package io.vertx.mqtt.test.server;

import io.netty.handler.codec.mqtt.MqttQoS;
import io.vertx.core.http.ClientAuth;
import io.vertx.core.impl.logging.Logger;
import io.vertx.core.impl.logging.LoggerFactory;
import io.vertx.core.net.KeyCertOptions;
import io.vertx.core.net.TrustOptions;
import io.vertx.ext.unit.Async;
import io.vertx.ext.unit.TestContext;
import io.vertx.ext.unit.junit.VertxUnitRunner;
import io.vertx.mqtt.MqttEndpoint;
import io.vertx.mqtt.MqttServerOptions;
import io.vertx.test.tls.Cert;
import io.vertx.test.tls.Trust;
import java.nio.charset.Charset;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLPeerUnverifiedException;
import org.eclipse.paho.client.mqttv3.MqttClient;
import org.eclipse.paho.client.mqttv3.MqttConnectOptions;
import org.eclipse.paho.client.mqttv3.MqttException;
import org.eclipse.paho.client.mqttv3.persist.MemoryPersistence;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;

@RunWith(VertxUnitRunner.class)
/* loaded from: input_file:io/vertx/mqtt/test/server/MqttServerClientCertSslTest.class */
public class MqttServerClientCertSslTest extends MqttServerBaseTest {
    private static final Logger log = LoggerFactory.getLogger(MqttServerClientCertSslTest.class);
    private Async async;
    private static final String MQTT_TOPIC = "/my_topic";
    private static final String MQTT_MESSAGE = "Hello Vert.x MQTT Server";
    private Certificate[] receivedClientPeerCertificates = null;
    private boolean receivedClientCertificateValidated = false;
    private boolean disconnectUntrustedClient = false;
    private boolean clientConnectedWithSsl = false;

    /* renamed from: io.vertx.mqtt.test.server.MqttServerClientCertSslTest$1, reason: invalid class name */
    /* loaded from: input_file:io/vertx/mqtt/test/server/MqttServerClientCertSslTest$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$io$netty$handler$codec$mqtt$MqttQoS = new int[MqttQoS.values().length];

        static {
            try {
                $SwitchMap$io$netty$handler$codec$mqtt$MqttQoS[MqttQoS.AT_LEAST_ONCE.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$io$netty$handler$codec$mqtt$MqttQoS[MqttQoS.EXACTLY_ONCE.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$io$netty$handler$codec$mqtt$MqttQoS[MqttQoS.AT_MOST_ONCE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
        }
    }

    @Before
    public void before(TestContext testContext) {
        setUp(testContext, new MqttServerOptions().setPort(8883).setKeyCertOptions((KeyCertOptions) Cert.SERVER_PEM_ROOT_CA.get()).setTrustOptions((TrustOptions) Trust.SERVER_PEM_ROOT_CA.get()).setSsl(true).setClientAuth(ClientAuth.REQUEST));
    }

    private void resetClientInfo() {
        this.clientConnectedWithSsl = false;
        this.receivedClientCertificateValidated = false;
        this.receivedClientPeerCertificates = null;
    }

