package io.jans.as.client.ws.rs.dpop;

import io.jans.as.client.AuthorizationRequest;
import io.jans.as.client.AuthorizationResponse;
import io.jans.as.client.BaseTest;
import io.jans.as.client.RegisterClient;
import io.jans.as.client.RegisterRequest;
import io.jans.as.client.RegisterResponse;
import io.jans.as.client.TokenClient;
import io.jans.as.client.TokenRequest;
import io.jans.as.client.TokenResponse;
import io.jans.as.client.client.AssertBuilder;
import io.jans.as.client.service.ClientFactory;
import io.jans.as.model.common.AuthenticationMethod;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.common.ResponseType;
import io.jans.as.model.common.SubjectType;
import io.jans.as.model.common.TokenType;
import io.jans.as.model.crypto.AuthCryptoProvider;
import io.jans.as.model.crypto.signature.AsymmetricSignatureAlgorithm;
import io.jans.as.model.crypto.signature.EllipticEdvardsCurve;
import io.jans.as.model.exception.InvalidJwtException;
import io.jans.as.model.jwk.JSONWebKey;
import io.jans.as.model.jwk.KeyType;
import io.jans.as.model.jwt.DPoP;
import io.jans.as.model.jwt.Jwt;
import io.jans.as.model.register.ApplicationType;
import io.jans.as.model.util.Base64Util;
import io.jans.as.model.util.JwtUtil;
import io.jans.as.model.util.StringUtils;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.UUID;
import org.jetbrains.annotations.NotNull;
import org.testng.Assert;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;

/* loaded from: input_file:io/jans/as/client/ws/rs/dpop/DpopTokenRequestHttpTest.class */
public class DpopTokenRequestHttpTest extends BaseTest {
    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_whenClientRequiredDpop_shouldGetErrorIfMakeRequestWithoutDpop(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        boolean z;
        showTitle("testDPoP_whenClientRequiredDpop_shouldGetErrorIfMakeRequestWithoutDpop");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        try {
            requestAccessToken(str4, requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList, true)), null);
            z = false;
        } catch (Throwable th) {
            z = true;
        }
        Assert.assertTrue(z, "Request without DPoP must fail when client's dpopBoundAccessToken is set to true.");
    }

    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "RS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_RS256(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        showTitle("testDPoP_RS256");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        String requestAuthorizationCode = requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList));
        AuthCryptoProvider authCryptoProvider = new AuthCryptoProvider(str9, str10, str8);
        RSAPublicKey rSAPublicKey = (RSAPublicKey) authCryptoProvider.getPublicKey(str7);
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.setKty(KeyType.RSA);
        jSONWebKey.setN(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getModulus()));
        jSONWebKey.setE(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getPublicExponent()));
        String jwkThumbprint = jSONWebKey.getJwkThumbprint();
        TokenResponse requestAccessToken = requestAccessToken(str4, requestAuthorizationCode, new DPoP(AsymmetricSignatureAlgorithm.RS256, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider));
        String accessToken = requestAccessToken.getAccessToken();
        String refreshToken = requestAccessToken.getRefreshToken();
        thumbprintConfirmationMethod(jwkThumbprint, accessToken);
        tokenIntrospection(jwkThumbprint, accessToken);
        String base64urlencode = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(accessToken));
        DPoP dPoP = new DPoP(AsymmetricSignatureAlgorithm.RS256, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider);
        dPoP.setAth(base64urlencode);
        requestAccessTokenWithRefreshToken(refreshToken, dPoP);
    }

    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "RS384_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_RS384(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        showTitle("testDPoP_RS384");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        String requestAuthorizationCode = requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList));
        AuthCryptoProvider authCryptoProvider = new AuthCryptoProvider(str9, str10, str8);
        RSAPublicKey rSAPublicKey = (RSAPublicKey) authCryptoProvider.getPublicKey(str7);
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.setKty(KeyType.RSA);
        jSONWebKey.setN(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getModulus()));
        jSONWebKey.setE(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getPublicExponent()));
        String jwkThumbprint = jSONWebKey.getJwkThumbprint();
        TokenResponse requestAccessToken = requestAccessToken(str4, requestAuthorizationCode, new DPoP(AsymmetricSignatureAlgorithm.RS384, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider));
        String accessToken = requestAccessToken.getAccessToken();
        String refreshToken = requestAccessToken.getRefreshToken();
        thumbprintConfirmationMethod(jwkThumbprint, accessToken);
        tokenIntrospection(jwkThumbprint, accessToken);
        String base64urlencode = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(accessToken));
        DPoP dPoP = new DPoP(AsymmetricSignatureAlgorithm.RS384, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider);
        dPoP.setAth(base64urlencode);
        requestAccessTokenWithRefreshToken(refreshToken, dPoP);
    }

