package org.keycloak.procotol.docker.installation;

import jakarta.ws.rs.core.Response;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.nio.charset.Charset;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.List;
import java.util.Optional;
import java.util.zip.ZipEntry;
import java.util.zip.ZipInputStream;
import java.util.zip.ZipOutputStream;
import org.apache.commons.io.FileUtils;
import org.hamcrest.MatcherAssert;
import org.hamcrest.core.IsEqual;
import org.hamcrest.core.IsNull;
import org.junit.Assert;
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Ignore;
import org.junit.Test;
import org.keycloak.common.crypto.CryptoIntegration;
import org.keycloak.common.util.CertificateUtils;
import org.keycloak.common.util.PemUtils;
import org.keycloak.protocol.docker.installation.DockerComposeYamlInstallationProvider;
import org.keycloak.rule.CryptoInitRule;

/* loaded from: input_file:org/keycloak/procotol/docker/installation/DockerComposeYamlInstallationProviderTest.class */
public class DockerComposeYamlInstallationProviderTest {

    @ClassRule
    public static CryptoInitRule cryptoInitRule = new CryptoInitRule();
    DockerComposeYamlInstallationProvider installationProvider;
    static Certificate certificate;

    @Before
    public void setUp() throws Exception {
        KeyPairGenerator keyPairGen = CryptoIntegration.getProvider().getKeyPairGen("RSA");
        keyPairGen.initialize(2048, new SecureRandom());
        certificate = CertificateUtils.generateV1SelfSignedCertificate(keyPairGen.generateKeyPair(), "test-realm");
        this.installationProvider = new DockerComposeYamlInstallationProvider();
    }

    private Response fireInstallationProvider() throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        return this.installationProvider.generateInstallation(new ZipOutputStream(byteArrayOutputStream), byteArrayOutputStream, certificate, new URL("http://localhost:8080/auth/"), "docker-test", "docker-registry");
    }

    @Test
    @Ignore
    public void writeToRealZip() throws IOException {
        FileUtils.writeByteArrayToFile(new File("target/keycloak-docker-compose-yaml.zip"), (byte[]) fireInstallationProvider().getEntity());
    }

    @Test
    public void testAllTheZipThings() throws Exception {
        Response fireInstallationProvider = fireInstallationProvider();
        MatcherAssert.assertThat("compose YAML returned non-ok response", Integer.valueOf(fireInstallationProvider.getStatus()), IsEqual.equalTo(Integer.valueOf(Response.Status.OK.getStatusCode())));
        shouldIncludeDockerComposeYamlInZip(getZipResponseFromInstallProvider(fireInstallationProvider));
        shouldIncludeReadmeInZip(getZipResponseFromInstallProvider(fireInstallationProvider));
        shouldWriteBlankDataDirectoryInZip(getZipResponseFromInstallProvider(fireInstallationProvider));
        shouldWriteCertDirectoryInZip(getZipResponseFromInstallProvider(fireInstallationProvider));
        shouldWriteSslCertificateInZip(getZipResponseFromInstallProvider(fireInstallationProvider));
        shouldWritePrivateKeyInZip(getZipResponseFromInstallProvider(fireInstallationProvider));
    }

    public void shouldIncludeDockerComposeYamlInZip(ZipInputStream zipInputStream) throws Exception {
        Optional<String> fileContents = getFileContents(zipInputStream, "keycloak-docker-compose-yaml/docker-compose.yaml");
        MatcherAssert.assertThat("Could not find docker-compose.yaml file in zip archive response", Boolean.valueOf(fileContents.isPresent()), IsEqual.equalTo(true));
        List readLines = FileUtils.readLines(new File("src/test/resources/docker-compose-expected.yaml"), Charset.defaultCharset());
        String[] split = fileContents.get().split("\n");
        String str = "Invalid docker-compose file contents: \n" + fileContents.get();
        for (int i = 0; i < readLines.size(); i++) {
            Assert.assertEquals(str, readLines.get(i), split[i]);
        }
    }

