package org.neo4j.causalclustering.discovery;

import java.io.IOException;
import java.io.PrintWriter;
import java.net.URISyntaxException;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.client.HttpClient;
import org.eclipse.jetty.http.HttpHeader;
import org.eclipse.jetty.http.MimeTypes;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.hamcrest.Matchers;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.neo4j.causalclustering.core.CausalClusteringSettings;
import org.neo4j.causalclustering.discovery.KubernetesResolver;
import org.neo4j.helpers.AdvertisedSocketAddress;
import org.neo4j.kernel.configuration.Config;
import org.neo4j.logging.AssertableLogProvider;
import org.neo4j.logging.internal.SimpleLogService;
import org.neo4j.ports.allocation.PortAuthority;
import org.neo4j.ssl.SslResourceBuilder;
import org.neo4j.test.rule.TestDirectory;

/* loaded from: input_file:org/neo4j/causalclustering/discovery/KubernetesResolverIT.class */
public class KubernetesResolverIT {

    @Rule
    public ExpectedException expected = ExpectedException.none();

    @Rule
    public TestDirectory testDir = TestDirectory.testDirectory();
    private final int port = PortAuthority.allocatePort();
    private final AssertableLogProvider logProvider = new AssertableLogProvider();
    private final AssertableLogProvider userLogProvider = new AssertableLogProvider();
    private final String testPortName = "test-port-name";
    private final String testServiceName = "test-service-name";
    private final int testPortNumber = 4313;
    private final String testNamespace = "test-namespace";
    private final String testLabelSelector = "test-label-selector";
    private final String testAuthToken = "Oh go on then";
    private final Config config = Config.builder().withSetting(CausalClusteringSettings.kubernetes_address, "localhost:" + this.port).withSetting(CausalClusteringSettings.kubernetes_label_selector, "test-label-selector").withSetting(CausalClusteringSettings.kubernetes_service_port_name, "test-port-name").build();
    private AdvertisedSocketAddress expectedAddress = new AdvertisedSocketAddress(String.format("%s.%s.svc.cluster.local", "test-service-name", "test-namespace"), 4313);
    private final HttpClient httpClient = new HttpClient(new SslContextFactory(true));
    private final HostnameResolver resolver = new KubernetesResolver.KubernetesClient(new SimpleLogService(this.userLogProvider, this.logProvider), this.httpClient, "Oh go on then", "test-namespace", this.config, MultiRetryStrategyTest.testRetryStrategy(1));

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/neo4j/causalclustering/discovery/KubernetesResolverIT$FakeKubernetesHandler.class */
    public static class FakeKubernetesHandler extends AbstractHandler {
        private final String expectedNamespace;
        private final String expectedLabelSelector;
        private final String expectedAuthToken;
        private final String body;

        private FakeKubernetesHandler(String str, String str2, String str3, String str4) {
            this.expectedNamespace = str;
            this.expectedLabelSelector = str2;
            this.expectedAuthToken = str3;
            this.body = str4;
        }

        public void handle(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
            PrintWriter writer = httpServletResponse.getWriter();
            httpServletResponse.setContentType(MimeTypes.Type.APPLICATION_JSON.asString());
            String pathInfo = httpServletRequest.getPathInfo();
            String format = String.format("/api/v1/namespaces/%s/services", this.expectedNamespace);
            String parameter = httpServletRequest.getParameter("labelSelector");
            String header = httpServletRequest.getHeader(HttpHeader.AUTHORIZATION.name());
            String str2 = "Bearer " + this.expectedAuthToken;
            if (!format.equals(pathInfo)) {
                httpServletResponse.setStatus(400);
                writer.println(fail("Unexpected path: " + pathInfo));
            } else if (!this.expectedLabelSelector.equals(parameter)) {
                httpServletResponse.setStatus(400);
                writer.println(fail("Unexpected labelSelector: " + parameter));
            } else if (!str2.equals(header)) {
                httpServletResponse.setStatus(400);
                writer.println(fail("Unexpected auth header value: " + header));
            } else if ("GET".equals(httpServletRequest.getMethod())) {
                httpServletResponse.setStatus(200);
                if (this.body != null) {
                    writer.println(this.body);
                }
            } else {
                httpServletResponse.setStatus(400);
                writer.println(fail("Unexpected method: " + httpServletRequest.getMethod()));
            }
            request.setHandled(true);
        }

        private String fail(String str) {
            return String.format("{ \"kind\": \"Status\", \"message\": \"%s\"}", str);
        }
    }

