package net.jsign.jca;

import java.io.IOException;
import java.net.UnknownServiceException;
import net.jadler.Jadler;
import org.junit.After;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;

/* loaded from: input_file:net/jsign/jca/AmazonIMDS2ClientTest.class */
public class AmazonIMDS2ClientTest {
    @Before
    public void setUp() {
        Jadler.initJadler().withDefaultResponseStatus(404);
    }

    @After
    public void tearDown() {
        Jadler.closeJadler();
    }

    @Test
    public void testAzureEnvironment() {
        Jadler.onRequest().havingMethodEqualTo("PUT").havingPathEqualTo("/latest/api/token").respond().withStatus(411);
        AmazonIMDS2Client amazonIMDS2Client = new AmazonIMDS2Client();
        amazonIMDS2Client.setEndpoint("http://localhost:" + Jadler.port());
        amazonIMDS2Client.getClass();
        Assert.assertEquals("message", "IMDSv2 host did not respond as expected; are you in AWS cloud?", ((Exception) Assert.assertThrows(IOException.class, amazonIMDS2Client::getCredentials)).getMessage());
    }

    @Test
    public void testDisabled() {
        Jadler.onRequest().havingMethodEqualTo("PUT").havingPathEqualTo("/latest/api/token").respond().withStatus(403);
        AmazonIMDS2Client amazonIMDS2Client = new AmazonIMDS2Client();
        amazonIMDS2Client.setEndpoint("http://localhost:" + Jadler.port());
        amazonIMDS2Client.getClass();
        Assert.assertEquals("message", "IMDSv2 is possibly disabled on this host", ((Exception) Assert.assertThrows(UnknownServiceException.class, amazonIMDS2Client::getCredentials)).getMessage());
    }

    @Test
    public void testUnreachable() {
        AmazonIMDS2Client amazonIMDS2Client = new AmazonIMDS2Client();
        amazonIMDS2Client.setEndpoint("http://localhost:31457");
        amazonIMDS2Client.getClass();
        Assert.assertEquals("message", "IMDSv2 host was unreachable; check the hop limit if containerized", ((Exception) Assert.assertThrows(IOException.class, amazonIMDS2Client::getCredentials)).getMessage());
    }

    @Test
    public void testServerError() {
        Jadler.onRequest().havingMethodEqualTo("PUT").havingPathEqualTo("/latest/api/token").respond().withStatus(503);
        AmazonIMDS2Client amazonIMDS2Client = new AmazonIMDS2Client();
        amazonIMDS2Client.setEndpoint("http://localhost:" + Jadler.port());
        amazonIMDS2Client.getClass();
        Assert.assertTrue("message", ((Exception) Assert.assertThrows(IOException.class, amazonIMDS2Client::getCredentials)).getMessage().startsWith("HTTP Error 503 - Service Unavailable"));
    }

    @Test
    public void testNoInstanceProfile() {
        Jadler.onRequest().havingMethodEqualTo("PUT").havingPathEqualTo("/latest/api/token").respond().withStatus(200).withBody("0123456789ABCDEF");
        AmazonIMDS2Client amazonIMDS2Client = new AmazonIMDS2Client();
        amazonIMDS2Client.setEndpoint("http://localhost:" + Jadler.port());
        amazonIMDS2Client.getClass();
        Assert.assertEquals("message", "This EC2 instance seems not to be associated with an instance profile", ((Exception) Assert.assertThrows(RuntimeException.class, amazonIMDS2Client::getCredentials)).getMessage());
    }

    @Test
    public void testGetInstanceProfileName() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("PUT").havingPathEqualTo("/latest/api/token").respond().withStatus(200).withBody("0123456789ABCDEF");
        Jadler.onRequest().havingMethodEqualTo("GET").havingPathEqualTo("/latest/meta-data/iam/security-credentials").havingHeaderEqualTo("X-aws-ec2-metadata-token", "0123456789ABCDEF").respond().withStatus(200).withBody("role1\nrole2\nrole3");
        AmazonIMDS2Client amazonIMDS2Client = new AmazonIMDS2Client();
        amazonIMDS2Client.setEndpoint("http://localhost:" + Jadler.port());
        Assert.assertEquals("profile", "role1", amazonIMDS2Client.getInstanceProfileName());
    }

    @Test
    public void testInvalidInstanceProfileName() {
        Jadler.onRequest().havingMethodEqualTo("PUT").havingPathEqualTo("/latest/api/token").respond().withStatus(200).withBody("0123456789ABCDEF");
        Jadler.onRequest().havingMethodEqualTo("GET").havingPathEqualTo("/latest/meta-data/iam/security-credentials").havingHeaderEqualTo("X-aws-ec2-metadata-token", "0123456789ABCDEF").respond().withStatus(200).withBody("!role");
        AmazonIMDS2Client amazonIMDS2Client = new AmazonIMDS2Client();
        amazonIMDS2Client.setEndpoint("http://localhost:" + Jadler.port());
        amazonIMDS2Client.getClass();
        Assert.assertEquals("message", "Unable to read the instance profile name", ((Exception) Assert.assertThrows(RuntimeException.class, amazonIMDS2Client::getInstanceProfileName)).getMessage());
    }

    @Test
    public void testGetCredentials() throws Exception {
        Jadler.onRequest().havingMethodEqualTo("PUT").havingPathEqualTo("/latest/api/token").respond().withStatus(200).withBody("0123456789ABCDEF");
        Jadler.onRequest().havingMethodEqualTo("GET").havingPathEqualTo("/latest/meta-data/iam/security-credentials").havingHeaderEqualTo("X-aws-ec2-metadata-token", "0123456789ABCDEF").respond().withStatus(200).withBody("role1\nrole1\nrole1");
        Jadler.onRequest().havingMethodEqualTo("GET").havingPathEqualTo("/latest/meta-data/iam/security-credentials/role1").havingHeaderEqualTo("X-aws-ec2-metadata-token", "0123456789ABCDEF").respond().withStatus(200).withBody("{\"Code\" : \"Success\", \"AccessKeyId\" : \"accessKey\", \"SecretAccessKey\" : \"secretKey\", \"Token\" : \"sessionToken\"}");
        AmazonIMDS2Client amazonIMDS2Client = new AmazonIMDS2Client();
        amazonIMDS2Client.setEndpoint("http://localhost:" + Jadler.port());
        AmazonCredentials credentials = amazonIMDS2Client.getCredentials();
        Assert.assertNotNull("credentials", credentials);
        Assert.assertEquals("access key", "accessKey", credentials.getAccessKey());
        Assert.assertEquals("secret key", "secretKey", credentials.getSecretKey());
        Assert.assertEquals("session token", "sessionToken", credentials.getSessionToken());
    }
}
