package com.mulesoft.mule.runtime.gw.policies.factory;

import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Maps;
import com.mulesoft.anypoint.tests.PolicyTestValuesConstants;
import com.mulesoft.mule.runtime.gw.api.key.ApiKey;
import com.mulesoft.mule.runtime.gw.api.policy.PolicyTemplateKey;
import com.mulesoft.mule.runtime.gw.internal.encryption.RuntimeEncrypterFactory;
import com.mulesoft.mule.runtime.gw.model.IdentityManagement;
import com.mulesoft.mule.runtime.gw.model.PolicyConfiguration;
import com.mulesoft.mule.runtime.gw.model.PolicyDefinition;
import com.mulesoft.mule.runtime.gw.model.PolicyProperty;
import com.mulesoft.mule.runtime.gw.model.PolicySpecification;
import com.mulesoft.mule.runtime.gw.policies.OfflinePolicyDefinition;
import com.mulesoft.mule.runtime.gw.policies.Policy;
import com.mulesoft.mule.runtime.gw.policies.encryption.DefaultPolicyConfigurationEncrypter;
import com.mulesoft.mule.runtime.gw.policies.encryption.PolicyConfigurationEncrypter;
import com.mulesoft.mule.runtime.gw.policies.encryption.PolicyConfigurationEncryptionResult;
import com.mulesoft.mule.runtime.gw.policies.template.PolicyTemplate;
import com.mulesoft.mule.runtime.gw.policies.template.provider.PolicyTemplateProvider;
import com.mulesoft.mule.runtime.gw.policies.template.resolver.PolicyTemplateResolver;
import java.io.File;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import org.junit.Assert;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Matchers;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;
import org.mule.runtime.deployment.model.api.policy.PolicyTemplateDescriptor;
import org.mule.tck.junit4.AbstractMuleTestCase;
import org.mule.tck.junit4.rule.SystemProperty;

@RunWith(MockitoJUnitRunner.class)
/* loaded from: input_file:com/mulesoft/mule/runtime/gw/policies/factory/EncryptedPolicyFactoryTestCase.class */
public class EncryptedPolicyFactoryTestCase extends AbstractMuleTestCase {
    private static final Map<String, Object> CONFIG_DATA = ImmutableMap.of("key", "some value");
    private static final Map<String, Object> IDENTITY_MANAGEMENT_CONFIG_DATA = ImmutableMap.of("key", "some value", "identityManagementTokenUrl", "identityManagementTokenUrlValue", "identityManagementClientSecret", "u6gMLNLHDv4QRAqqzRezPqcDoohC0vMTvtKUqy5", "identityManagementClientId", "api_platform");
    private static final Map<String, Object> PLACEHOLDERS = ImmutableMap.of("key", "${secure::key}");
    private static final Map<String, Object> ENCRYPTED_PLACEHOLDERS = ImmutableMap.of("encrypted", true, "key", "${secure::key}");
    private static final Map<String, Object> ENCRYPTED_IDENTITY_MANAGEMENT_PLACEHOLDERS = ImmutableMap.of("encrypted", true, "key", "${secure::key}", "identityManagementTokenUrl", "${secure::identityManagementTokenUrl}", "identityManagementClientSecret", "${secure::identityManagementClientSecret}", "identityManagementClientId", "${secure::identityManagementClientId}");
    private static final Map<String, Object> ENCRYPTED_CONFIG_DATA_MOCK = Maps.newHashMap(ImmutableMap.of("key", "encryptedValue"));
    private static final Map<String, Object> ENCRYPTED_CONFIG_DATA = Maps.newHashMap(ImmutableMap.of("encrypted", true, "key", "![cxDrfb5eezub4FgbvbHyHg==]"));
    private static final Map<String, Object> ENCRYPTED_IDENTITY_MANAGEMENT_CONFIG_DATA = Maps.newHashMap(ImmutableMap.of("encrypted", true, "key", "![cxDrfb5eezub4FgbvbHyHg==]", "identityManagementTokenUrl", "![rQ1yMhp8i/g3ZUD+Ojnym4HaYt1AMEi1DFEcBeU9+wQ=]", "identityManagementClientSecret", "![7PzjHgPi/HLFgoJkamHv4kz8AcZhTah3GA30HfMftqlqvtSdq1pMgb7yD6fSw/iL]", "identityManagementClientId", "![fHLAAKD9KfOFL0ylTUZmww==]"));
    private PolicyFactory policyFactory;

    @Mock
    private PolicyConfigurationEncrypter encrypter;

    @Mock
    private PolicySpecification policySpecification;
    private PolicyTemplate template;

    @Mock
    private PolicyTemplateResolver templateResolver;

