package io.hyperfoil.tools.horreum.infra.common;

import io.hyperfoil.tools.horreum.infra.common.resources.KeycloakResource;
import io.hyperfoil.tools.horreum.infra.common.resources.PostgresResource;
import jakarta.ws.rs.client.ClientBuilder;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.Properties;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.jboss.logging.Logger;
import org.keycloak.admin.client.Keycloak;
import org.keycloak.admin.client.KeycloakBuilder;
import org.keycloak.representations.idm.ClientRepresentation;
import org.testcontainers.DockerClientFactory;
import org.testcontainers.containers.GenericContainer;
import org.testcontainers.containers.Network;
import org.testcontainers.containers.output.WaitingConsumer;
import org.testcontainers.utility.LogUtils;

/* loaded from: input_file:io/hyperfoil/tools/horreum/infra/common/HorreumResources.class */
public class HorreumResources {
    private static Keycloak keycloak;
    public static final String HORREUM_USERNAME;
    public static final String HORREUM_PASSWORD;
    private static final Network network;
    public static PostgresResource postgreSQLResource;
    public static KeycloakResource keycloakResource;
    private static final String HORREUM_REALM = System.getProperty("horreum.realm", "horreum");
    private static final String KEYCLOAK_REALM = System.getProperty("keycloak.realm", "master");
    private static final Integer ContainerStartTimeout = 60;
    private static final TimeUnit ContainerStartTimeoutUnit = TimeUnit.SECONDS;
    private static final Integer ContainerStartRetries = 1;
    private static final Logger log = Logger.getLogger(HorreumResources.class);
    public static Properties configProperties = new Properties();

    protected static String getProperty(String str) {
        String property = System.getProperty(str);
        if (property != null) {
            String trim = property.trim();
            if (!trim.isEmpty()) {
                return trim;
            }
        }
        String property2 = configProperties.getProperty(str);
        if (property2 == null) {
            throw new IllegalStateException("Missing property value for " + str);
        }
        return property2.trim();
    }

    public static Map<String, String> startContainers(Map<String, String> map) {
        HashMap hashMap = new HashMap(map);
        hashMap.put("inContainer", "true");
        hashMap.put("STOP_SIGNAL", "SIGKILL");
        Optional<Network> of = Optional.of(network);
        if (Boolean.parseBoolean(map.get(Const.HORREUM_DEV_POSTGRES_ENABLED))) {
            String property = getProperty("quarkus.datasource.password");
            hashMap.put("QUARKUS_DATASOURCE_PASSWORD", property);
            hashMap.put("QUARKUS_DATASOURCE_MIGRATION_PASSWORD", property);
            hashMap.put(Const.HORREUM_DEV_DB_DATABASE, "horreum");
            hashMap.put(Const.HORREUM_DEV_DB_USERNAME, Const.DEFAULT_DB_USERNAME);
            hashMap.put(Const.HORREUM_DEV_DB_PASSWORD, "secret");
            postgreSQLResource.init(hashMap);
            Map<String, String> start = postgreSQLResource.start(of);
            waitForContainerReady(postgreSQLResource.getContainer(), " database system is ready to accept connections");
            hashMap.putAll(start);
            hashMap.putAll(postgresCertificateProperties(map));
        }
        if (Boolean.parseBoolean(map.get(Const.HORREUM_DEV_KEYCLOAK_ENABLED))) {
            keycloakResource.init(hashMap);
            Map<String, String> start2 = keycloakResource.start(of);
            waitForContainerReady(keycloakResource.getContainer(), "started in");
            hashMap.put("keycloak.host", start2.get("keycloak.host"));
            hashMap.put("horreum.keycloak.url", start2.get("keycloak.host"));
            hashMap.put("quarkus.oidc.auth-server-url", start2.get("keycloak.host").concat("/realms/").concat(HORREUM_REALM));
            hashMap.putAll(oidcTruststoreProperties(map));
            keycloak = KeycloakBuilder.builder().serverUrl(start2.get("keycloak.host")).realm(KEYCLOAK_REALM).username(map.get(Const.HORREUM_DEV_KEYCLOAK_ADMIN_USERNAME)).password(map.get(Const.HORREUM_DEV_KEYCLOAK_ADMIN_PASSWORD)).clientId("admin-cli").resteasyClient(ClientBuilder.newBuilder().disableTrustManager().build()).build();
            try {
                String str = map.get("quarkus.http.port");
                String str2 = map.get("quarkus.http.host");
                ClientRepresentation clientRepresentation = (ClientRepresentation) keycloak.realm(HORREUM_REALM).clients().findByClientId("horreum-ui").get(0);
                clientRepresentation.getWebOrigins().add("http://".concat(str2).concat(":").concat(str));
                clientRepresentation.getRedirectUris().add("http://".concat(str2).concat(":").concat(str).concat("/*"));
                keycloak.realm(HORREUM_REALM).clients().get(clientRepresentation.getId()).update(clientRepresentation);
                hashMap.put("quarkus.oidc.credentials.secret", keycloak.realm(HORREUM_REALM).clients().get(((ClientRepresentation) keycloak.realm(HORREUM_REALM).clients().findByClientId("horreum").get(0)).getId()).getSecret().getValue());
            } catch (Exception e) {
                log.error("Unable to re-configure keycloak instance: ".concat(e.getLocalizedMessage()));
                throw new RuntimeException("Unable to re-configure keycloak instance: ".concat(e.getLocalizedMessage()));
            }
        }
        log.info("Waiting for test infrastructure to start");
        return hashMap;
    }

