package org.infinispan.server.test.core;

import java.io.File;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.InterfaceAddress;
import java.net.NetworkInterface;
import java.net.URI;
import java.net.URL;
import java.nio.file.FileSystem;
import java.nio.file.FileSystems;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.atomic.AtomicLong;
import java.util.function.Consumer;
import java.util.function.Predicate;
import javax.security.auth.x500.X500Principal;
import org.infinispan.cli.user.UserTool;
import org.infinispan.client.hotrod.RemoteCacheManager;
import org.infinispan.client.hotrod.configuration.ConfigurationBuilder;
import org.infinispan.client.rest.configuration.RestClientConfigurationBuilder;
import org.infinispan.commons.test.CommonsTestingUtil;
import org.infinispan.commons.test.Exceptions;
import org.infinispan.commons.util.Features;
import org.infinispan.commons.util.SslContextFactory;
import org.infinispan.commons.util.Util;
import org.infinispan.lifecycle.ComponentStatus;
import org.infinispan.security.AuthorizationPermission;
import org.infinispan.server.test.api.TestUser;
import org.jboss.shrinkwrap.api.exporter.ZipExporter;
import org.jboss.shrinkwrap.api.spec.JavaArchive;
import org.jboss.shrinkwrap.resolver.api.maven.Maven;
import org.jboss.shrinkwrap.resolver.api.maven.MavenResolvedArtifact;
import org.junit.Assume;
import org.wildfly.security.provider.util.ProviderUtil;
import org.wildfly.security.x500.cert.BasicConstraintsExtension;
import org.wildfly.security.x500.cert.SelfSignedX509CertificateAndSigningKey;
import org.wildfly.security.x500.cert.X509CertificateBuilder;

/* loaded from: input_file:org/infinispan/server/test/core/AbstractInfinispanServerDriver.class */
public abstract class AbstractInfinispanServerDriver implements InfinispanServerDriver {
    public static final String DEFAULT_CLUSTERED_INFINISPAN_CONFIG_FILE_NAME = "infinispan.xml";
    public static final String INFINISPAN_SERVER_ROOT_PATH = "infinispan.server.root.path";
    public static final String INFINISPAN_CLUSTER_NAME = "infinispan.cluster.name";
    public static final String INFINISPAN_CLUSTER_STACK = "infinispan.cluster.stack";
    public static final String INFINISPAN_SERVER_CONFIG_PATH = "infinispan.server.config.path";
    public static final String TEST_HOST_ADDRESS = "org.infinispan.test.host.address";
    public static final String JOIN_TIMEOUT = "jgroups.join_timeout";
    public static final String BASE_DN = "CN=%s,OU=Infinispan,O=JBoss,L=Red Hat";
    public static final String KEY_PASSWORD = "secret";
    public static final String KEY_ALGORITHM = "RSA";
    public static final String KEY_SIGNATURE_ALGORITHM = "SHA256withRSA";
    public static final String DEFAULT_SERVER_CONFIG = "conf";
    public static final String DEFAULT_SERVER_DATA = "data";
    public static final String DEFAULT_SERVER_LIB = "lib";
    public static final String DEFAULT_SERVER_LOG = "log";
    protected final InfinispanServerTestConfiguration configuration;
    protected final InetAddress testHostAddress;
    private File rootDir;
    private File confDir;
    private String name;
    private final AtomicLong certSerial = new AtomicLong(1);
    private ComponentStatus status = ComponentStatus.INSTANTIATED;
    private final Provider[] ALL_PROVIDERS = SslContextFactory.discoverSecurityProviders(getClass().getClassLoader());

    /* JADX INFO: Access modifiers changed from: protected */
    public AbstractInfinispanServerDriver(InfinispanServerTestConfiguration infinispanServerTestConfiguration, InetAddress inetAddress) {
        this.configuration = infinispanServerTestConfiguration;
        this.testHostAddress = inetAddress;
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public ComponentStatus getStatus() {
        return this.status;
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public InfinispanServerTestConfiguration getConfiguration() {
        return this.configuration;
    }

    protected abstract void start(String str, File file, File file2);