    @Test
    public void shouldResolveAddressesFromApiReturningShortJson() throws Throwable {
        withServer(shortJson(), () -> {
            Assert.assertThat(this.resolver.resolve((AdvertisedSocketAddress) null), Matchers.contains(new AdvertisedSocketAddress[]{this.expectedAddress}));
        });
    }

    @Test
    public void shouldResolveAddressesFromApiReturningLongJson() throws Throwable {
        withServer(longJson(), () -> {
            Assert.assertThat(this.resolver.resolve((AdvertisedSocketAddress) null), Matchers.contains(new AdvertisedSocketAddress[]{this.expectedAddress}));
        });
    }

    @Test
    public void shouldLogResolvedAddressesToUserLog() throws Throwable {
        withServer(longJson(), () -> {
            this.resolver.resolve((AdvertisedSocketAddress) null);
            this.userLogProvider.assertContainsMessageContaining("Resolved %s from Kubernetes API at %s namespace %s labelSelector %s");
        });
    }

    @Test
    public void shouldLogEmptyAddressesToDebugLog() throws Throwable {
        withServer("{ \"kind\":\"ServiceList\", \"items\":[] }", () -> {
            this.resolver.resolve((AdvertisedSocketAddress) null);
            this.logProvider.assertContainsMessageContaining("Resolved empty hosts from Kubernetes API at %s namespace %s labelSelector %s");
        });
    }

    @Test
    public void shouldLogParseErrorToDebugLog() throws Throwable {
        withServer("{}", () -> {
            this.resolver.resolve((AdvertisedSocketAddress) null);
            this.logProvider.assertContainsMessageContaining("Failed to parse result from Kubernetes API");
        });
    }

    @Test
    public void shouldReportFailureDueToAuth() throws Throwable {
        this.expected.expect(IllegalStateException.class);
        this.expected.expectMessage("Forbidden");
        withServer(failJson(), () -> {
            this.resolver.resolve((AdvertisedSocketAddress) null);
        });
    }

    public void withServer(String str, Runnable runnable) throws Exception {
        Server up = setUp(str);
        try {
            runnable.run();
            tearDown(up);
        } catch (Throwable th) {
            tearDown(up);
            throw th;
        }
    }

    private String failJson() throws IOException, URISyntaxException {
        return readJsonFile("authFail.json");
    }

    private String shortJson() throws IOException, URISyntaxException {
        return readJsonFile("short.json");
    }

    private String longJson() throws IOException, URISyntaxException {
        return readJsonFile("long.json");
    }

    private String readJsonFile(String str) throws IOException, URISyntaxException {
        return String.format((String) Files.lines(Paths.get(getClass().getResource("/org.neo4j.causalclustering.discovery/" + str).toURI())).collect(Collectors.joining("\n")), "test-service-name", "test-port-name", 4313);
    }

    private Server setUp(String str) throws Exception {
        Server server = new Server();
        server.setHandler(new FakeKubernetesHandler("test-namespace", "test-label-selector", "Oh go on then", str));
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.addCustomizer(new SecureRequestCustomizer());
        KeyStore keyStore = org.neo4j.ssl.SslContextFactory.makeSslPolicy(SslResourceBuilder.selfSignedKeyId(0).trustKeyId(1).install(this.testDir.directory("k8s"))).getKeyStore("key store pass".toCharArray(), "private key pass".toCharArray());
        SslContextFactory sslContextFactory = new SslContextFactory();
        sslContextFactory.setKeyStore(keyStore);
        sslContextFactory.setKeyStorePassword("key store pass");
        sslContextFactory.setKeyManagerPassword("private key pass");
        Connector serverConnector = new ServerConnector(server, new ConnectionFactory[]{new SslConnectionFactory(sslContextFactory, "http/1.1"), new HttpConnectionFactory(httpConfiguration)});
        serverConnector.setPort(this.port);
        server.setConnectors(new Connector[]{serverConnector});
        server.start();
        this.httpClient.start();
        return server;
    }

    private void tearDown(Server server) throws Exception {
        this.httpClient.stop();
        server.stop();
    }
}
