package pl.codewise.commons.aws.cqrs.discovery;

import com.amazonaws.services.identitymanagement.AmazonIdentityManagement;
import com.amazonaws.services.identitymanagement.model.AmazonIdentityManagementException;
import com.amazonaws.services.identitymanagement.model.AttachedPolicy;
import com.amazonaws.services.identitymanagement.model.GetInstanceProfileRequest;
import com.amazonaws.services.identitymanagement.model.GetInstanceProfileResult;
import com.amazonaws.services.identitymanagement.model.GetRoleRequest;
import com.amazonaws.services.identitymanagement.model.GetRoleResult;
import com.amazonaws.services.identitymanagement.model.InstanceProfile;
import com.amazonaws.services.identitymanagement.model.ListAttachedRolePoliciesRequest;
import com.amazonaws.services.identitymanagement.model.ListAttachedRolePoliciesResult;
import com.amazonaws.services.identitymanagement.model.ListPoliciesRequest;
import com.amazonaws.services.identitymanagement.model.ListPoliciesResult;
import com.amazonaws.services.identitymanagement.model.ListServerCertificatesResult;
import com.amazonaws.services.identitymanagement.model.NoSuchEntityException;
import com.amazonaws.services.identitymanagement.model.Policy;
import com.amazonaws.services.identitymanagement.model.Role;
import com.amazonaws.services.identitymanagement.model.ServerCertificateMetadata;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.stream.Collectors;
import org.assertj.core.api.Assertions;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.ArgumentMatchers;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnitRunner;
import org.mockito.stubbing.OngoingStubbing;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:pl/codewise/commons/aws/cqrs/discovery/IamDiscoveryTest.class */
public class IamDiscoveryTest {
    private final String policy1 = "test-policy-1";
    private final String policy2 = "test-policy-2";
    private final String nonExistingPolicy = "non-existing-policy";
    private final String arnPrefix = "arn:aws:iam::123456789012:";
    private final String role1 = "test-role-1";
    private final String role2 = "test-role-2";
    private final String profileName = "test-profile";

    @Mock
    private AmazonIdentityManagement amazonIdentityManagement;

    @InjectMocks
    private IamDiscovery iamDiscovery;

    @Test
    public void shouldReportNonExistingRole() {
        whenGetRoleRequested("test-role-1").thenThrow(new Throwable[]{new AmazonIdentityManagementException("RoleDoesNotExist")});
        Assertions.assertThat(this.iamDiscovery.hasRole("test-role-1")).isFalse();
    }

    @Test
    public void shouldReportExistingRole() {
        whenGetRoleRequested("test-role-1").thenReturn(getRoleResultWithArn(prefixed("test-role-1")));
        Assertions.assertThat(this.iamDiscovery.hasRole("test-role-1")).isTrue();
    }

    @Test
    public void shouldGetRoleArn() {
        whenGetRoleRequested("test-role-1").thenReturn(getRoleResultWithArn(prefixed("test-role-1")));
        Assertions.assertThat(this.iamDiscovery.getRoleArn("test-role-1")).isPresent().hasValue(prefixed("test-role-1"));
    }

    @Test
    public void shouldReportNonExistingInstanceProfile() {
        whenGetInstanceProfileRequested("test-profile").thenThrow(new Throwable[]{new NoSuchEntityException("Not found")});
        Assertions.assertThat(this.iamDiscovery.hasInstanceProfile("test-profile")).isFalse();
    }

    @Test
    public void shouldReportExistingInstanceProfile() {
        whenGetInstanceProfileRequested("test-profile").thenReturn(resultWithInstanceProfileArn(prefixed("test-profile")));
        Assertions.assertThat(this.iamDiscovery.hasInstanceProfile("test-profile")).isTrue();
    }

    @Test
    public void shouldGetInstanceProfileArn() {
        whenGetInstanceProfileRequested("test-profile").thenReturn(resultWithInstanceProfileArn(prefixed("test-profile")));
        Assertions.assertThat(this.iamDiscovery.getInstanceProfileArn("test-profile")).isPresent().hasValue(prefixed("test-profile"));
    }

    @Test
    public void shouldReturnFalseForNonExistingPolicy() {
        givenPolicies("test-policy-1");
        Assertions.assertThat(this.iamDiscovery.hasPolicy("non-existing-policy")).as("Result of existence check of a non-existing policy", new Object[0]).isFalse();
    }

    @Test
    public void shouldReturnTrueForExistingPolicy() {
        givenPolicies("test-policy-1", "test-policy-2");
        Assertions.assertThat(this.iamDiscovery.hasPolicy("test-policy-2")).as("Result of existence check of an existing policy", new Object[0]).isTrue();
    }

    @Test
    public void shouldNotReturnAnyPolicies() {
        Mockito.when(this.amazonIdentityManagement.listAttachedRolePolicies(new ListAttachedRolePoliciesRequest().withRoleName("test-role"))).thenThrow(new Throwable[]{new AmazonIdentityManagementException("NoSuchRole")});
        Assertions.assertThat(this.iamDiscovery.getAttachedPoliciesArnsForRole("test-role")).isEmpty();
    }

