package org.apache.hadoop.fs.azurebfs.oauth2;

import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import org.apache.commons.io.FileUtils;
import org.apache.hadoop.fs.azurebfs.AbstractAbfsTestWithTimeout;
import org.apache.hadoop.test.LambdaTestUtils;
import org.assertj.core.api.Assertions;
import org.junit.Test;
import org.mockito.Mockito;

/* loaded from: input_file:org/apache/hadoop/fs/azurebfs/oauth2/TestWorkloadIdentityTokenProvider.class */
public class TestWorkloadIdentityTokenProvider extends AbstractAbfsTestWithTimeout {
    private static final String AUTHORITY = "authority";
    private static final String TENANT_ID = "00000000-0000-0000-0000-000000000000";
    private static final String CLIENT_ID = "00000000-0000-0000-0000-000000000000";
    private static final String TOKEN_FILE = "/tmp/does_not_exist";
    private static final String CLIENT_ASSERTION = "dummy-client-assertion";
    private static final String TOKEN = "dummy-token";
    private static final long FEW_SECONDS = 5000;
    private static final long ONE_MINUTE = 60000;
    private static final long FIVE_MINUTES = 300000;

    @Test
    public void testTokenStartsAsExpired() {
        Assertions.assertThat(new WorkloadIdentityTokenProvider(AUTHORITY, "00000000-0000-0000-0000-000000000000", "00000000-0000-0000-0000-000000000000", TOKEN_FILE).isTokenAboutToExpire()).describedAs("Token should start as expired", new Object[0]).isTrue();
    }

    @Test
    public void testTokenFetchAndExpiry() throws Exception {
        long currentTimeMillis = System.currentTimeMillis();
        AzureADToken azureADToken = new AzureADToken();
        azureADToken.setAccessToken(TOKEN);
        azureADToken.setExpiry(new Date(System.currentTimeMillis() + FEW_SECONDS + FIVE_MINUTES));
        File createTempFile = File.createTempFile(TOKEN_FILE, "txt");
        FileUtils.write(createTempFile, CLIENT_ASSERTION, StandardCharsets.UTF_8);
        WorkloadIdentityTokenProvider workloadIdentityTokenProvider = (WorkloadIdentityTokenProvider) Mockito.spy(new WorkloadIdentityTokenProvider(AUTHORITY, "00000000-0000-0000-0000-000000000000", "00000000-0000-0000-0000-000000000000", createTempFile.getPath()));
        ((WorkloadIdentityTokenProvider) Mockito.doReturn(azureADToken).when(workloadIdentityTokenProvider)).getTokenUsingJWTAssertion(CLIENT_ASSERTION);
        Assertions.assertThat(workloadIdentityTokenProvider.isTokenAboutToExpire()).describedAs("Token should not be expired", new Object[0]).isTrue();
        Assertions.assertThat(workloadIdentityTokenProvider.getToken().getAccessToken()).describedAs("Token should be fetched", new Object[0]).isEqualTo(TOKEN);
        Assertions.assertThat(workloadIdentityTokenProvider.getTokenFetchTime()).describedAs("Token should not be expired", new Object[0]).isGreaterThan(currentTimeMillis);
        Assertions.assertThat(workloadIdentityTokenProvider.isTokenAboutToExpire()).describedAs("Token should not be expired", new Object[0]).isFalse();
        Thread.sleep(FEW_SECONDS);
        Assertions.assertThat(workloadIdentityTokenProvider.isTokenAboutToExpire()).describedAs("Token should be expired", new Object[0]).isTrue();
    }

    @Test
    public void testTokenFetchWithEmptyTokenFile() throws Exception {
        File createTempFile = File.createTempFile("azure-identity-token", "txt");
        AzureADToken azureADToken = new AzureADToken();
        WorkloadIdentityTokenProvider workloadIdentityTokenProvider = (WorkloadIdentityTokenProvider) Mockito.spy(new WorkloadIdentityTokenProvider(AUTHORITY, "00000000-0000-0000-0000-000000000000", "00000000-0000-0000-0000-000000000000", createTempFile.getPath()));
        ((WorkloadIdentityTokenProvider) Mockito.doReturn(azureADToken).when(workloadIdentityTokenProvider)).getTokenUsingJWTAssertion(TOKEN);
        Assertions.assertThat(((IOException) LambdaTestUtils.intercept(IOException.class, () -> {
            workloadIdentityTokenProvider.getToken();
        })).getMessage()).describedAs("Exception should be thrown when the token file is empty", new Object[0]).contains(new CharSequence[]{"Empty token file"});
    }

    @Test
    public void testTokenFetchWithTokenFileNotFound() throws Exception {
        AzureADToken azureADToken = new AzureADToken();
        WorkloadIdentityTokenProvider workloadIdentityTokenProvider = (WorkloadIdentityTokenProvider) Mockito.spy(new WorkloadIdentityTokenProvider(AUTHORITY, "00000000-0000-0000-0000-000000000000", "00000000-0000-0000-0000-000000000000", TOKEN_FILE));
        ((WorkloadIdentityTokenProvider) Mockito.doReturn(azureADToken).when(workloadIdentityTokenProvider)).getTokenUsingJWTAssertion(TOKEN);
        Assertions.assertThat(((IOException) LambdaTestUtils.intercept(IOException.class, () -> {
            workloadIdentityTokenProvider.getToken();
        })).getMessage()).describedAs("Exception should be thrown when the token file not found", new Object[0]).contains(new CharSequence[]{"Error reading token file"});
    }
}
