package org.eclipse.hono.service.management.device;

import com.google.common.truth.Truth;
import io.opentracing.Span;
import io.opentracing.SpanContext;
import io.opentracing.noop.NoopSpan;
import io.vertx.core.Future;
import io.vertx.core.Vertx;
import io.vertx.core.buffer.Buffer;
import io.vertx.core.json.JsonObject;
import io.vertx.core.net.SelfSignedCertificate;
import io.vertx.junit5.VertxExtension;
import io.vertx.junit5.VertxTestContext;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import org.eclipse.hono.client.telemetry.EventSender;
import org.eclipse.hono.client.util.MessagingClientProvider;
import org.eclipse.hono.client.util.StatusCodeMapper;
import org.eclipse.hono.service.management.Id;
import org.eclipse.hono.service.management.OperationResult;
import org.eclipse.hono.service.management.Result;
import org.eclipse.hono.service.management.credentials.CommonCredential;
import org.eclipse.hono.service.management.credentials.CredentialsManagementService;
import org.eclipse.hono.service.management.tenant.Tenant;
import org.eclipse.hono.service.management.tenant.TrustedCertificateAuthority;
import org.eclipse.hono.util.EventConstants;
import org.eclipse.hono.util.MessagingType;
import org.eclipse.hono.util.RegistrationAssertion;
import org.eclipse.hono.util.TenantObject;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.ArgumentCaptor;
import org.mockito.ArgumentMatchers;
import org.mockito.Mockito;

@ExtendWith({VertxExtension.class})
/* loaded from: input_file:org/eclipse/hono/service/management/device/DeviceAndGatewayAutoProvisionerTest.class */
public class DeviceAndGatewayAutoProvisionerTest {
    private DeviceManagementService deviceManagementService;
    private CredentialsManagementService credentialsManagementService;
    private DeviceAndGatewayAutoProvisioner deviceAndGatewayAutoProvisioner;
    private EventSender sender;
    private String commonName;
    private X509Certificate cert;
    private String subjectDn;
    private String deviceId;
    private String tenantId;
    private Tenant tenant;

    @BeforeEach
    public void init() throws GeneralSecurityException, IOException {
        this.tenantId = UUID.randomUUID().toString();
        this.deviceId = UUID.randomUUID().toString();
        this.commonName = UUID.randomUUID().toString();
        this.cert = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new FileInputStream(SelfSignedCertificate.create(String.format("%s,OU=Hono,O=Eclipse", this.commonName)).certificatePath()));
        this.subjectDn = this.cert.getSubjectX500Principal().getName("RFC2253");
        this.tenant = new Tenant().setTrustedCertificateAuthorities(List.of(new TrustedCertificateAuthority().setCertificate(this.cert.getEncoded())));
        this.deviceManagementService = (DeviceManagementService) Mockito.mock(DeviceManagementService.class);
        this.credentialsManagementService = (CredentialsManagementService) Mockito.mock(CredentialsManagementService.class);
        this.sender = (EventSender) Mockito.mock(EventSender.class);
        Mockito.when(this.sender.getMessagingType()).thenReturn(MessagingType.amqp);
        Mockito.when(this.sender.sendEvent((TenantObject) ArgumentMatchers.any(TenantObject.class), (RegistrationAssertion) ArgumentMatchers.any(RegistrationAssertion.class), ArgumentMatchers.anyString(), (Buffer) ArgumentMatchers.any(), (Map) ArgumentMatchers.any(Map.class), (SpanContext) ArgumentMatchers.any())).thenReturn(Future.succeededFuture());
        this.deviceAndGatewayAutoProvisioner = new DeviceAndGatewayAutoProvisioner((Vertx) Mockito.mock(Vertx.class), this.deviceManagementService, this.credentialsManagementService, new MessagingClientProvider().setClient(this.sender));
    }

    @Test
    public void testProvisionDeviceSucceeds(VertxTestContext vertxTestContext) throws CertificateEncodingException {
        testProvisionSucceeds(vertxTestContext, false, null, this.deviceId);
    }

    @Test
    public void testProvisionDeviceWithDeviceIdTemplateSucceeds(VertxTestContext vertxTestContext) throws CertificateEncodingException {
        testProvisionSucceeds(vertxTestContext, false, "device-{{subject-cn}}-{{subject-ou}}", String.format("device-%s-Hono", this.commonName));
    }

    @Test
    public void testProvisionDeviceSucceedsWhenUpdateOfNotificationFlagFails(VertxTestContext vertxTestContext) throws CertificateEncodingException {
        testProvisionSucceedsWhenUpdateOfNotificationFlagFails(vertxTestContext, false, this.deviceId);
    }

