package org.apache.activemq.artemis.tests.integration.mqtt.imported;

import java.io.EOFException;
import java.io.IOException;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLException;
import org.apache.activemq.artemis.api.core.TransportConfiguration;
import org.apache.activemq.artemis.core.config.Configuration;
import org.apache.activemq.artemis.core.config.WildcardConfiguration;
import org.apache.activemq.artemis.core.remoting.impl.netty.NettyAcceptorFactory;
import org.apache.activemq.artemis.core.remoting.impl.ssl.SSLSupport;
import org.apache.activemq.artemis.core.server.ActiveMQServer;
import org.apache.activemq.artemis.tests.util.ActiveMQTestBase;
import org.fusesource.mqtt.client.BlockingConnection;
import org.fusesource.mqtt.client.MQTT;
import org.fusesource.mqtt.client.QoS;
import org.fusesource.mqtt.client.Topic;
import org.junit.Test;

/* loaded from: input_file:org/apache/activemq/artemis/tests/integration/mqtt/imported/MQTTSecurityCRLTest.class */
public class MQTTSecurityCRLTest extends ActiveMQTestBase {
    @Test
    public void crlRevokedTest() throws Exception {
        ActiveMQServer initServer = initServer();
        BlockingConnection blockingConnection = null;
        try {
            initServer.start();
            while (!initServer.isStarted()) {
                Thread.sleep(50L);
            }
            blockingConnection = retrieveMQTTConnection("ssl://localhost:1883", "server-ca-truststore.jks", "securepass", "other-client-keystore.jks", "securepass");
            blockingConnection.subscribe(new Topic[]{new Topic("test/+/some/#", QoS.AT_MOST_ONCE)});
            blockingConnection.publish("test/1/some/la", "This is message 1".getBytes(), QoS.AT_LEAST_ONCE, false);
            assertEquals("This is message 1", new String(blockingConnection.receive(5L, TimeUnit.SECONDS).getPayload()));
            fail("We expect an exception of some sort!");
            if (blockingConnection != null) {
                blockingConnection.disconnect();
            }
            if (initServer.isStarted()) {
                initServer.stop();
            }
        } catch (EOFException e) {
            if (blockingConnection != null) {
                blockingConnection.disconnect();
            }
            if (initServer.isStarted()) {
                initServer.stop();
            }
        } catch (SSLException e2) {
            if (blockingConnection != null) {
                blockingConnection.disconnect();
            }
            if (initServer.isStarted()) {
                initServer.stop();
            }
        } catch (Throwable th) {
            if (blockingConnection != null) {
                blockingConnection.disconnect();
            }
            if (initServer.isStarted()) {
                initServer.stop();
            }
            throw th;
        }
    }

    @Test
    public void crlNotRevokedTest() throws Exception {
        ActiveMQServer initServer = initServer();
        BlockingConnection blockingConnection = null;
        try {
            initServer.start();
            while (!initServer.isStarted()) {
                Thread.sleep(50L);
            }
            blockingConnection = retrieveMQTTConnection("ssl://localhost:1883", "server-ca-truststore.jks", "securepass", "client-keystore.jks", "securepass");
            blockingConnection.subscribe(new Topic[]{new Topic("test/+/some/#", QoS.AT_MOST_ONCE)});
            blockingConnection.publish("test/1/some/la", "This is message 1".getBytes(), QoS.AT_LEAST_ONCE, false);
            assertEquals("This is message 1", new String(blockingConnection.receive(5L, TimeUnit.SECONDS).getPayload()));
            if (blockingConnection != null) {
                blockingConnection.disconnect();
            }
            if (initServer.isStarted()) {
                initServer.stop();
            }
        } catch (Throwable th) {
            if (blockingConnection != null) {
                blockingConnection.disconnect();
            }
            if (initServer.isStarted()) {
                initServer.stop();
            }
            throw th;
        }
    }

    private ActiveMQServer initServer() throws Exception {
        Configuration securityEnabled = createDefaultNettyConfig().setSecurityEnabled(false);
        addMqttTransportConfiguration(securityEnabled);
        addWildCardConfiguration(securityEnabled);
        return createServer(true, securityEnabled);
    }

    private void addWildCardConfiguration(Configuration configuration) {
        WildcardConfiguration wildcardConfiguration = new WildcardConfiguration();
        wildcardConfiguration.setAnyWords('#');
        wildcardConfiguration.setDelimiter('/');
        wildcardConfiguration.setRoutingEnabled(true);
        wildcardConfiguration.setSingleWord('+');
        configuration.setWildCardConfiguration(wildcardConfiguration);
    }

    private void addMqttTransportConfiguration(Configuration configuration) throws IOException {
        TransportConfiguration transportConfiguration = new TransportConfiguration(NettyAcceptorFactory.class.getCanonicalName(), (Map) null, "mqtt", (Map) null);
        transportConfiguration.getParams().put("sslEnabled", true);
        transportConfiguration.getParams().put("trustStorePath", "client-ca-truststore.jks");
        transportConfiguration.getParams().put("trustStorePassword", "securepass");
        transportConfiguration.getParams().put("keyStorePath", "server-keystore.jks");
        transportConfiguration.getParams().put("keyStorePassword", "securepass");
        transportConfiguration.getParams().put("crlPath", "other-client-crl.pem");
        transportConfiguration.getParams().put("needClientAuth", "true");
        transportConfiguration.getParams().put("port", "1883");
        transportConfiguration.getParams().put("host", "localhost");
        transportConfiguration.getParams().put("protocols", "MQTT");
        configuration.getAcceptorConfigurations().add(transportConfiguration);
    }

    private BlockingConnection retrieveMQTTConnection(String str, String str2, String str3, String str4, String str5) throws Exception {
        MQTT mqtt = new MQTT();
        mqtt.setConnectAttemptsMax(1L);
        mqtt.setReconnectAttemptsMax(0L);
        mqtt.setHost(str);
        mqtt.setSslContext(new SSLSupport().setKeystorePath(str4).setKeystorePassword(str5).setTruststorePath(str2).setTruststorePassword(str3).createContext());
        BlockingConnection blockingConnection = mqtt.blockingConnection();
        blockingConnection.connect();
        return blockingConnection;
    }
}
