package be.iminds.ilabt.jfed.lowlevel.api.test;

import be.iminds.ilabt.jfed.log.Logger;
import be.iminds.ilabt.jfed.lowlevel.AnyCredential;
import be.iminds.ilabt.jfed.lowlevel.ApiInfo;
import be.iminds.ilabt.jfed.lowlevel.CredentialException;
import be.iminds.ilabt.jfed.lowlevel.GeniAMResponseCode;
import be.iminds.ilabt.jfed.lowlevel.GeniUser;
import be.iminds.ilabt.jfed.lowlevel.GeniUserProvider;
import be.iminds.ilabt.jfed.lowlevel.JFedException;
import be.iminds.ilabt.jfed.lowlevel.SfaCredential;
import be.iminds.ilabt.jfed.lowlevel.TestbedInfoSource;
import be.iminds.ilabt.jfed.lowlevel.api.AbstractGeniAggregateManager;
import be.iminds.ilabt.jfed.lowlevel.api.AggregateManager2;
import be.iminds.ilabt.jfed.lowlevel.api.AggregateManager3;
import be.iminds.ilabt.jfed.lowlevel.connection.JFedConnectionProvider;
import be.iminds.ilabt.jfed.lowlevel.connection.SfaConnection;
import be.iminds.ilabt.jfed.preferences.JFedPreferences;
import be.iminds.ilabt.jfed.testing.base.ApiTest;
import be.iminds.ilabt.jfed.testing.base.ApiTestMetaData;
import be.iminds.ilabt.jfed.ui.commandline.ContextFile;
import be.iminds.ilabt.jfed.util.TargetAuthority;
import be.iminds.ilabt.jfed.util.TextUtil;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.annotation.Nonnull;
import javax.inject.Inject;

/* loaded from: input_file:be/iminds/ilabt/jfed/lowlevel/api/test/TestDelegationOnAggregateManager.class */
public class TestDelegationOnAggregateManager extends ApiTest {
    private static final ApiTestMetaData metadata = new ApiTestMetaData() { // from class: be.iminds.ilabt.jfed.lowlevel.api.test.TestDelegationOnAggregateManager.1
        @Override // be.iminds.ilabt.jfed.testing.base.ApiTestMetaData
        @Nonnull
        public String getTestDescription() {
            return "Delegation or speaksfor credential generation and usage test. This test generates a delegated or speaksfor credentials, and uses it to call ListResources on an AM.";
        }

        @Override // be.iminds.ilabt.jfed.testing.base.ApiTestMetaData
        @Nonnull
        public List<String> getOptConfKeys() {
            ArrayList arrayList = new ArrayList();
            arrayList.add("useSpeaksFor");
            arrayList.add("speaksForOptionNames");
            arrayList.add("passwordFilename2");
            arrayList.add("amVersion");
            return arrayList;
        }

        @Override // be.iminds.ilabt.jfed.testing.base.ApiTestMetaData
        @Nonnull
        public List<String> getReqConfKeys() {
            ArrayList arrayList = new ArrayList();
            arrayList.add("userUrn2");
            arrayList.add("pemKeyAndCertFilename2");
            arrayList.add("userAuthorityUrn2");
            return arrayList;
        }
    };
    private AggregateManager2 am2;
    private AggregateManager3 am3;
    private CommonAMTest commonAMTestUser1;
    private CommonAMTest commonAMTestUser2;
    private GeniUser secondUser;
    private SfaCredential userCredential1;
    private SfaCredential userCredential2;
    private SfaCredential userCredential2DelegatedToUser1;
    private boolean delegation;
    private List<String> speakForOptionNames;
    private int amVersion;
    private Map versionRawResult;
    private AggregateManager2.VersionInfo versionInfo;

