package org.eclipse.hono.service.credentials;

import io.opentracing.Span;
import io.vertx.core.AsyncResult;
import io.vertx.core.Context;
import io.vertx.core.Future;
import io.vertx.core.Handler;
import io.vertx.core.Vertx;
import io.vertx.core.json.JsonObject;
import io.vertx.ext.unit.TestContext;
import io.vertx.ext.unit.junit.VertxUnitRunner;
import java.time.Instant;
import org.eclipse.hono.auth.HonoPasswordEncoder;
import org.eclipse.hono.client.ServiceInvocationException;
import org.eclipse.hono.config.ServiceConfigProperties;
import org.eclipse.hono.util.CredentialsConstants;
import org.eclipse.hono.util.CredentialsObject;
import org.eclipse.hono.util.CredentialsResult;
import org.eclipse.hono.util.EventBusMessage;
import org.junit.Before;
import org.junit.Test;
import org.junit.rules.Timeout;
import org.junit.runner.RunWith;
import org.mockito.ArgumentMatchers;
import org.mockito.Mockito;

@RunWith(VertxUnitRunner.class)
/* loaded from: input_file:org/eclipse/hono/service/credentials/CompleteBaseCredentialsServiceTest.class */
public class CompleteBaseCredentialsServiceTest {
    private static final String TEST_TENANT = "dummy";
    private static final int MAX_ITERATIONS = 10;
    public Timeout timeout = Timeout.seconds(5);
    private CompleteBaseCredentialsService<ServiceConfigProperties> service;
    private HonoPasswordEncoder pwdEncoder;
    private Vertx vertx;
    private Context context;

    @Before
    public void setUp() {
        this.context = (Context) Mockito.mock(Context.class);
        this.vertx = (Vertx) Mockito.mock(Vertx.class);
        ((Vertx) Mockito.doAnswer(invocationOnMock -> {
            Handler handler = (Handler) invocationOnMock.getArgument(0);
            Handler handler2 = (Handler) invocationOnMock.getArgument(1);
            Future future = Future.future();
            future.setHandler(handler2);
            handler.handle(future);
            return null;
        }).when(this.vertx)).executeBlocking((Handler) ArgumentMatchers.any(Handler.class), (Handler) ArgumentMatchers.any(Handler.class));
        this.pwdEncoder = (HonoPasswordEncoder) Mockito.mock(HonoPasswordEncoder.class);
        Mockito.when(this.pwdEncoder.encode(ArgumentMatchers.anyString())).thenReturn(CredentialsObject.hashedPasswordSecretForPasswordHash("$2a$10$UK9lmSMlYmeXqABkTrDRsu1nlZRnAmGnBdPIWZoDajtjyxX18Dry.", "bcrypt", (Instant) null, (Instant) null, (String) null));
        this.service = createCompleteBaseCredentialsService(this.pwdEncoder);
        this.service.init(this.vertx, this.context);
    }

    @Test
    public void testAddSucceedsForMinimalData(TestContext testContext) {
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, createValidCredentialsObject())).setHandler(testContext.asyncAssertSuccess(eventBusMessage -> {
            testContext.assertEquals(201, eventBusMessage.getStatus());
        }));
    }

    @Test
    public void testAddSucceedsForLongTimestamp(TestContext testContext) {
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, createValidCredentialsObject(new JsonObject().put("not-before", "2007-04-05T12:30-02:00")))).setHandler(testContext.asyncAssertSuccess(eventBusMessage -> {
            testContext.assertEquals(201, eventBusMessage.getStatus());
        }));
    }

    @Test
    public void testAddFailsForShortTimestamp(TestContext testContext) {
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, createValidCredentialsObject(new JsonObject().put("not-before", "2007-04-05T14:30")))).setHandler(testContext.asyncAssertFailure(th -> {
            testContext.assertEquals(400, Integer.valueOf(((ServiceInvocationException) th).getErrorCode()));
        }));
    }

    @Test
    public void testAddFailsForMalformedTimestamp(TestContext testContext) {
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, createValidCredentialsObject(new JsonObject().put("not-before", "no-timestamp")))).setHandler(testContext.asyncAssertFailure(th -> {
            testContext.assertEquals(400, Integer.valueOf(((ServiceInvocationException) th).getErrorCode()));
        }));
    }

    @Test
    public void testAddFailsForMissingSecrets(TestContext testContext) {
        JsonObject createValidCredentialsObject = createValidCredentialsObject();
        createValidCredentialsObject.remove("secrets");
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, createValidCredentialsObject)).setHandler(testContext.asyncAssertFailure(th -> {
            testContext.assertEquals(400, Integer.valueOf(((ServiceInvocationException) th).getErrorCode()));
        }));
    }

