package com.google.cloud.websecurityscanner.it.v1beta;

import com.google.api.gax.core.FixedCredentialsProvider;
import com.google.api.gax.rpc.PermissionDeniedException;
import com.google.auth.oauth2.GoogleCredentials;
import com.google.cloud.websecurityscanner.v1beta.CreateScanConfigRequest;
import com.google.cloud.websecurityscanner.v1beta.ListScanConfigsRequest;
import com.google.cloud.websecurityscanner.v1beta.ProjectName;
import com.google.cloud.websecurityscanner.v1beta.ScanConfig;
import com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerClient;
import com.google.cloud.websecurityscanner.v1beta.WebSecurityScannerSettings;
import com.google.common.collect.Lists;
import java.io.FileInputStream;
import java.io.IOException;
import org.joda.time.DateTime;
import org.joda.time.DateTimeZone;
import org.joda.time.format.ISODateTimeFormat;
import org.junit.Assert;
import org.junit.Assume;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.JUnit4;

@RunWith(JUnit4.class)
/* loaded from: input_file:com/google/cloud/websecurityscanner/it/v1beta/VPCServiceControlNegativeTest.class */
public class VPCServiceControlNegativeTest {
    private static final String GOOGLE_API_CLOUD_PLATFORM_LINK = "https://www.googleapis.com/auth/cloud-platform";
    private String testScanConfigCreationDisplayName;
    private static final String IN_VPCSC_GOOGLE_CLOUD_TEST_ENV = "GOOGLE_CLOUD_TESTS_IN_VPCSC";
    private static final String IN_VPCSC_TEST = System.getenv(IN_VPCSC_GOOGLE_CLOUD_TEST_ENV);
    private static final String OUT_VPCSC_PROJECT_ENV = "GOOGLE_CLOUD_TESTS_VPCSC_OUTSIDE_PERIMETER_PROJECT";
    private static final String OUT_VPCSC_PROJECT = System.getenv(OUT_VPCSC_PROJECT_ENV);
    private static final String OUT_VPCSC_HOSTNAME_ENV = "GOOGLE_CLOUD_WEBSECURITYSCANNER_OUTSIDE_HOSTNAME";
    private static final String OUT_VPCSC_HOSTNAME = System.getenv(OUT_VPCSC_HOSTNAME_ENV);
    private static final String GOOGLE_CREDENTIAL_DEFAULT_ENV = "GOOGLE_APPLICATION_CREDENTIALS";
    private static final String OUT_VPCSC_GOOGLE_CREDENTIAL = System.getenv(GOOGLE_CREDENTIAL_DEFAULT_ENV);

    private static boolean isNotEmpty(String str) {
        return (str == null || str.length() == 0) ? false : true;
    }

    @BeforeClass
    public static void setUpClass() {
        Assume.assumeTrue("To run tests, GOOGLE_CLOUD_TESTS_IN_VPCSC environment variable needs to be set to true", IN_VPCSC_TEST != null && IN_VPCSC_TEST.equalsIgnoreCase("true"));
        Assert.assertTrue("GOOGLE_CLOUD_TESTS_VPCSC_OUTSIDE_PERIMETER_PROJECT environment variable needs to be set to a GCP project that is out of the VPC perimeter", isNotEmpty(OUT_VPCSC_PROJECT));
        Assert.assertTrue("GOOGLE_CLOUD_WEBSECURITYSCANNER_OUTSIDE_HOSTNAME must be set to a webapp that resides in " + OUT_VPCSC_PROJECT, isNotEmpty(OUT_VPCSC_HOSTNAME));
        Assert.assertTrue("GOOGLE_APPLICATION_CREDENTIALS must be set to google application credentials that is outside VPCSC perimeter", isNotEmpty(OUT_VPCSC_GOOGLE_CREDENTIAL));
    }

    @Before
    public void setup() {
        this.testScanConfigCreationDisplayName = "vpcsc-neg-test" + ISODateTimeFormat.basicDateTime().withZone(DateTimeZone.forID("America/Los_Angeles")).print(DateTime.now(DateTimeZone.forID("America/Los_Angeles"))) + "-0";
    }

    private WebSecurityScannerSettings getWssSettingWithCredentials() throws IOException {
        return WebSecurityScannerSettings.newBuilder().setCredentialsProvider(FixedCredentialsProvider.create(GoogleCredentials.fromStream(new FileInputStream(OUT_VPCSC_GOOGLE_CREDENTIAL)).createScoped(Lists.newArrayList(new String[]{GOOGLE_API_CLOUD_PLATFORM_LINK})))).build();
    }

    @Test
    public void testScanConfigCreation() throws IOException {
        WebSecurityScannerSettings wssSettingWithCredentials = getWssSettingWithCredentials();
        String format = ProjectName.format(OUT_VPCSC_PROJECT);
        try {
            WebSecurityScannerClient create = WebSecurityScannerClient.create(wssSettingWithCredentials);
            Throwable th = null;
            try {
                try {
                    create.createScanConfig(CreateScanConfigRequest.newBuilder().setParent(format).setScanConfig(ScanConfig.newBuilder().addAllStartingUrls(Lists.newArrayList(new String[]{OUT_VPCSC_HOSTNAME})).setDisplayName(this.testScanConfigCreationDisplayName).build()).build());
                    Assert.fail("Exception must occur for non-accessible project");
                    if (create != null) {
                        if (0 != 0) {
                            try {
                                create.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            create.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (PermissionDeniedException e) {
        }
    }

    @Test
    public void testScanConfigList() throws IOException {
        WebSecurityScannerSettings wssSettingWithCredentials = getWssSettingWithCredentials();
        String format = ProjectName.format(OUT_VPCSC_PROJECT);
        try {
            WebSecurityScannerClient create = WebSecurityScannerClient.create(wssSettingWithCredentials);
            Throwable th = null;
            try {
                try {
                    create.listScanConfigs(ListScanConfigsRequest.newBuilder().setParent(format).build());
                    Assert.fail("Exception must occur for non-acceessible project scan-configs");
                    if (create != null) {
                        if (0 != 0) {
                            try {
                                create.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            create.close();
                        }
                    }
                } catch (Throwable th3) {
                    th = th3;
                    throw th3;
                }
            } finally {
            }
        } catch (PermissionDeniedException e) {
        }
    }
}
