package com.mulesoft.mule.runtime.gw.policies.encryption;

import com.google.common.collect.ImmutableMap;
import com.mulesoft.mule.runtime.gw.internal.encryption.GatewayEncryptionException;
import com.mulesoft.mule.runtime.gw.internal.encryption.RuntimeEncrypter;
import com.mulesoft.mule.runtime.gw.internal.encryption.RuntimeEncrypterFactory;
import com.mulesoft.mule.runtime.gw.model.PolicyConfiguration;
import com.mulesoft.mule.runtime.gw.model.PolicyDefinition;
import com.mulesoft.mule.runtime.gw.model.PolicyProperty;
import com.mulesoft.mule.runtime.gw.model.PolicySpecification;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.hamcrest.CoreMatchers;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;
import org.mockito.Mockito;
import org.mule.tck.junit4.AbstractMuleTestCase;
import org.mule.tck.junit4.rule.SystemProperty;

@RunWith(Parameterized.class)
/* loaded from: input_file:com/mulesoft/mule/runtime/gw/policies/encryption/FullPolicyConfigurationEncrypterTestCase.class */
public class FullPolicyConfigurationEncrypterTestCase extends AbstractMuleTestCase {
    private static final String KEY = "Key";
    private static final String KEY_2 = "Key_2";
    private static final String KEY_LIST_STRING = "List_String";
    private static final String KEY_BOOLEAN = "Key_Boolean";
    private static final String KEY_KEYVALUE = "Keyvalue";
    private static final String KEY_KEYVALUE_2 = "Keyvalue_2";
    private static final String KEY_KEYVALUE_3 = "Keyvalue_3";
    private static final String KEY_LIST_KEYVALUES = "List_Keyvalues";
    private static final String KEY_NOT_DEFINED = "KeyNotDefinedInYaml";
    private static final String KEY_NULL_VALUE = "KeyWithNullValue";
    private static final String ENCRYPTION_KEY = "GatewayTeamKey00";
    private static final String ENCRYPTED_VALUE = "![z8p1poC0yyjUoTNzZhS2Xw==]";
    private static final String ENCRYPTED_VALUE_2 = "![dz3YF4DaHoJNwbdLD8Uzxg==]";
    private static final String ENCRYPTED_TEMPLATE_PLACEHOLDER = "${secure::%s}";
    private static final String SIMPLE_KEY = "mapKey";
    private static final String SIMPLE_KEY_2 = "mapKey2";
    private static final String SIMPLE_VALUE = "Test Value";
    private static final String SIMPLE_VALUE_2 = "Test Value2";
    private static final String ESCAPED_VALUE = "&quot;__&lt;Guns_&amp;&amp;_Roses&#39;&gt;__&quot;\"";
    private static final String ESCAPED_ENCRYTED_VALUE = "![1/qRVKESF3Y1oPkhwYLZ4fJmb4oJR5ZG4TUDLKkj9VM=]";
    private static final String HTML_ENCODED_EXPRESSION = "#[attributes.headers[&#39;client_secret&#39;]]";
    private static final String HTML_ENCODED_EXPRESSION_ENCRYPTED = "![bA9b4+qkgeX/zCyvDg58JSdwl/bKR9b6k2rgV+eY3ddpqh2SMAn3ZUc8fZQDyD3O]";
    private final PolicySpecification policySpecification;

    @Rule
    public ExpectedException expectedException = ExpectedException.none();

    @Rule
    public SystemProperty encryptionKey = new SystemProperty("anypoint.platform.encryption_key", ENCRYPTION_KEY);
    private PolicyConfigurationEncrypter policyConfigurationEncrypter;

    @Parameterized.Parameters
    public static Collection<Object[]> testConfigurationData() {
        return Arrays.asList(new Object[]{sensitiveSpecification()}, new Object[]{nonSensitiveSpecification()});
    }

    public FullPolicyConfigurationEncrypterTestCase(PolicySpecification policySpecification) {
        this.policySpecification = policySpecification;
    }

    @Before
    public void setUp() {
        this.policyConfigurationEncrypter = new DefaultPolicyConfigurationEncrypter(RuntimeEncrypterFactory.createDefaultRuntimeEncrypter(), false);
    }