    @Inject
    public TestDelegationOnAggregateManager(Logger logger, TargetAuthority targetAuthority, GeniUserProvider geniUserProvider, JFedConnectionProvider jFedConnectionProvider, TestbedInfoSource testbedInfoSource, JFedPreferences jFedPreferences) {
        super(logger, targetAuthority, geniUserProvider, jFedConnectionProvider, testbedInfoSource, jFedPreferences);
        this.amVersion = 2;
        this.versionRawResult = null;
        this.versionInfo = null;
    }

    public static ApiTestMetaData getMetaData() {
        return metadata;
    }

    public SfaConnection getAMConnectionUser1() throws JFedException {
        return this.connectionProvider.getConnectionByAuthority(this.user, this.testedAuthority.getServerToConnect(), new ApiInfo.Api(ApiInfo.ApiName.GENI_AM, this.amVersion));
    }

    public SfaConnection getAMConnectionUser2() throws JFedException {
        return this.connectionProvider.getConnectionByAuthority(this.secondUser, this.testedAuthority.getServerToConnect(), new ApiInfo.Api(ApiInfo.ApiName.GENI_AM, this.amVersion));
    }

    private List<AnyCredential> getUser1CredentialList() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.userCredential1);
        return arrayList;
    }

    private List<AnyCredential> getUser2CredentialList() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.userCredential2);
        return arrayList;
    }

    private List<AnyCredential> getUser2DelegatedToUser1CredentialList() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(this.userCredential2DelegatedToUser1);
        return arrayList;
    }

    @Override // be.iminds.ilabt.jfed.testing.base.ApiTest
    public void setUp() throws CredentialException {
        Boolean objectToBoolean = TextUtil.objectToBoolean(getTestConfig().get("useSpeaksFor"));
        if (objectToBoolean != null) {
            this.delegation = !objectToBoolean.booleanValue();
            if (this.delegation) {
                note("This test will test delegation");
            } else {
                note("This test will test speaks-for");
            }
        } else {
            this.delegation = true;
            note("This test will test delegation");
        }
        if (getTestConfig().get("amVersion") != null) {
            this.amVersion = Integer.parseInt(getTestConfig().get("amVersion") + "");
            assertTrue(this.amVersion >= 2 && this.amVersion <= 3, "Unsupported AM version: " + this.amVersion);
        }
        note("Getting info for 2nd user");
        this.secondUser = null;
        try {
            this.secondUser = new ContextFile(getTestConfig(), this.testbedInfoSource, this.authorityFinder).getUser("2");
            assertNotNull(this.secondUser);
            assertNotNull(this.secondUser.getUserAuthorityServer());
            assertNotNull(this.user);
            assertNotNull(this.user.getUserAuthorityServer());
            this.am2 = new AggregateManager2(this.logger, this.jFedPreferences);
            this.am3 = new AggregateManager3(this.logger, this.jFedPreferences);
            this.commonAMTestUser1 = new CommonAMTest(this, this.user.getUserAuthorityServer());
            this.commonAMTestUser2 = new CommonAMTest(this, this.secondUser.getUserAuthorityServer());
            if (!getTestConfig().containsKey("speaksForOptionNames")) {
                this.speakForOptionNames = new ArrayList();
                this.speakForOptionNames.add("speaking_for");
                this.speakForOptionNames.add("geni_speaking_for");
                note("Using default speaksFor option names to use: " + this.speakForOptionNames);
                return;
            }
            String[] split = ((String) getTestConfig().get("speaksForOptionNames")).split(",");
            this.speakForOptionNames = new ArrayList();
            for (String str : split) {
                this.speakForOptionNames.add(str.trim());
            }
            note("Setting speaksFor option names to use: " + this.speakForOptionNames);
        } catch (ContextFile.ContextFileException e) {
            throw new RuntimeException("Exception extracting user 2 details from context file", e);
        }
    }

    @ApiTest.Test(description = "Fetching User 1 Credential.")
    public void getUser1Credential() throws JFedException, CredentialException {
        GeniUser geniUser = this.user;
        this.userCredential1 = this.commonAMTestUser1.getUserCredentialListForAM();
        assertNotNull(this.userCredential1);
        note("Credential owner urn:  \"" + this.userCredential1.getOwnerUrn() + "\"");
        note("Credential target urn: \"" + this.userCredential1.getTargetUrn() + "\"");
        note("Credential type:       \"" + this.userCredential1.getType() + "\"");
        note("Credential expires:    \"" + this.userCredential1.getExpires() + "\"");
        note("Credential expires (parsed):    \"" + this.userCredential1.getExpiresDate() + "\"");
        assertTrue(this.userCredential1.check(this.testbedInfoSource));
        note("Credential for " + geniUser.getUserUrnString() + " passed check");
    }