    @Test
    public void testAddFailsForEmptySecrets(TestContext testContext) {
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, createValidCredentialsObject(null))).setHandler(testContext.asyncAssertFailure(th -> {
            testContext.assertEquals(400, Integer.valueOf(((ServiceInvocationException) th).getErrorCode()));
        }));
    }

    @Test
    public void testAddSucceedsForValidBcryptSecret(TestContext testContext) {
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, JsonObject.mapFrom(CredentialsObject.fromHashedPassword("4711", "theDevice", "$2a$10$UK9lmSMlYmeXqABkTrDRsu1nlZRnAmGnBdPIWZoDajtjyxX18Dry.", "bcrypt", (Instant) null, (Instant) null, (byte[]) null)))).setHandler(testContext.asyncAssertSuccess(eventBusMessage -> {
            testContext.assertEquals(201, eventBusMessage.getStatus());
        }));
    }

    @Test
    public void testUpdateSucceedsForClearTextPassword(TestContext testContext) {
        JsonObject put = new JsonObject().put("pwd-plain", "initial");
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, createValidCredentialsObject("hashed-password", put))).compose(eventBusMessage -> {
            testContext.assertEquals(201, eventBusMessage.getStatus());
            ((HonoPasswordEncoder) Mockito.verify(this.pwdEncoder)).encode("initial");
            JsonObject createValidCredentialsObject = createValidCredentialsObject("hashed-password", new JsonObject().put("pwd-plain", "updated"));
            put.put("pwd-plain", "updated");
            return this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.update, createValidCredentialsObject));
        }).setHandler(testContext.asyncAssertSuccess(eventBusMessage2 -> {
            testContext.assertEquals(204, eventBusMessage2.getStatus());
            ((HonoPasswordEncoder) Mockito.verify(this.pwdEncoder)).encode("updated");
        }));
    }

    @Test
    public void testAddFailsForMalformedBcryptSecrets(TestContext testContext) {
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, createValidCredentialsObject("hashed-password", new JsonObject().put("hash-function", "bcrypt").put("pwd-hash", "$2y$11$malformed")))).setHandler(testContext.asyncAssertFailure(th -> {
            testContext.assertEquals(400, Integer.valueOf(((ServiceInvocationException) th).getErrorCode()));
        }));
    }

    @Test
    public void testAddFailsForBcryptSecretsWithTooManyIterations(TestContext testContext) {
        this.service.processRequest(createRequestForPayload(CredentialsConstants.CredentialsAction.add, JsonObject.mapFrom(CredentialsObject.fromHashedPassword("4711", "user", "$2a$11$gYh52ApJeJcLvKrXHkGm5.xtLf7PVJySmXrt0EvFfLjCfLdIdvoay", "bcrypt", (Instant) null, (Instant) null, (byte[]) null)))).setHandler(testContext.asyncAssertFailure(th -> {
            testContext.assertEquals(400, Integer.valueOf(((ServiceInvocationException) th).getErrorCode()));
        }));
    }

    private static EventBusMessage createRequestForPayload(CredentialsConstants.CredentialsAction credentialsAction, JsonObject jsonObject) {
        return EventBusMessage.forOperation(credentialsAction.name()).setTenant(TEST_TENANT).setJsonPayload(jsonObject);
    }

    private static JsonObject createValidCredentialsObject() {
        return createValidCredentialsObject(new JsonObject());
    }

    private static JsonObject createValidCredentialsObject(JsonObject jsonObject) {
        return createValidCredentialsObject("someType", jsonObject);
    }

    private static JsonObject createValidCredentialsObject(String str, JsonObject jsonObject) {
        return JsonObject.mapFrom(new CredentialsObject().setDeviceId("someDeviceId").setAuthId("someAuthId").setType(str).addSecret(jsonObject));
    }

    private static CompleteBaseCredentialsService<ServiceConfigProperties> createCompleteBaseCredentialsService(HonoPasswordEncoder honoPasswordEncoder) {
        return new CompleteBaseCredentialsService<ServiceConfigProperties>(honoPasswordEncoder) { // from class: org.eclipse.hono.service.credentials.CompleteBaseCredentialsServiceTest.1
            public void add(String str, JsonObject jsonObject, Handler<AsyncResult<CredentialsResult<JsonObject>>> handler) {
                handler.handle(Future.succeededFuture(CredentialsResult.from(201)));
            }

            public void update(String str, JsonObject jsonObject, Handler<AsyncResult<CredentialsResult<JsonObject>>> handler) {
                handler.handle(Future.succeededFuture(CredentialsResult.from(204)));
            }

            public void setConfig(ServiceConfigProperties serviceConfigProperties) {
                setSpecificConfig(serviceConfigProperties);
            }

            public void getAll(String str, String str2, Span span, Handler<AsyncResult<CredentialsResult<JsonObject>>> handler) {
            }

            protected int getMaxBcryptIterations() {
                return CompleteBaseCredentialsServiceTest.MAX_ITERATIONS;
            }
        };
    }
}
