package org.eclipse.jgit.junit.ssh;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.PublicKey;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.TimeUnit;
import org.apache.sshd.common.NamedFactory;
import org.apache.sshd.common.NamedResource;
import org.apache.sshd.common.PropertyResolver;
import org.apache.sshd.common.config.keys.AuthorizedKeyEntry;
import org.apache.sshd.common.config.keys.FilePasswordProvider;
import org.apache.sshd.common.config.keys.KeyUtils;
import org.apache.sshd.common.config.keys.PublicKeyEntryResolver;
import org.apache.sshd.common.file.virtualfs.VirtualFileSystemFactory;
import org.apache.sshd.common.session.SessionContext;
import org.apache.sshd.common.signature.BuiltinSignatures;
import org.apache.sshd.common.signature.Signature;
import org.apache.sshd.common.util.buffer.Buffer;
import org.apache.sshd.common.util.security.SecurityUtils;
import org.apache.sshd.common.util.threads.CloseableExecutorService;
import org.apache.sshd.common.util.threads.ThreadUtils;
import org.apache.sshd.core.CoreModuleProperties;
import org.apache.sshd.server.ServerAuthenticationManager;
import org.apache.sshd.server.ServerBuilder;
import org.apache.sshd.server.SshServer;
import org.apache.sshd.server.auth.UserAuth;
import org.apache.sshd.server.auth.UserAuthFactory;
import org.apache.sshd.server.auth.gss.GSSAuthenticator;
import org.apache.sshd.server.auth.gss.UserAuthGSS;
import org.apache.sshd.server.auth.gss.UserAuthGSSFactory;
import org.apache.sshd.server.auth.hostbased.HostBasedAuthenticator;
import org.apache.sshd.server.auth.keyboard.DefaultKeyboardInteractiveAuthenticator;
import org.apache.sshd.server.auth.keyboard.KeyboardInteractiveAuthenticator;
import org.apache.sshd.server.auth.password.PasswordAuthenticator;
import org.apache.sshd.server.command.AbstractCommandSupport;
import org.apache.sshd.server.session.ServerSession;
import org.apache.sshd.server.shell.ShellFactory;
import org.apache.sshd.server.shell.UnknownCommand;
import org.apache.sshd.server.subsystem.SubsystemFactory;
import org.apache.sshd.sftp.server.SftpSubsystemFactory;
import org.eclipse.jgit.annotations.NonNull;
import org.eclipse.jgit.annotations.Nullable;
import org.eclipse.jgit.lib.Repository;
import org.eclipse.jgit.transport.ReceivePack;
import org.eclipse.jgit.transport.UploadPack;

/* loaded from: input_file:org/eclipse/jgit/junit/ssh/SshTestGitServer.class */
public class SshTestGitServer {
    public static final String ECHO_COMMAND = "echo";

    @NonNull
    protected final String testUser;

    @NonNull
    protected final Repository repository;

    @NonNull
    protected final List<KeyPair> hostKeys;
    protected final SshServer server;

    @NonNull
    protected PublicKey testKey;
    private final CloseableExecutorService executorService;

    /* loaded from: input_file:org/eclipse/jgit/junit/ssh/SshTestGitServer$EchoCommand.class */
    private static class EchoCommand extends AbstractCommandSupport {
        protected EchoCommand(String str, CloseableExecutorService closeableExecutorService) {
            super(str, ThreadUtils.noClose(closeableExecutorService));
        }

        public void run() {
            String[] split = getCommand().split(" ");
            int i = 0;
            if (split.length >= 2) {
                try {
                    i = Integer.parseInt(split[1]);
                } catch (NumberFormatException e) {
                }
                if (i > 0) {
                    try {
                        Thread.sleep(TimeUnit.SECONDS.toMillis(i));
                    } catch (InterruptedException e2) {
                    }
                }
            }
            try {
                doEcho(getCommand(), getOutputStream());
                onExit(0);
            } catch (IOException e3) {
                this.log.warn(MessageFormat.format("Could not run {0}", getCommand()), e3);
                onExit(-1, e3.toString());
            }
        }

        private void doEcho(String str, OutputStream outputStream) throws IOException {
            outputStream.write(str.getBytes(StandardCharsets.UTF_8));
            outputStream.flush();
        }
    }

    /* loaded from: input_file:org/eclipse/jgit/junit/ssh/SshTestGitServer$FakeUserAuthGSS.class */
    private static class FakeUserAuthGSS extends UserAuthGSS {
        private FakeUserAuthGSS() {
        }

        @Nullable
        protected Boolean doAuth(Buffer buffer, boolean z) throws Exception {
            if (!z) {
                return Boolean.FALSE;
            }
            ServerSession serverSession = getServerSession();
            Buffer createBuffer = serverSession.createBuffer((byte) 60);
            createBuffer.putBytes(KRB5_MECH.getDER());
            serverSession.writePacket(createBuffer);
            return null;
        }

