package org.apache.cxf.systest.http;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import java.util.logging.Level;
import java.util.logging.LogManager;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.xml.namespace.QName;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.BusApplicationContext;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.common.util.Base64Utility;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.configuration.security.AuthorizationPolicy;
import org.apache.cxf.configuration.security.FiltersType;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.message.Message;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transport.http.MessageTrustDecider;
import org.apache.cxf.transport.http.URLConnectionInfo;
import org.apache.cxf.transport.http.UntrustedURLConnectionIOException;
import org.apache.cxf.transport.http.auth.HttpAuthHeader;
import org.apache.cxf.transport.http.auth.HttpAuthSupplier;
import org.apache.cxf.transport.https.HttpsURLConnectionInfo;
import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
import org.apache.hello_world.Greeter;
import org.apache.hello_world.services.SOAPService;
import org.junit.AfterClass;
import org.junit.Test;
import org.springframework.context.ApplicationContext;

/* loaded from: input_file:org/apache/cxf/systest/http/HTTPConduitTest.class */
public class HTTPConduitTest extends AbstractBusClientServerTestBase {
    private static final boolean IN_PROCESS = true;
    private final QName serviceName = new QName("http://apache.org/hello_world", "SOAPService");
    private final QName bethalQ = new QName("http://apache.org/hello_world", "Bethal");
    private final QName gordyQ = new QName("http://apache.org/hello_world", "Gordy");
    private final QName tarpinQ = new QName("http://apache.org/hello_world", "Tarpin");
    private final QName rethwelQ = new QName("http://apache.org/hello_world", "Rethwel");
    private final QName mortimerQ = new QName("http://apache.org/hello_world", "Mortimer");
    private final QName poltimQ = new QName("http://apache.org/hello_world", "Poltim");
    private final QName hurlonQ = new QName("http://apache.org/hello_world", "Hurlon");
    public static final String PORT0 = BusServer.PORT0;
    public static final String PORT1 = BusServer.PORT1;
    public static final String PORT2 = BusServer.PORT2;
    public static final String PORT3 = BusServer.PORT3;
    public static final String PORT4 = BusServer.PORT4;
    public static final String PORT5 = BusServer.PORT5;
    public static final String PORT6 = BusServer.PORT6;
    public static final String PORT7 = BusServer.PORT7;
    public static final String PORT8 = BusServer.PORT8;
    private static TLSClientParameters tlsClientParameters = new TLSClientParameters();
    private static Map<String, String> addrMap = new TreeMap();
    private static List<String> servers = new ArrayList();

    /* loaded from: input_file:org/apache/cxf/systest/http/HTTPConduitTest$DefaultBusFactory.class */
    class DefaultBusFactory extends SpringBusFactory {
        DefaultBusFactory() {
        }

        public Bus createBus(URL url) {
            Bus createBus = super.createBus(url, true);
            BusFactory.setDefaultBus(createBus);
            BusFactory.setThreadDefaultBus(createBus);
            return createBus;
        }
    }

    /* loaded from: input_file:org/apache/cxf/systest/http/HTTPConduitTest$MyBasicAuthSupplier.class */
    public class MyBasicAuthSupplier implements HttpAuthSupplier {
        String realm;
        String user;
        String pass;

        MyBasicAuthSupplier() {
        }

        MyBasicAuthSupplier(String str, String str2, String str3) {
            this.realm = str;
            this.user = str2;
            this.pass = str3;
        }

        public String getAuthorization(AuthorizationPolicy authorizationPolicy, URL url, Message message, String str) {
            String realm = new HttpAuthHeader(str).getRealm();
            if (this.realm != null && this.realm.equals(realm)) {
                return createUserPass(this.user, this.pass);
            }
            if ("Andromeda".equals(realm)) {
                return createUserPass("Edward", "password");
            }
            if ("Zorantius".equals(realm)) {
                return createUserPass("George", "password");
            }
            if ("Cronus".equals(realm)) {
                return createUserPass("Mary", "password");
            }
            return null;
        }

        private String createUserPass(String str, String str2) {
            return "Basic " + Base64Utility.encode((str + ":" + str2).getBytes());
        }

        public boolean requiresRequestCaching() {
            return false;
        }
    }

