package co.cask.cdap.security.server;

import co.cask.cdap.common.conf.CConfiguration;
import co.cask.cdap.common.conf.SConfiguration;
import com.unboundid.ldap.listener.InMemoryListenerConfig;
import com.unboundid.util.ssl.KeyStoreKeyManager;
import com.unboundid.util.ssl.SSLUtil;
import com.unboundid.util.ssl.TrustAllTrustManager;
import java.net.InetAddress;
import java.net.URL;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Map;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.http.client.HttpClient;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.scheme.SchemeSocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.conn.BasicClientConnectionManager;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;

/* loaded from: input_file:co/cask/cdap/security/server/ExternalLDAPAuthenticationServerSSLTest.class */
public class ExternalLDAPAuthenticationServerSSLTest extends ExternalLDAPAuthenticationServerTestBase {
    private static ExternalLDAPAuthenticationServerSSLTest testServer;

    @BeforeClass
    public static void beforeClass() throws Exception {
        URL resource = ExternalLDAPAuthenticationServerSSLTest.class.getClassLoader().getResource("cert.jks");
        Assert.assertNotNull(resource);
        CConfiguration create = CConfiguration.create();
        SConfiguration create2 = SConfiguration.create();
        create.set("security.auth.server.bind.address", "127.0.0.1");
        create.set("ssl.external.enabled", "true");
        create.set("security.auth.server.ssl.bind.port", "0");
        create.set("security.authentication.handler.".concat("useLdaps"), "true");
        create.set("security.authentication.handler.".concat("ldapsVerifyCertificate"), "false");
        create2.set("security.auth.server.ssl.keystore.path", resource.getPath());
        configuration = create;
        sConfiguration = create2;
        SSLUtil sSLUtil = new SSLUtil(new KeyStoreKeyManager(resource.getFile(), create2.get("security.auth.server.ssl.keystore.password").toCharArray()), new TrustAllTrustManager());
        ldapListenerConfig = InMemoryListenerConfig.createLDAPSConfig("LDAP", InetAddress.getByName("127.0.0.1"), ldapPort, sSLUtil.createSSLServerSocketFactory(), sSLUtil.createSSLSocketFactory());
        testServer = new ExternalLDAPAuthenticationServerSSLTest();
        testServer.setup();
    }

    @AfterClass
    public static void afterClass() throws Exception {
        testServer.tearDown();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // co.cask.cdap.security.server.ExternalAuthenticationServerTestBase
    public String getProtocol() {
        return "https";
    }

    @Override // co.cask.cdap.security.server.ExternalAuthenticationServerTestBase
    protected HttpClient getHTTPClient() throws Exception {
        SSLContext sSLContext = SSLContext.getInstance("SSL");
        sSLContext.init(null, new TrustManager[]{new X509TrustManager() { // from class: co.cask.cdap.security.server.ExternalLDAPAuthenticationServerSSLTest.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }
        }}, new SecureRandom());
        Scheme scheme = new Scheme("https", getAuthServerPort(), (SchemeSocketFactory) new SSLSocketFactory(sSLContext));
        SchemeRegistry schemeRegistry = new SchemeRegistry();
        schemeRegistry.register(scheme);
        return new DefaultHttpClient((ClientConnectionManager) new BasicClientConnectionManager(schemeRegistry));
    }

    @Override // co.cask.cdap.security.server.ExternalAuthenticationServerTestBase
    protected Map<String, String> getAuthRequestHeader() throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("Authorization", "Basic YWRtaW46cmVhbHRpbWU=");
        return hashMap;
    }

    @Override // co.cask.cdap.security.server.ExternalAuthenticationServerTestBase
    protected String getAuthenticatedUserName() throws Exception {
        return "admin";
    }
}