        /* synthetic */ FakeUserAuthGSS(FakeUserAuthGSS fakeUserAuthGSS) {
            this();
        }
    }

    /* loaded from: input_file:org/eclipse/jgit/junit/ssh/SshTestGitServer$GitReceivePackCommand.class */
    private class GitReceivePackCommand extends AbstractCommandSupport {
        protected GitReceivePackCommand(String str, CloseableExecutorService closeableExecutorService) {
            super(str, ThreadUtils.noClose(closeableExecutorService));
        }

        public void run() {
            try {
                new ReceivePack(SshTestGitServer.this.repository).receive(getInputStream(), getOutputStream(), getErrorStream());
                onExit(0);
            } catch (IOException e) {
                this.log.warn(MessageFormat.format("Could not run {0}", getCommand()), e);
                onExit(-1, e.toString());
            }
        }
    }

    /* loaded from: input_file:org/eclipse/jgit/junit/ssh/SshTestGitServer$GitUploadPackCommand.class */
    private class GitUploadPackCommand extends AbstractCommandSupport {
        protected GitUploadPackCommand(String str, CloseableExecutorService closeableExecutorService) {
            super(str, ThreadUtils.noClose(closeableExecutorService));
        }

        public void run() {
            UploadPack uploadPack = new UploadPack(SshTestGitServer.this.repository);
            String str = (String) getEnvironment().getEnv().get("GIT_PROTOCOL");
            if (str != null) {
                uploadPack.setExtraParameters(Collections.singleton(str));
            }
            try {
                uploadPack.upload(getInputStream(), getOutputStream(), getErrorStream());
                onExit(0);
            } catch (IOException e) {
                this.log.warn(MessageFormat.format("Could not run {0}", getCommand()), e);
                onExit(-1, e.toString());
            }
        }
    }

    public SshTestGitServer(@NonNull String str, @NonNull Path path, @NonNull Repository repository, @NonNull byte[] bArr) throws IOException, GeneralSecurityException {
        this(str, readPublicKey(path), repository, readKeyPair(bArr));
    }

    public SshTestGitServer(@NonNull String str, @NonNull Path path, @NonNull Repository repository, @NonNull KeyPair keyPair) throws IOException, GeneralSecurityException {
        this(str, readPublicKey(path), repository, keyPair);
    }

    public SshTestGitServer(@NonNull String str, @NonNull PublicKey publicKey, @NonNull Repository repository, @NonNull KeyPair keyPair) {
        this.hostKeys = new ArrayList();
        this.executorService = ThreadUtils.newFixedThreadPool("SshTestGitServerPool", 2);
        this.testUser = str;
        setTestUserPublicKey(publicKey);
        this.repository = repository;
        this.server = ServerBuilder.builder().signatureFactories(getSignatureFactories()).build();
        this.hostKeys.add(keyPair);
        this.server.setKeyPairProvider(sessionContext -> {
            return this.hostKeys;
        });
        configureAuthentication();
        List<SubsystemFactory> configureSubsystems = configureSubsystems();
        if (!configureSubsystems.isEmpty()) {
            this.server.setSubsystemFactories(configureSubsystems);
        }
        configureShell();
        this.server.setCommandFactory((channelSession, str2) -> {
            return str2.startsWith("git-upload-pack") ? new GitUploadPackCommand(str2, this.executorService) : str2.startsWith("git-receive-pack") ? new GitReceivePackCommand(str2, this.executorService) : str2.startsWith(ECHO_COMMAND) ? new EchoCommand(str2, this.executorService) : new UnknownCommand(str2);
        });
    }

    private static List<NamedFactory<Signature>> getSignatureFactories() {
        return Arrays.asList(BuiltinSignatures.nistp256_cert, BuiltinSignatures.nistp384_cert, BuiltinSignatures.nistp521_cert, BuiltinSignatures.ed25519_cert, BuiltinSignatures.rsaSHA512_cert, BuiltinSignatures.rsaSHA256_cert, BuiltinSignatures.rsa_cert, BuiltinSignatures.nistp256, BuiltinSignatures.nistp384, BuiltinSignatures.nistp521, BuiltinSignatures.ed25519, BuiltinSignatures.sk_ecdsa_sha2_nistp256, BuiltinSignatures.sk_ssh_ed25519, BuiltinSignatures.rsaSHA512, BuiltinSignatures.rsaSHA256, BuiltinSignatures.rsa, BuiltinSignatures.dsa_cert, BuiltinSignatures.dsa);
    }