    /* loaded from: input_file:org/apache/cxf/systest/http/HTTPConduitTest$MyHttpsTrustDecider.class */
    class MyHttpsTrustDecider extends MessageTrustDecider {
        private String[] trustName;
        private int called;

        MyHttpsTrustDecider(String str) {
            this.trustName = new String[]{str};
        }

        MyHttpsTrustDecider(String[] strArr) {
            this.trustName = strArr;
        }

        public int wasCalled() {
            return this.called;
        }

        public void establishTrust(String str, URLConnectionInfo uRLConnectionInfo, Message message) throws UntrustedURLConnectionIOException {
            this.called += HTTPConduitTest.IN_PROCESS;
            HttpsURLConnectionInfo httpsURLConnectionInfo = (HttpsURLConnectionInfo) uRLConnectionInfo;
            boolean z = false;
            for (int i = 0; i < this.trustName.length; i += HTTPConduitTest.IN_PROCESS) {
                z = z || httpsURLConnectionInfo.getPeerPrincipal().toString().contains(new StringBuilder().append("OU=").append(this.trustName[i]).toString());
            }
            if (!z) {
                throw new UntrustedURLConnectionIOException("Peer Principal \"" + httpsURLConnectionInfo.getPeerPrincipal() + "\" does not contain " + getTrustNames());
            }
        }

        private String getTrustNames() {
            StringBuffer stringBuffer = new StringBuffer();
            for (int i = 0; i < this.trustName.length; i += HTTPConduitTest.IN_PROCESS) {
                stringBuffer.append("\"OU=");
                stringBuffer.append(this.trustName[i]);
                stringBuffer.append("\"");
                if (i < this.trustName.length - HTTPConduitTest.IN_PROCESS) {
                    stringBuffer.append(", ");
                }
            }
            return stringBuffer.toString();
        }
    }

    public static synchronized boolean startServer(String str) {
        if (servers.contains(str)) {
            return true;
        }
        Bus threadDefaultBus = BusFactory.getThreadDefaultBus(false);
        boolean launchServer = launchServer(Server.class, null, new String[]{str, addrMap.get(str), Server.class.getResource("resources/" + str + ".cxf").toString()}, true);
        if (launchServer) {
            servers.add(str);
        }
        BusFactory.setDefaultBus((Bus) null);
        BusFactory.setThreadDefaultBus(threadDefaultBus);
        return launchServer;
    }

    @AfterClass
    public static void cleanUp() {
        Bus defaultBus = BusFactory.getDefaultBus(false);
        if (defaultBus != null) {
            defaultBus.shutdown(true);
        }
        Bus threadDefaultBus = BusFactory.getThreadDefaultBus(false);
        if (threadDefaultBus != null) {
            threadDefaultBus.shutdown(true);
        }
    }

    public static KeyStore getKeyStore(String str, String str2, String str3) throws GeneralSecurityException, IOException {
        String defaultType = str != null ? str : KeyStore.getDefaultType();
        char[] charArray = str3 != null ? str3.toCharArray() : null;
        KeyStore keyStore = KeyStore.getInstance(defaultType);
        keyStore.load(new FileInputStream(str2), charArray);
        return keyStore;
    }

    public static KeyManager[] getKeyManagers(KeyStore keyStore, String str) throws GeneralSecurityException, IOException {
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        char[] charArray = str != null ? str.toCharArray() : null;
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        keyManagerFactory.init(keyStore, charArray);
        return keyManagerFactory.getKeyManagers();
    }

    public static TrustManager[] getTrustManagers(KeyStore keyStore) throws GeneralSecurityException, IOException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        return trustManagerFactory.getTrustManagers();
    }

    private Greeter getMortimerGreeter() throws MalformedURLException {
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.mortimerQ, Greeter.class);
        assertNotNull("Port is null", greeter);
        updateAddressPort(greeter, PORT0);
        return greeter;
    }