    @Test
    public void encryptString() {
        PolicyConfigurationEncryptionResult encryptConfiguration = this.policyConfigurationEncrypter.encryptConfiguration(policyDefinition(ImmutableMap.of(KEY, SIMPLE_VALUE, KEY_2, ESCAPED_VALUE)), this.policySpecification);
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getConfigurationProperties().isEncrypted()), CoreMatchers.is(true));
        MatcherAssert.assertThat(encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY), CoreMatchers.is(ENCRYPTED_VALUE));
        MatcherAssert.assertThat(encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY_2), CoreMatchers.is(ESCAPED_ENCRYTED_VALUE));
        MatcherAssert.assertThat(encryptConfiguration.getConfigFileProperties().get(KEY), CoreMatchers.is(ENCRYPTED_VALUE));
        MatcherAssert.assertThat(encryptConfiguration.getConfigFileProperties().get(KEY_2), CoreMatchers.is(ESCAPED_ENCRYTED_VALUE));
        MatcherAssert.assertThat(encryptConfiguration.getTemplatePlaceholders().get(KEY), CoreMatchers.is(encryptedTemplatePlaceholder(KEY)));
        MatcherAssert.assertThat(encryptConfiguration.getTemplatePlaceholders().get(KEY_2), CoreMatchers.is(encryptedTemplatePlaceholder(KEY_2)));
    }

    @Test
    public void encryptingExpressionWithHTMLEncodedCharacters() {
        PolicyConfigurationEncryptionResult encryptConfiguration = this.policyConfigurationEncrypter.encryptConfiguration(policyDefinition(ImmutableMap.of(KEY, HTML_ENCODED_EXPRESSION)), this.policySpecification);
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getConfigurationProperties().isEncrypted()), CoreMatchers.is(true));
        MatcherAssert.assertThat(encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY), CoreMatchers.is(HTML_ENCODED_EXPRESSION_ENCRYPTED));
        MatcherAssert.assertThat(encryptConfiguration.getTemplatePlaceholders().get(KEY), CoreMatchers.is(encryptedTemplatePlaceholder(KEY)));
        MatcherAssert.assertThat(encryptConfiguration.getConfigFileProperties().get(KEY), CoreMatchers.is(HTML_ENCODED_EXPRESSION_ENCRYPTED));
    }

    @Test
    public void encryptBoolean() {
        PolicyConfigurationEncryptionResult encryptConfiguration = this.policyConfigurationEncrypter.encryptConfiguration(policyDefinition(ImmutableMap.of(KEY_BOOLEAN, true)), this.policySpecification);
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getConfigurationProperties().isEncrypted()), CoreMatchers.is(false));
        MatcherAssert.assertThat(encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY_BOOLEAN), CoreMatchers.is(true));
        MatcherAssert.assertThat(encryptConfiguration.getConfigFileProperties().get(KEY_BOOLEAN), CoreMatchers.nullValue());
        MatcherAssert.assertThat(encryptConfiguration.getTemplatePlaceholders().get(KEY_BOOLEAN), CoreMatchers.is(true));
    }

    @Test
    public void encryptNotDefinedKey() {
        PolicyConfigurationEncryptionResult encryptConfiguration = this.policyConfigurationEncrypter.encryptConfiguration(policyDefinition(ImmutableMap.of(KEY_NOT_DEFINED, SIMPLE_VALUE)), this.policySpecification);
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getConfigurationProperties().isEncrypted()), CoreMatchers.is(false));
        MatcherAssert.assertThat(encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY_NOT_DEFINED), CoreMatchers.is(SIMPLE_VALUE));
        MatcherAssert.assertThat(encryptConfiguration.getConfigFileProperties().get(KEY_NOT_DEFINED), CoreMatchers.nullValue());
        MatcherAssert.assertThat(encryptConfiguration.getTemplatePlaceholders().get(KEY_NOT_DEFINED), CoreMatchers.is(SIMPLE_VALUE));
    }

    @Test
    public void encryptListOfStrings() {
        PolicyConfigurationEncryptionResult encryptConfiguration = this.policyConfigurationEncrypter.encryptConfiguration(policyDefinition(ImmutableMap.of(KEY_LIST_STRING, Arrays.asList(SIMPLE_VALUE, SIMPLE_VALUE_2, ESCAPED_VALUE))), this.policySpecification);
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getConfigurationProperties().isEncrypted()), CoreMatchers.is(true));
        MatcherAssert.assertThat((List) encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY_LIST_STRING), Matchers.contains(new String[]{ENCRYPTED_VALUE, ENCRYPTED_VALUE_2, ESCAPED_ENCRYTED_VALUE}));
        MatcherAssert.assertThat((List) encryptConfiguration.getTemplatePlaceholders().get(KEY_LIST_STRING), Matchers.contains(new String[]{encryptedTemplatePlaceholder("List_String.0"), encryptedTemplatePlaceholder("List_String.1"), encryptedTemplatePlaceholder("List_String.2")}));
        MatcherAssert.assertThat(((Map) encryptConfiguration.getConfigFileProperties().get(KEY_LIST_STRING)).get("0"), CoreMatchers.is(ENCRYPTED_VALUE));
        MatcherAssert.assertThat(((Map) encryptConfiguration.getConfigFileProperties().get(KEY_LIST_STRING)).get("1"), CoreMatchers.is(ENCRYPTED_VALUE_2));
        MatcherAssert.assertThat(((Map) encryptConfiguration.getConfigFileProperties().get(KEY_LIST_STRING)).get("2"), CoreMatchers.is(ESCAPED_ENCRYTED_VALUE));
    }

