package io.confluent.security.mtls;

import java.util.HashMap;
import java.util.Map;
import java.util.function.Consumer;
import kafka.server.BrokerSession;
import kafka.server.KafkaConfig;
import org.apache.kafka.common.config.ConfigException;
import org.apache.kafka.common.config.internals.ConfluentConfigs;
import org.apache.kafka.common.network.PublicCredential;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.ArgumentMatchers;
import org.mockito.Mockito;

/* loaded from: input_file:io/confluent/security/mtls/DefaultMTlsConnectionManagerTest.class */
class DefaultMTlsConnectionManagerTest {
    private static final String TEST_BROKER_SESSION_UUID = "broker-session-uuid";
    private Consumer<PublicCredential> credentialDeleteListener;
    private KafkaConfig kafkaConfig;
    private Map<String, Object> configs;

    DefaultMTlsConnectionManagerTest() {
    }

    @BeforeEach
    void setUp() {
        this.credentialDeleteListener = (Consumer) Mockito.mock(Consumer.class);
        this.kafkaConfig = (KafkaConfig) Mockito.mock(KafkaConfig.class);
        Mockito.when(this.kafkaConfig.brokerSessionUuid()).thenReturn(TEST_BROKER_SESSION_UUID);
        this.configs = new HashMap();
        this.configs.put("broker.session.uuid", TEST_BROKER_SESSION_UUID);
    }

    @AfterEach
    void tearDown() {
        BrokerSession.closeSession(TEST_BROKER_SESSION_UUID);
    }

    @Test
    void testConfigure_with_ConfluentConfigs_buildMTlsConnectionManager_noBrokerSessionUuid_failed() {
        Assertions.assertTrue(((Exception) Assertions.assertThrows(ConfigException.class, () -> {
            ConfluentConfigs.buildMTlsConnectionManager(new HashMap());
        })).getMessage().contains("Broker session UUID must be set in the Kafka config!"));
    }

    @Test
    void testConfigure_with_ConfluentConfigs_buildMTlsConnectionManager_withBrokerSessionUuid_passes() {
        Assertions.assertInstanceOf(DefaultMTlsConnectionManager.class, ConfluentConfigs.buildMTlsConnectionManager(this.configs));
    }

    @Test
    void testCloseConnections_nullBrokerSession_doNothing() {
        DefaultMTlsConnectionManager buildMTlsConnectionManager = ConfluentConfigs.buildMTlsConnectionManager(this.configs);
        Assertions.assertInstanceOf(DefaultMTlsConnectionManager.class, buildMTlsConnectionManager);
        Assertions.assertNull(buildMTlsConnectionManager.getSession());
        buildMTlsConnectionManager.closeConnections(PublicCredential.mTlsCredential("orgId", "providerId", "issuerDn", "snid"));
        ((Consumer) Mockito.verify(this.credentialDeleteListener, Mockito.never())).accept((PublicCredential) ArgumentMatchers.any());
    }

    @Test
    void testCloseConnections_withoutCloseConnectionsOnCredentialDelete_doNothing() {
        BrokerSession.addSession(this.kafkaConfig, this.credentialDeleteListener);
        DefaultMTlsConnectionManager buildMTlsConnectionManager = ConfluentConfigs.buildMTlsConnectionManager(this.configs);
        Assertions.assertInstanceOf(DefaultMTlsConnectionManager.class, buildMTlsConnectionManager);
        Assertions.assertNotNull(buildMTlsConnectionManager.getSession());
        buildMTlsConnectionManager.closeConnections(PublicCredential.mTlsCredential("orgId", "providerId", "issuerDn", "snid"));
        ((Consumer) Mockito.verify(this.credentialDeleteListener, Mockito.never())).accept((PublicCredential) ArgumentMatchers.any());
    }

    @Test
    void testCloseConnections_withCloseConnectionsOnCredentialDelete_callCredentialDeleteListener() {
        Mockito.when(this.kafkaConfig.closeConnectionsOnCredentialDelete()).thenReturn(true);
        BrokerSession.addSession(this.kafkaConfig, this.credentialDeleteListener);
        DefaultMTlsConnectionManager buildMTlsConnectionManager = ConfluentConfigs.buildMTlsConnectionManager(this.configs);
        Assertions.assertInstanceOf(DefaultMTlsConnectionManager.class, buildMTlsConnectionManager);
        Assertions.assertNotNull(buildMTlsConnectionManager.getSession());
        PublicCredential mTlsCredential = PublicCredential.mTlsCredential("orgId", "providerId", "issuerDn", "snid");
        buildMTlsConnectionManager.closeConnections(mTlsCredential);
        ((Consumer) Mockito.verify(this.credentialDeleteListener, Mockito.times(1))).accept(mTlsCredential);
    }
}
