package org.neo4j.kernel.configuration.ssl;

import java.io.File;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import org.junit.Assert;
import org.junit.Rule;
import org.junit.Test;
import org.neo4j.graphdb.factory.GraphDatabaseSettings;
import org.neo4j.helpers.collection.MapUtil;
import org.neo4j.kernel.configuration.Config;
import org.neo4j.ssl.ClientAuth;
import org.neo4j.test.rule.TestDirectory;

/* loaded from: input_file:org/neo4j/kernel/configuration/ssl/SslPolicyConfigTest.class */
public class SslPolicyConfigTest {

    @Rule
    public TestDirectory testDirectory = TestDirectory.testDirectory();

    @Test
    public void shouldFindPolicyDefaults() {
        Map stringMap = MapUtil.stringMap(new String[0]);
        SslPolicyConfig sslPolicyConfig = new SslPolicyConfig("XYZ");
        File directory = this.testDirectory.directory("home");
        stringMap.put(GraphDatabaseSettings.neo4j_home.name(), directory.getAbsolutePath());
        stringMap.put(sslPolicyConfig.base_directory.name(), "certificates/XYZ");
        Config defaults = Config.defaults(stringMap);
        File file = new File(directory, "certificates/XYZ/private.key");
        File file2 = new File(directory, "certificates/XYZ/public.crt");
        File file3 = new File(directory, "certificates/XYZ/trusted");
        File file4 = new File(directory, "certificates/XYZ/revoked");
        File file5 = (File) defaults.get(sslPolicyConfig.private_key);
        File file6 = (File) defaults.get(sslPolicyConfig.public_certificate);
        File file7 = (File) defaults.get(sslPolicyConfig.trusted_dir);
        File file8 = (File) defaults.get(sslPolicyConfig.revoked_dir);
        String str = (String) defaults.get(sslPolicyConfig.private_key_password);
        boolean booleanValue = ((Boolean) defaults.get(sslPolicyConfig.allow_key_generation)).booleanValue();
        boolean booleanValue2 = ((Boolean) defaults.get(sslPolicyConfig.trust_all)).booleanValue();
        List list = (List) defaults.get(sslPolicyConfig.tls_versions);
        List list2 = (List) defaults.get(sslPolicyConfig.ciphers);
        ClientAuth clientAuth = (ClientAuth) defaults.get(sslPolicyConfig.client_auth);
        Assert.assertEquals(file, file5);
        Assert.assertEquals(file2, file6);
        Assert.assertEquals(file3, file7);
        Assert.assertEquals(file4, file8);
        Assert.assertNull(str);
        Assert.assertFalse(booleanValue);
        Assert.assertFalse(booleanValue2);
        Assert.assertEquals(Collections.singletonList("TLSv1.2"), list);
        Assert.assertNull(list2);
        Assert.assertEquals(ClientAuth.REQUIRE, clientAuth);
    }

    @Test
    public void shouldFindPolicyOverrides() {
        Map stringMap = MapUtil.stringMap(new String[0]);
        SslPolicyConfig sslPolicyConfig = new SslPolicyConfig("XYZ");
        stringMap.put(GraphDatabaseSettings.neo4j_home.name(), this.testDirectory.directory("home").getAbsolutePath());
        stringMap.put(sslPolicyConfig.base_directory.name(), "certificates/XYZ");
        File directory = this.testDirectory.directory("/path/to/my.key");
        File directory2 = this.testDirectory.directory("/path/to/my.crt");
        File directory3 = this.testDirectory.directory("/some/other/path/to/trusted");
        File directory4 = this.testDirectory.directory("/some/other/path/to/revoked");
        stringMap.put(sslPolicyConfig.private_key.name(), directory.getAbsolutePath());
        stringMap.put(sslPolicyConfig.public_certificate.name(), directory2.getAbsolutePath());
        stringMap.put(sslPolicyConfig.trusted_dir.name(), directory3.getAbsolutePath());
        stringMap.put(sslPolicyConfig.revoked_dir.name(), directory4.getAbsolutePath());
        stringMap.put(sslPolicyConfig.allow_key_generation.name(), "true");
        stringMap.put(sslPolicyConfig.trust_all.name(), "true");
        stringMap.put(sslPolicyConfig.private_key_password.name(), "setecastronomy");
        stringMap.put(sslPolicyConfig.tls_versions.name(), "TLSv1.1,TLSv1.2");
        stringMap.put(sslPolicyConfig.ciphers.name(), "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384");
        stringMap.put(sslPolicyConfig.client_auth.name(), "optional");
        Config defaults = Config.defaults(stringMap);
        File file = (File) defaults.get(sslPolicyConfig.private_key);
        File file2 = (File) defaults.get(sslPolicyConfig.public_certificate);
        File file3 = (File) defaults.get(sslPolicyConfig.trusted_dir);
        File file4 = (File) defaults.get(sslPolicyConfig.revoked_dir);
        String str = (String) defaults.get(sslPolicyConfig.private_key_password);
        boolean booleanValue = ((Boolean) defaults.get(sslPolicyConfig.allow_key_generation)).booleanValue();
        boolean booleanValue2 = ((Boolean) defaults.get(sslPolicyConfig.trust_all)).booleanValue();
        List list = (List) defaults.get(sslPolicyConfig.tls_versions);
        List list2 = (List) defaults.get(sslPolicyConfig.ciphers);
        ClientAuth clientAuth = (ClientAuth) defaults.get(sslPolicyConfig.client_auth);
        Assert.assertEquals(directory, file);
        Assert.assertEquals(directory2, file2);
        Assert.assertEquals(directory3, file3);
        Assert.assertEquals(directory4, file4);
        Assert.assertTrue(booleanValue);
        Assert.assertTrue(booleanValue2);
        Assert.assertEquals("setecastronomy", str);
        Assert.assertEquals(Arrays.asList("TLSv1.1", "TLSv1.2"), list);
        Assert.assertEquals(Arrays.asList("TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"), list2);
        Assert.assertEquals(ClientAuth.OPTIONAL, clientAuth);
    }

    @Test
    public void shouldFailWithIncompletePathOverrides() {
        Map stringMap = MapUtil.stringMap(new String[0]);
        SslPolicyConfig sslPolicyConfig = new SslPolicyConfig("XYZ");
        stringMap.put(GraphDatabaseSettings.neo4j_home.name(), this.testDirectory.directory("home").getAbsolutePath());
        stringMap.put(sslPolicyConfig.base_directory.name(), "certificates");
        stringMap.put(sslPolicyConfig.private_key.name(), "my.key");
        stringMap.put(sslPolicyConfig.public_certificate.name(), "path/to/my.crt");
        Config defaults = Config.defaults(stringMap);
        try {
            defaults.get(sslPolicyConfig.private_key);
            Assert.fail();
        } catch (IllegalArgumentException e) {
        }
        try {
            defaults.get(sslPolicyConfig.public_certificate);
            Assert.fail();
        } catch (IllegalArgumentException e2) {
        }
    }
}