    @Mock
    private PolicyTemplateProvider templateProvider;
    private static final String ENCRYPTION_KEY = "GatewayTeamKey00";
    private String resolvedTemplate = "resolvedTemplate";
    private String resolvedNotEncryptedTemplate = "resolvedNotEncryptedTemplate";

    @Rule
    public SystemProperty encryptionKey = new SystemProperty("anypoint.platform.encryption_key", ENCRYPTION_KEY);

    @Before
    public void setUp() {
        this.template = new PolicyTemplate(PolicyTestValuesConstants.POLICY_TEMPLATE_KEY, (File) Mockito.mock(File.class), this.policySpecification, new PolicyTemplateDescriptor(PolicyTestValuesConstants.POLICY_TEMPLATE_KEY.getName()));
        Mockito.when(this.templateProvider.provide((PolicyTemplateKey) Matchers.any())).thenReturn(this.template);
        Mockito.when(this.templateResolver.resolve(this.template, PLACEHOLDERS)).thenReturn(this.resolvedTemplate);
        Mockito.when(this.templateResolver.resolve(this.template, ENCRYPTED_PLACEHOLDERS)).thenReturn(this.resolvedTemplate);
        Mockito.when(this.templateResolver.resolve(this.template, ENCRYPTED_IDENTITY_MANAGEMENT_PLACEHOLDERS)).thenReturn(this.resolvedTemplate);
        Mockito.when(this.templateResolver.resolve(this.template, CONFIG_DATA)).thenReturn(this.resolvedNotEncryptedTemplate);
        this.policyFactory = new EncryptedPolicyFactory(this.templateResolver, this.templateProvider, this.encrypter);
    }

    @Test
    public void createPolicy() {
        PolicyDefinition policyDefinition = new PolicyDefinition("policyId", PolicyTestValuesConstants.POLICY_TEMPLATE_KEY, PolicyTestValuesConstants.API_KEY, (List) null, 1, new PolicyConfiguration(CONFIG_DATA));
        Mockito.when(this.encrypter.encryptConfiguration((PolicyDefinition) Matchers.eq(policyDefinition), (PolicySpecification) Matchers.any())).thenReturn(new PolicyConfigurationEncryptionResult(PLACEHOLDERS, new PolicyConfiguration(ENCRYPTED_CONFIG_DATA_MOCK), (Map) null));
        Mockito.when(Boolean.valueOf(this.policySpecification.isEncryptionSupported())).thenReturn(true);
        Policy createFromPolicyDefinition = this.policyFactory.createFromPolicyDefinition(policyDefinition);
        Assert.assertThat(createFromPolicyDefinition.getPolicyTemplate(), org.hamcrest.Matchers.is(this.template));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getId(), org.hamcrest.Matchers.is("policyId"));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getTemplateKey(), org.hamcrest.Matchers.is(PolicyTestValuesConstants.POLICY_TEMPLATE_KEY));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getApiKeys(), org.hamcrest.Matchers.contains(new ApiKey[]{PolicyTestValuesConstants.API_KEY}));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getOrder(), org.hamcrest.Matchers.is(1));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getHttpResourcePointcuts(), org.hamcrest.Matchers.empty());
        Assert.assertThat(Boolean.valueOf(createFromPolicyDefinition.getPolicyDefinition().isOnline()), org.hamcrest.Matchers.is(true));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getConfigurationData().getConfiguration(), org.hamcrest.Matchers.is(ENCRYPTED_CONFIG_DATA_MOCK));
        Assert.assertThat(createFromPolicyDefinition.getResolvedTemplate(), org.hamcrest.Matchers.is(this.resolvedTemplate));
    }

