package io.airlift.http.server;

import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableSet;
import com.google.common.io.Closer;
import com.google.common.io.Resources;
import com.google.common.net.HostAndPort;
import io.airlift.event.client.NullEventClient;
import io.airlift.http.client.HttpClientConfig;
import io.airlift.http.client.Request;
import io.airlift.http.client.StatusResponseHandler;
import io.airlift.http.client.jetty.JettyHttpClient;
import io.airlift.http.server.HttpServer;
import io.airlift.node.NodeConfig;
import io.airlift.node.NodeInfo;
import io.airlift.tracetoken.TraceTokenManager;
import jakarta.servlet.http.HttpServlet;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.InetAddress;
import java.net.URI;
import java.net.UnknownHostException;
import java.nio.charset.StandardCharsets;
import java.util.List;
import java.util.Optional;
import org.assertj.core.api.Assertions;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:io/airlift/http/server/TestJettyMultipleCerts.class */
public class TestJettyMultipleCerts {
    @Test
    public void test() throws Exception {
        HttpServlet httpServlet = new HttpServlet() { // from class: io.airlift.http.server.TestJettyMultipleCerts.1
            protected void service(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
                httpServletResponse.setStatus(200);
                httpServletResponse.getOutputStream().write((httpServletRequest.getServerName() + " OK").getBytes(StandardCharsets.UTF_8));
            }
        };
        HttpServerConfig httpsEnabled = new HttpServerConfig().setLogEnabled(false).setHttpEnabled(false).setHttpPort(0).setHttpsEnabled(true);
        HttpsConfig keystorePassword = new HttpsConfig().setHttpsPort(0).setKeystorePath(Resources.getResource("multiple-certs/server.p12").getPath()).setKeystorePassword("airlift");
        HashLoginServiceProvider hashLoginServiceProvider = new HashLoginServiceProvider(httpsEnabled);
        NodeInfo nodeInfo = new NodeInfo(new NodeConfig().setEnvironment("test").setNodeInternalAddress("localhost"));
        HttpServerInfo httpServerInfo = new HttpServerInfo(httpsEnabled, Optional.of(keystorePassword), nodeInfo);
        HttpServerProvider httpServerProvider = new HttpServerProvider(httpServerInfo, nodeInfo, httpsEnabled, Optional.of(keystorePassword), httpServlet, ImmutableSet.of(new DummyFilter()), ImmutableSet.of(), ImmutableSet.of(), false, false, false, HttpServer.ClientCertificate.NONE, new RequestStats(), new NullEventClient(), Optional.empty());
        httpServerProvider.setTheAdminServlet(new DummyServlet());
        httpServerProvider.setLoginService(hashLoginServiceProvider.get());
        httpServerProvider.setTokenManager(new TraceTokenManager());
        Closer create = Closer.create();
        try {
            HttpServer httpServer = httpServerProvider.get();
            create.register(() -> {
                try {
                    httpServer.stop();
                } catch (Exception e) {
                }
            });
            httpServer.start();
            JettyHttpClient jettyHttpClient = new JettyHttpClient(new HttpClientConfig().setTrustStorePath(Resources.getResource("multiple-certs/server.p12").getPath()).setTrustStorePassword("airlift"));
            create.register(jettyHttpClient);
            int port = httpServerInfo.getHttpsUri().getPort();
            tryHost(jettyHttpClient, HostAndPort.fromParts("localhost", port));
            for (String str : List.of("127.0.0.1", "::1")) {
                Assertions.assertThatThrownBy(() -> {
                    tryHost(jettyHttpClient, HostAndPort.fromParts(str, port));
                }).hasMessageStartingWith(str + " Failed communicating with server").hasRootCauseMessage("No subject alternative names present");
            }
            for (String str2 : List.of("single1", "single2", "single3", "single4")) {
                if (doesDomainResolveToLocalhost(str2)) {
                    tryHost(jettyHttpClient, HostAndPort.fromParts(str2, port));
                }
            }
            if (create != null) {
                create.close();
            }
        } catch (Throwable th) {
            if (create != null) {
                try {
                    create.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private static boolean doesDomainResolveToLocalhost(String str) {
        try {
            return ImmutableList.copyOf(InetAddress.getAllByName(str)).contains(InetAddress.getByAddress(new byte[]{Byte.MAX_VALUE, 0, 0, 1}));
        } catch (UnknownHostException e) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void tryHost(JettyHttpClient jettyHttpClient, HostAndPort hostAndPort) {
        try {
            Assertions.assertThat(((StatusResponseHandler.StatusResponse) jettyHttpClient.execute(Request.Builder.prepareGet().setUri(URI.create("https://" + String.valueOf(hostAndPort))).build(), StatusResponseHandler.createStatusResponseHandler())).getStatusCode()).isEqualTo(200);
        } catch (Exception e) {
            throw new RuntimeException(hostAndPort.getHost() + " " + e.getMessage(), e);
        }
    }
}
