package org.wso2.am.integration.tests.api.lifecycle;

import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.util.ArrayList;
import java.util.HashMap;
import javax.xml.xpath.XPathExpressionException;
import org.apache.cxf.transport.https.HttpsURLConnectionFactory;
import org.json.JSONException;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Factory;
import org.testng.annotations.Test;
import org.wso2.am.integration.clients.publisher.api.ApiException;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIDTO;
import org.wso2.am.integration.clients.publisher.api.v1.dto.APIOperationsDTO;
import org.wso2.am.integration.test.utils.APIManagerIntegrationTestException;
import org.wso2.am.integration.test.utils.bean.APIRequest;
import org.wso2.am.integration.test.utils.http.HTTPSClientUtils;
import org.wso2.carbon.automation.engine.annotations.ExecutionEnvironment;
import org.wso2.carbon.automation.engine.annotations.SetEnvironment;
import org.wso2.carbon.automation.engine.context.TestUserMode;
import org.wso2.carbon.automation.test.utils.http.client.HttpResponse;
import org.wso2.carbon.integration.common.utils.exceptions.AutomationUtilException;
import org.wso2.carbon.um.ws.api.stub.RemoteUserStoreManagerServiceUserStoreExceptionException;
import org.wso2.carbon.user.core.UserStoreException;

@SetEnvironment(executionEnvironments = {ExecutionEnvironment.STANDALONE})
/* loaded from: input_file:org/wso2/am/integration/tests/api/lifecycle/APISecurityMutualSSLCertificateChainValidationTestCase.class */
public class APISecurityMutualSSLCertificateChainValidationTestCase extends APIManagerLifecycleBaseTest {
    private final String rootCertAPI = "rootCertAPI";
    private final String intermediateCertAPI = "intermediateCertAPI";
    private final String API_END_POINT_METHOD = "/customers/123";
    private final String API_VERSION_1_0_0 = "1.0.0";
    private final String API_END_POINT_POSTFIX_URL = "jaxrs_basic/services/customers/customerservice/";
    private String apiEndPointUrl;
    private String apiId1;
    private String apiId2;

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider
    public static Object[][] userModeDataProvider() {
        return new Object[]{new Object[]{TestUserMode.SUPER_TENANT_ADMIN}, new Object[]{TestUserMode.TENANT_ADMIN}};
    }

    @Factory(dataProvider = "userModeDataProvider")
    public APISecurityMutualSSLCertificateChainValidationTestCase(TestUserMode testUserMode) {
        this.userMode = testUserMode;
    }

    @BeforeClass(alwaysRun = true)
    public void initialize() throws APIManagerIntegrationTestException, IOException, ApiException, org.wso2.am.integration.clients.store.api.ApiException, XPathExpressionException, AutomationUtilException, InterruptedException, JSONException, RemoteUserStoreManagerServiceUserStoreExceptionException, UserStoreException {
        super.init(this.userMode);
        this.apiEndPointUrl = this.backEndServerUrl.getWebAppURLHttp() + "jaxrs_basic/services/customers/customerservice/";
        APIRequest aPIRequest = new APIRequest("rootCertAPI", "rootCertAPI", new URL(this.apiEndPointUrl));
        aPIRequest.setVersion("1.0.0");
        aPIRequest.setTiersCollection("Unlimited");
        aPIRequest.setTier("Unlimited");
        aPIRequest.setTags("testTag1, testTag2, testTag3");
        aPIRequest.setVisibility(APIDTO.VisibilityEnum.PUBLIC.getValue());
        aPIRequest.setProvider(this.user.getUserName());
        APIOperationsDTO aPIOperationsDTO = new APIOperationsDTO();
        aPIOperationsDTO.setVerb("GET");
        aPIOperationsDTO.setTarget("/customers/{id}");
        aPIOperationsDTO.setAuthType("Application & Application User");
        aPIOperationsDTO.setThrottlingPolicy("Unlimited");
        ArrayList arrayList = new ArrayList();
        arrayList.add(aPIOperationsDTO);
        aPIRequest.setOperationsDTOS(arrayList);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add("mutualssl");
        arrayList2.add("mutualssl_mandatory");
        aPIRequest.setSecurityScheme(arrayList2);
        aPIRequest.setDefault_version("true");
        aPIRequest.setHttps_checked(HttpsURLConnectionFactory.HTTPS_URL_PROTOCOL_ID);
        aPIRequest.setHttp_checked((String) null);
        aPIRequest.setDefault_version_checked("true");
        this.apiId1 = this.restAPIPublisher.addAPI(aPIRequest).getData();
        this.restAPIPublisher.uploadCertificate(new File(getAMResourceLocation() + File.separator + "lifecycletest" + File.separator + "mutualssl" + File.separator + "cert_chain_root.cer"), "cert_chain_root", this.apiId1, "Unlimited");
        createAPIRevisionAndDeployUsingRest(this.apiId1, this.restAPIPublisher);
        APIRequest aPIRequest2 = new APIRequest("intermediateCertAPI", "intermediateCertAPI", new URL(this.apiEndPointUrl));
        aPIRequest2.setVersion("1.0.0");
        aPIRequest2.setTiersCollection("Unlimited");
        aPIRequest2.setTier("Unlimited");
        aPIRequest2.setTags("testTag1, testTag2, testTag3");
        aPIRequest2.setVisibility(APIDTO.VisibilityEnum.PUBLIC.getValue());
        aPIRequest2.setProvider(this.user.getUserName());
        aPIRequest2.setOperationsDTOS(arrayList);
        aPIRequest2.setSecurityScheme(arrayList2);
        aPIRequest2.setDefault_version("true");
        aPIRequest2.setHttps_checked(HttpsURLConnectionFactory.HTTPS_URL_PROTOCOL_ID);
        aPIRequest2.setHttp_checked((String) null);
        aPIRequest2.setDefault_version_checked("true");
        this.apiId2 = this.restAPIPublisher.addAPI(aPIRequest2).getData();
        this.restAPIPublisher.uploadCertificate(new File(getAMResourceLocation() + File.separator + "lifecycletest" + File.separator + "mutualssl" + File.separator + "cert_chain_intermediate.cer"), "cert_chain_intermediate", this.apiId2, "Unlimited");
        createAPIRevisionAndDeployUsingRest(this.apiId2, this.restAPIPublisher);
        waitForAPIDeploymentSync(this.user.getUserName(), "rootCertAPI", "1.0.0", "\"isApiExists\":true");
        waitForAPIDeploymentSync(this.user.getUserName(), "intermediateCertAPI", "1.0.0", "\"isApiExists\":true");
        Thread.sleep(120000L);
    }

