package org.neo4j.driver.integration;

import io.netty.bootstrap.Bootstrap;
import io.netty.channel.Channel;
import io.netty.channel.ChannelFuture;
import io.netty.channel.ChannelPipeline;
import io.netty.handler.ssl.SslHandler;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.net.ServerSocket;
import java.security.GeneralSecurityException;
import java.util.Objects;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import org.hamcrest.Matchers;
import org.hamcrest.junit.MatcherAssert;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.RegisterExtension;
import org.neo4j.driver.AuthTokenManager;
import org.neo4j.driver.AuthTokens;
import org.neo4j.driver.NotificationConfig;
import org.neo4j.driver.RevocationCheckingStrategy;
import org.neo4j.driver.exceptions.AuthenticationException;
import org.neo4j.driver.exceptions.ServiceUnavailableException;
import org.neo4j.driver.internal.BoltServerAddress;
import org.neo4j.driver.internal.ConnectionSettings;
import org.neo4j.driver.internal.DefaultDomainNameResolver;
import org.neo4j.driver.internal.async.connection.BootstrapFactory;
import org.neo4j.driver.internal.async.connection.ChannelConnectorImpl;
import org.neo4j.driver.internal.async.inbound.ConnectTimeoutHandler;
import org.neo4j.driver.internal.cluster.RoutingContext;
import org.neo4j.driver.internal.logging.DevNullLogging;
import org.neo4j.driver.internal.security.SecurityPlan;
import org.neo4j.driver.internal.security.SecurityPlanImpl;
import org.neo4j.driver.internal.security.StaticAuthTokenManager;
import org.neo4j.driver.internal.util.DisabledOnNeo4jWith;
import org.neo4j.driver.internal.util.FakeClock;
import org.neo4j.driver.internal.util.Neo4jFeature;
import org.neo4j.driver.testutil.DatabaseExtension;
import org.neo4j.driver.testutil.ParallelizableIT;
import org.neo4j.driver.testutil.TestUtil;

@ParallelizableIT
/* loaded from: input_file:org/neo4j/driver/integration/ChannelConnectorImplIT.class */
class ChannelConnectorImplIT {

    @RegisterExtension
    static final DatabaseExtension neo4j = new DatabaseExtension();
    private Bootstrap bootstrap;

    ChannelConnectorImplIT() {
    }

    @BeforeEach
    void setUp() {
        this.bootstrap = BootstrapFactory.newBootstrap(1);
    }

    @AfterEach
    void tearDown() {
        if (this.bootstrap != null) {
            this.bootstrap.config().group().shutdownGracefully().syncUninterruptibly();
        }
    }

    @Test
    void shouldConnect() throws Exception {
        ChannelFuture connect = newConnector(neo4j.authTokenManager()).connect(neo4j.address(), this.bootstrap);
        Assertions.assertTrue(connect.await(10L, TimeUnit.SECONDS));
        Channel channel = connect.channel();
        Assertions.assertNull(connect.get());
        Assertions.assertTrue(channel.isActive());
    }

    @Test
    void shouldSetupHandlers() throws Exception {
        ChannelFuture connect = newConnector(neo4j.authTokenManager(), trustAllCertificates(), 10000).connect(neo4j.address(), this.bootstrap);
        Assertions.assertTrue(connect.await(10L, TimeUnit.SECONDS));
        Channel channel = connect.channel();
        ChannelPipeline pipeline = channel.pipeline();
        Assertions.assertTrue(channel.isActive());
        Assertions.assertNotNull(pipeline.get(SslHandler.class));
        Assertions.assertNull(pipeline.get(ConnectTimeoutHandler.class));
    }

    @Test
    void shouldFailToConnectToWrongAddress() throws Exception {
        ChannelFuture connect = newConnector(neo4j.authTokenManager()).connect(new BoltServerAddress("wrong-localhost"), this.bootstrap);
        Assertions.assertTrue(connect.await(10L, TimeUnit.SECONDS));
        Channel channel = connect.channel();
        Objects.requireNonNull(connect);
        ExecutionException executionException = (ExecutionException) Assertions.assertThrows(ExecutionException.class, connect::get);
        MatcherAssert.assertThat(executionException.getCause(), Matchers.instanceOf(ServiceUnavailableException.class));
        MatcherAssert.assertThat(executionException.getCause().getMessage(), Matchers.startsWith("Unable to connect"));
        Assertions.assertFalse(channel.isActive());
    }

