package io.trino.aws.proxy.server.credentials.http;

import com.google.common.base.Strings;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.inject.Inject;
import io.airlift.http.server.HttpServerConfig;
import io.airlift.http.server.HttpServerInfo;
import io.airlift.http.server.testing.TestingHttpServer;
import io.airlift.json.ObjectMapperProvider;
import io.airlift.node.NodeInfo;
import io.trino.aws.proxy.server.testing.TestingIdentity;
import io.trino.aws.proxy.server.testing.TestingTrinoAwsProxyServer;
import io.trino.aws.proxy.server.testing.harness.BuilderFilter;
import io.trino.aws.proxy.server.testing.harness.TrinoAwsProxyTest;
import io.trino.aws.proxy.spi.credentials.Credential;
import io.trino.aws.proxy.spi.credentials.Credentials;
import io.trino.aws.proxy.spi.credentials.CredentialsProvider;
import io.trino.aws.proxy.spi.plugin.TrinoAwsProxyServerBinding;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Objects;
import java.util.Optional;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.Test;

@TrinoAwsProxyTest(filters = {Filter.class})
/* loaded from: input_file:io/trino/aws/proxy/server/credentials/http/TestHttpCredentialsProvider.class */
public class TestHttpCredentialsProvider {
    private final CredentialsProvider credentialsProvider;

    /* loaded from: input_file:io/trino/aws/proxy/server/credentials/http/TestHttpCredentialsProvider$Filter.class */
    public static class Filter implements BuilderFilter {
        private static String httpEndpointUri;

        @Override // io.trino.aws.proxy.server.testing.harness.BuilderFilter
        public TestingTrinoAwsProxyServer.Builder filter(TestingTrinoAwsProxyServer.Builder builder) {
            try {
                TestingHttpServer createTestingHttpCredentialsServer = TestHttpCredentialsProvider.createTestingHttpCredentialsServer();
                createTestingHttpCredentialsServer.start();
                httpEndpointUri = createTestingHttpCredentialsServer.getBaseUrl().toString();
                return builder.withoutTestingCredentialsRoleProviders().addModule(new HttpCredentialsModule()).addModule(binder -> {
                    TrinoAwsProxyServerBinding.bindIdentityType(binder, TestingIdentity.class);
                }).withProperty("credentials-provider.type", "http").withProperty("credentials-provider.http.endpoint", httpEndpointUri).withProperty("credentials-provider.http.headers", "Authorization: auth, Content-Type: application/json");
            } catch (Exception e) {
                throw new RuntimeException("Failed to start test http credentials provider server", e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/trino/aws/proxy/server/credentials/http/TestHttpCredentialsProvider$HttpCredentialsServlet.class */
    public static class HttpCredentialsServlet extends HttpServlet {
        private HttpCredentialsServlet() {
        }

        protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
            if (Strings.isNullOrEmpty(httpServletRequest.getHeader("Authorization")) || Strings.isNullOrEmpty("Content-Type")) {
                httpServletResponse.setStatus(400);
                return;
            }
            Optional ofNullable = Optional.ofNullable(httpServletRequest.getParameter("sessionToken"));
            String substring = httpServletRequest.getPathInfo().substring(1);
            String str = "";
            if (!ofNullable.isPresent()) {
                str = substring;
            } else if (substring.equals(ofNullable.get())) {
                str = (String) ofNullable.get();
            }
            String str2 = str;
            boolean z = -1;
            switch (str2.hashCode()) {
                case -1878464151:
                    if (str2.equals("incorrect-response")) {
                        z = true;
                        break;
                    }
                    break;
                case -1771730377:
                    if (str2.equals("test-emulated-access-key")) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    String writeValueAsString = new ObjectMapperProvider().get().writeValueAsString(new Credentials(new Credential("test-emulated-access-key", "test-emulated-secret"), Optional.of(new Credential("test-remote-access-key", "test-remote-secret")), Optional.empty(), Optional.of(new TestingIdentity("test-username", ImmutableList.of(), "xyzpdq"))));
                    httpServletResponse.setContentType("application/json");
                    httpServletResponse.getWriter().print(writeValueAsString);
                    return;
                case true:
                    httpServletResponse.getWriter().print("incorrect response");
                    return;
                default:
                    httpServletResponse.setStatus(404);
                    return;
            }
        }
    }

    @Inject
    public TestHttpCredentialsProvider(CredentialsProvider credentialsProvider) {
        this.credentialsProvider = (CredentialsProvider) Objects.requireNonNull(credentialsProvider, "credentialsProvider is null");
    }

    @Test
    public void testValidCredentialsWithEmptySession() {
        Assertions.assertThat(this.credentialsProvider.credentials("test-emulated-access-key", Optional.empty())).contains(new Credentials(new Credential("test-emulated-access-key", "test-emulated-secret"), Optional.of(new Credential("test-remote-access-key", "test-remote-secret")), Optional.empty(), Optional.of(new TestingIdentity("test-username", ImmutableList.of(), "xyzpdq"))));
    }

    @Test
    public void testValidCredentialsWithValidSession() {
        Assertions.assertThat(this.credentialsProvider.credentials("test-emulated-access-key", Optional.of("test-emulated-access-key"))).contains(new Credentials(new Credential("test-emulated-access-key", "test-emulated-secret"), Optional.of(new Credential("test-remote-access-key", "test-remote-secret")), Optional.empty(), Optional.of(new TestingIdentity("test-username", ImmutableList.of(), "xyzpdq"))));
    }

    @Test
    public void testInvalidCredentialsWithEmptySession() {
        Assertions.assertThat(this.credentialsProvider.credentials("non-existent-key", Optional.empty())).isEmpty();
    }

    @Test
    public void testValidCredentialsWithInvalidSession() {
        Assertions.assertThat(this.credentialsProvider.credentials("test-emulated-access-key", Optional.of("sessionToken-not-equals-accessKey"))).isEmpty();
    }

    @Test
    public void testInvalidCredentialsWithInvalidSession() {
        Assertions.assertThat(this.credentialsProvider.credentials("non-existent-key", Optional.of("sessionToken-not-equals-accessKey"))).isEmpty();
    }

    @Test
    public void testIncorrectResponseFromServer() {
        Assertions.assertThat(this.credentialsProvider.credentials("incorrect-response", Optional.empty())).isEmpty();
    }

    private static TestingHttpServer createTestingHttpCredentialsServer() throws IOException {
        NodeInfo nodeInfo = new NodeInfo("test");
        HttpServerConfig httpPort = new HttpServerConfig().setHttpPort(0);
        return new TestingHttpServer(new HttpServerInfo(httpPort, nodeInfo), nodeInfo, httpPort, new HttpCredentialsServlet(), ImmutableMap.of());
    }
}