    private static PublicKey readPublicKey(Path path) throws IOException, GeneralSecurityException {
        return ((AuthorizedKeyEntry) AuthorizedKeyEntry.readAuthorizedKeys(path, new OpenOption[0]).get(0)).resolvePublicKey((SessionContext) null, PublicKeyEntryResolver.IGNORING);
    }

    private static KeyPair readKeyPair(byte[] bArr) throws IOException, GeneralSecurityException {
        Throwable th = null;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                KeyPair keyPair = (KeyPair) SecurityUtils.loadKeyPairIdentities((SessionContext) null, (NamedResource) null, byteArrayInputStream, (FilePasswordProvider) null).iterator().next();
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
                return keyPair;
            } catch (Throwable th2) {
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    private List<UserAuthFactory> getAuthFactories() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new UserAuthGSSFactory() { // from class: org.eclipse.jgit.junit.ssh.SshTestGitServer.1
            public UserAuth createUserAuth(ServerSession serverSession) throws IOException {
                return new FakeUserAuthGSS(null);
            }
        });
        arrayList.add(ServerAuthenticationManager.DEFAULT_USER_AUTH_PUBLIC_KEY_FACTORY);
        arrayList.add(ServerAuthenticationManager.DEFAULT_USER_AUTH_KB_INTERACTIVE_FACTORY);
        arrayList.add(ServerAuthenticationManager.DEFAULT_USER_AUTH_PASSWORD_FACTORY);
        return arrayList;
    }

    protected void configureAuthentication() {
        this.server.setUserAuthFactories(getAuthFactories());
        this.server.setPasswordAuthenticator((PasswordAuthenticator) null);
        this.server.setKeyboardInteractiveAuthenticator((KeyboardInteractiveAuthenticator) null);
        this.server.setHostBasedAuthenticator((HostBasedAuthenticator) null);
        this.server.setGSSAuthenticator(new GSSAuthenticator() { // from class: org.eclipse.jgit.junit.ssh.SshTestGitServer.2
            public boolean validateInitialUser(ServerSession serverSession, String str) {
                return false;
            }
        });
        this.server.setPublickeyAuthenticator((str, publicKey, serverSession) -> {
            return this.testUser.equals(str) && KeyUtils.compareKeys(this.testKey, publicKey);
        });
    }

    @NonNull
    protected List<SubsystemFactory> configureSubsystems() {
        this.server.setFileSystemFactory(new VirtualFileSystemFactory(this.repository.getDirectory().getParentFile().getAbsoluteFile().toPath()));
        return Collections.singletonList(new SftpSubsystemFactory.Builder().build());
    }

    protected void configureShell() {
        this.server.setShellFactory((ShellFactory) null);
    }

    public void addHostKey(@NonNull Path path, boolean z) throws IOException, GeneralSecurityException {
        Throwable th = null;
        try {
            InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
            try {
                addHostKey((KeyPair) SecurityUtils.loadKeyPairIdentities((SessionContext) null, NamedResource.ofName(path.toString()), newInputStream, (FilePasswordProvider) null).iterator().next(), z);
                if (newInputStream != null) {
                    newInputStream.close();
                }
            } catch (Throwable th2) {
                if (newInputStream != null) {
                    newInputStream.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    public void addHostKey(@NonNull KeyPair keyPair, boolean z) {
        if (z) {
            this.hostKeys.add(0, keyPair);
        } else {
            this.hostKeys.add(keyPair);
        }
    }

    public void enablePasswordAuthentication() {
        this.server.setPasswordAuthenticator((str, str2, serverSession) -> {
            return this.testUser.equals(str) && this.testUser.toUpperCase(Locale.ROOT).equals(str2);
        });
    }

    public void enableKeyboardInteractiveAuthentication() {
        this.server.setPasswordAuthenticator((str, str2, serverSession) -> {
            return this.testUser.equals(str) && this.testUser.toUpperCase(Locale.ROOT).equals(str2);
        });
        this.server.setKeyboardInteractiveAuthenticator(DefaultKeyboardInteractiveAuthenticator.INSTANCE);
    }

    public PropertyResolver getPropertyResolver() {
        return this.server;
    }

    public int start() throws IOException {
        this.server.start();
        return this.server.getPort();
    }

    public void stop() throws IOException {
        this.executorService.shutdownNow();
        this.server.stop(true);
    }

    public void setTestUserPublicKey(Path path) throws IOException, GeneralSecurityException {
        this.testKey = readPublicKey(path);
    }

    public void setTestUserPublicKey(@NonNull PublicKey publicKey) {
        this.testKey = publicKey;
    }

    public void setPreamble(String... strArr) {
        if (strArr == null || strArr.length <= 0) {
            return;
        }
        CoreModuleProperties.SERVER_EXTRA_IDENTIFICATION_LINES.set(this.server, String.join(String.valueOf('|'), strArr));
    }
}