    @Test
    public void encryptKeyvalue() {
        ImmutableMap of = ImmutableMap.of("key", SIMPLE_KEY, "value", SIMPLE_VALUE);
        ImmutableMap of2 = ImmutableMap.of("key", SIMPLE_KEY, "value", ESCAPED_VALUE);
        HashMap hashMap = new HashMap();
        hashMap.put("key", SIMPLE_KEY);
        hashMap.put("value", null);
        PolicyConfigurationEncryptionResult encryptConfiguration = this.policyConfigurationEncrypter.encryptConfiguration(policyDefinition(ImmutableMap.of(KEY_KEYVALUE, of, KEY_KEYVALUE_2, of2, KEY_KEYVALUE_3, hashMap)), this.policySpecification);
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getConfigurationProperties().isEncrypted()), CoreMatchers.is(true));
        assertKeyValue((Map) encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY_KEYVALUE), SIMPLE_KEY, ENCRYPTED_VALUE);
        assertKeyValue((Map) encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY_KEYVALUE_2), SIMPLE_KEY, ESCAPED_ENCRYTED_VALUE);
        assertKeyValue((Map) encryptConfiguration.getTemplatePlaceholders().get(KEY_KEYVALUE), SIMPLE_KEY, encryptedTemplatePlaceholder(KEY_KEYVALUE, SIMPLE_KEY));
        assertKeyValue((Map) encryptConfiguration.getTemplatePlaceholders().get(KEY_KEYVALUE_2), SIMPLE_KEY, encryptedTemplatePlaceholder(KEY_KEYVALUE_2, SIMPLE_KEY));
        assertKeyValue((Map) encryptConfiguration.getConfigFileProperties().get(KEY_KEYVALUE), SIMPLE_KEY, ENCRYPTED_VALUE);
        assertKeyValue((Map) encryptConfiguration.getConfigFileProperties().get(KEY_KEYVALUE_2), SIMPLE_KEY, ESCAPED_ENCRYTED_VALUE);
    }

    @Test
    public void encryptListOfKeyvalues() {
        PolicyConfigurationEncryptionResult encryptConfiguration = this.policyConfigurationEncrypter.encryptConfiguration(policyDefinition(ImmutableMap.of(KEY_LIST_KEYVALUES, Arrays.asList(ImmutableMap.of("key", SIMPLE_KEY, "value", SIMPLE_VALUE), ImmutableMap.of("key", SIMPLE_KEY_2, "value", ESCAPED_VALUE)))), this.policySpecification);
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getConfigurationProperties().isEncrypted()), CoreMatchers.is(true));
        assertKeyValue((Map) ((List) encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY_LIST_KEYVALUES)).get(0), SIMPLE_KEY_2, ESCAPED_ENCRYTED_VALUE);
        assertKeyValue((Map) ((List) encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY_LIST_KEYVALUES)).get(1), SIMPLE_KEY, ENCRYPTED_VALUE);
        assertKeyValue((Map) ((List) encryptConfiguration.getTemplatePlaceholders().get(KEY_LIST_KEYVALUES)).get(0), SIMPLE_KEY_2, encryptedTemplatePlaceholder(KEY_LIST_KEYVALUES, SIMPLE_KEY_2));
        assertKeyValue((Map) ((List) encryptConfiguration.getTemplatePlaceholders().get(KEY_LIST_KEYVALUES)).get(1), SIMPLE_KEY, encryptedTemplatePlaceholder(KEY_LIST_KEYVALUES, SIMPLE_KEY));
        MatcherAssert.assertThat(((Map) encryptConfiguration.getConfigFileProperties().get(KEY_LIST_KEYVALUES)).get(SIMPLE_KEY), CoreMatchers.is(ENCRYPTED_VALUE));
        MatcherAssert.assertThat(((Map) encryptConfiguration.getConfigFileProperties().get(KEY_LIST_KEYVALUES)).get(SIMPLE_KEY_2), CoreMatchers.is(ESCAPED_ENCRYTED_VALUE));
    }

    @Test
    public void encryptNullValue() {
        HashMap hashMap = new HashMap();
        hashMap.put(KEY_NULL_VALUE, null);
        PolicyConfigurationEncryptionResult encryptConfiguration = this.policyConfigurationEncrypter.encryptConfiguration(policyDefinition(hashMap), this.policySpecification);
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getConfigurationProperties().getConfiguration().containsKey(KEY_NULL_VALUE)), CoreMatchers.is(true));
        MatcherAssert.assertThat(encryptConfiguration.getConfigurationProperties().getConfiguration().get(KEY_NULL_VALUE), CoreMatchers.nullValue());
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getTemplatePlaceholders().containsKey(KEY_NULL_VALUE)), CoreMatchers.is(true));
        MatcherAssert.assertThat(encryptConfiguration.getTemplatePlaceholders().get(KEY_NULL_VALUE), CoreMatchers.nullValue());
        MatcherAssert.assertThat(Boolean.valueOf(encryptConfiguration.getConfigFileProperties().isEmpty()), CoreMatchers.is(true));
    }