    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "RS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_RS512(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        showTitle("testDPoP_RS512");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        String requestAuthorizationCode = requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList));
        AuthCryptoProvider authCryptoProvider = new AuthCryptoProvider(str9, str10, str8);
        RSAPublicKey rSAPublicKey = (RSAPublicKey) authCryptoProvider.getPublicKey(str7);
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.setKty(KeyType.RSA);
        jSONWebKey.setN(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getModulus()));
        jSONWebKey.setE(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getPublicExponent()));
        String jwkThumbprint = jSONWebKey.getJwkThumbprint();
        TokenResponse requestAccessToken = requestAccessToken(str4, requestAuthorizationCode, new DPoP(AsymmetricSignatureAlgorithm.RS512, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider));
        String accessToken = requestAccessToken.getAccessToken();
        String refreshToken = requestAccessToken.getRefreshToken();
        thumbprintConfirmationMethod(jwkThumbprint, accessToken);
        tokenIntrospection(jwkThumbprint, accessToken);
        String base64urlencode = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(accessToken));
        DPoP dPoP = new DPoP(AsymmetricSignatureAlgorithm.RS512, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider);
        dPoP.setAth(base64urlencode);
        requestAccessTokenWithRefreshToken(refreshToken, dPoP);
    }

    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "ES256_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_ES256(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        showTitle("testDPoP_ES256");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        String requestAuthorizationCode = requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList));
        AuthCryptoProvider authCryptoProvider = new AuthCryptoProvider(str9, str10, str8);
        ECPublicKey eCPublicKey = (ECPublicKey) authCryptoProvider.getPublicKey(str7);
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.setKty(KeyType.EC);
        jSONWebKey.setX(Base64Util.base64urlencodeUnsignedBigInt(eCPublicKey.getW().getAffineX()));
        jSONWebKey.setY(Base64Util.base64urlencodeUnsignedBigInt(eCPublicKey.getW().getAffineY()));
        jSONWebKey.setCrv(EllipticEdvardsCurve.P_256);
        String jwkThumbprint = jSONWebKey.getJwkThumbprint();
        TokenResponse requestAccessToken = requestAccessToken(str4, requestAuthorizationCode, new DPoP(AsymmetricSignatureAlgorithm.ES256, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider));
        String accessToken = requestAccessToken.getAccessToken();
        String refreshToken = requestAccessToken.getRefreshToken();
        thumbprintConfirmationMethod(jwkThumbprint, accessToken);
        tokenIntrospection(jwkThumbprint, accessToken);
        String base64urlencode = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(accessToken));
        DPoP dPoP = new DPoP(AsymmetricSignatureAlgorithm.ES256, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider);
        dPoP.setAth(base64urlencode);
        requestAccessTokenWithRefreshToken(refreshToken, dPoP);
    }

    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "ES384_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_ES384(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        showTitle("testDPoP_ES384");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        String requestAuthorizationCode = requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList));
        AuthCryptoProvider authCryptoProvider = new AuthCryptoProvider(str9, str10, str8);
        ECPublicKey eCPublicKey = (ECPublicKey) authCryptoProvider.getPublicKey(str7);
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.setKty(KeyType.EC);
        jSONWebKey.setX(Base64Util.base64urlencodeUnsignedBigInt(eCPublicKey.getW().getAffineX()));
        jSONWebKey.setY(Base64Util.base64urlencodeUnsignedBigInt(eCPublicKey.getW().getAffineY()));
        jSONWebKey.setCrv(EllipticEdvardsCurve.P_384);
        String jwkThumbprint = jSONWebKey.getJwkThumbprint();
        TokenResponse requestAccessToken = requestAccessToken(str4, requestAuthorizationCode, new DPoP(AsymmetricSignatureAlgorithm.ES384, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider));
        String accessToken = requestAccessToken.getAccessToken();
        String refreshToken = requestAccessToken.getRefreshToken();
        thumbprintConfirmationMethod(jwkThumbprint, accessToken);
        tokenIntrospection(jwkThumbprint, accessToken);
        String base64urlencode = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(accessToken));
        DPoP dPoP = new DPoP(AsymmetricSignatureAlgorithm.ES384, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider);
        dPoP.setAth(base64urlencode);
        requestAccessTokenWithRefreshToken(refreshToken, dPoP);
    }