    @Test(description = "Invoke mutual SSL only API with not supported certificate")
    public void testAPIInvocationWithMutualSSLOnlyAPINegative() throws IOException, XPathExpressionException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, UnrecoverableKeyException {
        HashMap hashMap = new HashMap();
        hashMap.put("accept", "text/xml");
        HttpResponse doMutulSSLGet = HTTPSClientUtils.doMutulSSLGet(getAMResourceLocation() + File.separator + "lifecycletest" + File.separator + "mutualssl" + File.separator + "test.jks", getAPIInvocationURLHttps("rootCertAPI", "1.0.0") + "/customers/123", hashMap);
        HttpResponse doMutulSSLGet2 = HTTPSClientUtils.doMutulSSLGet(getAMResourceLocation() + File.separator + "lifecycletest" + File.separator + "mutualssl" + File.separator + "test.jks", getAPIInvocationURLHttps("rootCertAPI") + "/customers/123", hashMap);
        Assert.assertEquals(doMutulSSLGet.getResponseCode(), 401);
        Assert.assertEquals(doMutulSSLGet2.getResponseCode(), 401);
    }

    @Test(description = "API invocation with mutual ssl mandatory", dependsOnMethods = {"testAPIInvocationWithMutualSSLOnlyAPINegative"})
    public void testAPIInvocationWithMutualSSLMandatory() throws IOException, XPathExpressionException, NoSuchAlgorithmException, KeyStoreException, KeyManagementException, UnrecoverableKeyException {
        HashMap hashMap = new HashMap();
        hashMap.put("accept", "text/xml");
        Assert.assertEquals(HTTPSClientUtils.doMutulSSLGet(getAMResourceLocation() + File.separator + "lifecycletest" + File.separator + "mutualssl" + File.separator + "cert_chain_root.jks", getAPIInvocationURLHttps("rootCertAPI", "1.0.0") + "/customers/123", hashMap).getResponseCode(), 200, "Mutual SSL Authentication has not succeed");
        Assert.assertEquals(HTTPSClientUtils.doMutulSSLGet(getAMResourceLocation() + File.separator + "lifecycletest" + File.separator + "mutualssl" + File.separator + "cert_chain_client.jks", getAPIInvocationURLHttps("rootCertAPI", "1.0.0") + "/customers/123", hashMap).getResponseCode(), 200, "Mutual SSL Authentication has not succeed");
        Assert.assertEquals(HTTPSClientUtils.doMutulSSLGet(getAMResourceLocation() + File.separator + "lifecycletest" + File.separator + "mutualssl" + File.separator + "cert_chain_client_head_only.jks", getAPIInvocationURLHttps("rootCertAPI", "1.0.0") + "/customers/123", hashMap).getResponseCode(), 200, "Mutual SSL Authentication has not succeed");
        Assert.assertEquals(HTTPSClientUtils.doMutulSSLGet(getAMResourceLocation() + File.separator + "lifecycletest" + File.separator + "mutualssl" + File.separator + "cert_chain_root.jks", getAPIInvocationURLHttps("rootCertAPI") + "/customers/123", hashMap).getResponseCode(), 200, "Mutual SSL Authentication has not succeed");
        Assert.assertEquals(HTTPSClientUtils.doMutulSSLGet(getAMResourceLocation() + File.separator + "lifecycletest" + File.separator + "mutualssl" + File.separator + "cert_chain_client.jks", getAPIInvocationURLHttps("rootCertAPI") + "/customers/123", hashMap).getResponseCode(), 200, "Mutual SSL Authentication has not succeed");
    }

    @AfterClass(alwaysRun = true)
    public void cleanUpArtifacts() throws Exception {
        this.restAPIPublisher.deleteAPI(this.apiId1);
        this.restAPIPublisher.deleteAPI(this.apiId2);
    }
}