    @Test
    public void createPolicyRemovingIdentityManagement() {
        PolicyDefinition policyDefinition = new PolicyDefinition("policyId", PolicyTestValuesConstants.POLICY_TEMPLATE_KEY, PolicyTestValuesConstants.API_KEY, (List) null, 1, new PolicyConfiguration(IDENTITY_MANAGEMENT_CONFIG_DATA));
        DefaultPolicyConfigurationEncrypter defaultPolicyConfigurationEncrypter = new DefaultPolicyConfigurationEncrypter(RuntimeEncrypterFactory.createDefaultRuntimeEncrypter(), false);
        Mockito.when(Boolean.valueOf(this.policySpecification.isEncryptionSupported())).thenReturn(true);
        Mockito.when(Boolean.valueOf(this.policySpecification.isValid())).thenReturn(true);
        Mockito.when(this.policySpecification.getIdentityManagement()).thenReturn(Optional.empty());
        PolicyProperty policyProperty = new PolicyProperty();
        policyProperty.setType("string");
        policyProperty.setPropertyName("key");
        Mockito.when(this.policySpecification.getConfiguration()).thenReturn(Arrays.asList(policyProperty));
        Policy createFromPolicyDefinition = new EncryptedPolicyFactory(this.templateResolver, this.templateProvider, defaultPolicyConfigurationEncrypter).createFromPolicyDefinition(policyDefinition);
        Assert.assertThat(createFromPolicyDefinition.getPolicyTemplate(), org.hamcrest.Matchers.is(this.template));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getId(), org.hamcrest.Matchers.is("policyId"));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getTemplateKey(), org.hamcrest.Matchers.is(PolicyTestValuesConstants.POLICY_TEMPLATE_KEY));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getApiKeys(), org.hamcrest.Matchers.contains(new ApiKey[]{PolicyTestValuesConstants.API_KEY}));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getOrder(), org.hamcrest.Matchers.is(1));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getHttpResourcePointcuts(), org.hamcrest.Matchers.empty());
        Assert.assertThat(Boolean.valueOf(createFromPolicyDefinition.getPolicyDefinition().isOnline()), org.hamcrest.Matchers.is(true));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getConfigurationData().getConfiguration(), org.hamcrest.Matchers.is(ENCRYPTED_CONFIG_DATA));
        Assert.assertThat(createFromPolicyDefinition.getResolvedTemplate(), org.hamcrest.Matchers.is(this.resolvedTemplate));
    }

    @Test
    public void createPolicyNotRemovingIdentityManagement() {
        PolicyDefinition policyDefinition = new PolicyDefinition("policyId", PolicyTestValuesConstants.POLICY_TEMPLATE_KEY, PolicyTestValuesConstants.API_KEY, (List) null, 1, new PolicyConfiguration(IDENTITY_MANAGEMENT_CONFIG_DATA));
        DefaultPolicyConfigurationEncrypter defaultPolicyConfigurationEncrypter = new DefaultPolicyConfigurationEncrypter(RuntimeEncrypterFactory.createDefaultRuntimeEncrypter(), false);
        Mockito.when(Boolean.valueOf(this.policySpecification.isEncryptionSupported())).thenReturn(true);
        Mockito.when(Boolean.valueOf(this.policySpecification.isValid())).thenReturn(true);
        Mockito.when(this.policySpecification.getIdentityManagement()).thenReturn(Optional.of(Mockito.mock(IdentityManagement.class)));
        PolicyProperty policyProperty = new PolicyProperty();
        policyProperty.setType("string");
        policyProperty.setPropertyName("key");
        Mockito.when(this.policySpecification.getConfiguration()).thenReturn(Arrays.asList(policyProperty));
        Policy createFromPolicyDefinition = new EncryptedPolicyFactory(this.templateResolver, this.templateProvider, defaultPolicyConfigurationEncrypter).createFromPolicyDefinition(policyDefinition);
        Assert.assertThat(createFromPolicyDefinition.getPolicyTemplate(), org.hamcrest.Matchers.is(this.template));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getId(), org.hamcrest.Matchers.is("policyId"));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getTemplateKey(), org.hamcrest.Matchers.is(PolicyTestValuesConstants.POLICY_TEMPLATE_KEY));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getApiKeys(), org.hamcrest.Matchers.contains(new ApiKey[]{PolicyTestValuesConstants.API_KEY}));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getOrder(), org.hamcrest.Matchers.is(1));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getHttpResourcePointcuts(), org.hamcrest.Matchers.empty());
        Assert.assertThat(Boolean.valueOf(createFromPolicyDefinition.getPolicyDefinition().isOnline()), org.hamcrest.Matchers.is(true));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getConfigurationData().getConfiguration(), org.hamcrest.Matchers.is(ENCRYPTED_IDENTITY_MANAGEMENT_CONFIG_DATA));
        Assert.assertThat(createFromPolicyDefinition.getResolvedTemplate(), org.hamcrest.Matchers.is(this.resolvedTemplate));
    }

