package de.adorsys.datasafe.business.impl.e2e;

import dagger.Lazy;
import de.adorsys.datasafe.business.impl.service.DaggerDefaultDatasafeServices;
import de.adorsys.datasafe.business.impl.service.DefaultDatasafeServices;
import de.adorsys.datasafe.directory.api.profile.keys.StorageKeyStoreOperations;
import de.adorsys.datasafe.directory.api.types.CreateUserPrivateProfile;
import de.adorsys.datasafe.directory.api.types.CreateUserPublicProfile;
import de.adorsys.datasafe.directory.api.types.StorageCredentials;
import de.adorsys.datasafe.directory.api.types.UserPrivateProfile;
import de.adorsys.datasafe.directory.impl.profile.config.DefaultDFSConfig;
import de.adorsys.datasafe.directory.impl.profile.dfs.BucketAccessServiceImpl;
import de.adorsys.datasafe.directory.impl.profile.dfs.BucketAccessServiceImplRuntimeDelegatable;
import de.adorsys.datasafe.directory.impl.profile.dfs.RegexAccessServiceWithStorageCredentialsImpl;
import de.adorsys.datasafe.encrypiton.api.types.UserID;
import de.adorsys.datasafe.encrypiton.api.types.UserIDAuth;
import de.adorsys.datasafe.encrypiton.api.types.keystore.ReadKeyPassword;
import de.adorsys.datasafe.storage.api.RegexDelegatingStorage;
import de.adorsys.datasafe.storage.api.UriBasedAuthStorageService;
import de.adorsys.datasafe.storage.impl.s3.S3ClientFactory;
import de.adorsys.datasafe.storage.impl.s3.S3StorageService;
import de.adorsys.datasafe.types.api.actions.ListRequest;
import de.adorsys.datasafe.types.api.actions.ReadRequest;
import de.adorsys.datasafe.types.api.actions.WriteRequest;
import de.adorsys.datasafe.types.api.context.BaseOverridesRegistry;
import de.adorsys.datasafe.types.api.resource.AbsoluteLocation;
import de.adorsys.datasafe.types.api.resource.BasePrivateResource;
import de.adorsys.datasafe.types.api.resource.BasePublicResource;
import de.adorsys.datasafe.types.api.resource.PrivateResource;
import de.adorsys.datasafe.types.api.resource.PublicResource;
import de.adorsys.datasafe.types.api.resource.ResolvedResource;
import de.adorsys.datasafe.types.api.resource.StorageIdentifier;
import de.adorsys.datasafe.types.api.shared.BaseMockitoTest;
import de.adorsys.datasafe.types.api.utils.ExecutorServiceUtil;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.UnrecoverableKeyException;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import lombok.Generated;
import org.bouncycastle.util.io.Streams;
import org.junit.jupiter.api.AfterAll;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.containers.wait.strategy.Wait;
import org.testcontainers.shaded.com.google.common.collect.ImmutableMap;

/* loaded from: input_file:de/adorsys/datasafe/business/impl/e2e/MultiDFSFunctionalityTest.class */
class MultiDFSFunctionalityTest extends BaseMockitoTest {
    private static final String LOCALHOST = "http://127.0.0.1";
    private static final String CREDENTIALS = "credentialsbucket";
    private static final String KEYSTORE = "keystorebucket";
    private static final String FILES_ONE = "filesonebucket";
    private static final String FILES_TWO = "filestwobucket";
    private static final String INBOX = "inboxbucket";
    private DefaultDatasafeServices datasafeServices;

    @Generated
    private static final Logger log = LoggerFactory.getLogger(MultiDFSFunctionalityTest.class);
    private static final ExecutorService EXECUTOR = ExecutorServiceUtil.submitterExecutesOnStarvationExecutingService(5, 5);
    private static Map<String, GenericContainer> minios = new HashMap();
    private static Map<String, String> endpointsByHost = new HashMap();
    private static Map<String, String> endpointsByHostNoBucket = new HashMap();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:de/adorsys/datasafe/business/impl/e2e/MultiDFSFunctionalityTest$WithCredentialProvider.class */
    public static class WithCredentialProvider extends BucketAccessServiceImpl {
        private final RegexAccessServiceWithStorageCredentialsImpl delegate;

        private WithCredentialProvider(Lazy<StorageKeyStoreOperations> lazy) {
            super((Lazy) null);
            this.delegate = new RegexAccessServiceWithStorageCredentialsImpl(lazy);
        }

