package org.eclipse.microprofile.rest.client.tck.ssl;

import java.security.KeyStore;
import javax.inject.Inject;
import javax.ws.rs.ProcessingException;
import org.eclipse.microprofile.rest.client.RestClientBuilder;
import org.eclipse.microprofile.rest.client.inject.RestClient;
import org.eclipse.microprofile.rest.client.tck.interfaces.JsonPClient;
import org.eclipse.microprofile.rest.client.tck.interfaces.ssl.ClientWithKeystoreAndTruststore;
import org.eclipse.microprofile.rest.client.tck.interfaces.ssl.ClientWithKeystoreFromClasspathAndTruststore;
import org.eclipse.microprofile.rest.client.tck.interfaces.ssl.ClientWithNonMatchingStore;
import org.eclipse.microprofile.rest.client.tck.interfaces.ssl.ClientWithTruststore;
import org.eclipse.microprofile.rest.client.tck.utils.ConfigUtil;
import org.jboss.arquillian.container.test.api.Deployment;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.asset.ClassLoaderAsset;
import org.jboss.shrinkwrap.api.asset.EmptyAsset;
import org.jboss.shrinkwrap.api.asset.StringAsset;
import org.jboss.shrinkwrap.api.spec.WebArchive;
import org.junit.Assert;
import org.testng.annotations.Test;

/* loaded from: input_file:org/eclipse/microprofile/rest/client/tck/ssl/SslMutualTest.class */
public class SslMutualTest extends AbstractSslTest {

    @Inject
    @RestClient
    private JsonPClient clientWithNoSslStores;

    @Inject
    @RestClient
    private ClientWithTruststore clientWithTruststore;

    @Inject
    @RestClient
    private ClientWithKeystoreAndTruststore clientWithMutualSsl;

    @Inject
    @RestClient
    private ClientWithNonMatchingStore clientWithNonMatchingKeyStore;

    @Inject
    @RestClient
    private ClientWithKeystoreFromClasspathAndTruststore clientWithKeystoreFromClasspathAndTruststore;

