package org.apache.sshd.client.config.hosts;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.nio.file.LinkOption;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
import org.apache.sshd.client.SshClient;
import org.apache.sshd.client.config.keys.ClientIdentityLoader;
import org.apache.sshd.client.future.ConnectFuture;
import org.apache.sshd.client.session.ClientSession;
import org.apache.sshd.common.NamedResource;
import org.apache.sshd.common.config.keys.FilePasswordProvider;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.future.CancelOption;
import org.apache.sshd.common.keyprovider.AbstractKeyPairProvider;
import org.apache.sshd.common.keyprovider.KeyPairProvider;
import org.apache.sshd.common.session.Session;
import org.apache.sshd.common.session.SessionContext;
import org.apache.sshd.common.util.ValidateUtils;
import org.apache.sshd.common.util.net.SshdSocketAddress;
import org.apache.sshd.core.CoreModuleProperties;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.auth.password.RejectAllPasswordAuthenticator;
import org.apache.sshd.util.test.BaseTestSupport;
import org.apache.sshd.util.test.CommonTestSupportUtils;
import org.junit.After;
import org.junit.Before;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runners.MethodSorters;

@FixMethodOrder(MethodSorters.NAME_ASCENDING)
/* loaded from: input_file:org/apache/sshd/client/config/hosts/HostConfigEntryResolverTest.class */
public class HostConfigEntryResolverTest extends BaseTestSupport {
    private SshServer sshd;
    private SshClient client;
    private int port;

    @Before
    public void setUp() throws Exception {
        this.sshd = setupTestServer();
        this.sshd.start();
        this.port = this.sshd.getPort();
        this.client = setupTestClient();
    }

    @After
    public void tearDown() throws Exception {
        if (this.sshd != null) {
            this.sshd.stop(true);
        }
        if (this.client != null) {
            this.client.stop();
        }
    }

    @Test
    public void testEffectiveHostConfigResolution() throws Exception {
        HostConfigEntry hostConfigEntry = new HostConfigEntry(getCurrentTestName(), TEST_LOCALHOST, this.port, getCurrentTestName());
        this.client.setHostConfigEntryResolver((str, i, socketAddress, str2, str3, attributeRepository) -> {
            return hostConfigEntry;
        });
        this.client.start();
        try {
            ClientSession session = ((ConnectFuture) this.client.connect(getClass().getSimpleName(), getClass().getPackage().getName(), getMovedPortNumber(this.port)).verify(CONNECT_TIMEOUT, new CancelOption[0])).getSession();
            try {
                session.addPasswordIdentity(getCurrentTestName());
                session.auth().verify(AUTH_TIMEOUT, new CancelOption[0]);
                assertEffectiveRemoteAddress(session, hostConfigEntry);
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } finally {
            this.client.stop();
        }
    }

    @Test
    public void testNegatedHostEntriesResolution() throws Exception {
        HostConfigEntry hostConfigEntry = new HostConfigEntry(TEST_LOCALHOST, TEST_LOCALHOST, this.port, getCurrentTestName());
        HostConfigEntry hostConfigEntry2 = new HostConfigEntry(Character.toString('!') + hostConfigEntry.getHost(), hostConfigEntry.getHostName(), getMovedPortNumber(hostConfigEntry.getPort()), getClass().getPackage().getName());
        this.client.setHostConfigEntryResolver(HostConfigEntry.toHostConfigEntryResolver(Arrays.asList(hostConfigEntry2, hostConfigEntry)));
        this.client.start();
        try {
            ClientSession session = ((ConnectFuture) this.client.connect((String) null, hostConfigEntry2.getHostName(), 0).verify(CONNECT_TIMEOUT, new CancelOption[0])).getSession();
            try {
                session.addPasswordIdentity(getCurrentTestName());
                session.auth().verify(AUTH_TIMEOUT, new CancelOption[0]);
                assertEffectiveRemoteAddress(session, hostConfigEntry);
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } finally {
            this.client.stop();
        }
    }

    @Test
    public void testPreloadedIdentities() throws Exception {
        final KeyPair firstKeyPair = CommonTestSupportUtils.getFirstKeyPair(this.sshd);
        String currentTestName = getCurrentTestName();
        this.sshd.setPublickeyAuthenticator((str, publicKey, serverSession) -> {
            if (currentTestName.equals(str)) {
                return KeyUtils.compareKeys(firstKeyPair.getPublic(), publicKey);
            }
            return false;
        });
        this.sshd.setPasswordAuthenticator(RejectAllPasswordAuthenticator.INSTANCE);
        final String currentTestName2 = getCurrentTestName();
        this.client.setClientIdentityLoader(new ClientIdentityLoader() { // from class: org.apache.sshd.client.config.hosts.HostConfigEntryResolverTest.1
            public boolean isValidLocation(NamedResource namedResource) throws IOException {
                return Objects.equals(currentTestName2, namedResource.getName());
            }