    @DisabledOnNeo4jWith(Neo4jFeature.BOLT_V51)
    @Test
    void shouldFailToConnectWithWrongCredentials() throws Exception {
        ChannelFuture connect = newConnector(new StaticAuthTokenManager(AuthTokens.basic("neo4j", "wrong-password"))).connect(neo4j.address(), this.bootstrap);
        Assertions.assertTrue(connect.await(10L, TimeUnit.SECONDS));
        Channel channel = connect.channel();
        Objects.requireNonNull(connect);
        MatcherAssert.assertThat(((ExecutionException) Assertions.assertThrows(ExecutionException.class, connect::get)).getCause(), Matchers.instanceOf(AuthenticationException.class));
        Assertions.assertFalse(channel.isActive());
    }

    @Test
    void shouldEnforceConnectTimeout() throws Exception {
        ChannelFuture connect = newConnector(neo4j.authTokenManager(), 1000).connect(new BoltServerAddress("10.0.0.0"), this.bootstrap);
        Assertions.assertThrows(ServiceUnavailableException.class, () -> {
            TestUtil.await(connect);
        });
    }

    @Test
    void shouldFailWhenProtocolNegotiationTakesTooLong() throws Exception {
        testReadTimeoutOnConnect(SecurityPlanImpl.insecure());
    }

    @Test
    void shouldFailWhenTLSHandshakeTakesTooLong() throws Exception {
        testReadTimeoutOnConnect(trustAllCertificates());
    }

    @Test
    void shouldThrowServiceUnavailableExceptionOnFailureDuringConnect() throws Exception {
        ServerSocket serverSocket = new ServerSocket(0);
        BoltServerAddress boltServerAddress = new BoltServerAddress("localhost", serverSocket.getLocalPort());
        CompletableFuture.runAsync(() -> {
            try {
                serverSocket.accept().close();
                serverSocket.close();
            } catch (IOException e) {
                throw new UncheckedIOException(e);
            }
        });
        ChannelFuture connect = newConnector(neo4j.authTokenManager()).connect(boltServerAddress, this.bootstrap);
        Assertions.assertThrows(ServiceUnavailableException.class, () -> {
            TestUtil.await(connect);
        });
    }

    private void testReadTimeoutOnConnect(SecurityPlan securityPlan) throws IOException {
        ServerSocket serverSocket = new ServerSocket(0);
        try {
            ChannelFuture connect = newConnector(neo4j.authTokenManager(), securityPlan, 1000).connect(new BoltServerAddress("localhost", serverSocket.getLocalPort()), this.bootstrap);
            Assertions.assertEquals(Assertions.assertThrows(ServiceUnavailableException.class, () -> {
                TestUtil.await(connect);
            }).getMessage(), "Unable to establish connection in " + 1000 + "ms");
            serverSocket.close();
        } catch (Throwable th) {
            try {
                serverSocket.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private ChannelConnectorImpl newConnector(AuthTokenManager authTokenManager) throws Exception {
        return newConnector(authTokenManager, Integer.MAX_VALUE);
    }

    private ChannelConnectorImpl newConnector(AuthTokenManager authTokenManager, int i) throws Exception {
        return newConnector(authTokenManager, trustAllCertificates(), i);
    }

    private ChannelConnectorImpl newConnector(AuthTokenManager authTokenManager, SecurityPlan securityPlan, int i) {
        return new ChannelConnectorImpl(new ConnectionSettings(authTokenManager, "test", i), securityPlan, DevNullLogging.DEV_NULL_LOGGING, new FakeClock(), RoutingContext.EMPTY, DefaultDomainNameResolver.getInstance(), (NotificationConfig) null);
    }

    private static SecurityPlan trustAllCertificates() throws GeneralSecurityException {
        return SecurityPlanImpl.forAllCertificates(false, RevocationCheckingStrategy.NO_CHECKS);
    }
}
