package net.snowflake.client.core.auth.wif;

import java.time.Duration;
import net.snowflake.client.category.TestTags;
import net.snowflake.client.core.HttpClientSettingsKey;
import net.snowflake.client.core.OCSPMode;
import net.snowflake.client.core.SFLoginInput;
import net.snowflake.client.jdbc.BaseWiremockTest;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;

@Tag(TestTags.AUTHENTICATION)
/* loaded from: input_file:net/snowflake/client/core/auth/wif/GcpIdentityAttestationCreatorLatestIT.class */
class GcpIdentityAttestationCreatorLatestIT extends BaseWiremockTest {
    private static final String SCENARIOS_BASE_DIR = "/wiremock/mappings/wif/gcp";
    private static final String SUCCESSFUL_FLOW_SCENARIO_MAPPINGS = "/wiremock/mappings/wif/gcp/successful_flow.json";
    private static final String INVALID_ISSUER_SCENARIO_MAPPINGS = "/wiremock/mappings/wif/gcp/invalid_issuer_claim.json";
    private static final String MISSING_ISSUER_SCENARIO_MAPPINGS = "/wiremock/mappings/wif/gcp/missing_issuer_claim.json";
    private static final String MISSING_SUB_SCENARIO_MAPPINGS = "/wiremock/mappings/wif/gcp/missing_sub_claim.json";
    private static final String TOKEN_PARSE_ERROR_SCENARIO_MAPPINGS = "/wiremock/mappings/wif/gcp/unparsable_token.json";
    private static final String HTTP_ERROR_MAPPINGS = "/wiremock/mappings/wif/gcp/http_error.json";

    GcpIdentityAttestationCreatorLatestIT() {
    }

    @Test
    public void successfulFlowScenario() {
        importMappingFromResources(SUCCESSFUL_FLOW_SCENARIO_MAPPINGS);
        WorkloadIdentityAttestation createAttestation = new GcpIdentityAttestationCreator(createLoginInputStub(), getBaseUrl()).createAttestation();
        Assertions.assertNotNull(createAttestation);
        Assertions.assertEquals(WorkloadIdentityProviderType.GCP, createAttestation.getProvider());
        Assertions.assertEquals("some-subject", createAttestation.getUserIdentifierComponents().get("sub"));
        Assertions.assertNotNull(createAttestation.getCredential());
    }

    @Test
    public void invalidIssuerScenario() {
        importMappingFromResources(INVALID_ISSUER_SCENARIO_MAPPINGS);
        createAttestationAndAssertNull();
    }

    @Test
    public void missingIssuerScenario() {
        importMappingFromResources(MISSING_ISSUER_SCENARIO_MAPPINGS);
        createAttestationAndAssertNull();
    }

    @Test
    public void missingSubScenario() {
        importMappingFromResources(MISSING_SUB_SCENARIO_MAPPINGS);
        createAttestationAndAssertNull();
    }

    @Test
    public void unparsableTokenScenario() {
        importMappingFromResources(TOKEN_PARSE_ERROR_SCENARIO_MAPPINGS);
        createAttestationAndAssertNull();
    }

    @Test
    public void httpErrorScenario() {
        importMappingFromResources(HTTP_ERROR_MAPPINGS);
        createAttestationAndAssertNull();
    }

    private void createAttestationAndAssertNull() {
        Assertions.assertNull(new GcpIdentityAttestationCreator(createLoginInputStub(), getBaseUrl()).createAttestation());
    }

    private String getBaseUrl() {
        return String.format("http://%s:%d/", "localhost", Integer.valueOf(wiremockHttpPort));
    }

    private SFLoginInput createLoginInputStub() {
        SFLoginInput sFLoginInput = new SFLoginInput();
        sFLoginInput.setSocketTimeout(Duration.ofMinutes(5L));
        sFLoginInput.setHttpClientSettingsKey(new HttpClientSettingsKey(OCSPMode.FAIL_OPEN));
        return sFLoginInput;
    }
}
