package org.eclipse.hono.service.auth.device;

import io.opentracing.SpanContext;
import io.vertx.core.Future;
import io.vertx.core.json.JsonObject;
import io.vertx.core.net.SelfSignedCertificate;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.security.auth.x500.X500Principal;
import org.eclipse.hono.client.TenantClient;
import org.eclipse.hono.client.TenantClientFactory;
import org.eclipse.hono.util.TenantObject;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
import org.mockito.ArgumentMatchers;
import org.mockito.Mockito;

/* loaded from: input_file:org/eclipse/hono/service/auth/device/TenantServiceBasedX509AuthenticationTest.class */
class TenantServiceBasedX509AuthenticationTest {
    private static TenantServiceBasedX509Authentication underTest;
    private static TenantClient tenantClient;
    private static X509Certificate cert;
    private static Certificate[] certPath;

    TenantServiceBasedX509AuthenticationTest() {
    }

    @BeforeAll
    static void setUp() throws GeneralSecurityException, IOException {
        cert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new FileInputStream(SelfSignedCertificate.create("eclipse.org").certificatePath()));
        certPath = new Certificate[]{cert};
        TenantClientFactory tenantClientFactory = (TenantClientFactory) Mockito.mock(TenantClientFactory.class);
        tenantClient = (TenantClient) Mockito.mock(TenantClient.class);
        Mockito.when(tenantClientFactory.getOrCreateTenantClient()).thenReturn(Future.succeededFuture(tenantClient));
        underTest = new TenantServiceBasedX509Authentication(tenantClientFactory);
    }

    @Test
    void testValidateClientCertificateContainsReadableCertificate() throws GeneralSecurityException {
        Mockito.when(tenantClient.get((X500Principal) ArgumentMatchers.any(X500Principal.class), (SpanContext) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(new TenantObject().addTrustAnchor(cert.getPublicKey(), cert.getSubjectX500Principal(), true)));
        Future validateClientCertificate = underTest.validateClientCertificate(certPath, (SpanContext) null);
        Assertions.assertTrue(validateClientCertificate.succeeded());
        Assertions.assertArrayEquals(((JsonObject) validateClientCertificate.result()).getBinary("client-certificate"), cert.getEncoded());
    }

    @Test
    void testValidateClientCertificateContainsNoCertificate() {
        Mockito.when(tenantClient.get((X500Principal) ArgumentMatchers.any(X500Principal.class), (SpanContext) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(new TenantObject().addTrustAnchor(cert.getPublicKey(), cert.getSubjectX500Principal(), false)));
        Future validateClientCertificate = underTest.validateClientCertificate(certPath, (SpanContext) null);
        Assertions.assertTrue(validateClientCertificate.succeeded());
        Assertions.assertFalse(((JsonObject) validateClientCertificate.result()).containsKey("client-certificate"));
    }
}
