package org.apereo.cas.authentication;

import java.io.InputStream;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import javax.net.ssl.HttpsURLConnection;
import org.apache.commons.io.IOUtils;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apereo.cas.config.CasCoreHttpConfiguration;
import org.apereo.cas.configuration.CasConfigurationProperties;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Tag;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.boot.SpringBootConfiguration;
import org.springframework.boot.autoconfigure.ImportAutoConfiguration;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.cloud.autoconfigure.RefreshAutoConfiguration;
import org.springframework.context.annotation.Import;

@Tag("Authentication")
@EnableConfigurationProperties({CasConfigurationProperties.class})
/* loaded from: input_file:org/apereo/cas/authentication/DefaultCasSSLContextTests.class */
public class DefaultCasSSLContextTests {

    @SpringBootTest(classes = {SharedTestConfiguration.class}, properties = {"cas.http-client.trust-store.file=classpath:truststore.jks"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/authentication/DefaultCasSSLContextTests$DefaultSslContext.class */
    public class DefaultSslContext {

        @Autowired
        @Qualifier("casSslContext")
        private CasSSLContext casSslContext;

        public DefaultSslContext() {
        }

        @Test
        public void verifyOperation() throws Exception {
            Assertions.assertNotNull(SharedTestConfiguration.contactUrl("https://self-signed.badssl.com", this.casSslContext));
        }
    }

    @SpringBootTest(classes = {SharedTestConfiguration.class}, properties = {"cas.http-client.host-name-verifier=none"})
    @Nested
    /* loaded from: input_file:org/apereo/cas/authentication/DefaultCasSSLContextTests$DisabledSslContext.class */
    public class DisabledSslContext {

        @Autowired
        @Qualifier("casSslContext")
        private CasSSLContext casSslContext;

        public DisabledSslContext() {
        }

        @Test
        public void verifyOperation() throws Exception {
            Assertions.assertNotNull(SharedTestConfiguration.contactUrl("https://untrusted-root.badssl.com/", this.casSslContext));
        }
    }

    @SpringBootConfiguration
    @ImportAutoConfiguration({RefreshAutoConfiguration.class})
    @Import({CasCoreHttpConfiguration.class})
    /* loaded from: input_file:org/apereo/cas/authentication/DefaultCasSSLContextTests$SharedTestConfiguration.class */
    public static class SharedTestConfiguration {
        static String contactUrl(String str, CasSSLContext casSSLContext) throws Exception {
            HttpsURLConnection httpsURLConnection = (HttpsURLConnection) new URL(str).openConnection();
            httpsURLConnection.setRequestMethod("GET");
            httpsURLConnection.setHostnameVerifier(NoopHostnameVerifier.INSTANCE);
            httpsURLConnection.setSSLSocketFactory(casSSLContext.getSslContext().getSocketFactory());
            InputStream inputStream = httpsURLConnection.getInputStream();
            try {
                String iOUtils = IOUtils.toString(inputStream, StandardCharsets.UTF_8);
                if (inputStream != null) {
                    inputStream.close();
                }
                return iOUtils;
            } catch (Throwable th) {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
    }

    @SpringBootTest(classes = {SharedTestConfiguration.class})
    @Nested
    /* loaded from: input_file:org/apereo/cas/authentication/DefaultCasSSLContextTests$SystemSslContext.class */
    public class SystemSslContext {

        @Autowired
        @Qualifier("casSslContext")
        private CasSSLContext casSslContext;

        public SystemSslContext() {
        }

        @Test
        public void verifyOperation() throws Exception {
            Assertions.assertThrows(Exception.class, () -> {
                SharedTestConfiguration.contactUrl("https://self-signed.badssl.com", this.casSslContext);
            });
        }
    }
}