    /* JADX INFO: Access modifiers changed from: protected */
    public String debugJvmOption() {
        try {
            return String.format("-agentlib:jdwp=transport=dt_socket,server=n,address=%s:5005", findAddress((v0) -> {
                return v0.isLoopbackAddress();
            }).getAddress().getHostAddress());
        } catch (IOException e) {
            throw new IllegalStateException("Could not find a non-loopback address");
        }
    }

    protected abstract void stop();

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void prepare(String str) {
        this.name = str;
        if (this.configuration.getFeatures() != null) {
            Features features = new Features(getClass().getClassLoader());
            for (String str2 : this.configuration.getFeatures()) {
                Assume.assumeTrue(String.format("%s is disabled", str2), features.isAvailable(str2));
            }
        }
        String tmpDirectory = CommonsTestingUtil.tmpDirectory(new String[]{(this.configuration.site() == null ? "" : this.configuration.site()) + str});
        Util.recursiveFileRemove(tmpDirectory);
        this.rootDir = new File(tmpDirectory);
        this.confDir = new File(this.rootDir, DEFAULT_SERVER_CONFIG);
        if (!this.confDir.mkdirs()) {
            throw new RuntimeException("Failed to create server configuration directory " + this.confDir);
        }
        if (!this.configuration.isDefaultFile()) {
            copyProvidedServerConfigurationFile();
        }
        createUserFile("default");
        createKeyStores(".pfx", "pkcs12", null);
        if (ProviderUtil.findProvider(this.ALL_PROVIDERS, "BC", KeyStore.class, "BCFKS") != null) {
            createKeyStores(".bcfks", "BCFKS", "BC");
        }
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void start(String str) {
        this.status = ComponentStatus.INITIALIZING;
        try {
            log.infof("Starting servers %s", str);
            start(str, this.rootDir, new File(this.configuration.configurationFile()));
            log.infof("Started servers %s", str);
            this.status = ComponentStatus.RUNNING;
        } catch (Throwable th) {
            log.errorf(th, "Unable to start server %s", str);
            this.status = ComponentStatus.FAILED;
            throw th;
        }
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public final void stop(String str) {
        if (this.status != ComponentStatus.INSTANTIATED) {
            this.status = ComponentStatus.STOPPING;
            log.infof("Stopping servers %s", str);
            stop();
            log.infof("Stopped servers %s", str);
        }
        this.status = ComponentStatus.TERMINATED;
    }

    private void copyProvidedServerConfigurationFile() {
        copyResource(this.configuration.configurationFile(), this.confDir.toPath());
    }

    private void copyResource(String str, Path path) {
        ClassLoader classLoader = getClass().getClassLoader();
        File file = new File(str);
        if (file.isAbsolute()) {
            Path path2 = Paths.get(file.getParentFile().getAbsolutePath(), new String[0]);
            Exceptions.unchecked(() -> {
                Util.recursiveDirectoryCopy(path2, path);
            });
        } else {
            URL resource = classLoader.getResource(str);
            if (resource == null) {
                throw new RuntimeException("Cannot find test file: " + str);
            }
            Exceptions.unchecked(() -> {
                if (!resource.getProtocol().equals("jar")) {
                    Util.recursiveDirectoryCopy(Paths.get(resource.toURI().resolve(".")), path);
                    return;
                }
                HashMap hashMap = new HashMap();
                hashMap.put("create", "true");
                String[] split = resource.toString().split("!");
                FileSystem newFileSystem = FileSystems.newFileSystem(new URI(split[0]), hashMap);
                try {
                    Util.recursiveDirectoryCopy(newFileSystem.getPath(new File(split[1]).getParentFile().toString(), new String[0]), path);
                    if (newFileSystem != null) {
                        newFileSystem.close();
                    }
                } catch (Throwable th) {
                    if (newFileSystem != null) {
                        try {
                            newFileSystem.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            });
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static File createServerHierarchy(File file) {
        return createServerHierarchy(file, null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static File createServerHierarchy(File file, String str) {
        File serverRoot = serverRoot(file, str);
        Iterator it = Arrays.asList(DEFAULT_SERVER_DATA, DEFAULT_SERVER_LOG, DEFAULT_SERVER_LIB).iterator();
        while (it.hasNext()) {
            File file2 = new File(serverRoot, (String) it.next());
            if (!file2.exists() && !file2.mkdirs()) {
                throw new IllegalStateException("Unable to create directory " + file2);
            }
        }
        return serverRoot;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static File serverRoot(File file, String str) {
        return str == null ? file : new File(file, str);
    }