        @Generated
        public AbsoluteLocation<PrivateResource> privateAccessFor(UserIDAuth userIDAuth, PrivateResource privateResource) {
            return this.delegate.privateAccessFor(userIDAuth, privateResource);
        }

        @Generated
        public AbsoluteLocation<PublicResource> publicAccessFor(UserID userID, PublicResource publicResource) {
            return this.delegate.publicAccessFor(userID, publicResource);
        }

        @Generated
        public AbsoluteLocation withSystemAccess(AbsoluteLocation absoluteLocation) {
            return this.delegate.withSystemAccess(absoluteLocation);
        }
    }

    MultiDFSFunctionalityTest() {
    }

    @BeforeAll
    static void initDistributedMinios() {
        Stream.of((Object[]) new String[]{CREDENTIALS, KEYSTORE, FILES_ONE, FILES_TWO, INBOX}).forEach(str -> {
            GenericContainer waitingFor = new GenericContainer("minio/minio").withExposedPorts(new Integer[]{9000}).withEnv("MINIO_ACCESS_KEY", accessKey(str)).withEnv("MINIO_SECRET_KEY", secretKey(str)).withCommand("server /data").waitingFor(Wait.defaultWaitStrategy());
            waitingFor.start();
            minios.put(str, waitingFor);
            String str = "http://127.0.0.1:" + waitingFor.getFirstMappedPort() + "/";
            log.info("Minio `{}` with endpoint `{}` and keys `{}`/`{}` has started", new Object[]{str, str, accessKey(str), secretKey(str)});
            endpointsByHost.put(str, str + str + "/");
            endpointsByHostNoBucket.put(str, str);
            S3ClientFactory.getClient(str, accessKey(str), secretKey(str)).createBucket(str);
        });
    }

    @AfterAll
    static void stopAll() {
        minios.forEach((str, genericContainer) -> {
            genericContainer.stop();
        });
    }

    @BeforeEach
    void initDatasafe() {
        S3StorageService s3StorageService = new S3StorageService(S3ClientFactory.getClient(endpointsByHostNoBucket.get(CREDENTIALS), accessKey(CREDENTIALS), secretKey(CREDENTIALS)), CREDENTIALS, EXECUTOR);
        BaseOverridesRegistry baseOverridesRegistry = new BaseOverridesRegistry();
        this.datasafeServices = DaggerDefaultDatasafeServices.builder().config(new DefaultDFSConfig(endpointsByHost.get(CREDENTIALS), "PAZZWORT")).overridesRegistry(baseOverridesRegistry).storage(new RegexDelegatingStorage(ImmutableMap.builder().put(Pattern.compile(endpointsByHost.get(CREDENTIALS) + ".+"), s3StorageService).put(Pattern.compile("http://127.0.0.1.+"), new UriBasedAuthStorageService(accessId -> {
            return new S3StorageService(S3ClientFactory.getClient(accessId.getOnlyHostPart().toString(), accessId.getAccessKey(), accessId.getSecretKey()), accessId.getBucketName(), EXECUTOR);
        })).build())).build();
        BucketAccessServiceImplRuntimeDelegatable.overrideWith(baseOverridesRegistry, argumentsCaptor -> {
            return new WithCredentialProvider(argumentsCaptor.getStorageKeyStoreOperations());
        });
    }

    @Test
    void testWriteToPrivateListPrivateReadPrivate() {
        UserIDAuth userIDAuth = new UserIDAuth("john", "my-passwd");
        registerUser(userIDAuth);
        validateBasicOperationsAndContent(userIDAuth);
        deregisterAndValidateEmpty(userIDAuth);
    }