    @Test
    public void createPolicyNotEncryptionEnabled() {
        PolicyDefinition policyDefinition = new PolicyDefinition("policyId", PolicyTestValuesConstants.POLICY_TEMPLATE_KEY, PolicyTestValuesConstants.API_KEY, (List) null, 1, new PolicyConfiguration(CONFIG_DATA));
        Mockito.when(Boolean.valueOf(this.policySpecification.isEncryptionSupported())).thenReturn(false);
        Policy createFromPolicyDefinition = this.policyFactory.createFromPolicyDefinition(policyDefinition);
        Assert.assertThat(createFromPolicyDefinition.getPolicyTemplate(), org.hamcrest.Matchers.is(this.template));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getId(), org.hamcrest.Matchers.is("policyId"));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getTemplateKey(), org.hamcrest.Matchers.is(PolicyTestValuesConstants.POLICY_TEMPLATE_KEY));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getApiKeys(), org.hamcrest.Matchers.contains(new ApiKey[]{PolicyTestValuesConstants.API_KEY}));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getOrder(), org.hamcrest.Matchers.is(1));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getHttpResourcePointcuts(), org.hamcrest.Matchers.empty());
        Assert.assertThat(Boolean.valueOf(createFromPolicyDefinition.getPolicyDefinition().isOnline()), org.hamcrest.Matchers.is(true));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getConfigurationData().getConfiguration(), org.hamcrest.Matchers.is(CONFIG_DATA));
        Assert.assertThat(createFromPolicyDefinition.getResolvedTemplate(), org.hamcrest.Matchers.is(this.resolvedNotEncryptedTemplate));
    }

    @Test
    public void createOfflinePolicy() {
        OfflinePolicyDefinition offlinePolicyDefinition = new OfflinePolicyDefinition("policyId", PolicyTestValuesConstants.POLICY_TEMPLATE_KEY, PolicyTestValuesConstants.API_KEY, (List) null, 1, new PolicyConfiguration(CONFIG_DATA));
        Mockito.when(this.encrypter.encryptConfiguration((PolicyDefinition) Matchers.eq(offlinePolicyDefinition), (PolicySpecification) Matchers.any())).thenReturn(new PolicyConfigurationEncryptionResult(PLACEHOLDERS, new PolicyConfiguration(ENCRYPTED_CONFIG_DATA_MOCK), (Map) null));
        Mockito.when(Boolean.valueOf(this.policySpecification.isEncryptionSupported())).thenReturn(true);
        Policy createFromPolicyDefinition = this.policyFactory.createFromPolicyDefinition(offlinePolicyDefinition);
        Assert.assertThat(createFromPolicyDefinition.getPolicyTemplate(), org.hamcrest.Matchers.is(this.template));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getId(), org.hamcrest.Matchers.is("policyId"));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getTemplateKey(), org.hamcrest.Matchers.is(PolicyTestValuesConstants.POLICY_TEMPLATE_KEY));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getApiKeys(), org.hamcrest.Matchers.contains(new ApiKey[]{PolicyTestValuesConstants.API_KEY}));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getOrder(), org.hamcrest.Matchers.is(1));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getHttpResourcePointcuts(), org.hamcrest.Matchers.empty());
        Assert.assertThat(Boolean.valueOf(createFromPolicyDefinition.getPolicyDefinition().isOnline()), org.hamcrest.Matchers.is(false));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getConfigurationData().getConfiguration(), org.hamcrest.Matchers.is(ENCRYPTED_CONFIG_DATA_MOCK));
        Assert.assertThat(createFromPolicyDefinition.getResolvedTemplate(), org.hamcrest.Matchers.is(this.resolvedTemplate));
    }

    @Test
    public void createOfflinePolicyNotEncryptionEnabled() {
        OfflinePolicyDefinition offlinePolicyDefinition = new OfflinePolicyDefinition("policyId", PolicyTestValuesConstants.POLICY_TEMPLATE_KEY, PolicyTestValuesConstants.API_KEY, (List) null, 1, new PolicyConfiguration(CONFIG_DATA));
        Mockito.when(Boolean.valueOf(this.policySpecification.isEncryptionSupported())).thenReturn(false);
        Policy createFromPolicyDefinition = this.policyFactory.createFromPolicyDefinition(offlinePolicyDefinition);
        Assert.assertThat(createFromPolicyDefinition.getPolicyTemplate(), org.hamcrest.Matchers.is(this.template));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getId(), org.hamcrest.Matchers.is("policyId"));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getTemplateKey(), org.hamcrest.Matchers.is(PolicyTestValuesConstants.POLICY_TEMPLATE_KEY));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getApiKeys(), org.hamcrest.Matchers.contains(new ApiKey[]{PolicyTestValuesConstants.API_KEY}));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getOrder(), org.hamcrest.Matchers.is(1));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getHttpResourcePointcuts(), org.hamcrest.Matchers.empty());
        Assert.assertThat(Boolean.valueOf(createFromPolicyDefinition.getPolicyDefinition().isOnline()), org.hamcrest.Matchers.is(false));
        Assert.assertThat(createFromPolicyDefinition.getPolicyDefinition().getConfigurationData().getConfiguration(), org.hamcrest.Matchers.is(CONFIG_DATA));
        Assert.assertThat(createFromPolicyDefinition.getResolvedTemplate(), org.hamcrest.Matchers.is(this.resolvedNotEncryptedTemplate));
    }
}
