package org.graylog.integrations.aws.service;

import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.graylog.integrations.aws.AWSMessageType;
import org.graylog.integrations.aws.resources.requests.AWSInputCreateRequest;
import org.graylog.integrations.aws.resources.responses.AWSRegion;
import org.graylog.integrations.aws.resources.responses.AvailableService;
import org.graylog.integrations.aws.resources.responses.AvailableServiceResponse;
import org.graylog.integrations.aws.resources.responses.KinesisPermissionsResponse;
import org.graylog.testing.completebackend.apis.GraylogRestApi;
import org.graylog2.inputs.Input;
import org.graylog2.inputs.InputServiceImpl;
import org.graylog2.plugin.database.users.User;
import org.graylog2.plugin.inputs.MessageInput;
import org.graylog2.plugin.system.NodeId;
import org.graylog2.plugin.system.SimpleNodeId;
import org.graylog2.rest.models.system.inputs.requests.InputCreateRequest;
import org.graylog2.security.encryption.EncryptedValue;
import org.graylog2.shared.bindings.providers.ObjectMapperProvider;
import org.graylog2.shared.inputs.MessageInputFactory;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.mockito.ArgumentCaptor;
import org.mockito.ArgumentMatchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.junit.MockitoJUnit;
import org.mockito.junit.MockitoRule;
import software.amazon.awssdk.regions.Region;

/* loaded from: input_file:org/graylog/integrations/aws/service/AWSServiceTest.class */
public class AWSServiceTest {

    @Rule
    public MockitoRule mockitoRule = MockitoJUnit.rule();
    private final NodeId nodeId = new SimpleNodeId("5ca1ab1e-0000-4000-a000-000000000000");
    private AWSService awsService;

    @Mock
    private InputServiceImpl inputService;

    @Mock
    private User user;

    @Mock
    private MessageInput messageInput;

    @Mock
    MessageInputFactory messageInputFactory;

    @Mock
    EncryptedValue encryptedValue;

    @Before
    public void setUp() {
        this.awsService = new AWSService(this.inputService, this.messageInputFactory, this.nodeId, new ObjectMapperProvider().get());
    }

    @Test
    public void testSaveInput() throws Exception {
        Mockito.when(this.inputService.create((Map) ArgumentMatchers.isA(HashMap.class))).thenCallRealMethod();
        Mockito.when(this.inputService.save((Input) ArgumentMatchers.isA(Input.class))).thenReturn("input-id");
        Mockito.when(this.user.getName()).thenReturn("a-user-name");
        Mockito.when(this.messageInputFactory.create((InputCreateRequest) ArgumentMatchers.isA(InputCreateRequest.class), (String) ArgumentMatchers.isA(String.class), (String) ArgumentMatchers.isA(String.class))).thenReturn(this.messageInput);
        this.awsService.saveInput(((AWSInputCreateRequest.Builder) ((AWSInputCreateRequest.Builder) ((AWSInputCreateRequest.Builder) AWSInputCreateRequest.builder().region(Region.US_EAST_1.id())).awsAccessKeyId("a-key")).awsSecretAccessKey(this.encryptedValue)).name("AWS Input").awsMessageType(AWSMessageType.KINESIS_CLOUDWATCH_FLOW_LOGS.toString()).streamName("a-stream").batchSize(GraylogRestApi.TIMEOUT_MS).addFlowLogPrefix(true).throttlingAllowed(true).build(), this.user);
        ArgumentCaptor forClass = ArgumentCaptor.forClass(InputCreateRequest.class);
        ((MessageInputFactory) Mockito.verify(this.messageInputFactory, Mockito.times(1))).create((InputCreateRequest) forClass.capture(), (String) ArgumentMatchers.eq("a-user-name"), (String) ArgumentMatchers.eq("5ca1ab1e-0000-4000-a000-000000000000"));
        InputCreateRequest inputCreateRequest = (InputCreateRequest) forClass.getValue();
        Assert.assertEquals("AWS Input", inputCreateRequest.title());
        Assert.assertEquals("org.graylog.integrations.aws.inputs.AWSInput", inputCreateRequest.type());
        Assert.assertTrue(inputCreateRequest.global());
        Assert.assertEquals("us-east-1", inputCreateRequest.configuration().get("aws_region"));
        Assert.assertEquals("KINESIS_CLOUDWATCH_FLOW_LOGS", inputCreateRequest.configuration().get("aws_message_type"));
        Assert.assertEquals("a-key", inputCreateRequest.configuration().get("aws_access_key"));
        Assert.assertEquals(this.encryptedValue, inputCreateRequest.configuration().get("aws_secret_key"));
        Assert.assertEquals("us-east-1", inputCreateRequest.configuration().get("aws_region"));
        Assert.assertEquals("a-stream", inputCreateRequest.configuration().get("kinesis_stream_name"));
        Assert.assertEquals(Integer.valueOf(GraylogRestApi.TIMEOUT_MS), inputCreateRequest.configuration().get("kinesis_record_batch_size"));
    }

    @Test
    public void regionTest() {
        List regions = this.awsService.getAvailableRegions().regions();
        boolean z = false;
        Iterator it = regions.iterator();
        while (it.hasNext()) {
            if (((AWSRegion) it.next()).regionId().equals("eu-west-2")) {
                z = true;
            }
        }
        Assert.assertTrue(z);
        Assert.assertTrue(regions.stream().anyMatch(aWSRegion -> {
            return aWSRegion.displayValue().equals("Europe (Stockholm): eu-north-1");
        }));
        Assert.assertTrue("There should be at least 34 total regions.", regions.size() >= 34);
    }

    @Test
    public void testAvailableServices() {
        AvailableServiceResponse availableServices = this.awsService.getAvailableServices();
        Assert.assertEquals(1L, availableServices.total());
        Assert.assertEquals(1L, availableServices.services().size());
        Assert.assertTrue(availableServices.services().stream().anyMatch(availableService -> {
            return availableService.name().equals("CloudWatch");
        }));
        String policy = ((AvailableService) availableServices.services().get(0)).policy();
        Assert.assertTrue(policy.contains("cloudwatch"));
        Assert.assertTrue(policy.contains("dynamodb"));
        Assert.assertTrue(policy.contains("ec2"));
        Assert.assertTrue(policy.contains("elasticloadbalancing"));
        Assert.assertTrue(policy.contains("kinesis"));
    }

    @Test
    public void testPermissions() {
        KinesisPermissionsResponse permissions = this.awsService.getPermissions();
        Assert.assertTrue(permissions.setupPolicy().contains("cloudwatch"));
        Assert.assertTrue(permissions.setupPolicy().contains("dynamodb"));
        Assert.assertTrue(permissions.setupPolicy().contains("ec2"));
        Assert.assertTrue(permissions.setupPolicy().contains("elasticloadbalancing"));
        Assert.assertTrue(permissions.setupPolicy().contains("kinesis"));
        Assert.assertTrue(permissions.autoSetupPolicy().contains("CreateStream"));
        Assert.assertTrue(permissions.autoSetupPolicy().contains("DescribeSubscriptionFilters"));
        Assert.assertTrue(permissions.autoSetupPolicy().contains("PutRecord"));
        Assert.assertTrue(permissions.autoSetupPolicy().contains("RegisterStreamConsumer"));
    }
}
