package net.snowflake.client.authentication;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.util.Base64;
import java.util.List;
import java.util.Properties;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import net.snowflake.client.category.TestTags;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;

@Tag(TestTags.AUTHENTICATION)
/* loaded from: input_file:net/snowflake/client/authentication/OauthLatestIT.class */
public class OauthLatestIT {
    AuthTestHelper authTestHelper;

    @BeforeEach
    public void setUp() throws IOException {
        this.authTestHelper = new AuthTestHelper();
    }

    @Test
    void shouldAuthenticateUsingOauth() throws IOException {
        this.authTestHelper.connectAndExecuteSimpleQuery(AuthConnectionParameters.getOauthConnectionParameters(getToken()), null);
        this.authTestHelper.verifyExceptionIsNotThrown();
    }

    @Test
    void shouldThrowErrorForInvalidToken() {
        this.authTestHelper.connectAndExecuteSimpleQuery(AuthConnectionParameters.getOauthConnectionParameters("invalidToken"), null);
        this.authTestHelper.verifyExceptionIsThrown("Invalid OAuth access token. ");
    }

    @Test
    void shouldThrowErrorForMismatchedOauthUsername() throws IOException {
        Properties oauthConnectionParameters = AuthConnectionParameters.getOauthConnectionParameters(getToken());
        oauthConnectionParameters.put("user", "differentUsername");
        this.authTestHelper.connectAndExecuteSimpleQuery(oauthConnectionParameters, null);
        this.authTestHelper.verifyExceptionIsThrown("The user you were trying to authenticate as differs from the user tied to the access token.");
    }

    private String getToken() throws IOException {
        List list = (List) Stream.of((Object[]) new String[]{"username=" + System.getenv("SNOWFLAKE_AUTH_TEST_OKTA_USER"), "password=" + System.getenv("SNOWFLAKE_AUTH_TEST_OKTA_PASS"), "grant_type=password", "scope=session:role:" + System.getenv("SNOWFLAKE_AUTH_TEST_ROLE").toLowerCase()}).collect(Collectors.toList());
        String encodeToString = Base64.getEncoder().encodeToString((System.getenv("SNOWFLAKE_AUTH_TEST_OAUTH_CLIENT_ID") + ":" + System.getenv("SNOWFLAKE_AUTH_TEST_OAUTH_CLIENT_SECRET")).getBytes(StandardCharsets.UTF_8));
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(System.getenv("SNOWFLAKE_AUTH_TEST_OAUTH_URL")).openConnection();
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
        httpURLConnection.setRequestProperty("Authorization", "Basic " + encodeToString);
        httpURLConnection.setDoOutput(true);
        DataOutputStream dataOutputStream = new DataOutputStream(httpURLConnection.getOutputStream());
        try {
            dataOutputStream.writeBytes(String.join("&", list));
            dataOutputStream.flush();
            dataOutputStream.close();
            int responseCode = httpURLConnection.getResponseCode();
            MatcherAssert.assertThat("Failed to get access token, response code: " + responseCode, Integer.valueOf(responseCode), CoreMatchers.is(200));
            ObjectMapper objectMapper = new ObjectMapper();
            InputStream inputStream = httpURLConnection.getInputStream();
            try {
                JsonNode readTree = objectMapper.readTree(inputStream);
                if (inputStream != null) {
                    inputStream.close();
                }
                return readTree.get("access_token").asText();
            } catch (Throwable th) {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (Throwable th3) {
            try {
                dataOutputStream.close();
            } catch (Throwable th4) {
                th3.addSuppressed(th4);
            }
            throw th3;
        }
    }
}