    @Test
    void testWriteToPrivateListPrivateReadPrivateWithPasswordChange() {
        UserIDAuth userIDAuth = new UserIDAuth("john", "my-passwd");
        registerUser(userIDAuth);
        validateBasicOperationsAndContent(userIDAuth);
        ReadKeyPassword readKeyPassword = new ReadKeyPassword("ANOTHER");
        this.datasafeServices.userProfile().updateReadKeyPassword(userIDAuth, readKeyPassword);
        UserIDAuth userIDAuth2 = new UserIDAuth("john", readKeyPassword.getValue());
        Assertions.assertThrows(UnrecoverableKeyException.class, () -> {
            doBasicOperations(userIDAuth);
        });
        validateBasicOperationsAndContent(userIDAuth2);
        deregisterAndValidateEmpty(userIDAuth2);
    }

    private void doBasicOperations(UserIDAuth userIDAuth) {
        writeToPrivate(userIDAuth, id(FILES_ONE), "path/to/file1.txt", "Hello 1");
        writeToPrivate(userIDAuth, id(FILES_TWO), "path/to/file2.txt", "Hello 2");
        AbsoluteLocation<ResolvedResource> firstFileInPrivate = getFirstFileInPrivate(userIDAuth, id(FILES_ONE), "path/to/file1.txt");
        AbsoluteLocation<ResolvedResource> firstFileInPrivate2 = getFirstFileInPrivate(userIDAuth, id(FILES_TWO), "path/to/file2.txt");
        org.assertj.core.api.Assertions.assertThat(readFromPrivate(userIDAuth, firstFileInPrivate)).isEqualTo("Hello 1");
        org.assertj.core.api.Assertions.assertThat(readFromPrivate(userIDAuth, firstFileInPrivate2)).isEqualTo("Hello 2");
        org.assertj.core.api.Assertions.assertThat(readFromPrivate(userIDAuth, id(FILES_ONE), "path/to/file1.txt")).isEqualTo("Hello 1");
        org.assertj.core.api.Assertions.assertThat(readFromPrivate(userIDAuth, id(FILES_TWO), "path/to/file2.txt")).isEqualTo("Hello 2");
    }

    private void validateBasicOperationsAndContent(UserIDAuth userIDAuth) {
        doBasicOperations(userIDAuth);
        org.assertj.core.api.Assertions.assertThat(listInBucket(FILES_ONE)).hasSize(1);
        org.assertj.core.api.Assertions.assertThat(listInBucket(FILES_TWO)).hasSize(1);
        org.assertj.core.api.Assertions.assertThat(listInBucket(KEYSTORE)).hasSize(1);
        org.assertj.core.api.Assertions.assertThat(listInBucket(CREDENTIALS)).containsExactlyInAnyOrder(new String[]{"credentialsbucket/profiles/private/john", "credentialsbucket/profiles/public/john", "credentialsbucket/pubkeys", "credentialsbucket/storagecreds"});
    }

    private void deregisterAndValidateEmpty(UserIDAuth userIDAuth) {
        this.datasafeServices.userProfile().deregister(userIDAuth);
        org.assertj.core.api.Assertions.assertThat(listInBucket(FILES_ONE)).isEmpty();
        org.assertj.core.api.Assertions.assertThat(listInBucket(FILES_TWO)).isEmpty();
        org.assertj.core.api.Assertions.assertThat(listInBucket(KEYSTORE)).isEmpty();
        org.assertj.core.api.Assertions.assertThat(listInBucket(CREDENTIALS)).isEmpty();
    }

