package org.jboss.as.test.integration.security.common;

import java.io.File;
import org.jboss.as.arquillian.api.ServerSetupTask;
import org.jboss.as.arquillian.container.ManagementClient;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.PathElement;
import org.jboss.as.controller.client.OperationBuilder;
import org.jboss.as.controller.operations.common.Util;
import org.jboss.as.security.vault.VaultSession;
import org.jboss.dmr.ModelNode;
import org.jboss.logging.Logger;

/* loaded from: input_file:org/jboss/as/test/integration/security/common/BasicVaultServerSetupTask.class */
public class BasicVaultServerSetupTask implements ServerSetupTask {
    private ModelNode originalVault;
    private VaultSession nonInteractiveSession;
    public static final String ATTRIBUTE_NAME = "someAttributeName";
    public static final String VAULT_BLOCK = "someVaultBlock";
    public static final String VAULT_ATTRIBUTE = "secretValue";
    public static final String VAULTED_PROPERTY = "${VAULT::someVaultBlock::someAttributeName::1}";
    public static final String VAULT_PASSWORD = "VaultPassword";
    public static final String VAULT_ALIAS = "VaultAlias";
    static final String KEY_STORE_FILE = "myVault.keystore";
    static final String RESOURCE_LOCATION = "";
    private VaultHandler vaultHandler;
    private String externalVaultPassword = null;
    private static Logger LOGGER = Logger.getLogger(BasicVaultServerSetupTask.class);
    static final PathAddress VAULT_PATH = PathAddress.pathAddress(new PathElement[0]).append("core-service", "vault");

    public void setup(ManagementClient managementClient, String str) throws Exception {
        VaultHandler.cleanFilesystem(RESOURCE_LOCATION, false, KEY_STORE_FILE);
        this.vaultHandler = new VaultHandler(KEY_STORE_FILE, VAULT_PASSWORD, null, RESOURCE_LOCATION, 128, VAULT_ALIAS, "87654321", 20);
        new ModelNode();
        LOGGER.trace("Saving original vault setting");
        this.originalVault = managementClient.getControllerClient().execute(new OperationBuilder(Util.getReadAttributeOperation(VAULT_PATH, "vault-options")).build()).get("result");
        if (this.originalVault.get("KEYSTORE_URL") != null && this.originalVault.hasDefined("KEYSTORE_URL")) {
            CoreUtils.applyUpdate(Util.createRemoveOperation(VAULT_PATH), managementClient.getControllerClient());
        }
        LOGGER.trace("Creating new vault");
        String keyStore = this.vaultHandler.getKeyStore();
        String absolutePath = new File(RESOURCE_LOCATION).getAbsolutePath();
        this.nonInteractiveSession = new VaultSession(keyStore, VAULT_PASSWORD, absolutePath, "87654321", 20);
        this.nonInteractiveSession.startVaultSession(VAULT_ALIAS);
        LOGGER.trace("Inserting attribute secretValue to vault");
        this.nonInteractiveSession.addSecuredAttribute(VAULT_BLOCK, ATTRIBUTE_NAME, VAULT_ATTRIBUTE.toCharArray());
        ModelNode createAddOperation = Util.createAddOperation(VAULT_PATH);
        ModelNode modelNode = createAddOperation.get("vault-options");
        modelNode.get("KEYSTORE_URL").set(keyStore);
        if (this.externalVaultPassword != null) {
            modelNode.get("KEYSTORE_PASSWORD").set(this.externalVaultPassword);
        } else {
            modelNode.get("KEYSTORE_PASSWORD").set(this.nonInteractiveSession.getKeystoreMaskedPassword());
        }
        modelNode.get("KEYSTORE_ALIAS").set(VAULT_ALIAS);
        modelNode.get("SALT").set("87654321");
        modelNode.get("ITERATION_COUNT").set(Integer.toString(20));
        modelNode.get("ENC_FILE_DIR").set(absolutePath);
        CoreUtils.applyUpdate(createAddOperation, managementClient.getControllerClient());
        LOGGER.debug("Vault created in server configuration");
    }

    public void tearDown(ManagementClient managementClient, String str) throws Exception {
        CoreUtils.applyUpdate(Util.createRemoveOperation(VAULT_PATH), managementClient.getControllerClient());
        if (this.originalVault.get("KEYSTORE_URL") != null && this.originalVault.hasDefined("KEYSTORE_URL")) {
            ModelNode createAddOperation = Util.createAddOperation(VAULT_PATH);
            ModelNode modelNode = createAddOperation.get("vault-options");
            for (String str2 : this.originalVault.keys()) {
                modelNode.get(str2).set(this.originalVault.get(str2));
            }
            CoreUtils.applyUpdate(createAddOperation, managementClient.getControllerClient());
        }
        this.vaultHandler.cleanUp();
    }

    protected void setExternalVaultPassword(String str) {
        this.externalVaultPassword = str;
    }
}