    @Test
    public void testBasicConnection() throws Exception {
        startServer("Mortimer");
        String sayHi = getMortimerGreeter().sayHi();
        assertTrue("Unexpected answer: " + sayHi, "Bonjour from Mortimer".equals(sayHi));
    }

    @Test
    public void testLogLevelIssueCXF3466() throws Exception {
        startServer("Mortimer");
        Greeter mortimerGreeter = getMortimerGreeter();
        Logger logger = LogManager.getLogManager().getLogger("");
        Level level = logger.getLevel();
        logger.setLevel(Level.FINE);
        try {
            mortimerGreeter.sayHi();
            logger.setLevel(level);
        } catch (Throwable th) {
            logger.setLevel(level);
            throw th;
        }
    }

    @Test
    public void testHttp2HttpRedirectFail() throws Exception {
        startServer("Mortimer");
        startServer("Rethwel");
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.rethwelQ, Greeter.class);
        assertNotNull("Port is null", greeter);
        updateAddressPort(greeter, PORT5);
        try {
            fail("Redirect didn't fail. Got answer: " + greeter.sayHi());
        } catch (Exception e) {
        }
    }

    @Test
    public void testHttp2HttpRedirect() throws Exception {
        startServer("Mortimer");
        startServer("Rethwel");
        new DefaultBusFactory().createBus(getClass().getResource("resources/Http2HttpRedirect.cxf"));
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.rethwelQ, Greeter.class);
        updateAddressPort(greeter, PORT4);
        assertNotNull("Port is null", greeter);
        String sayHi = greeter.sayHi();
        assertTrue("Unexpected answer: " + sayHi, "Bonjour from Mortimer".equals(sayHi));
    }

    @Test
    public void testHttp2HttpLoopRedirectFail() throws Exception {
        startServer("Abost");
        startServer("Hurlon");
        new DefaultBusFactory().createBus(getClass().getResource("resources/Http2HttpLoopRedirectFail.cxf"));
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.hurlonQ, Greeter.class);
        assertNotNull("Port is null", greeter);
        updateAddressPort(greeter, PORT6);
        try {
            fail("Redirect didn't fail. Got answer: " + greeter.sayHi());
        } catch (Exception e) {
        }
    }

    @Test
    public void testHttpsBasicConnectionWithConfig() throws Exception {
        startServer("Bethal");
        new DefaultBusFactory().createBus(getClass().getResource("resources/BethalClientConfig.cxf"));
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.bethalQ, Greeter.class);
        assertNotNull("Port is null", greeter);
        updateAddressPort(greeter, PORT2);
        verifyBethalClient(greeter);
    }

    @Test
    public void testGetClientFromSpringContext() throws Exception {
        startServer("Bethal");
        BusFactory.setDefaultBus((Bus) null);
        Greeter greeter = (Greeter) ((ApplicationContext) new DefaultBusFactory().createBus(getClass().getResource("resources/BethalClientBeans.xml")).getExtension(BusApplicationContext.class)).getBean("Bethal");
        updateAddressPort(greeter, PORT2);
        verifyBethalClient(greeter);
    }

    private void verifyBethalClient(Greeter greeter) {
        HTTPConduit conduit = ClientProxy.getClient(greeter).getConduit();
        assertEquals("the httpClientPolicy's autoRedirect should be true", true, Boolean.valueOf(conduit.getClient().isAutoRedirect()));
        assertNotNull("the http conduit's tlsParameters should not be null", conduit.getTlsClientParameters());
        AuthorizationPolicy authorization = conduit.getAuthorization();
        assertEquals("Set the wrong user name from the configuration", "Betty", authorization.getUserName());
        assertEquals("Set the wrong pass word form the configuration", "password", authorization.getPassword());
        String sayHi = greeter.sayHi();
        assertTrue("Unexpected answer: " + sayHi, "Bonjour from Bethal".equals(sayHi));
    }