    @ApiTest.Test(description = "Fetching User 2 Credential.")
    public void getUser2Credential() throws JFedException, CredentialException {
        this.userCredential2 = this.commonAMTestUser2.getUserCredentialListForAM();
        assertNotNull(this.userCredential2);
        note("Credential owner urn:  \"" + this.userCredential2.getOwnerUrn() + "\"");
        note("Credential target urn: \"" + this.userCredential2.getTargetUrn() + "\"");
        note("Credential type:       \"" + this.userCredential2.getType() + "\"");
        note("Credential expires:    \"" + this.userCredential2.getExpires() + "\"");
        note("Credential expires (parsed):    \"" + this.userCredential2.getExpiresDate() + "\"");
        assertTrue(this.userCredential2.check(this.testbedInfoSource));
        note("Credential for " + this.secondUser.getUserUrnString() + " passed check");
    }

    @ApiTest.Test(description = "Create delegated or speaksfor credential", hardDepends = {"getUser2Credential"})
    public void createDelegatedOrSpeaksForCredential() throws JFedException, CredentialException {
        createDelegatedOrSpeaksForCredentialInternal();
    }

    public void createDelegatedOrSpeaksForCredentialInternal() throws JFedException, CredentialException {
        GeniUser geniUser = this.user;
        GeniUser geniUser2 = this.secondUser;
        assertNotNull(this.userCredential2);
        Date date = new Date(System.currentTimeMillis() + 86400000);
        if (this.userCredential2.getExpiresDate() != null && date.after(this.userCredential2.getExpiresDate())) {
            note("original credential expires in less than 24 hours (at " + this.userCredential2.getExpires() + " == " + this.userCredential2.getExpiresDate() + "), so using that expire time for the " + (this.delegation ? "delegated" : "speaksfor") + " credential");
            date = this.userCredential2.getExpiresDate();
        }
        if (this.userCredential2.getExpiresDate() == null) {
            note("original credential expires is invalid date. Will create credential that expires in 1 hour");
            date = new Date(System.currentTimeMillis() + 3600000);
        }
        if (this.delegation) {
            note("Configured to create delegated credential");
            this.userCredential2DelegatedToUser1 = this.userCredential2.delegate(geniUser.getUserUrnString(), (X509Certificate) geniUser.getClientCertificateChain().get(0), geniUser2.getPrivateKey(), date, "*", false);
        } else {
            note("Configured to create speaks-for credential");
            this.userCredential2DelegatedToUser1 = SfaCredential.createSpeaksFor(geniUser2.getUserUrnString(), geniUser.getUserUrnString(), (X509Certificate) geniUser2.getClientCertificateChain().get(0), (X509Certificate) geniUser.getClientCertificateChain().get(0), geniUser2.getPrivateKey(), date, "*", false);
        }
        assertNotNull(this.userCredential2DelegatedToUser1);
        note("Credential owner urn:  \"" + this.userCredential2DelegatedToUser1.getOwnerUrn() + "\"");
        note("Credential target urn: \"" + this.userCredential2DelegatedToUser1.getTargetUrn() + "\"");
        note("Credential type:       \"" + this.userCredential2DelegatedToUser1.getType() + "\"");
        note("Credential expires:    \"" + this.userCredential2DelegatedToUser1.getExpires() + "\"");
        assertTrue(this.userCredential2DelegatedToUser1.check(this.testbedInfoSource));
        note("Generated " + (this.delegation ? "delegated" : "speaksfor") + " credential passed check");
    }

    @ApiTest.Test(description = "Testing GetVersion as user 1. This call requires no credential.", hardDepends = {"createDelegatedOrSpeaksForCredential"})
    public void getVersionUser1() throws JFedException {
        AbstractGeniAggregateManager.AggregateManagerReply version = this.am2.getVersion(getAMConnectionUser1());
        assertEquals(version.getGeniResponseCode(), GeniAMResponseCode.GENIRESPONSE_SUCCESS, "GeniResponse code is not SUCCESS (0)");
        this.versionInfo = (AggregateManager2.VersionInfo) version.getValue();
        assertNotNull(this.versionInfo);
    }