    @Deployment
    public static WebArchive createDeployment() {
        WebArchive create = ShrinkWrap.create(WebArchive.class, SslMutualTest.class.getSimpleName() + ".war");
        initializeTest(create, httpsServer -> {
            httpsServer.keyStore(serverKeystore.getAbsolutePath(), "password").trustStore(serverTruststore.getAbsolutePath(), "password");
        });
        create.addClasses(new Class[]{JsonPClient.class, ClientWithTruststore.class, ClientWithNonMatchingStore.class, ClientWithKeystoreAndTruststore.class, ClientWithKeystoreFromClasspathAndTruststore.class, HttpsServer.class, AbstractSslTest.class}).addAsWebInfResource(new StringAsset(ConfigUtil.configLine(JsonPClient.class, "uri", BASE_URI_STRING) + ConfigUtil.configLine(ClientWithTruststore.class, "trustStore", filePath(clientTruststore)) + ConfigUtil.configLine(ClientWithTruststore.class, "trustStoreType", "pkcs12") + ConfigUtil.configLine(ClientWithTruststore.class, "trustStorePassword", "password") + ConfigUtil.configLine(ClientWithTruststore.class, "uri", BASE_URI_STRING) + ConfigUtil.configLine(ClientWithKeystoreAndTruststore.class, "trustStore", filePath(clientTruststore)) + ConfigUtil.configLine(ClientWithKeystoreAndTruststore.class, "trustStoreType", "pkcs12") + ConfigUtil.configLine(ClientWithKeystoreAndTruststore.class, "trustStorePassword", "password") + ConfigUtil.configLine(ClientWithKeystoreAndTruststore.class, "keyStore", filePath(clientKeystore)) + ConfigUtil.configLine(ClientWithKeystoreAndTruststore.class, "keyStoreType", "pkcs12") + ConfigUtil.configLine(ClientWithKeystoreAndTruststore.class, "keyStorePassword", "password") + ConfigUtil.configLine(ClientWithKeystoreAndTruststore.class, "uri", BASE_URI_STRING) + ConfigUtil.configLine(ClientWithKeystoreFromClasspathAndTruststore.class, "trustStore", filePath(clientTruststore)) + ConfigUtil.configLine(ClientWithKeystoreFromClasspathAndTruststore.class, "trustStorePassword", "password") + ConfigUtil.configLine(ClientWithKeystoreFromClasspathAndTruststore.class, "trustStoreType", "pkcs12") + ConfigUtil.configLine(ClientWithKeystoreFromClasspathAndTruststore.class, "keyStore", "classpath:/META-INF/" + clientKeystoreFromClasspath) + ConfigUtil.configLine(ClientWithKeystoreFromClasspathAndTruststore.class, "keyStoreType", "pkcs12") + ConfigUtil.configLine(ClientWithKeystoreFromClasspathAndTruststore.class, "keyStorePassword", "password") + ConfigUtil.configLine(ClientWithKeystoreFromClasspathAndTruststore.class, "uri", BASE_URI_STRING) + ConfigUtil.configLine(ClientWithNonMatchingStore.class, "trustStore", filePath(clientTruststore)) + ConfigUtil.configLine(ClientWithNonMatchingStore.class, "trustStoreType", "pkcs12") + ConfigUtil.configLine(ClientWithNonMatchingStore.class, "trustStorePassword", "password") + ConfigUtil.configLine(ClientWithNonMatchingStore.class, "keyStore", filePath(serverKeystore)) + ConfigUtil.configLine(ClientWithNonMatchingStore.class, "keyStoreType", "pkcs12") + ConfigUtil.configLine(ClientWithNonMatchingStore.class, "keyStorePassword", "password") + ConfigUtil.configLine(ClientWithNonMatchingStore.class, "uri", BASE_URI_STRING)), "classes/META-INF/microprofile-config.properties").addAsWebInfResource(new ClassLoaderAsset("ssl/" + clientKeystoreFromClasspath), "classes/META-INF/" + clientKeystoreFromClasspath).addAsWebInfResource(EmptyAsset.INSTANCE, "beans.xml");
        return create;
    }

    @Test(expectedExceptions = {ProcessingException.class})
    public void shouldFailWithNoClientSignature() throws Exception {
        ((JsonPClient) RestClientBuilder.newBuilder().baseUri(BASE_URI).trustStore(getKeyStore(clientTruststore)).build(JsonPClient.class)).get("1");
    }

    @Test
    public void shouldWorkWithClientSignature() throws Exception {
        KeyStore keyStore = getKeyStore(clientTruststore);
        Assert.assertEquals("bar", ((JsonPClient) RestClientBuilder.newBuilder().baseUri(BASE_URI).trustStore(keyStore).keyStore(getKeyStore(clientKeystore), "password").build(JsonPClient.class)).get("1").getString("foo"));
    }

    @Test(expectedExceptions = {ProcessingException.class})
    public void shouldFailWithInvalidClientSignature() throws Exception {
        KeyStore keyStore = getKeyStore(clientTruststore);
        ((JsonPClient) RestClientBuilder.newBuilder().baseUri(BASE_URI).trustStore(keyStore).keyStore(getKeyStore(serverKeystore), "password").build(JsonPClient.class)).get("1");
    }

    @Test(expectedExceptions = {ProcessingException.class})
    public void shouldFailWithNoClientSignatureCDI() {
        this.clientWithNoSslStores.get("1");
    }

    @Test
    public void shouldWorkWithClientSignatureCDI() {
        Assert.assertEquals("bar", this.clientWithMutualSsl.get("1").getString("foo"));
    }

    @Test
    public void shouldWorkWithClientSignatureFromClasspathCDI() {
        Assert.assertEquals("bar", this.clientWithKeystoreFromClasspathAndTruststore.get("1").getString("foo"));
    }

    @Test(expectedExceptions = {ProcessingException.class})
    public void shouldFailWithInvalidClientSignatureCDI() {
        this.clientWithNonMatchingKeyStore.get("1");
    }
}