    @Test
    public void trustedClient(TestContext testContext) {
        resetClientInfo();
        this.async = testContext.async();
        try {
            MqttClient mqttClient = new MqttClient(String.format("ssl://%s:%d", "localhost", 8883), "12345", new MemoryPersistence());
            MqttConnectOptions mqttConnectOptions = new MqttConnectOptions();
            mqttConnectOptions.setSocketFactory(getSocketFactory("/tls/client-truststore-root-ca.jks", "/tls/client-keystore-root-ca.jks"));
            mqttClient.connect(mqttConnectOptions);
            mqttClient.publish(MQTT_TOPIC, MQTT_MESSAGE.getBytes(), 0, false);
            this.async.await();
            mqttClient.disconnect();
            testContext.assertTrue(this.clientConnectedWithSsl);
            testContext.assertTrue(this.receivedClientCertificateValidated);
            testContext.assertNotNull(this.receivedClientPeerCertificates);
            testContext.assertEquals(Integer.valueOf(this.receivedClientPeerCertificates.length), 2);
            testContext.assertTrue(this.receivedClientPeerCertificates[0] instanceof X509Certificate);
            testContext.assertTrue(this.receivedClientPeerCertificates[1] instanceof X509Certificate);
            X509Certificate x509Certificate = (X509Certificate) this.receivedClientPeerCertificates[0];
            X509Certificate x509Certificate2 = (X509Certificate) this.receivedClientPeerCertificates[1];
            testContext.assertEquals(x509Certificate.getSubjectX500Principal().getName(), "CN=client");
            testContext.assertEquals(x509Certificate2.getSubjectX500Principal().getName(), "CN=Root CA");
        } catch (Exception e) {
            e.printStackTrace();
            testContext.assertTrue(false);
        } catch (MqttException e2) {
            e2.printStackTrace();
            testContext.assertTrue(false);
        }
    }

    @Test
    public void untrustedClient(TestContext testContext) {
        resetClientInfo();
        this.async = testContext.async();
        try {
            MqttClient mqttClient = new MqttClient(String.format("ssl://%s:%d", "localhost", 8883), "12345", new MemoryPersistence());
            MqttConnectOptions mqttConnectOptions = new MqttConnectOptions();
            mqttConnectOptions.setSocketFactory(getSocketFactory("/tls/client-truststore-root-ca.jks", "/tls/client-keystore-other-ca.jks"));
            mqttClient.connect(mqttConnectOptions);
            mqttClient.publish(MQTT_TOPIC, MQTT_MESSAGE.getBytes(), 0, false);
            this.async.await();
            mqttClient.disconnect();
            testContext.assertTrue(this.clientConnectedWithSsl);
            testContext.assertFalse(this.receivedClientCertificateValidated);
            testContext.assertNull(this.receivedClientPeerCertificates);
        } catch (MqttException e) {
            e.printStackTrace();
            testContext.assertTrue(false);
        } catch (Exception e2) {
            e2.printStackTrace();
            testContext.assertTrue(false);
        }
    }

    @After
    public void after(TestContext testContext) {
        tearDown(testContext);
    }

    @Override // io.vertx.mqtt.test.server.MqttServerBaseTest
    protected void endpointHandler(MqttEndpoint mqttEndpoint, TestContext testContext) {
        this.clientConnectedWithSsl = mqttEndpoint.isSsl();
        try {
            this.receivedClientPeerCertificates = mqttEndpoint.sslSession().getPeerCertificates();
            this.receivedClientCertificateValidated = true;
            log.info("Trusted client connected");
        } catch (SSLPeerUnverifiedException e) {
            if (this.disconnectUntrustedClient) {
                log.info("Disconnecting untrusted client");
                mqttEndpoint.close();
                this.async.complete();
                return;
            }
            log.info("Untrusted client connected");
        }
        mqttEndpoint.publishHandler(mqttPublishMessage -> {
            log.info("Just received message on [" + mqttPublishMessage.topicName() + "] payload [" + mqttPublishMessage.payload().toString(Charset.defaultCharset()) + "] with QoS [" + mqttPublishMessage.qosLevel() + "]");
            switch (AnonymousClass1.$SwitchMap$io$netty$handler$codec$mqtt$MqttQoS[mqttPublishMessage.qosLevel().ordinal()]) {
                case 1:
                    mqttEndpoint.publishAcknowledge(mqttPublishMessage.messageId());
                    this.async.complete();
                    return;
                case 2:
                    mqttEndpoint.publishReceived(mqttPublishMessage.messageId());
                    return;
                case 3:
                    this.async.complete();
                    return;
                default:
                    return;
            }
        }).publishReleaseHandler(num -> {
            mqttEndpoint.publishComplete(num.intValue());
            this.async.complete();
        });
        mqttEndpoint.accept(false);
    }
}