            public Iterable<KeyPair> loadClientIdentities(SessionContext sessionContext, NamedResource namedResource, FilePasswordProvider filePasswordProvider) throws IOException, GeneralSecurityException {
                if (isValidLocation(namedResource)) {
                    return Collections.singletonList(firstKeyPair);
                }
                throw new FileNotFoundException("Unknown location: " + namedResource);
            }
        });
        CoreModuleProperties.IGNORE_INVALID_IDENTITIES.set(this.client, false);
        String simpleName = getClass().getSimpleName();
        HostConfigEntry hostConfigEntry = new HostConfigEntry(simpleName, TEST_LOCALHOST, this.port, currentTestName);
        hostConfigEntry.addIdentity(currentTestName2);
        this.client.setHostConfigEntryResolver((str2, i, socketAddress, str3, str4, attributeRepository) -> {
            return hostConfigEntry;
        });
        this.client.start();
        try {
            ClientSession session = ((ConnectFuture) this.client.connect(currentTestName, simpleName, getMovedPortNumber(this.port)).verify(CONNECT_TIMEOUT, new CancelOption[0])).getSession();
            try {
                session.auth().verify(AUTH_TIMEOUT, new CancelOption[0]);
                assertEffectiveRemoteAddress(session, hostConfigEntry);
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } finally {
            this.client.stop();
        }
    }

    @Test
    public void testUseIdentitiesOnly() throws Exception {
        KeyPairProvider createTestHostKeyProvider = CommonTestSupportUtils.createTestHostKeyProvider(assertHierarchyTargetFolderExists(getTempTargetRelativeFile(new String[]{getClass().getSimpleName()}), new LinkOption[0]).resolve(getCurrentTestName() + ".pem"));
        final KeyPair firstKeyPair = CommonTestSupportUtils.getFirstKeyPair(this.sshd);
        KeyPair firstKeyPair2 = CommonTestSupportUtils.getFirstKeyPair(createTestHostKeyProvider);
        ValidateUtils.checkTrue(!KeyUtils.compareKeyPairs(firstKeyPair, firstKeyPair2), "client identity not different then entry one");
        this.client.setKeyIdentityProvider(createTestHostKeyProvider);
        String currentTestName = getCurrentTestName();
        AtomicBoolean atomicBoolean = new AtomicBoolean(false);
        this.sshd.setPublickeyAuthenticator((str, publicKey, serverSession) -> {
            if (KeyUtils.compareKeys(firstKeyPair2.getPublic(), publicKey)) {
                atomicBoolean.set(true);
            }
            if (currentTestName.equals(str)) {
                return KeyUtils.compareKeys(firstKeyPair.getPublic(), publicKey);
            }
            return false;
        });
        this.sshd.setPasswordAuthenticator(RejectAllPasswordAuthenticator.INSTANCE);
        final String currentTestName2 = getCurrentTestName();
        HostConfigEntry hostConfigEntry = new HostConfigEntry(TEST_LOCALHOST, TEST_LOCALHOST, this.port, currentTestName);
        hostConfigEntry.addIdentity(currentTestName2);
        hostConfigEntry.setIdentitiesOnly(true);
        final AtomicInteger atomicInteger = new AtomicInteger(0);
        this.client.setClientIdentityLoader(new ClientIdentityLoader() { // from class: org.apache.sshd.client.config.hosts.HostConfigEntryResolverTest.2
            public boolean isValidLocation(NamedResource namedResource) throws IOException {
                return Objects.equals(currentTestName2, namedResource.getName());
            }

            public Iterable<KeyPair> loadClientIdentities(SessionContext sessionContext, NamedResource namedResource, FilePasswordProvider filePasswordProvider) throws IOException, GeneralSecurityException {
                if (!isValidLocation(namedResource)) {
                    throw new FileNotFoundException("Unknown location: " + namedResource);
                }
                atomicInteger.incrementAndGet();
                return Collections.singletonList(firstKeyPair);
            }
        });
        CoreModuleProperties.IGNORE_INVALID_IDENTITIES.set(this.client, false);
        final List singletonList = Collections.singletonList(firstKeyPair2);
        this.client.setKeyIdentityProvider(new AbstractKeyPairProvider() { // from class: org.apache.sshd.client.config.hosts.HostConfigEntryResolverTest.3
            public Iterable<KeyPair> loadKeys(SessionContext sessionContext) {
                return singletonList;
            }
        });
        this.client.start();
        try {
            ClientSession session = ((ConnectFuture) this.client.connect(hostConfigEntry).verify(CONNECT_TIMEOUT, new CancelOption[0])).getSession();
            try {
                session.auth().verify(AUTH_TIMEOUT, new CancelOption[0]);
                assertFalse("Unexpected default client identity attempted", atomicBoolean.get());
                assertNull("Default client identity auto-added", session.removePublicKeyIdentity(firstKeyPair2));
                assertEquals("Entry identity not used", 1L, atomicInteger.get());
                assertEffectiveRemoteAddress(session, hostConfigEntry);
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } finally {
            this.client.stop();
        }
    }

    private static int getMovedPortNumber(int i) {
        return i > 32767 ? i - 32767 : 32768 - i;
    }

    private static <S extends Session> S assertEffectiveRemoteAddress(S s, HostConfigEntry hostConfigEntry) {
        assertEquals("Mismatched effective port", hostConfigEntry.getPort(), SshdSocketAddress.toInetSocketAddress(s.getIoSession().getRemoteAddress()).getPort());
        assertEquals("Mismatched effective user", hostConfigEntry.getUsername(), s.getUsername());
        return s;
    }
}
