package org.apache.sshd.client.auth.pubkey;

import java.util.Arrays;
import java.util.regex.Pattern;
import org.apache.sshd.client.SshClient;
import org.apache.sshd.client.future.ConnectFuture;
import org.apache.sshd.client.session.ClientSession;
import org.apache.sshd.common.kex.extension.DefaultClientKexExtensionHandler;
import org.apache.sshd.common.keyprovider.FileKeyPairProvider;
import org.apache.sshd.util.test.BaseTestSupport;
import org.apache.sshd.util.test.CommonTestSupportUtils;
import org.apache.sshd.util.test.ContainerTestCase;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.containers.output.Slf4jLogConsumer;
import org.testcontainers.containers.wait.strategy.Wait;
import org.testcontainers.images.builder.ImageFromDockerfile;
import org.testcontainers.utility.MountableFile;

@RunWith(Parameterized.class)
@Category({ContainerTestCase.class})
/* loaded from: input_file:org/apache/sshd/client/auth/pubkey/HostBoundPubKeyAuthTest.class */
public class HostBoundPubKeyAuthTest extends BaseTestSupport {
    private static final String TEST_KEYS = "org/apache/sshd/client/opensshcerts/user";
    private static final String TEST_RESOURCES = "org/apache/sshd/client/auth/pubkey";

    @Rule
    public GenericContainer<?> sshdContainer = new GenericContainer(new ImageFromDockerfile().withDockerfileFromBuilder(dockerfileBuilder -> {
        dockerfileBuilder.from("alpine:3.16").run("apk --update add openssh-server").run("ssh-keygen -A").run("adduser -D bob").run("echo 'bob:passwordBob' | chpasswd").run("mkdir -p /home/bob/.ssh").entryPoint("/entrypoint.sh").build();
    })).withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/opensshcerts/user/user01_authorized_keys"), "/home/bob/.ssh/authorized_keys").withCopyFileToContainer(MountableFile.forClasspathResource("org/apache/sshd/client/auth/pubkey/entrypoint.sh", 511), "/entrypoint.sh").waitingFor(Wait.forLogMessage(".*Server listening on :: port 22.*\\n", 1)).withExposedPorts(new Integer[]{22}).withLogConsumer(new Slf4jLogConsumer(LOG));
    private final String privateKeyName;
    private static final Logger LOG = LoggerFactory.getLogger(HostBoundPubKeyAuthTest.class);
    private static final Pattern EXPECTED_LOG_ENTRY = Pattern.compile("\n.*debug2: userauth_pubkey: valid user bob attempting public key.*\r?\n.*debug3: userauth_pubkey: publickey-hostbound-v00@openssh.com have");

    public HostBoundPubKeyAuthTest(String str) {
        this.privateKeyName = str;
    }

    @Parameterized.Parameters(name = "{0}")
    public static Iterable<? extends String> privateKeyParams() {
        return Arrays.asList("user01_rsa_sha2_512_2048", "user01_rsa_sha2_512_4096", "user01_ed25519", "user01_ecdsa_256", "user01_ecdsa_384", "user01_ecdsa_521");
    }

    private String getPrivateKeyResource() {
        return "org/apache/sshd/client/opensshcerts/user/" + this.privateKeyName;
    }

    private void checkLog(String str) {
        assertTrue("Expected server log message not found", EXPECTED_LOG_ENTRY.matcher(str).find());
    }

    @Test
    public void testPubkeyAuth() throws Exception {
        FileKeyPairProvider createTestKeyPairProvider = CommonTestSupportUtils.createTestKeyPairProvider(getPrivateKeyResource());
        SshClient sshClient = setupTestClient();
        sshClient.setKeyIdentityProvider(createTestKeyPairProvider);
        sshClient.start();
        Integer mappedPort = this.sshdContainer.getMappedPort(22);
        try {
            ClientSession session = ((ConnectFuture) sshClient.connect("bob", this.sshdContainer.getHost(), mappedPort.intValue()).verify(CONNECT_TIMEOUT)).getSession();
            try {
                session.auth().verify(AUTH_TIMEOUT);
                assertEquals(0, session.getAttribute(DefaultClientKexExtensionHandler.HOSTBOUND_AUTHENTICATION));
                checkLog(this.sshdContainer.getLogs());
                if (session != null) {
                    session.close();
                }
            } finally {
            }
        } finally {
            sshClient.stop();
        }
    }
}