    @Test
    public void testProvisionDeviceFailsWhenEventNotificationFails(VertxTestContext vertxTestContext) throws CertificateEncodingException {
        testProvisionFailsWhenEventNotificationFails(vertxTestContext, false, this.deviceId);
    }

    @Test
    public void testProvisionGatewaySucceeds(VertxTestContext vertxTestContext) throws CertificateEncodingException {
        testProvisionSucceeds(vertxTestContext, true, null, this.deviceId);
    }

    @Test
    public void testProvisionGatewayWithDeviceIdTemplateSucceeds(VertxTestContext vertxTestContext) throws CertificateEncodingException {
        testProvisionSucceeds(vertxTestContext, true, "device-{{subject-dn}}", "device-" + this.subjectDn);
    }

    @Test
    public void testProvisionGatewaySucceedsWhenUpdateOfNotificationFlagFails(VertxTestContext vertxTestContext) throws CertificateEncodingException {
        testProvisionSucceedsWhenUpdateOfNotificationFlagFails(vertxTestContext, true, this.deviceId);
    }

    @Test
    public void testProvisionGatewayFailsWhenEventNotificationFails(VertxTestContext vertxTestContext) throws CertificateEncodingException {
        testProvisionFailsWhenEventNotificationFails(vertxTestContext, true, this.deviceId);
    }

    @Test
    public void testProvisionDeviceWhenNotEnabled(VertxTestContext vertxTestContext) {
        ((TrustedCertificateAuthority) this.tenant.getTrustedCertificateAuthorities().get(0)).setAutoProvisioningEnabled(false);
        this.deviceAndGatewayAutoProvisioner.provisionIfEnabled(this.tenantId, this.tenant, this.subjectDn, new JsonObject(), NoopSpan.INSTANCE).onComplete(vertxTestContext.succeeding(credentialsResult -> {
            vertxTestContext.verify(() -> {
                ((DeviceManagementService) Mockito.verify(this.deviceManagementService, Mockito.never())).createDevice(ArgumentMatchers.anyString(), (Optional) ArgumentMatchers.any(Optional.class), (Device) ArgumentMatchers.any(Device.class), (Span) ArgumentMatchers.any());
                ((CredentialsManagementService) Mockito.verify(this.credentialsManagementService, Mockito.never())).updateCredentials(ArgumentMatchers.anyString(), ArgumentMatchers.anyString(), (List) ArgumentMatchers.any(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any());
                Truth.assertThat(Integer.valueOf(credentialsResult.getStatus())).isEqualTo(404);
            });
            vertxTestContext.completeNow();
        }));
    }

    @Test
    public void testDeviceRegistrationIsRemovedWhenAutoProvisionFails(VertxTestContext vertxTestContext) throws CertificateEncodingException {
        ((TrustedCertificateAuthority) this.tenant.getTrustedCertificateAuthorities().get(0)).setAutoProvisioningEnabled(true);
        JsonObject put = new JsonObject().put("client-certificate", this.cert.getEncoded());
        Mockito.when(this.deviceManagementService.createDevice((String) ArgumentMatchers.eq(this.tenantId), (Optional) ArgumentMatchers.any(), (Device) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.ok(201, Id.of(this.deviceId), Optional.empty(), Optional.empty())));
        Mockito.when(this.credentialsManagementService.updateCredentials((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(this.deviceId), (List) ArgumentMatchers.any(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.empty(500)));
        Mockito.when(this.deviceManagementService.deleteDevice((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(this.deviceId), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(Result.from(204)));
        this.deviceAndGatewayAutoProvisioner.provisionIfEnabled(this.tenantId, this.tenant, this.subjectDn, put, NoopSpan.INSTANCE).onComplete(vertxTestContext.succeeding(credentialsResult -> {
            vertxTestContext.verify(() -> {
                ((DeviceManagementService) Mockito.verify(this.deviceManagementService)).createDevice((String) ArgumentMatchers.eq(this.tenantId), (Optional) ArgumentMatchers.any(), (Device) ArgumentMatchers.any(), (Span) ArgumentMatchers.any());
                ((CredentialsManagementService) Mockito.verify(this.credentialsManagementService)).updateCredentials((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(this.deviceId), (List) ArgumentMatchers.any(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any());
                ((DeviceManagementService) Mockito.verify(this.deviceManagementService)).deleteDevice((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(this.deviceId), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any());
                Truth.assertThat(Integer.valueOf(credentialsResult.getStatus())).isEqualTo(500);
            });
            vertxTestContext.completeNow();
        }));
    }

