package de.cuioss.test.mockwebserver;

import de.cuioss.test.mockwebserver.ssl.KeyMaterialUtil;
import de.cuioss.tools.logging.CuiLogger;
import java.lang.reflect.Member;
import java.lang.reflect.Method;
import java.util.Optional;
import javax.net.ssl.SSLContext;
import okhttp3.tls.HandshakeCertificates;
import org.junit.jupiter.api.extension.ExtensionContext;
import org.junit.platform.commons.util.ReflectionUtils;

/* loaded from: input_file:de/cuioss/test/mockwebserver/CertificateResolver.class */
class CertificateResolver {
    private static final String DEFAULT_PROVIDER_METHOD_NAME = "provideHandshakeCertificates";
    private static final String SELF_SIGNED_CERTIFICATES_KEY = "self-signed-certificates";
    private static final String SSL_CONTEXT_KEY = "ssl-context";
    private static final CuiLogger LOGGER = new CuiLogger(CertificateResolver.class);
    static final ExtensionContext.Namespace NAMESPACE = ExtensionContext.Namespace.create(new Object[]{CertificateResolver.class});

    Optional<HandshakeCertificates> determineTestProvidedHandshakeCertificates(ExtensionContext extensionContext) {
        Optional testClass = extensionContext.getTestClass();
        if (testClass.isEmpty()) {
            return Optional.empty();
        }
        Optional ofNullable = Optional.ofNullable((TestProvidedCertificate) ((Class) testClass.get()).getAnnotation(TestProvidedCertificate.class));
        Optional map = extensionContext.getTestMethod().map(method -> {
            return (TestProvidedCertificate) method.getAnnotation(TestProvidedCertificate.class);
        });
        Optional optional = map.isPresent() ? map : ofNullable;
        if (optional.isEmpty()) {
            return Optional.empty();
        }
        return getCertificatesFromProvider(((TestProvidedCertificate) optional.get()).providerClass() != Void.class ? ((TestProvidedCertificate) optional.get()).providerClass() : (Class) testClass.get(), ((TestProvidedCertificate) optional.get()).methodName(), extensionContext);
    }

    Optional<HandshakeCertificates> getCertificatesFromProvider(Class<?> cls, String str, ExtensionContext extensionContext) {
        try {
            Optional findMethod = ReflectionUtils.findMethod(cls, str, new Class[0]);
            if (findMethod.isEmpty() && !DEFAULT_PROVIDER_METHOD_NAME.equals(str)) {
                findMethod = ReflectionUtils.findMethod(cls, DEFAULT_PROVIDER_METHOD_NAME, new Class[0]);
            }
            if (findMethod.isEmpty()) {
                return Optional.empty();
            }
            Object obj = null;
            if (extensionContext.getTestClass().isPresent() && ((Class) extensionContext.getTestClass().get()).equals(cls)) {
                obj = extensionContext.getTestInstance().orElse(null);
            }
            if (obj == null && !ReflectionUtils.isStatic((Member) findMethod.get())) {
                obj = createProviderInstance(cls);
            }
            Object invokeMethod = ReflectionUtils.invokeMethod((Method) findMethod.get(), obj, new Object[0]);
            return invokeMethod instanceof HandshakeCertificates ? Optional.of((HandshakeCertificates) invokeMethod) : Optional.empty();
        } catch (Exception e) {
            throw new IllegalStateException("Error resolving HandshakeCertificates from provider " + cls.getName(), e);
        }
    }

    Object createProviderInstance(Class<?> cls) {
        try {
            return ReflectionUtils.newInstance(cls, new Object[0]);
        } catch (Exception e) {
            throw new IllegalStateException("Could not create instance of provider class " + cls.getName(), e);
        }
    }

    public Optional<HandshakeCertificates> getHandshakeCertificates(ExtensionContext extensionContext, MockServerConfig mockServerConfig) {
        Optional<HandshakeCertificates> determineTestProvidedHandshakeCertificates = determineTestProvidedHandshakeCertificates(extensionContext);
        if (determineTestProvidedHandshakeCertificates.isPresent()) {
            LOGGER.info("Using certificates provided by @TestProvidedCertificate");
            return determineTestProvidedHandshakeCertificates;
        }
        Optional<HandshakeCertificates> selfSignedCertificatesFromContext = getSelfSignedCertificatesFromContext(extensionContext);
        if (!selfSignedCertificatesFromContext.isPresent()) {
            return createAndStoreSelfSignedCertificates(extensionContext, mockServerConfig);
        }
        LOGGER.info("Reusing cached self-signed HandshakeCertificates");
        return selfSignedCertificatesFromContext;
    }

    Optional<HandshakeCertificates> createAndStoreSelfSignedCertificates(ExtensionContext extensionContext, MockServerConfig mockServerConfig) {
        try {
            HandshakeCertificates createSelfSignedHandshakeCertificates = KeyMaterialUtil.createSelfSignedHandshakeCertificates(mockServerConfig.getCertificateDuration(), mockServerConfig.getKeyAlgorithm());
            storeSelfSignedCertificatesInContext(extensionContext, createSelfSignedHandshakeCertificates);
            LOGGER.info("Generated and cached new self-signed HandshakeCertificates with algorithm %s and duration %s days", new Object[]{mockServerConfig.getKeyAlgorithm(), Integer.valueOf(mockServerConfig.getCertificateDuration())});
            return Optional.of(createSelfSignedHandshakeCertificates);
        } catch (Exception e) {
            LOGGER.error("Failed to create self-signed certificates", e);
            return Optional.empty();
        }
    }

    Optional<HandshakeCertificates> getSelfSignedCertificatesFromContext(ExtensionContext extensionContext) {
        HandshakeCertificates handshakeCertificates = (HandshakeCertificates) getRootContext(extensionContext).getStore(NAMESPACE).get(SELF_SIGNED_CERTIFICATES_KEY, HandshakeCertificates.class);
        return handshakeCertificates != null ? Optional.of(handshakeCertificates) : Optional.empty();
    }

    void storeSelfSignedCertificatesInContext(ExtensionContext extensionContext, HandshakeCertificates handshakeCertificates) {
        getRootContext(extensionContext).getStore(NAMESPACE).put(SELF_SIGNED_CERTIFICATES_KEY, handshakeCertificates);
    }

    public SSLContext createAndStoreSSLContext(ExtensionContext extensionContext, HandshakeCertificates handshakeCertificates) {
        try {
            SSLContext createSslContext = KeyMaterialUtil.createSslContext(handshakeCertificates);
            getRootContext(extensionContext).getStore(NAMESPACE).put(SSL_CONTEXT_KEY, createSslContext);
            LOGGER.debug("Stored SSLContext for parameter resolution");
            return createSslContext;
        } catch (Exception e) {
            LOGGER.error("Failed to create or store SSLContext", e);
            throw new IllegalStateException("Failed to create or store SSLContext", e);
        }
    }

    public Optional<SSLContext> getSSLContext(ExtensionContext extensionContext) {
        return Optional.ofNullable((SSLContext) getRootContext(extensionContext).getStore(NAMESPACE).get(SSL_CONTEXT_KEY, SSLContext.class));
    }

    ExtensionContext getRootContext(ExtensionContext extensionContext) {
        ExtensionContext extensionContext2 = extensionContext;
        while (true) {
            ExtensionContext extensionContext3 = extensionContext2;
            if (!extensionContext3.getParent().isPresent()) {
                return extensionContext3;
            }
            extensionContext2 = (ExtensionContext) extensionContext3.getParent().get();
        }
    }
}