    protected void createUserFile(String str) {
        UserTool userTool = new UserTool(this.rootDir.getAbsolutePath());
        for (AuthorizationPermission authorizationPermission : AuthorizationPermission.values()) {
            String lowerCase = authorizationPermission.name().toLowerCase();
            userTool.createUser(lowerCase + "_user", lowerCase, str, UserTool.Encryption.DEFAULT, Collections.singletonList(lowerCase), (List) null);
        }
        for (TestUser testUser : TestUser.values()) {
            if (testUser != TestUser.ANONYMOUS) {
                userTool.createUser(testUser.getUser(), testUser.getPassword(), str, UserTool.Encryption.DEFAULT, testUser.getRoles(), (List) null);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void copyArtifactsToDataDir() {
        if (this.configuration.getDataFiles() == null) {
            return;
        }
        File file = new File(this.rootDir, DEFAULT_SERVER_DATA);
        file.mkdirs();
        for (String str : this.configuration.getDataFiles()) {
            copyResource(str, file.toPath());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void copyArtifactsToUserLibDir(File file) {
        String property = this.configuration.properties().getProperty(TestSystemPropertyNames.INFINISPAN_TEST_SERVER_EXTRA_LIBS);
        String[] split = property != null ? property.replaceAll("\\s+", "").split(",") : this.configuration.mavenArtifacts();
        if (split != null && split.length > 0) {
            for (MavenResolvedArtifact mavenResolvedArtifact : Maven.resolver().resolve(split).withoutTransitivity().asResolvedArtifact()) {
                Exceptions.unchecked(() -> {
                    Path path = mavenResolvedArtifact.asFile().toPath();
                    Files.copy(path, file.toPath().resolve(path.getFileName()), StandardCopyOption.REPLACE_EXISTING);
                });
            }
        }
        if (this.configuration.archives() != null) {
            for (JavaArchive javaArchive : this.configuration.archives()) {
                File file2 = file.toPath().resolve(javaArchive.getName()).toFile();
                file2.setWritable(true, false);
                javaArchive.as(ZipExporter.class).exportTo(file2, true);
            }
        }
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public File getCertificateFile(String str) {
        return new File(this.confDir, str);
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public File getRootDir() {
        return this.rootDir;
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public File getConfDir() {
        return this.confDir;
    }

    public String getName() {
        return this.name;
    }

    protected void createKeyStores(String str, String str2, String str3) {
        try {
            Provider findProvider = ProviderUtil.findProvider(this.ALL_PROVIDERS, str3, KeyPairGenerator.class, KEY_ALGORITHM);
            KeyPair generateKeyPair = (findProvider != null ? KeyPairGenerator.getInstance(KEY_ALGORITHM, findProvider) : KeyPairGenerator.getInstance(KEY_ALGORITHM)).generateKeyPair();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            PublicKey publicKey = generateKeyPair.getPublic();
            X500Principal dn = dn("CA");
            Provider findProvider2 = ProviderUtil.findProvider(this.ALL_PROVIDERS, str3, KeyStore.class, str2);
            KeyStore keyStore = findProvider2 != null ? KeyStore.getInstance(str2, findProvider2) : KeyStore.getInstance(str2);
            keyStore.load(null, null);
            SelfSignedX509CertificateAndSigningKey createSelfSignedCertificate = createSelfSignedCertificate(dn, true, "ca", str, str2, str3);
            keyStore.setCertificateEntry("ca", createSelfSignedCertificate.getSelfSignedCertificate());
            createSignedCertificate(privateKey, publicKey, createSelfSignedCertificate, dn, "server", str, keyStore);
            for (TestUser testUser : TestUser.values()) {
                if (testUser != TestUser.ANONYMOUS) {
                    createSignedCertificate(privateKey, publicKey, createSelfSignedCertificate, dn, testUser.getUser(), str, keyStore);
                }
            }
            createSignedCertificate(privateKey, publicKey, createSelfSignedCertificate, dn, "supervisor", str, keyStore);
            FileOutputStream fileOutputStream = new FileOutputStream(getCertificateFile("trust" + str));
            try {
                keyStore.store(fileOutputStream, "secret".toCharArray());
                fileOutputStream.close();
                createSelfSignedCertificate(dn, true, "untrusted", str, str2, str3);
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    protected static X500Principal dn(String str) {
        return new X500Principal(String.format(BASE_DN, str));
    }