    @Test
    public void encrypterFailsToEncrypt() {
        RuntimeEncrypter runtimeEncrypter = (RuntimeEncrypter) Mockito.mock(RuntimeEncrypter.class);
        Mockito.when(runtimeEncrypter.encrypt((String) org.mockito.Matchers.any())).thenThrow(new Throwable[]{new GatewayEncryptionException("")});
        this.policyConfigurationEncrypter = new DefaultPolicyConfigurationEncrypter(runtimeEncrypter, false);
        this.expectedException.expect(GatewayEncryptionException.class);
        this.policyConfigurationEncrypter.encryptConfiguration(policyDefinition(ImmutableMap.of(KEY, SIMPLE_VALUE)), this.policySpecification);
    }

    private PolicyDefinition policyDefinition(Map<String, Object> map) {
        PolicyDefinition policyDefinition = (PolicyDefinition) Mockito.mock(PolicyDefinition.class);
        Mockito.when(policyDefinition.getConfigurationData()).thenReturn(new PolicyConfiguration(map));
        return policyDefinition;
    }

    private static PolicySpecification sensitiveSpecification() {
        return mockSpecification(true);
    }

    private static PolicySpecification nonSensitiveSpecification() {
        return mockSpecification(false);
    }

    private static PolicySpecification mockSpecification(boolean z) {
        PolicySpecification policySpecification = (PolicySpecification) Mockito.mock(PolicySpecification.class);
        Mockito.when(policySpecification.getConfiguration()).thenReturn(buildMockedPolicyProperties(z));
        Mockito.when(Boolean.valueOf(policySpecification.isValid())).thenReturn(true);
        return policySpecification;
    }

    private static List<PolicyProperty> buildMockedPolicyProperties(boolean z) {
        PolicyProperty policyProperty = new PolicyProperty();
        policyProperty.setPropertyName(KEY);
        policyProperty.setSensitive(z);
        policyProperty.setType("string");
        policyProperty.setAllowMultiple(false);
        PolicyProperty policyProperty2 = new PolicyProperty();
        policyProperty2.setPropertyName(KEY_2);
        policyProperty2.setSensitive(z);
        policyProperty2.setType("string");
        policyProperty2.setAllowMultiple(false);
        PolicyProperty policyProperty3 = new PolicyProperty();
        policyProperty3.setPropertyName(KEY_BOOLEAN);
        policyProperty3.setSensitive(z);
        policyProperty3.setType("boolean");
        policyProperty3.setAllowMultiple(false);
        PolicyProperty policyProperty4 = new PolicyProperty();
        policyProperty4.setPropertyName(KEY_KEYVALUE);
        policyProperty4.setSensitive(z);
        policyProperty4.setType("keyvalues");
        policyProperty4.setAllowMultiple(false);
        PolicyProperty policyProperty5 = new PolicyProperty();
        policyProperty5.setPropertyName(KEY_LIST_KEYVALUES);
        policyProperty5.setSensitive(z);
        policyProperty5.setType("keyvalues");
        policyProperty5.setAllowMultiple(true);
        PolicyProperty policyProperty6 = new PolicyProperty();
        policyProperty6.setPropertyName(KEY_LIST_STRING);
        policyProperty6.setSensitive(z);
        policyProperty6.setType("string");
        policyProperty6.setAllowMultiple(true);
        PolicyProperty policyProperty7 = new PolicyProperty();
        policyProperty7.setPropertyName(KEY_KEYVALUE_2);
        policyProperty7.setSensitive(z);
        policyProperty7.setType("keyvalues");
        policyProperty7.setAllowMultiple(false);
        return Arrays.asList(policyProperty, policyProperty2, policyProperty3, policyProperty4, policyProperty5, policyProperty6, policyProperty7);
    }

    private void assertKeyValue(Map<String, Object> map, String str, String str2) {
        MatcherAssert.assertThat(map.get("key"), CoreMatchers.is(str));
        MatcherAssert.assertThat(map.get("value"), CoreMatchers.is(str2));
    }

    private String encryptedTemplatePlaceholder(String str) {
        return String.format(ENCRYPTED_TEMPLATE_PLACEHOLDER, str);
    }

    private String encryptedTemplatePlaceholder(String str, String str2) {
        return String.format(ENCRYPTED_TEMPLATE_PLACEHOLDER, str + "." + str2);
    }
}