    @Test
    public void shouldNotReturnAnyPoliciesWhenNoAttached() {
        Mockito.when(this.amazonIdentityManagement.listAttachedRolePolicies(new ListAttachedRolePoliciesRequest().withRoleName("test-role"))).thenReturn(attachedPolicies(Collections.emptyList()));
        Assertions.assertThat(this.iamDiscovery.getAttachedPoliciesArnsForRole("test-role")).isEmpty();
    }

    @Test
    public void shouldReturnPoliciesArns() {
        Mockito.when(this.amazonIdentityManagement.listAttachedRolePolicies(new ListAttachedRolePoliciesRequest().withRoleName("test-role"))).thenReturn(attachedPolicies(Arrays.asList(attachedPolicy("test-policy-1"), attachedPolicy("test-policy-2"))));
        Assertions.assertThat(this.iamDiscovery.getAttachedPoliciesArnsForRole("test-role")).containsExactly(new String[]{prefixed("test-policy-1"), prefixed("test-policy-2")});
    }

    @Test
    public void shouldNotReturnAnyRoles() {
        whenGetInstanceProfileRequested("test-profile").thenThrow(new Throwable[]{new AmazonIdentityManagementException("NoSuchProfile")});
        Assertions.assertThat(this.iamDiscovery.getInstanceProfileRoles("test-profile")).isEmpty();
    }

    @Test
    public void shouldReturnInstanceProfileRoles() {
        whenGetInstanceProfileRequested("test-profile").thenReturn(resultWithRoleNames("test-role-1", "test-role-2"));
        Assertions.assertThat(this.iamDiscovery.getInstanceProfileRoles("test-profile")).containsExactly(new String[]{"test-role-1", "test-role-2"});
    }

    @Test
    public void shouldNotReturnCertificateArn() {
        Mockito.when(this.amazonIdentityManagement.listServerCertificates()).thenReturn(serverCertificates("other-certificate"));
        Assertions.assertThat(this.iamDiscovery.getServerCertificateArn("test-certificate")).isNotPresent();
    }

    @Test
    public void shouldReturnCertificateArn() {
        Mockito.when(this.amazonIdentityManagement.listServerCertificates()).thenReturn(serverCertificates("test-certificate"));
        Assertions.assertThat(this.iamDiscovery.getServerCertificateArn("test-certificate")).isPresent().hasValue(arnPrefixedCertificate("test-certificate"));
    }

    private OngoingStubbing<GetRoleResult> whenGetRoleRequested(String str) {
        return Mockito.when(this.amazonIdentityManagement.getRole(new GetRoleRequest().withRoleName(str)));
    }

    private GetRoleResult getRoleResultWithArn(String str) {
        return new GetRoleResult().withRole(new Role().withArn(str));
    }

    private void givenPolicies(String... strArr) {
        Mockito.when(this.amazonIdentityManagement.listPolicies((ListPoliciesRequest) ArgumentMatchers.any())).thenReturn(listPolicies(Arrays.asList(strArr)));
    }

    private ListPoliciesResult listPolicies(Collection<String> collection) {
        return new ListPoliciesResult().withPolicies(mapNamesToPolicies(collection)).withIsTruncated(false);
    }

    private List<Policy> mapNamesToPolicies(Collection<String> collection) {
        return (List) collection.stream().map(str -> {
            return new Policy().withPolicyName(str).withArn(prefixed(str));
        }).collect(Collectors.toList());
    }

    private AttachedPolicy attachedPolicy(String str) {
        return new AttachedPolicy().withPolicyArn(prefixed(str));
    }

    private ListAttachedRolePoliciesResult attachedPolicies(List<AttachedPolicy> list) {
        return new ListAttachedRolePoliciesResult().withAttachedPolicies(list);
    }

    private String prefixed(String str) {
        return "arn:aws:iam::123456789012:" + str;
    }

    private OngoingStubbing<GetInstanceProfileResult> whenGetInstanceProfileRequested(String str) {
        return Mockito.when(this.amazonIdentityManagement.getInstanceProfile(new GetInstanceProfileRequest().withInstanceProfileName(str)));
    }

    private GetInstanceProfileResult resultWithRoleNames(String... strArr) {
        return new GetInstanceProfileResult().withInstanceProfile(new InstanceProfile().withRoles((List) Arrays.stream(strArr).map(this::roleNamed).collect(Collectors.toList())));
    }

    private GetInstanceProfileResult resultWithInstanceProfileArn(String str) {
        return new GetInstanceProfileResult().withInstanceProfile(new InstanceProfile().withArn(str));
    }

    private Role roleNamed(String str) {
        return new Role().withRoleName(str);
    }

    private ListServerCertificatesResult serverCertificates(String... strArr) {
        return new ListServerCertificatesResult().withServerCertificateMetadataList((List) Arrays.stream(strArr).map(this::serverCertificateMetadata).collect(Collectors.toList()));
    }

    private ServerCertificateMetadata serverCertificateMetadata(String str) {
        return new ServerCertificateMetadata().withServerCertificateName(str).withArn(arnPrefixedCertificate(str));
    }

    private String arnPrefixedCertificate(String str) {
        return "arn:aws:iam::123456789012:server-certificate/" + str;
    }
}