    @ApiTest.Test(description = "Testing ListResources as user 2. The (non-delegated and non-speaks-for) user 2 credential is used.", hardDepends = {"getVersionUser1"})
    public void listResourcesUser2() throws JFedException {
        AbstractGeniAggregateManager.AggregateManagerReply aggregateManagerReply = null;
        if (this.amVersion == 2) {
            aggregateManagerReply = this.am2.listResources(getAMConnectionUser2(), getUser2CredentialList(), "geni", "3", true, true, (String) null, (Map) null);
        }
        if (this.amVersion == 3) {
            aggregateManagerReply = this.am3.listResources(getAMConnectionUser2(), getUser2CredentialList(), "geni", "3", true, true, (Map) null);
        }
        assertNotNull(aggregateManagerReply);
        assertEquals(aggregateManagerReply.getGeniResponseCode(), GeniAMResponseCode.GENIRESPONSE_SUCCESS, "GeniResponse code is not SUCCESS (0)");
        assertNotNull((String) aggregateManagerReply.getValue());
    }

    @ApiTest.Test(description = "Testing ListResources as user 1 with user 2 delegated or speaksfor credential.", hardDepends = {"listResourcesUser2"})
    public void listResourcesDelegatedOrSpeaksFor() throws JFedException {
        listResourcesDelegatedOrSpeaksForInternal();
    }

    public void listResourcesDelegatedOrSpeaksForInternal() throws JFedException {
        AbstractGeniAggregateManager.AggregateManagerReply aggregateManagerReply = null;
        if (this.delegation) {
            note("Calling ListResource with delegated credential");
            if (this.amVersion == 2) {
                aggregateManagerReply = this.am2.listResources(getAMConnectionUser1(), getUser2DelegatedToUser1CredentialList(), "geni", "3", true, true, (String) null, (Map) null);
            }
            if (this.amVersion == 3) {
                aggregateManagerReply = this.am3.listResources(getAMConnectionUser1(), getUser2DelegatedToUser1CredentialList(), "geni", "3", true, true, (Map) null);
            }
        } else {
            note("Calling ListResource with speaks-for credential");
            GeniUser geniUser = this.secondUser;
            HashMap hashMap = new HashMap();
            Iterator<String> it = this.speakForOptionNames.iterator();
            while (it.hasNext()) {
                hashMap.put(it.next(), geniUser.getUserUrnString());
            }
            List<AnyCredential> user2DelegatedToUser1CredentialList = getUser2DelegatedToUser1CredentialList();
            assertNotNull(this.userCredential2);
            user2DelegatedToUser1CredentialList.add(this.userCredential2);
            if (this.amVersion == 2) {
                aggregateManagerReply = this.am2.listResources(getAMConnectionUser1(), user2DelegatedToUser1CredentialList, "geni", "3", true, true, (String) null, hashMap);
            }
            if (this.amVersion == 3) {
                aggregateManagerReply = this.am3.listResources(getAMConnectionUser1(), user2DelegatedToUser1CredentialList, "geni", "3", true, true, hashMap);
            }
        }
        assertNotNull(aggregateManagerReply);
        assertEquals(aggregateManagerReply.getGeniResponseCode(), GeniAMResponseCode.GENIRESPONSE_SUCCESS, "GeniResponse code is not SUCCESS (0)");
        assertNotNull((String) aggregateManagerReply.getValue());
    }

