package org.apache.jackrabbit.oak.segment.azure;

import com.google.common.collect.ImmutableSet;
import com.google.common.collect.UnmodifiableIterator;
import com.microsoft.azure.storage.StorageException;
import com.microsoft.azure.storage.blob.CloudBlobContainer;
import com.microsoft.azure.storage.blob.SharedAccessBlobPermissions;
import com.microsoft.azure.storage.blob.SharedAccessBlobPolicy;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.net.URISyntaxException;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Date;
import java.util.EnumSet;
import java.util.Set;
import java.util.stream.Collectors;
import java.util.stream.StreamSupport;
import org.apache.jackrabbit.oak.segment.spi.persistence.SegmentNodeStorePersistence;
import org.apache.sling.testing.mock.osgi.junit.OsgiContext;
import org.jetbrains.annotations.NotNull;
import org.junit.Assert;
import org.junit.Before;
import org.junit.ClassRule;
import org.junit.Rule;
import org.junit.Test;

/* loaded from: input_file:org/apache/jackrabbit/oak/segment/azure/AzureSegmentStoreServiceTest.class */
public class AzureSegmentStoreServiceTest {

    @Rule
    public final OsgiContext context = new OsgiContext();
    private CloudBlobContainer container;

    @ClassRule
    public static AzuriteDockerRule azurite = new AzuriteDockerRule();
    private static final EnumSet<SharedAccessBlobPermissions> READ_ONLY = EnumSet.of(SharedAccessBlobPermissions.READ, SharedAccessBlobPermissions.LIST);
    private static final EnumSet<SharedAccessBlobPermissions> READ_WRITE = EnumSet.of(SharedAccessBlobPermissions.READ, SharedAccessBlobPermissions.LIST, SharedAccessBlobPermissions.CREATE, SharedAccessBlobPermissions.WRITE, SharedAccessBlobPermissions.ADD);
    private static final ImmutableSet<String> BLOBS = ImmutableSet.of("blob1", "blob2");

    @Before
    public void setup() throws Exception {
        this.container = azurite.getContainer("oak");
        UnmodifiableIterator it = BLOBS.iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            this.container.getBlockBlobReference(str + ".txt").uploadText(str);
        }
    }

    @Test
    public void connectWithSharedAccessSignatureURL_readOnly() throws Exception {
        new AzureSegmentStoreService().activate(this.context.componentContext(), getConfigurationWithSharedAccessSignature(this.container.generateSharedAccessSignature(policy(READ_ONLY), (String) null)));
        SegmentNodeStorePersistence segmentNodeStorePersistence = (SegmentNodeStorePersistence) this.context.getService(SegmentNodeStorePersistence.class);
        Assert.assertNotNull(segmentNodeStorePersistence);
        assertWriteAccessNotGranted(segmentNodeStorePersistence);
        assertReadAccessGranted(segmentNodeStorePersistence, BLOBS);
    }

    @Test
    public void connectWithSharedAccessSignatureURL_readWrite() throws Exception {
        new AzureSegmentStoreService().activate(this.context.componentContext(), getConfigurationWithSharedAccessSignature(this.container.generateSharedAccessSignature(policy(READ_WRITE), (String) null)));
        SegmentNodeStorePersistence segmentNodeStorePersistence = (SegmentNodeStorePersistence) this.context.getService(SegmentNodeStorePersistence.class);
        Assert.assertNotNull(segmentNodeStorePersistence);
        assertWriteAccessGranted(segmentNodeStorePersistence);
        assertReadAccessGranted(segmentNodeStorePersistence, concat(BLOBS, "test"));
    }

    @Test
    public void connectWithSharedAccessSignatureURL_expired() throws Exception {
        new AzureSegmentStoreService().activate(this.context.componentContext(), getConfigurationWithSharedAccessSignature(this.container.generateSharedAccessSignature(policy(READ_WRITE, yesterday()), (String) null)));
        SegmentNodeStorePersistence segmentNodeStorePersistence = (SegmentNodeStorePersistence) this.context.getService(SegmentNodeStorePersistence.class);
        Assert.assertNotNull(segmentNodeStorePersistence);
        assertWriteAccessNotGranted(segmentNodeStorePersistence);
        assertReadAccessNotGranted(segmentNodeStorePersistence);
    }

    @Test
    public void connectWithAccessKey() throws Exception {
        new AzureSegmentStoreService().activate(this.context.componentContext(), getConfigurationWithAccessKey(AzuriteDockerRule.ACCOUNT_KEY));
        SegmentNodeStorePersistence segmentNodeStorePersistence = (SegmentNodeStorePersistence) this.context.getService(SegmentNodeStorePersistence.class);
        Assert.assertNotNull(segmentNodeStorePersistence);
        assertWriteAccessGranted(segmentNodeStorePersistence);
        assertReadAccessGranted(segmentNodeStorePersistence, concat(BLOBS, "test"));
    }

    @Test
    public void connectWithConnectionURL() throws Exception {
        new AzureSegmentStoreService().activate(this.context.componentContext(), getConfigurationWithConfigurationURL(AzuriteDockerRule.ACCOUNT_KEY));
        SegmentNodeStorePersistence segmentNodeStorePersistence = (SegmentNodeStorePersistence) this.context.getService(SegmentNodeStorePersistence.class);
        Assert.assertNotNull(segmentNodeStorePersistence);
        assertWriteAccessGranted(segmentNodeStorePersistence);
        assertReadAccessGranted(segmentNodeStorePersistence, concat(BLOBS, "test"));
    }

