package org.springframework.cloud.gateway.test.ssl;

import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
import java.security.KeyStore;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLException;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.web.server.WebServerException;
import org.springframework.http.client.reactive.ReactorClientHttpConnector;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ActiveProfiles;
import org.springframework.util.ResourceUtils;
import reactor.netty.http.client.HttpClient;

@SpringBootTest(webEnvironment = SpringBootTest.WebEnvironment.RANDOM_PORT)
@DirtiesContext
@ActiveProfiles({"client-auth-ssl"})
/* loaded from: input_file:org/springframework/cloud/gateway/test/ssl/ClientCertAuthSSLTests.class */
public class ClientCertAuthSSLTests extends SingleCertSSLTests {

    @Value("${spring.cloud.gateway.httpclient.ssl.key-store}")
    private String keyStore;

    @Value("${spring.cloud.gateway.httpclient.ssl.key-store-password}")
    private String keyStorePassword;

    @Value("${spring.cloud.gateway.httpclient.ssl.key-password}")
    private String keyPassword;

    @Override // org.springframework.cloud.gateway.test.ssl.SingleCertSSLTests, org.springframework.cloud.gateway.test.BaseWebClientTests
    @BeforeEach
    public void setup() throws Exception {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        try {
            keyStore.load(ResourceUtils.getURL(this.keyStore).openStream(), this.keyStorePassword != null ? this.keyStorePassword.toCharArray() : null);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            char[] charArray = this.keyPassword != null ? this.keyPassword.toCharArray() : null;
            if (charArray == null && this.keyStorePassword != null) {
                charArray = this.keyStorePassword.toCharArray();
            }
            keyManagerFactory.init(keyStore, charArray);
            try {
                SslContext build = SslContextBuilder.forClient().trustManager(InsecureTrustManagerFactory.INSTANCE).keyManager(keyManagerFactory).build();
                setup(new ReactorClientHttpConnector(HttpClient.create().secure(sslContextSpec -> {
                    sslContextSpec.sslContext(build);
                })), "https://localhost:" + this.port);
            } catch (SSLException e) {
                throw new RuntimeException(e);
            }
        } catch (Exception e2) {
            throw new WebServerException("Could not load key store ' " + this.keyStore + "'", e2);
        }
    }

    @Override // org.springframework.cloud.gateway.test.ssl.SingleCertSSLTests
    @Test
    public void testSslTrust() {
        this.testClient.get().uri("/ssltrust", new Object[0]).exchange().expectStatus().is2xxSuccessful();
    }
}