    public static void waitForContainerReady(GenericContainer<?> genericContainer, String str) {
        if (genericContainer == null) {
            throw new RuntimeException("No container!");
        }
        WaitingConsumer waitingConsumer = new WaitingConsumer();
        LogUtils.followOutput(DockerClientFactory.instance().client(), genericContainer.getContainerId(), waitingConsumer);
        try {
            waitingConsumer.waitUntil(outputFrame -> {
                return outputFrame.getUtf8String().contains(str);
            }, ContainerStartTimeout.intValue(), ContainerStartTimeoutUnit, ContainerStartRetries.intValue());
        } catch (TimeoutException e) {
            throw new RuntimeException("Timed out waiting for " + genericContainer.getContainerName() + " container to start");
        }
    }

    private static Map<String, String> postgresCertificateProperties(Map<String, String> map) {
        if (!map.containsKey(Const.HORREUM_DEV_POSTGRES_SSL_CERTIFICATE)) {
            return Collections.emptyMap();
        }
        try {
            File createTempFile = File.createTempFile("horreum-dev-postgres-", ".crt");
            createTempFile.deleteOnExit();
            FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
            try {
                fileOutputStream.write(map.get(Const.HORREUM_DEV_POSTGRES_SSL_CERTIFICATE).getBytes(StandardCharsets.UTF_8));
                fileOutputStream.close();
                return Map.of("quarkus.datasource.jdbc.sslrootcert", createTempFile.getAbsolutePath());
            } finally {
            }
        } catch (IOException e) {
            throw new RuntimeException("Could not write postgres certificate file", e);
        }
    }

    private static Map<String, String> oidcTruststoreProperties(Map<String, String> map) {
        return (map.containsKey(Const.HORREUM_DEV_KEYCLOAK_HTTPS_CERTIFICATE) && map.containsKey(Const.HORREUM_DEV_KEYCLOAK_HTTPS_CERTIFICATE_KEY)) ? Map.of("quarkus.oidc.tls.trust-store-file", createOidcPKCS12Store(map)) : Collections.emptyMap();
    }

    private static String createOidcPKCS12Store(Map<String, String> map) {
        try {
            File createTempFile = File.createTempFile("horreum-dev-keycloak-", ".pkcs12");
            createTempFile.deleteOnExit();
            X509CertificateHolder x509CertificateHolder = (X509CertificateHolder) new PEMParser(new StringReader(map.get(Const.HORREUM_DEV_KEYCLOAK_HTTPS_CERTIFICATE))).readObject();
            PEMKeyPair pEMKeyPair = (PEMKeyPair) new PEMParser(new StringReader(map.get(Const.HORREUM_DEV_KEYCLOAK_HTTPS_CERTIFICATE_KEY))).readObject();
            KeyStore keyStore = KeyStore.getInstance("PKCS12", (Provider) new BouncyCastleProvider());
            keyStore.load(null);
            keyStore.setKeyEntry("", new JcaPEMKeyConverter().getPrivateKey(pEMKeyPair.getPrivateKeyInfo()), null, new X509Certificate[]{new JcaX509CertificateConverter().getCertificate(x509CertificateHolder)});
            FileOutputStream fileOutputStream = new FileOutputStream(createTempFile);
            try {
                keyStore.store(fileOutputStream, "password".toCharArray());
                fileOutputStream.close();
                return createTempFile.getAbsolutePath();
            } finally {
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new RuntimeException("Could not write Keycloak HTTPS certificate", e);
        }
    }

    public static void stopContainers() {
        postgreSQLResource.stop();
        keycloakResource.stop();
    }

    public static Network getNetwork() {
        return network;
    }

    static {
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        try {
            InputStream resourceAsStream = contextClassLoader.getResourceAsStream("env.properties");
            try {
                InputStream resourceAsStream2 = contextClassLoader.getResourceAsStream("application.properties");
                try {
                    if (resourceAsStream == null) {
                        throw new RuntimeException("Could not load test configuration");
                    }
                    configProperties.load(resourceAsStream);
                    if (resourceAsStream2 == null) {
                        throw new RuntimeException("Could not load application properties");
                    }
                    Properties properties = new Properties();
                    properties.load(resourceAsStream2);
                    configProperties.putAll(properties);
                    HORREUM_USERNAME = getProperty("horreum.username");
                    HORREUM_PASSWORD = getProperty("horreum.password");
                    if (resourceAsStream2 != null) {
                        resourceAsStream2.close();
                    }
                    if (resourceAsStream != null) {
                        resourceAsStream.close();
                    }
                    network = Network.newNetwork();
                    postgreSQLResource = new PostgresResource();
                    keycloakResource = new KeycloakResource();
                } catch (Throwable th) {
                    if (resourceAsStream2 != null) {
                        try {
                            resourceAsStream2.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (IOException e) {
            throw new RuntimeException("Failed to load configuration properties");
        }
    }
}