    private void registerUser(UserIDAuth userIDAuth) {
        String str = endpointsByHost.get(INBOX) + "inbox/";
        String str2 = endpointsByHost.get(CREDENTIALS) + "pubkeys";
        this.datasafeServices.userProfile().registerPublic(CreateUserPublicProfile.builder().id(userIDAuth.getUserID()).inbox(BasePublicResource.forAbsolutePublic(str)).publicKeys(BasePublicResource.forAbsolutePublic(str2)).build());
        this.datasafeServices.userProfile().registerPrivate(CreateUserPrivateProfile.builder().id(userIDAuth).storageCredentialsKeystore(BasePrivateResource.forAbsolutePrivate(endpointsByHost.get(CREDENTIALS) + "storagecreds")).inboxWithWriteAccess(BasePrivateResource.forAbsolutePrivate(str)).keystore(BasePrivateResource.forAbsolutePrivate(endpointsByHost.get(KEYSTORE) + "keystore")).privateStorage(BasePrivateResource.forAbsolutePrivate(endpointsByHost.get(FILES_ONE) + "private/")).associatedResources(Collections.emptyList()).publishPubKeysTo(BasePublicResource.forAbsolutePublic(str2)).build());
        this.datasafeServices.userProfile().createStorageKeystore(userIDAuth);
        Stream.of((Object[]) new String[]{KEYSTORE, FILES_ONE, FILES_TWO, INBOX}).forEach(str3 -> {
            String str3 = endpointsByHost.get(str3);
            UserPrivateProfile privateProfile = this.datasafeServices.userProfile().privateProfile(userIDAuth);
            privateProfile.getPrivateStorage().put(id(str3), new AbsoluteLocation(BasePrivateResource.forPrivate(str3 + "/")));
            this.datasafeServices.userProfile().registerStorageCredentials(userIDAuth, id(str3), new StorageCredentials(accessKey(str3), secretKey(str3)));
            this.datasafeServices.userProfile().updatePrivateProfile(userIDAuth, privateProfile);
        });
        this.datasafeServices.userProfile().createDocumentKeystore(userIDAuth, this.datasafeServices.userProfile().privateProfile(userIDAuth));
    }

    private List<String> listInBucket(String str) {
        return (List) S3ClientFactory.getClient(endpointsByHostNoBucket.get(str), accessKey(str), secretKey(str)).listObjects(str, "").getObjectSummaries().stream().map((v0) -> {
            return v0.getKey();
        }).collect(Collectors.toList());
    }

    private void writeToPrivate(UserIDAuth userIDAuth, StorageIdentifier storageIdentifier, String str, String str2) {
        OutputStream write = this.datasafeServices.privateService().write(WriteRequest.forPrivate(userIDAuth, storageIdentifier, str));
        Throwable th = null;
        try {
            write.write(str2.getBytes());
            if (write != null) {
                if (0 != 0) {
                    try {
                        write.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    write.close();
                }
            }
        } finally {
        }
    }

    private String readFromPrivate(UserIDAuth userIDAuth, StorageIdentifier storageIdentifier, String str) {
        InputStream read = this.datasafeServices.privateService().read(ReadRequest.forPrivate(userIDAuth, storageIdentifier, str));
        Throwable th = null;
        try {
            try {
                String str2 = new String(Streams.readAll(read));
                if (read != null) {
                    if (0 != 0) {
                        try {
                            read.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        read.close();
                    }
                }
                return str2;
            } finally {
            }
        } finally {
        }
    }

    private String readFromPrivate(UserIDAuth userIDAuth, AbsoluteLocation<ResolvedResource> absoluteLocation) {
        InputStream read = this.datasafeServices.privateService().read(ReadRequest.forPrivate(userIDAuth, absoluteLocation.getResource().asPrivate()));
        Throwable th = null;
        try {
            try {
                String str = new String(Streams.readAll(read));
                if (read != null) {
                    if (0 != 0) {
                        try {
                            read.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        read.close();
                    }
                }
                return str;
            } finally {
            }
        } finally {
        }
    }

    private AbsoluteLocation<ResolvedResource> getFirstFileInPrivate(UserIDAuth userIDAuth, StorageIdentifier storageIdentifier, String str) {
        return (AbsoluteLocation) this.datasafeServices.privateService().list(ListRequest.forPrivate(userIDAuth, storageIdentifier, str)).findFirst().orElseThrow(() -> {
            return new IllegalArgumentException("Not found");
        });
    }

    private static StorageIdentifier id(String str) {
        return new StorageIdentifier(endpointsByHost.get(str) + ".+");
    }

    private static String accessKey(String str) {
        return "ACCESS-" + str;
    }

    private static String secretKey(String str) {
        return "SECRET-" + str;
    }
}
