package org.apereo.cas.authentication;

import java.io.IOException;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apereo.cas.configuration.model.core.authentication.HttpClientProperties;
import org.apereo.cas.util.http.SimpleHttpClient;
import org.apereo.cas.util.http.SimpleHttpClientFactoryBean;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;

@Tag("FileSystem")
/* loaded from: input_file:org/apereo/cas/authentication/FileTrustStoreSslSocketFactoryTests.class */
public class FileTrustStoreSslSocketFactoryTests {
    private static final ClassPathResource RESOURCE = new ClassPathResource("truststore.jks");
    private static final ClassPathResource RESOURCE_P12 = new ClassPathResource("truststore.p12");

    /* JADX INFO: Access modifiers changed from: private */
    public static SSLConnectionSocketFactory sslFactory(Resource resource, String str, String str2) {
        return new SSLConnectionSocketFactory(new DefaultCasSSLContext(resource, str, str2, new HttpClientProperties(), NoopHostnameVerifier.INSTANCE).getSslContext());
    }

    private static SSLConnectionSocketFactory sslFactory() {
        return sslFactory(RESOURCE, "changeit", "JKS");
    }

    private static SimpleHttpClient getSimpleHttpClient(SSLConnectionSocketFactory sSLConnectionSocketFactory) {
        SimpleHttpClientFactoryBean simpleHttpClientFactoryBean = new SimpleHttpClientFactoryBean();
        simpleHttpClientFactoryBean.setSslSocketFactory(sSLConnectionSocketFactory);
        SimpleHttpClient object = simpleHttpClientFactoryBean.getObject();
        Assertions.assertNotNull(object);
        return object;
    }

    @Test
    public void verifyTrustStoreLoadingSuccessfullyWithCertAvailable() {
        Assertions.assertTrue(getSimpleHttpClient(sslFactory()).isValidEndPoint("https://self-signed.badssl.com"));
    }

    @Test
    public void verifyTrustStoreNotFound() {
        Assertions.assertThrows(IOException.class, () -> {
            sslFactory(new FileSystemResource("test.jks"), "changeit", "JKS");
        });
    }

    @Test
    public void verifyTrustStoreBadPassword() {
        Assertions.assertThrows(IOException.class, () -> {
            sslFactory(RESOURCE, "invalid", "JKS");
        });
    }

    @Test
    public void verifyTrustStoreType() {
        Assertions.assertTrue(getSimpleHttpClient(sslFactory(RESOURCE_P12, "changeit", "PKCS12")).isValidEndPoint("https://www.google.com"));
    }

    @Test
    public void verifyTrustStoreLoadingSuccessfullyForValidEndpointWithNoCert() {
        Assertions.assertTrue(getSimpleHttpClient(sslFactory()).isValidEndPoint("https://www.google.com"));
    }

    @Test
    public void verifyTrustStoreLoadingSuccessfullyWihInsecureEndpoint() {
        Assertions.assertTrue(getSimpleHttpClient(sslFactory()).isValidEndPoint("http://wikipedia.org"));
    }
}