    @Test
    public void deactivate() throws Exception {
        AzureSegmentStoreService azureSegmentStoreService = new AzureSegmentStoreService();
        azureSegmentStoreService.activate(this.context.componentContext(), getConfigurationWithAccessKey(AzuriteDockerRule.ACCOUNT_KEY));
        Assert.assertNotNull(this.context.getService(SegmentNodeStorePersistence.class));
        azureSegmentStoreService.deactivate();
        Assert.assertNull(this.context.getService(SegmentNodeStorePersistence.class));
    }

    @NotNull
    private static SharedAccessBlobPolicy policy(EnumSet<SharedAccessBlobPermissions> enumSet, Instant instant) {
        SharedAccessBlobPolicy sharedAccessBlobPolicy = new SharedAccessBlobPolicy();
        sharedAccessBlobPolicy.setPermissions(enumSet);
        sharedAccessBlobPolicy.setSharedAccessExpiryTime(Date.from(instant));
        return sharedAccessBlobPolicy;
    }

    @NotNull
    private static SharedAccessBlobPolicy policy(EnumSet<SharedAccessBlobPermissions> enumSet) {
        return policy(enumSet, Instant.now().plus((TemporalAmount) Duration.ofDays(7L)));
    }

    private static void assertReadAccessGranted(SegmentNodeStorePersistence segmentNodeStorePersistence, Set<String> set) throws Exception {
        CloudBlobContainer containerFrom = getContainerFrom(segmentNodeStorePersistence);
        Set set2 = (Set) StreamSupport.stream(containerFrom.listBlobs().spliterator(), false).map(listBlobItem -> {
            return listBlobItem.getUri().getPath();
        }).map(str -> {
            return str.substring(str.lastIndexOf(47) + 1);
        }).collect(Collectors.toSet());
        Assert.assertEquals((Set) set.stream().map(str2 -> {
            return str2 + ".txt";
        }).collect(Collectors.toSet()), set2);
        Assert.assertEquals(set, (Set) set2.stream().map(str3 -> {
            try {
                return containerFrom.getBlockBlobReference(str3).downloadText();
            } catch (StorageException | IOException | URISyntaxException e) {
                throw new RuntimeException("Error while reading blob " + str3, e);
            }
        }).collect(Collectors.toSet()));
    }

    private static void assertWriteAccessGranted(SegmentNodeStorePersistence segmentNodeStorePersistence) throws Exception {
        getContainerFrom(segmentNodeStorePersistence).getBlockBlobReference("test.txt").uploadText("test");
    }

    private static CloudBlobContainer getContainerFrom(SegmentNodeStorePersistence segmentNodeStorePersistence) throws Exception {
        return ((AzurePersistence) segmentNodeStorePersistence).getSegmentstoreDirectory().getContainer();
    }

    private static void assertWriteAccessNotGranted(SegmentNodeStorePersistence segmentNodeStorePersistence) {
        try {
            assertWriteAccessGranted(segmentNodeStorePersistence);
            Assert.fail("Write access should not be granted, but writing to the storage succeeded.");
        } catch (Exception e) {
        }
    }

    private static void assertReadAccessNotGranted(SegmentNodeStorePersistence segmentNodeStorePersistence) {
        try {
            assertReadAccessGranted(segmentNodeStorePersistence, BLOBS);
            Assert.fail("Read access should not be granted, but reading from the storage succeeded.");
        } catch (Exception e) {
        }
    }

    private static Instant yesterday() {
        return Instant.now().minus((TemporalAmount) Duration.ofDays(1L));
    }

    private static ImmutableSet<String> concat(ImmutableSet<String> immutableSet, String str) {
        return ImmutableSet.builder().addAll(immutableSet).add(str).build();
    }

    private static Configuration getConfigurationWithSharedAccessSignature(String str) {
        return getConfiguration(str, null, null);
    }

    private static Configuration getConfigurationWithAccessKey(String str) {
        return getConfiguration(null, str, null);
    }

    private static Configuration getConfigurationWithConfigurationURL(String str) {
        return getConfiguration(null, null, "DefaultEndpointsProtocol=https;BlobEndpoint=" + azurite.getBlobEndpoint() + ";AccountName=" + AzuriteDockerRule.ACCOUNT_NAME + ";AccountKey=" + str + ';');
    }

    @NotNull
    private static Configuration getConfiguration(final String str, final String str2, final String str3) {
        return new Configuration() { // from class: org.apache.jackrabbit.oak.segment.azure.AzureSegmentStoreServiceTest.1
            public String accountName() {
                return AzuriteDockerRule.ACCOUNT_NAME;
            }

            public String containerName() {
                return "oak";
            }

            public String accessKey() {
                return str2 != null ? str2 : "";
            }

            public String rootPath() {
                return "/oak";
            }

            public String connectionURL() {
                return str3 != null ? str3 : "";
            }

            public String sharedAccessSignature() {
                return str != null ? str : "";
            }

            public String blobEndpoint() {
                return AzureSegmentStoreServiceTest.azurite.getBlobEndpoint();
            }

            public Class<? extends Annotation> annotationType() {
                return Configuration.class;
            }
        };
    }
}