    private void testProvisionSucceedsWhenUpdateOfNotificationFlagFails(VertxTestContext vertxTestContext, boolean z, String str) throws CertificateEncodingException {
        configureTenant(z, null);
        ((DeviceManagementService) Mockito.doAnswer(invocationOnMock -> {
            Mockito.when(this.deviceManagementService.readDevice((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.ok(200, (Device) invocationOnMock.getArgument(2), Optional.empty(), Optional.empty())));
            return Future.succeededFuture(OperationResult.ok(201, Id.of(str), Optional.empty(), Optional.empty()));
        }).when(this.deviceManagementService)).createDevice((String) ArgumentMatchers.eq(this.tenantId), (Optional) ArgumentMatchers.any(), (Device) ArgumentMatchers.any(), (Span) ArgumentMatchers.any());
        Mockito.when(this.deviceManagementService.updateDevice((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str), (Device) ArgumentMatchers.any(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.empty(500)));
        Mockito.when(this.credentialsManagementService.updateCredentials((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str), (List) ArgumentMatchers.any(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.empty(204)));
        provisionAndVerifySuccessfulResult(vertxTestContext, z, str);
    }

    private void testProvisionSucceeds(VertxTestContext vertxTestContext, boolean z, String str, String str2) throws CertificateEncodingException {
        configureTenant(z, str);
        ((DeviceManagementService) Mockito.doAnswer(invocationOnMock -> {
            Optional optional = (Optional) invocationOnMock.getArgument(1);
            if (str != null) {
                Truth.assertThat(Boolean.valueOf(optional.isPresent())).isTrue();
                Truth.assertThat((String) optional.get()).isEqualTo(str2);
            } else {
                Truth.assertThat(Boolean.valueOf(optional.isEmpty())).isTrue();
            }
            Mockito.when(this.deviceManagementService.readDevice((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str2), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.ok(200, (Device) invocationOnMock.getArgument(2), Optional.empty(), Optional.empty())));
            return Future.succeededFuture(OperationResult.ok(201, Id.of(str2), Optional.empty(), Optional.empty()));
        }).when(this.deviceManagementService)).createDevice((String) ArgumentMatchers.eq(this.tenantId), (Optional) ArgumentMatchers.any(), (Device) ArgumentMatchers.any(), (Span) ArgumentMatchers.any());
        Mockito.when(this.deviceManagementService.updateDevice((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str2), (Device) ArgumentMatchers.any(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.empty(204)));
        Mockito.when(this.credentialsManagementService.updateCredentials((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str2), (List) ArgumentMatchers.any(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.empty(204)));
        provisionAndVerifySuccessfulResult(vertxTestContext, z, str2);
    }

