package net.snowflake.client.core;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.TimeUnit;
import net.snowflake.client.category.TestCategoryCore;
import net.snowflake.client.jdbc.BaseJDBCTest;
import net.snowflake.client.jdbc.telemetryOOB.TelemetryService;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
import org.hamcrest.core.AnyOf;
import org.junit.After;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.junit.rules.TemporaryFolder;

@Category({TestCategoryCore.class})
/* loaded from: input_file:net/snowflake/client/core/SFTrustManagerIT.class */
public class SFTrustManagerIT extends BaseJDBCTest {
    private static final String[] TARGET_HOSTS = {"storage.googleapis.com", "ocspssd.us-east-1.snowflakecomputing.com/ocsp/fetch", "sfcsupport.snowflakecomputing.com", "sfcsupport.us-east-1.snowflakecomputing.com", "sfcsupport.eu-central-1.snowflakecomputing.com", "sfc-dev1-regression.s3.amazonaws.com", "sfc-ds2-customer-stage.s3.amazonaws.com", "snowflake.okta.com", "sfcdev1.blob.core.windows.net"};
    private boolean defaultState;

    @Rule
    public TemporaryFolder tmpFolder = new TemporaryFolder();

    @Before
    public void setUp() {
        TelemetryService telemetryService = TelemetryService.getInstance();
        telemetryService.updateContextForIT(getConnectionParameters());
        this.defaultState = telemetryService.isEnabled();
        telemetryService.setNumOfRetryToTriggerTelemetry(3);
        telemetryService.disableRunFlushBeforeException();
        TelemetryService.FLUSH_OCSP_REVOKED_EVENT = false;
        telemetryService.enable();
    }

    @After
    public void tearDown() throws InterruptedException {
        TelemetryService telemetryService = TelemetryService.getInstance();
        telemetryService.flush();
        TimeUnit.SECONDS.sleep(5L);
        TelemetryService.FLUSH_OCSP_REVOKED_EVENT = true;
        if (this.defaultState) {
            telemetryService.enable();
        } else {
            telemetryService.disable();
        }
        telemetryService.enableRunFlushBeforeException();
        System.clearProperty("SF_OCSP_RESPONSE_CACHE_SERVER_ENABLED");
        System.clearProperty("SF_OCSP_RESPONSE_CACHE_SERVER_URL");
    }

    @Test
    public void testOcsp() throws Throwable {
        System.setProperty("SF_OCSP_RESPONSE_CACHE_SERVER_ENABLED", Boolean.TRUE.toString());
        for (String str : TARGET_HOSTS) {
            accessHost(str, HttpUtil.buildHttpClient(OCSPMode.FAIL_CLOSED, (File) null, false));
        }
    }

    @Test
    public void testOcspWithFileCache() throws Throwable {
        System.setProperty("SF_OCSP_RESPONSE_CACHE_SERVER_ENABLED", Boolean.FALSE.toString());
        File newFile = this.tmpFolder.newFile();
        for (String str : TARGET_HOSTS) {
            accessHost(str, HttpUtil.buildHttpClient(OCSPMode.FAIL_CLOSED, newFile, false));
        }
    }

    @Test
    public void testOcspWithServerCache() throws Throwable {
        System.setProperty("SF_OCSP_RESPONSE_CACHE_SERVER_ENABLED", Boolean.TRUE.toString());
        File newFile = this.tmpFolder.newFile();
        for (String str : TARGET_HOSTS) {
            accessHost(str, HttpUtil.buildHttpClient(OCSPMode.FAIL_CLOSED, newFile, false));
        }
    }

    @Test
    public void testOcspWithoutServerCache() throws Throwable {
        System.setProperty("SF_OCSP_RESPONSE_CACHE_SERVER_ENABLED", Boolean.FALSE.toString());
        File newFile = this.tmpFolder.newFile();
        for (String str : TARGET_HOSTS) {
            accessHost(str, HttpUtil.buildHttpClient(OCSPMode.FAIL_OPEN, newFile, false));
        }
    }

    @Test
    public void testInvalidCacheFile() throws Throwable {
        System.setProperty("SF_OCSP_RESPONSE_CACHE_SERVER_ENABLED", Boolean.TRUE.toString());
        accessHost(TARGET_HOSTS[0], HttpUtil.buildHttpClient(OCSPMode.FAIL_CLOSED, new File("NEVER_EXISTS", "NEVER_EXISTS"), false));
    }

    private static void accessHost(String str, HttpClient httpClient) throws IOException {
        int i = -1;
        for (int i2 = 0; i2 < 10; i2++) {
            i = httpClient.execute(new HttpGet(String.format("https://%s:443/", str))).getStatusLine().getStatusCode();
            if (i != 503 && i != 504) {
                break;
            }
            try {
                Thread.sleep(1000L);
            } catch (InterruptedException e) {
            }
        }
        MatcherAssert.assertThat(String.format("response code for %s", str), Integer.valueOf(i), AnyOf.anyOf(CoreMatchers.equalTo(200), CoreMatchers.equalTo(403), CoreMatchers.equalTo(400)));
    }

    private List<X509Certificate> getX509CertificatesFromFile(String str) throws Throwable {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        ArrayList arrayList = new ArrayList();
        Iterator<? extends Certificate> it = certificateFactory.generateCertificates(getFile(str)).iterator();
        while (it.hasNext()) {
            arrayList.add((X509Certificate) it.next());
        }
        return arrayList;
    }

    private InputStream getFile(String str) throws Throwable {
        URL resource = getClass().getClassLoader().getResource(str);
        if (resource != null) {
            return resource.openStream();
        }
        return null;
    }
}
