package org.neo4j.driver.integration;

import java.io.File;
import java.util.function.Supplier;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;
import org.neo4j.driver.Config;
import org.neo4j.driver.Driver;
import org.neo4j.driver.GraphDatabase;
import org.neo4j.driver.Session;
import org.neo4j.driver.exceptions.SecurityException;
import org.neo4j.driver.util.CertificateExtension;
import org.neo4j.driver.util.CertificateToolUtil;
import org.neo4j.driver.util.DatabaseExtension;
import org.neo4j.driver.util.ParallelizableIT;

@ParallelizableIT
/* loaded from: input_file:org/neo4j/driver/integration/TrustCustomCertificateIT.class */
class TrustCustomCertificateIT {

    @RegisterExtension
    static final DatabaseExtension neo4j = new CertificateExtension();

    TrustCustomCertificateIT() {
    }

    @Test
    void shouldAcceptServerWithCertificateSignedByDriverCertificate() throws Throwable {
        CertificateToolUtil.CertificateKeyPair<File, File> createNewCertificateAndKey = CertificateToolUtil.createNewCertificateAndKey();
        CertificateToolUtil.CertificateKeyPair<File, File> createNewCertificateAndKeySignedBy = CertificateToolUtil.createNewCertificateAndKeySignedBy(createNewCertificateAndKey);
        neo4j.updateEncryptionKeyAndCert(createNewCertificateAndKeySignedBy.key(), createNewCertificateAndKeySignedBy.cert());
        shouldBeAbleToRunCypher(() -> {
            return createDriverWithCustomCertificate((File) createNewCertificateAndKey.cert());
        });
    }

    @Test
    void shouldAcceptServerWithSameCertificate() throws Throwable {
        shouldBeAbleToRunCypher(() -> {
            return createDriverWithCustomCertificate(neo4j.tlsCertFile());
        });
    }

    @Test
    void shouldRejectServerWithUntrustedCertificate() throws Throwable {
        Driver createDriverWithCustomCertificate = createDriverWithCustomCertificate(CertificateToolUtil.createNewCertificateAndKey().cert());
        createDriverWithCustomCertificate.getClass();
        Assertions.assertThrows(SecurityException.class, createDriverWithCustomCertificate::verifyConnectivity);
    }

    private void shouldBeAbleToRunCypher(Supplier<Driver> supplier) {
        Driver driver = supplier.get();
        Throwable th = null;
        try {
            Session session = driver.session();
            Throwable th2 = null;
            try {
                try {
                    MatcherAssert.assertThat(Integer.valueOf(session.run("RETURN 1 as n").single().get("n").asInt()), CoreMatchers.equalTo(1));
                    if (session != null) {
                        if (0 != 0) {
                            try {
                                session.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            session.close();
                        }
                    }
                    if (driver != null) {
                        if (0 == 0) {
                            driver.close();
                            return;
                        }
                        try {
                            driver.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    }
                } catch (Throwable th5) {
                    th2 = th5;
                    throw th5;
                }
            } catch (Throwable th6) {
                if (session != null) {
                    if (th2 != null) {
                        try {
                            session.close();
                        } catch (Throwable th7) {
                            th2.addSuppressed(th7);
                        }
                    } else {
                        session.close();
                    }
                }
                throw th6;
            }
        } catch (Throwable th8) {
            if (driver != null) {
                if (0 != 0) {
                    try {
                        driver.close();
                    } catch (Throwable th9) {
                        th.addSuppressed(th9);
                    }
                } else {
                    driver.close();
                }
            }
            throw th8;
        }
    }

    private Driver createDriverWithCustomCertificate(File file) {
        return GraphDatabase.driver(neo4j.uri(), neo4j.authToken(), Config.builder().withEncryption().withTrustStrategy(Config.TrustStrategy.trustCustomCertificateSignedBy(file)).build());
    }
}