    private void provisionAndVerifySuccessfulResult(VertxTestContext vertxTestContext, boolean z, String str) throws CertificateEncodingException {
        this.deviceAndGatewayAutoProvisioner.provisionIfEnabled(this.tenantId, this.tenant, this.subjectDn, new JsonObject().put("client-certificate", this.cert.getEncoded()), NoopSpan.INSTANCE).onComplete(vertxTestContext.succeeding(credentialsResult -> {
            vertxTestContext.verify(() -> {
                ArgumentCaptor forClass = ArgumentCaptor.forClass(Device.class);
                ((DeviceManagementService) Mockito.verify(this.deviceManagementService)).createDevice((String) ArgumentMatchers.eq(this.tenantId), (Optional) ArgumentMatchers.any(), (Device) forClass.capture(), (Span) ArgumentMatchers.any());
                if (z) {
                    Truth.assertThat(((Device) forClass.getValue()).getAuthorities()).contains("auto-provisioning-enabled");
                }
                ArgumentCaptor forClass2 = ArgumentCaptor.forClass(List.class);
                ((CredentialsManagementService) Mockito.verify(this.credentialsManagementService)).updateCredentials((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str), (List) forClass2.capture(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any());
                List list = (List) forClass2.getValue();
                Truth.assertThat(Integer.valueOf(list.size())).isEqualTo(1);
                Truth.assertThat(((CommonCredential) list.get(0)).getType()).isEqualTo("x509-cert");
                Truth.assertThat(((CommonCredential) list.get(0)).getAuthId()).isEqualTo(this.subjectDn);
                Truth.assertThat(Integer.valueOf(credentialsResult.getStatus())).isEqualTo(201);
                JsonObject jsonObject = (JsonObject) credentialsResult.getPayload();
                Truth.assertThat(jsonObject.getString("device-id")).isEqualTo(str);
                Truth.assertThat(jsonObject.getString("auth-id")).isEqualTo(this.subjectDn);
                Truth.assertThat(jsonObject.getString("type")).isEqualTo("x509-cert");
                ArgumentCaptor forClass3 = ArgumentCaptor.forClass(Map.class);
                ((EventSender) Mockito.verify(this.sender)).sendEvent((TenantObject) ArgumentMatchers.argThat(tenantObject -> {
                    return tenantObject.getTenantId().equals(this.tenantId);
                }), (RegistrationAssertion) ArgumentMatchers.argThat(registrationAssertion -> {
                    return registrationAssertion.getDeviceId().equals(str);
                }), (String) ArgumentMatchers.eq("application/vnd.eclipse-hono-device-provisioning-notification"), (Buffer) ArgumentMatchers.any(), (Map) forClass3.capture(), (SpanContext) ArgumentMatchers.any());
                Map map = (Map) forClass3.getValue();
                Truth.assertThat(map.get("hono_registration_status")).isEqualTo(EventConstants.RegistrationStatus.NEW.name());
                Truth.assertThat(map.get("tenant_id")).isEqualTo(this.tenantId);
                ((DeviceManagementService) Mockito.verify(this.deviceManagementService)).updateDevice((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str), (Device) forClass.capture(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any());
                DeviceStatus status = ((Device) forClass.getValue()).getStatus();
                Truth.assertThat(Boolean.valueOf(status.isAutoProvisioned())).isTrue();
                Truth.assertThat(Boolean.valueOf(status.isAutoProvisioningNotificationSent())).isTrue();
            });
            vertxTestContext.completeNow();
        }));
    }

    private void testProvisionFailsWhenEventNotificationFails(VertxTestContext vertxTestContext, boolean z, String str) throws CertificateEncodingException {
        configureTenant(z, null);
        JsonObject put = new JsonObject().put("client-certificate", this.cert.getEncoded());
        Mockito.when(this.deviceManagementService.createDevice((String) ArgumentMatchers.eq(this.tenantId), (Optional) ArgumentMatchers.any(), (Device) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.ok(201, Id.of(this.deviceId), Optional.empty(), Optional.empty())));
        Mockito.when(this.deviceManagementService.updateDevice((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str), (Device) ArgumentMatchers.any(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.empty(204)));
        Mockito.when(this.credentialsManagementService.updateCredentials((String) ArgumentMatchers.eq(this.tenantId), (String) ArgumentMatchers.eq(str), (List) ArgumentMatchers.any(), (Optional) ArgumentMatchers.any(), (Span) ArgumentMatchers.any())).thenReturn(Future.succeededFuture(OperationResult.empty(204)));
        Mockito.when(this.sender.sendEvent((TenantObject) ArgumentMatchers.any(TenantObject.class), (RegistrationAssertion) ArgumentMatchers.any(RegistrationAssertion.class), ArgumentMatchers.anyString(), (Buffer) ArgumentMatchers.any(), (Map) ArgumentMatchers.any(Map.class), (SpanContext) ArgumentMatchers.any())).thenReturn(Future.failedFuture(StatusCodeMapper.from(this.tenantId, 500, "error sending event")));
        this.deviceAndGatewayAutoProvisioner.provisionIfEnabled(this.tenantId, this.tenant, this.subjectDn, put, NoopSpan.INSTANCE).onComplete(vertxTestContext.succeeding(credentialsResult -> {
            Truth.assertThat(Boolean.valueOf(credentialsResult.isError())).isTrue();
            Truth.assertThat(Integer.valueOf(credentialsResult.getStatus())).isEqualTo(500);
            vertxTestContext.completeNow();
        }));
    }

    private void configureTenant(boolean z, String str) {
        TrustedCertificateAuthority trustedCertificateAuthority = (TrustedCertificateAuthority) this.tenant.getTrustedCertificateAuthorities().get(0);
        trustedCertificateAuthority.setAutoProvisioningEnabled(true);
        if (z) {
            trustedCertificateAuthority.setAutoProvisioningAsGatewayEnabled(true);
        }
        Optional ofNullable = Optional.ofNullable(str);
        Objects.requireNonNull(trustedCertificateAuthority);
        ofNullable.ifPresent(trustedCertificateAuthority::setAutoProvisioningDeviceIdTemplate);
    }
}