    public void shouldIncludeReadmeInZip(ZipInputStream zipInputStream) throws Exception {
        MatcherAssert.assertThat("Could not find README.md file in zip archive response", Boolean.valueOf(getFileContents(zipInputStream, "keycloak-docker-compose-yaml/README.md").isPresent()), IsEqual.equalTo(true));
    }

    public void shouldWriteBlankDataDirectoryInZip(ZipInputStream zipInputStream) throws Exception {
        boolean z = false;
        while (true) {
            ZipEntry nextEntry = zipInputStream.getNextEntry();
            if (nextEntry == null) {
                MatcherAssert.assertThat("Could not find data directory", Boolean.valueOf(z), IsEqual.equalTo(true));
                return;
            }
            try {
                if (nextEntry.getName().equals("keycloak-docker-compose-yaml/data/")) {
                    z = true;
                    MatcherAssert.assertThat("Zip entry for data directory is not the correct type", Boolean.valueOf(nextEntry.isDirectory()), IsEqual.equalTo(true));
                }
            } finally {
                zipInputStream.closeEntry();
            }
        }
    }

    public void shouldWriteCertDirectoryInZip(ZipInputStream zipInputStream) throws Exception {
        boolean z = false;
        while (true) {
            ZipEntry nextEntry = zipInputStream.getNextEntry();
            if (nextEntry == null) {
                MatcherAssert.assertThat("Could not find cert directory", Boolean.valueOf(z), IsEqual.equalTo(true));
                return;
            }
            try {
                if (nextEntry.getName().equals("keycloak-docker-compose-yaml/certs/")) {
                    z = true;
                    MatcherAssert.assertThat("Zip entry for cert directory is not the correct type", Boolean.valueOf(nextEntry.isDirectory()), IsEqual.equalTo(true));
                }
            } finally {
                zipInputStream.closeEntry();
            }
        }
    }

    public void shouldWriteSslCertificateInZip(ZipInputStream zipInputStream) throws Exception {
        Optional<String> fileContents = getFileContents(zipInputStream, "keycloak-docker-compose-yaml/certs/localhost.crt");
        MatcherAssert.assertThat("Could not find localhost certificate", Boolean.valueOf(fileContents.isPresent()), IsEqual.equalTo(true));
        MatcherAssert.assertThat("Invalid x509 given by docker-compose YAML", PemUtils.decodeCertificate(fileContents.get()), IsNull.notNullValue());
    }

    public void shouldWritePrivateKeyInZip(ZipInputStream zipInputStream) throws Exception {
        Optional<String> fileContents = getFileContents(zipInputStream, "keycloak-docker-compose-yaml/certs/localhost.key");
        MatcherAssert.assertThat("Could not find localhost private key", Boolean.valueOf(fileContents.isPresent()), IsEqual.equalTo(true));
        MatcherAssert.assertThat("Invalid private Key given by docker-compose YAML", PemUtils.decodePrivateKey(fileContents.get()), IsNull.notNullValue());
    }

    private ZipInputStream getZipResponseFromInstallProvider(Response response) throws IOException {
        Object entity = response.getEntity();
        if (!(entity instanceof byte[])) {
            Assert.fail("Recieved non-byte[] entity for docker-compose YAML installation response");
        }
        return new ZipInputStream(new ByteArrayInputStream((byte[]) entity));
    }

    private static Optional<String> getFileContents(ZipInputStream zipInputStream, String str) throws IOException {
        while (true) {
            ZipEntry nextEntry = zipInputStream.getNextEntry();
            if (nextEntry == null) {
                return Optional.empty();
            }
            try {
                if (nextEntry.getName().equals(str)) {
                    Optional<String> of = Optional.of(readBytesToString(zipInputStream));
                    zipInputStream.closeEntry();
                    return of;
                }
                zipInputStream.closeEntry();
            } catch (Throwable th) {
                zipInputStream.closeEntry();
                throw th;
            }
        }
    }

    private static String readBytesToString(InputStream inputStream) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[4096];
        while (true) {
            try {
                int read = inputStream.read(bArr);
                if (read == -1) {
                    return new String(byteArrayOutputStream.toByteArray());
                }
                byteArrayOutputStream.write(bArr, 0, read);
            } finally {
                byteArrayOutputStream.close();
            }
        }
    }
}