    @Test
    public void testHttpsBasicConnection() throws Exception {
        startServer("Bethal");
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.bethalQ, Greeter.class);
        assertNotNull("Port is null", greeter);
        updateAddressPort(greeter, PORT2);
        HTTPConduit conduit = ClientProxy.getClient(greeter).getConduit();
        HTTPClientPolicy hTTPClientPolicy = new HTTPClientPolicy();
        hTTPClientPolicy.setAutoRedirect(false);
        AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
        authorizationPolicy.setUserName("Betty");
        authorizationPolicy.setPassword("password");
        conduit.setClient(hTTPClientPolicy);
        conduit.setTlsClientParameters(tlsClientParameters);
        conduit.setAuthorization(authorizationPolicy);
        String sayHi = greeter.sayHi();
        assertTrue("Unexpected answer: " + sayHi, "Bonjour from Bethal".equals(sayHi));
    }

    @Test
    public void testHttpsRedirectToHttpFail() throws Exception {
        startServer("Mortimer");
        startServer("Poltim");
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.poltimQ, Greeter.class);
        assertNotNull("Port is null", greeter);
        updateAddressPort(greeter, PORT5);
        HTTPConduit conduit = ClientProxy.getClient(greeter).getConduit();
        HTTPClientPolicy hTTPClientPolicy = new HTTPClientPolicy();
        hTTPClientPolicy.setAutoRedirect(true);
        conduit.setClient(hTTPClientPolicy);
        conduit.setTlsClientParameters(tlsClientParameters);
        greeter.sayHi();
    }

    @Test
    public void testHttpsTrust() throws Exception {
        startServer("Bethal");
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.bethalQ, Greeter.class);
        assertNotNull("Port is null", greeter);
        updateAddressPort(greeter, PORT2);
        HTTPConduit conduit = ClientProxy.getClient(greeter).getConduit();
        HTTPClientPolicy hTTPClientPolicy = new HTTPClientPolicy();
        hTTPClientPolicy.setAutoRedirect(false);
        AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
        authorizationPolicy.setUserName("Betty");
        authorizationPolicy.setPassword("password");
        conduit.setClient(hTTPClientPolicy);
        conduit.setTlsClientParameters(tlsClientParameters);
        conduit.setAuthorization(authorizationPolicy);
        conduit.setTrustDecider(new MyHttpsTrustDecider("Bethal"));
        String sayHi = greeter.sayHi();
        assertTrue("Unexpected answer: " + sayHi, "Bonjour from Bethal".equals(sayHi));
        conduit.setTrustDecider(new MyHttpsTrustDecider("Nobody"));
        try {
            fail("Unexpected answer from Bethal: " + greeter.sayHi());
        } catch (Exception e) {
        }
    }

    @Test
    public void testHttpsTrustRedirect() throws Exception {
        startServer("Tarpin");
        startServer("Gordy");
        startServer("Bethal");
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.tarpinQ, Greeter.class);
        assertNotNull("Port is null", greeter);
        updateAddressPort(greeter, PORT3);
        HTTPConduit conduit = ClientProxy.getClient(greeter).getConduit();
        HTTPClientPolicy hTTPClientPolicy = new HTTPClientPolicy();
        hTTPClientPolicy.setAutoRedirect(true);
        AuthorizationPolicy authorizationPolicy = new AuthorizationPolicy();
        authorizationPolicy.setUserName("Betty");
        authorizationPolicy.setPassword("password");
        conduit.setClient(hTTPClientPolicy);
        conduit.setTlsClientParameters(tlsClientParameters);
        conduit.setAuthorization(authorizationPolicy);
        MyHttpsTrustDecider myHttpsTrustDecider = new MyHttpsTrustDecider(new String[]{"Tarpin", "Gordy", "Bethal"});
        conduit.setTrustDecider(myHttpsTrustDecider);
        String sayHi = greeter.sayHi();
        assertTrue("Trust Decider wasn't called correctly", 3 == myHttpsTrustDecider.wasCalled());
        assertTrue("Unexpected answer: " + sayHi, "Bonjour from Bethal".equals(sayHi));
        conduit.getClient().setMaxRetransmits(IN_PROCESS);
        try {
            fail("Unexpected answer from Tarpin: " + greeter.sayHi());
        } catch (Exception e) {
        }
        conduit.getClient().setMaxRetransmits(-1);
        MyHttpsTrustDecider myHttpsTrustDecider2 = new MyHttpsTrustDecider(new String[]{"Tarpin", "Bethal"});
        conduit.setTrustDecider(myHttpsTrustDecider2);
        try {
            fail("Unexpected answer from Tarpin: " + greeter.sayHi());
        } catch (Exception e2) {
            assertTrue("Trust Decider wasn't called correctly", 2 == myHttpsTrustDecider2.wasCalled());
        }
    }