    protected SelfSignedX509CertificateAndSigningKey createSelfSignedCertificate(X500Principal x500Principal, boolean z, String str, String str2, String str3, String str4) {
        SelfSignedX509CertificateAndSigningKey.Builder keyAlgorithmName = SelfSignedX509CertificateAndSigningKey.builder().setDn(x500Principal).setSignatureAlgorithmName(KEY_SIGNATURE_ALGORITHM).setKeyAlgorithmName(KEY_ALGORITHM);
        if (z) {
            keyAlgorithmName.addExtension(false, "BasicConstraints", "CA:true,pathlen:2147483647");
        }
        SelfSignedX509CertificateAndSigningKey build = keyAlgorithmName.build();
        X509Certificate selfSignedCertificate = build.getSelfSignedCertificate();
        writeKeyStore(getCertificateFile(str + str2), str3, str4, keyStore -> {
            try {
                keyStore.setCertificateEntry(str, selfSignedCertificate);
            } catch (KeyStoreException e) {
                throw new RuntimeException(e);
            }
        });
        try {
            FileWriter fileWriter = new FileWriter(new File(this.confDir, str + str2 + ".crt"));
            try {
                fileWriter.write("-----BEGIN CERTIFICATE-----\n");
                fileWriter.write(Base64.getEncoder().encodeToString(selfSignedCertificate.getEncoded()));
                fileWriter.write("\n-----END CERTIFICATE-----\n");
                fileWriter.close();
                try {
                    fileWriter = new FileWriter(new File(this.confDir, str + str2 + ".key"));
                    try {
                        fileWriter.write("-----BEGIN PRIVATE KEY-----\n");
                        fileWriter.write(Base64.getEncoder().encodeToString(build.getSigningKey().getEncoded()));
                        fileWriter.write("\n-----END PRIVATE KEY-----\n");
                        fileWriter.close();
                        return build;
                    } finally {
                        try {
                            fileWriter.close();
                        } catch (Throwable th) {
                            th.addSuppressed(th);
                        }
                    }
                } catch (Exception e) {
                    throw new RuntimeException(e);
                }
            } finally {
            }
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    protected void createSignedCertificate(PrivateKey privateKey, PublicKey publicKey, SelfSignedX509CertificateAndSigningKey selfSignedX509CertificateAndSigningKey, X500Principal x500Principal, String str, String str2, KeyStore keyStore) throws CertificateException {
        X509Certificate selfSignedCertificate = selfSignedX509CertificateAndSigningKey.getSelfSignedCertificate();
        X509Certificate build = new X509CertificateBuilder().setIssuerDn(x500Principal).setSubjectDn(dn(str)).setSignatureAlgorithmName(KEY_SIGNATURE_ALGORITHM).setSigningKey(selfSignedX509CertificateAndSigningKey.getSigningKey()).setPublicKey(publicKey).setSerialNumber(BigInteger.valueOf(this.certSerial.getAndIncrement())).addExtension(new BasicConstraintsExtension(false, false, -1)).build();
        try {
            keyStore.setCertificateEntry(str, build);
            writeKeyStore(getCertificateFile(str + str2), keyStore.getType(), keyStore.getProvider().getName(), keyStore2 -> {
                try {
                    keyStore2.setCertificateEntry("ca", selfSignedCertificate);
                    keyStore2.setKeyEntry(str, privateKey, "secret".toCharArray(), new X509Certificate[]{build, selfSignedCertificate});
                } catch (KeyStoreException e) {
                    throw new RuntimeException(e);
                }
            });
        } catch (KeyStoreException e) {
            throw new RuntimeException(e);
        }
    }

