package io.vertx.config.vault.client;

import io.vertx.config.vault.utils.VaultProcess;
import io.vertx.core.AsyncResult;
import io.vertx.core.Handler;
import io.vertx.core.Vertx;
import io.vertx.core.json.JsonObject;
import io.vertx.core.net.JksOptions;
import io.vertx.core.net.PemKeyCertOptions;
import io.vertx.core.net.PemTrustOptions;
import io.vertx.ext.unit.Async;
import io.vertx.ext.unit.TestContext;
import io.vertx.ext.unit.junit.VertxUnitRunner;
import java.io.IOException;
import java.util.UUID;
import org.junit.After;
import org.junit.AfterClass;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;

@RunWith(VertxUnitRunner.class)
/* loaded from: input_file:io/vertx/config/vault/client/VaultClientWithCertTest.class */
public class VaultClientWithCertTest {
    private static VaultProcess process;
    private Vertx vertx;
    private SlimVaultClient client;
    static final /* synthetic */ boolean $assertionsDisabled;

    @BeforeClass
    public static void setupClass() throws IOException, InterruptedException {
        process = new VaultProcess();
        process.initAndUnsealVault();
        process.setupBackendCert();
        if (!$assertionsDisabled && !process.isRunning()) {
            throw new AssertionError();
        }
    }

    @AfterClass
    public static void tearDownClass() {
        process.shutdown();
    }

    public static Handler<AsyncResult<Auth>> getLoginTestHandler(SlimVaultClient slimVaultClient, TestContext testContext) {
        Async async = testContext.async();
        String str = "secret/app/hello-" + UUID.randomUUID().toString();
        String str2 = "world " + UUID.randomUUID().toString();
        return asyncResult -> {
            testContext.assertTrue(asyncResult.succeeded());
            String token = ((Auth) asyncResult.result()).getToken();
            testContext.assertNotNull(token);
            slimVaultClient.setToken(token);
            slimVaultClient.write(str, new JsonObject().put("value", str2), asyncResult -> {
                if (asyncResult.failed()) {
                    asyncResult.cause().printStackTrace();
                }
                testContext.assertTrue(asyncResult.succeeded());
                slimVaultClient.read(str, asyncResult -> {
                    testContext.assertTrue(asyncResult.succeeded());
                    testContext.assertEquals(str2, ((Secret) asyncResult.result()).getData().getString("value"));
                    async.complete();
                });
            });
        };
    }

    @Before
    public void setup() {
        this.vertx = Vertx.vertx();
        this.client = new SlimVaultClient(this.vertx, process.getConfigurationWithRootToken());
    }

    @After
    public void tearDown(TestContext testContext) {
        this.vertx.close(testContext.asyncAssertSuccess());
    }

    @Test
    public void testLoginByCert_usingPemConfig(TestContext testContext) throws VaultException {
        JsonObject jsonObject = new JsonObject();
        jsonObject.put("host", process.getHost());
        jsonObject.put("port", Integer.valueOf(process.getPort()));
        jsonObject.put("ssl", true);
        jsonObject.put("pemKeyCertOptions", new PemKeyCertOptions().addCertPath("target/vault/config/ssl/client-cert.pem").addKeyPath("target/vault/config/ssl/client-privatekey.pem").toJson());
        jsonObject.put("pemTrustStoreOptions", new PemTrustOptions().addCertPath("target/vault/config/ssl/cert.pem").toJson());
        jsonObject.put("trustStoreOptions", new JksOptions().setPath("target/vault/config/ssl/truststore.jks").toJson());
        this.client = new SlimVaultClient(this.vertx, jsonObject);
        checkWeCanLoginAndAccessRestrictedSecrets(testContext);
    }

    @Test
    public void testLoginByCert_usingJKSConfig(TestContext testContext) throws VaultException {
        JsonObject jsonObject = new JsonObject();
        jsonObject.put("host", process.getHost());
        jsonObject.put("port", Integer.valueOf(process.getPort()));
        jsonObject.put("ssl", true);
        JksOptions jksOptions = new JksOptions();
        jksOptions.setPassword("password").setPath("target/vault/config/ssl/keystore.jks");
        jsonObject.put("keyStoreOptions", jksOptions.toJson());
        jsonObject.put("trustStoreOptions", new JksOptions().setPassword("password").setPath("target/vault/config/ssl/truststore.jks").toJson());
        this.client = new SlimVaultClient(this.vertx, jsonObject);
        checkWeCanLoginAndAccessRestrictedSecrets(testContext);
    }

    private void checkWeCanLoginAndAccessRestrictedSecrets(TestContext testContext) {
        this.client.loginWithCert(getLoginTestHandler(this.client, testContext));
    }

    static {
        $assertionsDisabled = !VaultClientWithCertTest.class.desiredAssertionStatus();
    }
}