    @Test
    public void testHttpsRedirect401Response() throws Exception {
        startServer("Gordy");
        startServer("Bethal");
        URL resource = getClass().getResource("resources/greeting.wsdl");
        assertNotNull("WSDL is null", resource);
        SOAPService sOAPService = new SOAPService(resource, this.serviceName);
        assertNotNull("Service is null", sOAPService);
        Greeter greeter = (Greeter) sOAPService.getPort(this.gordyQ, Greeter.class);
        assertNotNull("Port is null", greeter);
        updateAddressPort(greeter, PORT1);
        HTTPConduit conduit = ClientProxy.getClient(greeter).getConduit();
        HTTPClientPolicy hTTPClientPolicy = new HTTPClientPolicy();
        hTTPClientPolicy.setAutoRedirect(true);
        conduit.setClient(hTTPClientPolicy);
        conduit.setTlsClientParameters(tlsClientParameters);
        conduit.setTrustDecider(new MyHttpsTrustDecider(new String[]{"Gordy", "Bethal"}));
        conduit.setAuthSupplier(new MyBasicAuthSupplier("Cronus", "Betty", "password"));
        String sayHi = greeter.sayHi();
        assertTrue("Unexpected answer: " + sayHi, "Bonjour from Bethal".equals(sayHi));
        conduit.setAuthSupplier(new MyBasicAuthSupplier());
        try {
            fail("Unexpected answer from Gordy: " + greeter.sayHi());
        } catch (Exception e) {
        }
    }

    static {
        addrMap.put("Mortimer", "http://localhost:" + PORT0 + "/");
        addrMap.put("Tarpin", "https://localhost:" + PORT3 + "/");
        addrMap.put("Rethwel", "http://localhost:" + PORT4 + "/");
        addrMap.put("Poltim", "https://localhost:" + PORT5 + "/");
        addrMap.put("Gordy", "https://localhost:" + PORT1 + "/");
        addrMap.put("Bethal", "https://localhost:" + PORT2 + "/");
        addrMap.put("Abost", "http://localhost:" + PORT7 + "/");
        addrMap.put("Hurlon", "http://localhost:" + PORT6 + "/");
        addrMap.put("Morpit", "https://localhost:" + PORT8 + "/");
        tlsClientParameters.setDisableCNCheck(true);
        try {
            KeyManager[] keyManagers = getKeyManagers(getKeyStore("JKS", new File(Server.class.getResource("resources/Morpit.jks").toURI()).getAbsolutePath(), "password"), "password");
            TrustManager[] trustManagers = getTrustManagers(getKeyStore("JKS", new File(Server.class.getResource("resources/Truststore.jks").toURI()).getAbsolutePath(), "password"));
            tlsClientParameters.setKeyManagers(keyManagers);
            tlsClientParameters.setTrustManagers(trustManagers);
            FiltersType filtersType = new FiltersType();
            filtersType.getInclude().add(".*_EXPORT_.*");
            filtersType.getInclude().add(".*_EXPORT1024_.*");
            filtersType.getInclude().add(".*_WITH_DES_.*");
            filtersType.getInclude().add(".*_WITH_AES_.*");
            filtersType.getInclude().add(".*_WITH_NULL_.*");
            filtersType.getInclude().add(".*_DH_anon_.*");
            tlsClientParameters.setCipherSuitesFilter(filtersType);
        } catch (Exception e) {
            throw new RuntimeException("Static initialization failed", e);
        }
    }
}