    private void writeKeyStore(File file, String str, String str2, Consumer<KeyStore> consumer) {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                Provider findProvider = ProviderUtil.findProvider(this.ALL_PROVIDERS, str2, KeyStore.class, str);
                KeyStore keyStore = findProvider != null ? KeyStore.getInstance(str, findProvider) : KeyStore.getInstance(str);
                keyStore.load(null, null);
                consumer.accept(keyStore);
                keyStore.store(fileOutputStream, "secret".toCharArray());
                fileOutputStream.close();
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void applyKeyStore(ConfigurationBuilder configurationBuilder, String str) {
        applyKeyStore(configurationBuilder, str, "pkcs12", (String) null);
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void applyKeyStore(ConfigurationBuilder configurationBuilder, String str, String str2, String str3) {
        configurationBuilder.security().ssl().keyStoreFileName(getCertificateFile(str).getAbsolutePath()).keyStorePassword("secret".toCharArray()).keyStoreType(str2).provider(str3);
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void applyKeyStore(RestClientConfigurationBuilder restClientConfigurationBuilder, String str) {
        applyKeyStore(restClientConfigurationBuilder, str, "pkcs12", (String) null);
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void applyKeyStore(RestClientConfigurationBuilder restClientConfigurationBuilder, String str, String str2, String str3) {
        restClientConfigurationBuilder.security().ssl().keyStoreFileName(getCertificateFile(str).getAbsolutePath()).keyStorePassword("secret".toCharArray()).keyStoreType(str2).provider(str3);
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void applyTrustStore(ConfigurationBuilder configurationBuilder, String str) {
        applyTrustStore(configurationBuilder, str, "pkcs12", (String) null);
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void applyTrustStore(ConfigurationBuilder configurationBuilder, String str, String str2, String str3) {
        configurationBuilder.security().ssl().trustStoreFileName(getCertificateFile(str).getAbsolutePath()).trustStorePassword("secret".toCharArray()).trustStoreType(str2).provider(str3);
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void applyTrustStore(RestClientConfigurationBuilder restClientConfigurationBuilder, String str) {
        applyTrustStore(restClientConfigurationBuilder, str, "pkcs12", (String) null);
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void applyTrustStore(RestClientConfigurationBuilder restClientConfigurationBuilder, String str, String str2, String str3) {
        restClientConfigurationBuilder.security().ssl().trustStoreFileName(getCertificateFile(str).getAbsolutePath()).trustStorePassword("secret".toCharArray()).trustStoreType(str2).provider(str3);
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public void pause(int i) {
    }

    @Override // org.infinispan.server.test.core.InfinispanServerDriver
    public RemoteCacheManager createRemoteCacheManager(ConfigurationBuilder configurationBuilder) {
        return new RemoteCacheManager(configurationBuilder.build());
    }

    private static InterfaceAddress findAddress(Predicate<InetAddress> predicate) throws IOException {
        InterfaceAddress findAddress;
        Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
        while (networkInterfaces.hasMoreElements()) {
            NetworkInterface nextElement = networkInterfaces.nextElement();
            if (nextElement.isUp() && (findAddress = findAddress(nextElement, predicate)) != null) {
                return findAddress;
            }
        }
        throw new IOException("No matching addresses found");
    }

    private static InterfaceAddress findAddress(NetworkInterface networkInterface, Predicate<InetAddress> predicate) {
        for (InterfaceAddress interfaceAddress : networkInterface.getInterfaceAddresses()) {
            if (predicate.test(interfaceAddress.getAddress())) {
                return interfaceAddress;
            }
        }
        return null;
    }
}
