package org.opensaml.security.trust.impl;

import com.unboundid.ldap.sdk.LDAPException;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import javax.annotation.Nonnull;
import javax.net.ssl.TrustManager;
import org.cryptacular.util.KeyPairUtil;
import org.ldaptive.Connection;
import org.ldaptive.ConnectionConfig;
import org.ldaptive.DefaultConnectionFactory;
import org.ldaptive.LdapException;
import org.ldaptive.Response;
import org.ldaptive.ResultCode;
import org.ldaptive.SearchOperation;
import org.ldaptive.SearchRequest;
import org.ldaptive.ssl.SslConfig;
import org.opensaml.security.credential.BasicCredential;
import org.opensaml.security.credential.impl.StaticCredentialResolver;
import org.testng.Assert;
import org.testng.annotations.AfterClass;
import org.testng.annotations.BeforeClass;
import org.testng.annotations.Test;

/* loaded from: input_file:org/opensaml/security/trust/impl/TrustEngineX509TrustManagerTest.class */
public class TrustEngineX509TrustManagerTest {
    private static final String DATA_PATH = "src/test/resources/org/opensaml/security/ldap/impl/";
    private InMemoryDirectory directoryServer;
    private final String context = "ou=people,dc=example,dc=org";

    @BeforeClass
    public void setupDirectoryServer() throws IOException, LDAPException {
        this.directoryServer = new InMemoryDirectory(new File("src/test/resources/org/opensaml/security/ldap/impl/test-ldap.ldif"), new File("src/test/resources/org/opensaml/security/ldap/impl/test-ldap.keystore"));
        this.directoryServer.start();
    }

    @AfterClass
    public void teardownDirectoryServer() {
        this.directoryServer.stop();
    }

    @Test(expectedExceptions = {LdapException.class})
    public void testDefaultTrust() throws LdapException {
        ConnectionConfig connectionConfig = new ConnectionConfig();
        connectionConfig.setLdapUrl("ldap://localhost:10389");
        connectionConfig.setUseStartTLS(true);
        Connection connection = new DefaultConnectionFactory(connectionConfig).getConnection();
        try {
            connection.open();
            connection.close();
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    @Test(expectedExceptions = {LdapException.class})
    public void testNullTrust() throws LdapException {
        TrustManager trustEngineX509TrustManager = new TrustEngineX509TrustManager();
        SslConfig sslConfig = new SslConfig();
        sslConfig.setTrustManagers(new TrustManager[]{trustEngineX509TrustManager});
        ConnectionConfig connectionConfig = new ConnectionConfig();
        connectionConfig.setLdapUrl("ldap://localhost:10389");
        connectionConfig.setUseStartTLS(true);
        connectionConfig.setSslConfig(sslConfig);
        Connection connection = new DefaultConnectionFactory(connectionConfig).getConnection();
        try {
            connection.open();
            connection.close();
        } catch (Throwable th) {
            connection.close();
            throw th;
        }
    }

    @Test
    public void testStaticTrust() throws LdapException, FileNotFoundException, IOException {
        FileInputStream fileInputStream = new FileInputStream(new File("src/test/resources/org/opensaml/security/ldap/impl/test-ldap.key"));
        try {
            StaticCredentialResolver staticCredentialResolver = new StaticCredentialResolver(new BasicCredential(KeyPairUtil.readPublicKey(fileInputStream)));
            fileInputStream.close();
            TrustManager trustEngineX509TrustManager = new TrustEngineX509TrustManager();
            trustEngineX509TrustManager.setTLSTrustEngine(new ExplicitKeyTrustEngine(staticCredentialResolver));
            SslConfig sslConfig = new SslConfig();
            sslConfig.setTrustManagers(new TrustManager[]{trustEngineX509TrustManager});
            ConnectionConfig connectionConfig = new ConnectionConfig();
            connectionConfig.setLdapUrl("ldap://localhost:10389");
            connectionConfig.setUseStartTLS(true);
            connectionConfig.setSslConfig(sslConfig);
            Connection connection = new DefaultConnectionFactory(connectionConfig).getConnection();
            try {
                connection.open();
                doSearch(connection);
                connection.close();
            } catch (Throwable th) {
                connection.close();
                throw th;
            }
        } catch (Throwable th2) {
            try {
                fileInputStream.close();
            } catch (Throwable th3) {
                th2.addSuppressed(th3);
            }
            throw th2;
        }
    }

    protected void doSearch(@Nonnull Connection connection) throws LdapException {
        Response execute = new SearchOperation(connection).execute(SearchRequest.newObjectScopeSearchRequest("ou=people,dc=example,dc=org", new String[]{"description"}));
        Assert.assertNotNull(execute);
        Assert.assertEquals(execute.getResultCode(), ResultCode.SUCCESS);
    }
}