    @ApiTest.Test(description = "Testing ListResources as user 1 with user 2 delegated or speaksfor credential. Test with different valid expire date formats", hardDepends = {"listResourcesUser2"}, softDepends = {"listResourcesDelegatedOrSpeaksFor"})
    public void listResourcesDelegatedOrSpeaksForVariousExpireDatesDormats() throws JFedException, CredentialException {
        note("All dates used in the credential expires field of this test are normally valid RFC3339");
        SfaCredential.debug_expiredate_forceZinsteadOfZero = false;
        SfaCredential.debug_expiredate_forcezulu = true;
        SfaCredential.debug_expiredate_discardsubsecond = true;
        SfaCredential.debug_expiredate_smalltz = false;
        note("Testing with +00:00 instead of Z and SfaCredential.forceZuluTimezone=" + SfaCredential.debug_expiredate_forcezulu + " discardMilliSeconds=" + SfaCredential.debug_expiredate_discardsubsecond + " lowerCase=" + SfaCredential.debug_expiredate_smalltz);
        createDelegatedOrSpeaksForCredentialInternal();
        listResourcesDelegatedOrSpeaksForInternal();
        SfaCredential.debug_expiredate_forcezulu = false;
        SfaCredential.debug_expiredate_discardsubsecond = false;
        SfaCredential.debug_expiredate_smalltz = true;
        note("Testing with SfaCredential.forceZuluTimezone=" + SfaCredential.debug_expiredate_forcezulu + " discardMilliSeconds=" + SfaCredential.debug_expiredate_discardsubsecond + " lowerCase=" + SfaCredential.debug_expiredate_smalltz);
        createDelegatedOrSpeaksForCredentialInternal();
        listResourcesDelegatedOrSpeaksForInternal();
        SfaCredential.debug_expiredate_forcezulu = false;
        SfaCredential.debug_expiredate_discardsubsecond = true;
        SfaCredential.debug_expiredate_smalltz = false;
        note("Testing with SfaCredential.forceZuluTimezone=" + SfaCredential.debug_expiredate_forcezulu + " discardMilliSeconds=" + SfaCredential.debug_expiredate_discardsubsecond + " lowerCase=" + SfaCredential.debug_expiredate_smalltz);
        createDelegatedOrSpeaksForCredentialInternal();
        listResourcesDelegatedOrSpeaksForInternal();
        SfaCredential.debug_expiredate_forcezulu = true;
        SfaCredential.debug_expiredate_discardsubsecond = false;
        SfaCredential.debug_expiredate_smalltz = false;
        note("Testing with SfaCredential.forceZuluTimezone=" + SfaCredential.debug_expiredate_forcezulu + " discardMilliSeconds=" + SfaCredential.debug_expiredate_discardsubsecond + " lowerCase=" + SfaCredential.debug_expiredate_smalltz);
        createDelegatedOrSpeaksForCredentialInternal();
        listResourcesDelegatedOrSpeaksForInternal();
        SfaCredential.debug_expiredate_forcezulu = true;
        SfaCredential.debug_expiredate_discardsubsecond = true;
        SfaCredential.debug_expiredate_smalltz = true;
        note("Testing with SfaCredential.forceZuluTimezone=" + SfaCredential.debug_expiredate_forcezulu + " discardMilliSeconds=" + SfaCredential.debug_expiredate_discardsubsecond + " lowerCase=" + SfaCredential.debug_expiredate_smalltz);
        createDelegatedOrSpeaksForCredentialInternal();
        listResourcesDelegatedOrSpeaksForInternal();
        SfaCredential.debug_expiredate_forcezulu = true;
        SfaCredential.debug_expiredate_discardsubsecond = false;
        SfaCredential.debug_expiredate_smalltz = true;
        note("Testing with SfaCredential.forceZuluTimezone=" + SfaCredential.debug_expiredate_forcezulu + " discardMilliSeconds=" + SfaCredential.debug_expiredate_discardsubsecond + " lowerCase=" + SfaCredential.debug_expiredate_smalltz);
        createDelegatedOrSpeaksForCredentialInternal();
        listResourcesDelegatedOrSpeaksForInternal();
        SfaCredential.debug_expiredate_forcezulu = false;
        SfaCredential.debug_expiredate_discardsubsecond = true;
        SfaCredential.debug_expiredate_smalltz = true;
        note("Testing with SfaCredential.forceZuluTimezone=" + SfaCredential.debug_expiredate_forcezulu + " discardMilliSeconds=" + SfaCredential.debug_expiredate_discardsubsecond + " lowerCase=" + SfaCredential.debug_expiredate_smalltz);
        createDelegatedOrSpeaksForCredentialInternal();
        listResourcesDelegatedOrSpeaksForInternal();
        SfaCredential.debug_expiredate_forcezulu = false;
        SfaCredential.debug_expiredate_discardsubsecond = false;
        SfaCredential.debug_expiredate_smalltz = false;
        note("Testing with SfaCredential.forceZuluTimezone=" + SfaCredential.debug_expiredate_forcezulu + " discardMilliSeconds=" + SfaCredential.debug_expiredate_discardsubsecond + " lowerCase=" + SfaCredential.debug_expiredate_smalltz);
        createDelegatedOrSpeaksForCredentialInternal();
        listResourcesDelegatedOrSpeaksForInternal();
        SfaCredential.debug_expiredate_forceZinsteadOfZero = true;
        SfaCredential.debug_expiredate_forcezulu = true;
        SfaCredential.debug_expiredate_discardsubsecond = true;
        SfaCredential.debug_expiredate_smalltz = false;
    }
}
