        followRedirects.addServer().host(serverSocket.getHostName()).port(serverSocket.getPort());
        RestResponse restResponse = (RestResponse) Common.sync(RestClient.forConfiguration(followRedirects.build()).raw().get("/rest/v2/caches"));
        Assert.assertEquals(401L, restResponse.getStatus());
        HashMap parseResponse = DigestUtil.parseResponse(((String) ((List) restResponse.headers().get("Www-Authenticate")).stream().filter(str -> {
            return str.startsWith("Digest");
        }).findFirst().get()).substring(7).getBytes(StandardCharsets.UTF_8), StandardCharsets.UTF_8, false, ElytronMessages.httpDigest);
        String str2 = new String((byte[]) parseResponse.get("realm"), StandardCharsets.UTF_8);
        String str3 = new String((byte[]) parseResponse.get("nonce"), StandardCharsets.UTF_8);
        String str4 = new String((byte[]) parseResponse.get("opaque"), StandardCharsets.UTF_8);
        String str5 = new String((byte[]) parseResponse.get("algorithm"), StandardCharsets.UTF_8);
        String name = StandardCharsets.ISO_8859_1.name();
        MessageDigest messageDigest = MessageDigest.getInstance(str5);
        Assert.assertEquals(400L, ((RestResponse) Common.sync(r0.raw().get("/rest/v2/caches", Collections.singletonMap("Authorization", String.format("Digest username=\"%s\", realm=\"%s\", nonce=\"%s\", uri=\"%s\", response=\"%s\", qop=auth, nc=%s, cnonce=%s, algorithm=%s, opaque=\"%s\"", "h4ck0rz", str2, str3, "/backdoor", Util.toHexString(messageDigest.digest((Util.toHexString(messageDigest.digest(("h4ck0rz:" + str2 + ":letmein").getBytes(name))) + ':' + str3 + ":00000001:00000000:auth:" + Util.toHexString(messageDigest.digest("GET:/backdoor".getBytes(name)))).getBytes(StandardCharsets.US_ASCII.toString()))), "00000001", "00000000", str5, str4))))).getStatus());
    }

    @Test
    public void testRestReadWrite() {
        RestClientConfigurationBuilder restClientConfigurationBuilder = new RestClientConfigurationBuilder();
        if (!this.mechanism.isEmpty()) {
            restClientConfigurationBuilder.protocol(this.protocol).security().authentication().mechanism(this.mechanism).realm("default").username("all_user").password("all");
        }
        if (this.mechanism.isEmpty()) {
            Exceptions.expectException(SecurityException.class, () -> {
                this.SERVER_TEST.rest().withClientConfiguration(restClientConfigurationBuilder).create();
            });
            return;
        }
        RestClient create = this.SERVER_TEST.rest().withClientConfiguration(restClientConfigurationBuilder).create();
        RestResponse restResponse = (RestResponse) Common.sync(create.cache(this.SERVER_TEST.getMethodName()).post("k1", "v1"));
        Assert.assertEquals(204L, restResponse.getStatus());
        Assert.assertEquals(this.protocol, restResponse.getProtocol());
        RestResponse restResponse2 = (RestResponse) Common.sync(create.cache(this.SERVER_TEST.getMethodName()).get("k1"));
        Assert.assertEquals(200L, restResponse2.getStatus());
        Assert.assertEquals(this.protocol, restResponse2.getProtocol());
        Assert.assertEquals("v1", restResponse2.getBody());
    }
}
