package io.trino.tests.product.launcher.env.common;

import com.google.inject.Inject;
import io.trino.tests.product.launcher.docker.DockerFiles;
import io.trino.tests.product.launcher.env.DockerContainer;
import io.trino.tests.product.launcher.env.Environment;
import io.trino.tests.product.launcher.testcontainers.PortBinder;
import java.util.Objects;
import org.testcontainers.containers.wait.strategy.Wait;
import org.testcontainers.containers.wait.strategy.WaitAllStrategy;
import org.testcontainers.utility.MountableFile;

/* loaded from: input_file:io/trino/tests/product/launcher/env/common/HydraIdentityProvider.class */
public class HydraIdentityProvider implements EnvironmentExtender {
    private static final int TTL_ACCESS_TOKEN_IN_SECONDS = 5;
    private static final String HYDRA_IMAGE = "oryd/hydra:v1.9.0-sqlite";
    private final PortBinder binder;
    private final DockerFiles.ResourceProvider configDir;

    @Inject
    public HydraIdentityProvider(PortBinder portBinder, DockerFiles dockerFiles) {
        this.binder = (PortBinder) Objects.requireNonNull(portBinder, "binder is null");
        Objects.requireNonNull(dockerFiles, "dockerFiles is null");
        this.configDir = dockerFiles.getDockerFilesHostDirectory("common/hydra-identity-provider");
    }

    @Override // io.trino.tests.product.launcher.env.common.EnvironmentExtender
    public void extendEnvironment(Environment.Builder builder) {
        DockerContainer dockerContainer = (DockerContainer) new DockerContainer("oryd/hydra-login-consent-node:v1.4.2", "hydra-consent").withEnv("HYDRA_ADMIN_URL", "https://hydra:4445").withEnv("NODE_TLS_REJECT_UNAUTHORIZED", "0").waitingFor(Wait.forHttp("/").forPort(3000).forStatusCode(200));
        this.binder.exposePort(dockerContainer, 3000);
        DockerContainer dockerContainer2 = (DockerContainer) new DockerContainer(HYDRA_IMAGE, "hydra").withEnv("LOG_LEAK_SENSITIVE_VALUES", Environment.PRODUCT_TEST_LAUNCHER_STARTED_LABEL_VALUE).withEnv("DSN", "memory").withEnv("URLS_SELF_ISSUER", "https://hydra:4444/").withEnv("URLS_CONSENT", "http://hydra-consent:3000/consent").withEnv("URLS_LOGIN", "http://hydra-consent:3000/login").withEnv("SERVE_TLS_KEY_PATH", "/tmp/certs/localhost.pem").withEnv("SERVE_TLS_CERT_PATH", "/tmp/certs/localhost.pem").withEnv("STRATEGIES_ACCESS_TOKEN", "jwt").withEnv("TTL_ACCESS_TOKEN", "5s").withCommand(new String[]{"serve", "all"}).withCopyFileToContainer(MountableFile.forHostPath(this.configDir.getPath("cert")), "/tmp/certs").waitingFor(new WaitAllStrategy().withStrategy(Wait.forLogMessage(".*Setting up http server on :4444.*", 1)).withStrategy(Wait.forLogMessage(".*Setting up http server on :4445.*", 1)));
        this.binder.exposePort(dockerContainer2, 4444);
        this.binder.exposePort(dockerContainer2, 4445);
        builder.addContainer(dockerContainer);
        builder.addContainer(dockerContainer2);
        builder.containerDependsOn(dockerContainer2.getLogicalName(), dockerContainer.getLogicalName());
    }

    public DockerContainer createClient(Environment.Builder builder, String str, String str2, String str3, String str4, String str5) {
        DockerContainer temporary = new DockerContainer(HYDRA_IMAGE, "hydra-client-preparation").withCommand(new String[]{"clients", "create", "--endpoint", "https://hydra:4445", "--skip-tls-verify", "--id", str, "--secret", str2, "--audience", str4, "-g", "authorization_code,refresh_token,client_credentials", "-r", "token,code,id_token", "--scope", "openid,offline", "--token-endpoint-auth-method", str3, "--callbacks", str5}).setTemporary(true);
        builder.addContainer(temporary);
        builder.containerDependsOn(temporary.getLogicalName(), "hydra");
        return temporary;
    }
}