    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "ES512_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_ES512(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        showTitle("testDPoP_ES512");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        String requestAuthorizationCode = requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList));
        AuthCryptoProvider authCryptoProvider = new AuthCryptoProvider(str9, str10, str8);
        ECPublicKey eCPublicKey = (ECPublicKey) authCryptoProvider.getPublicKey(str7);
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.setKty(KeyType.EC);
        jSONWebKey.setX(Base64Util.base64urlencodeUnsignedBigInt(eCPublicKey.getW().getAffineX()));
        jSONWebKey.setY(Base64Util.base64urlencodeUnsignedBigInt(eCPublicKey.getW().getAffineY()));
        jSONWebKey.setCrv(EllipticEdvardsCurve.P_521);
        String jwkThumbprint = jSONWebKey.getJwkThumbprint();
        TokenResponse requestAccessToken = requestAccessToken(str4, requestAuthorizationCode, new DPoP(AsymmetricSignatureAlgorithm.ES512, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider));
        String accessToken = requestAccessToken.getAccessToken();
        String refreshToken = requestAccessToken.getRefreshToken();
        thumbprintConfirmationMethod(jwkThumbprint, accessToken);
        tokenIntrospection(jwkThumbprint, accessToken);
        String base64urlencode = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(accessToken));
        DPoP dPoP = new DPoP(AsymmetricSignatureAlgorithm.ES512, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider);
        dPoP.setAth(base64urlencode);
        requestAccessTokenWithRefreshToken(refreshToken, dPoP);
    }

    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "PS256_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_PS256(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        showTitle("testDPoP_PS256");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        String requestAuthorizationCode = requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList));
        AuthCryptoProvider authCryptoProvider = new AuthCryptoProvider(str9, str10, str8);
        RSAPublicKey rSAPublicKey = (RSAPublicKey) authCryptoProvider.getPublicKey(str7);
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.setKty(KeyType.RSA);
        jSONWebKey.setN(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getModulus()));
        jSONWebKey.setE(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getPublicExponent()));
        String jwkThumbprint = jSONWebKey.getJwkThumbprint();
        TokenResponse requestAccessToken = requestAccessToken(str4, requestAuthorizationCode, new DPoP(AsymmetricSignatureAlgorithm.PS256, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider));
        String accessToken = requestAccessToken.getAccessToken();
        String refreshToken = requestAccessToken.getRefreshToken();
        thumbprintConfirmationMethod(jwkThumbprint, accessToken);
        tokenIntrospection(jwkThumbprint, accessToken);
        String base64urlencode = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(accessToken));
        DPoP dPoP = new DPoP(AsymmetricSignatureAlgorithm.PS256, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider);
        dPoP.setAth(base64urlencode);
        requestAccessTokenWithRefreshToken(refreshToken, dPoP);
    }

    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "PS384_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_PS384(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        showTitle("testDPoP_PS384");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        String requestAuthorizationCode = requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList));
        AuthCryptoProvider authCryptoProvider = new AuthCryptoProvider(str9, str10, str8);
        RSAPublicKey rSAPublicKey = (RSAPublicKey) authCryptoProvider.getPublicKey(str7);
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.setKty(KeyType.RSA);
        jSONWebKey.setN(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getModulus()));
        jSONWebKey.setE(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getPublicExponent()));
        String jwkThumbprint = jSONWebKey.getJwkThumbprint();
        TokenResponse requestAccessToken = requestAccessToken(str4, requestAuthorizationCode, new DPoP(AsymmetricSignatureAlgorithm.PS384, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider));
        String accessToken = requestAccessToken.getAccessToken();
        String refreshToken = requestAccessToken.getRefreshToken();
        thumbprintConfirmationMethod(jwkThumbprint, accessToken);
        tokenIntrospection(jwkThumbprint, accessToken);
        String base64urlencode = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(accessToken));
        DPoP dPoP = new DPoP(AsymmetricSignatureAlgorithm.PS384, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider);
        dPoP.setAth(base64urlencode);
        requestAccessTokenWithRefreshToken(refreshToken, dPoP);
    }

    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri", "sectorIdentifierUri", "clientJwksUri", "PS512_keyId", "dnName", "keyStoreFile", "keyStoreSecret"})
    @Test
    public void testDPoP_PS512(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) throws Exception {
        showTitle("testDPoP_PS512");
        List<ResponseType> singletonList = Collections.singletonList(ResponseType.CODE);
        String requestAuthorizationCode = requestAuthorizationCode(str, str2, str4, singletonList, dynamicRegistration(str3, str5, str6, singletonList));
        AuthCryptoProvider authCryptoProvider = new AuthCryptoProvider(str9, str10, str8);
        RSAPublicKey rSAPublicKey = (RSAPublicKey) authCryptoProvider.getPublicKey(str7);
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.setKty(KeyType.RSA);
        jSONWebKey.setN(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getModulus()));
        jSONWebKey.setE(Base64Util.base64urlencodeUnsignedBigInt(rSAPublicKey.getPublicExponent()));
        String jwkThumbprint = jSONWebKey.getJwkThumbprint();
        TokenResponse requestAccessToken = requestAccessToken(str4, requestAuthorizationCode, new DPoP(AsymmetricSignatureAlgorithm.PS512, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider));
        String accessToken = requestAccessToken.getAccessToken();
        String refreshToken = requestAccessToken.getRefreshToken();
        thumbprintConfirmationMethod(jwkThumbprint, accessToken);
        tokenIntrospection(jwkThumbprint, accessToken);
        String base64urlencode = Base64Util.base64urlencode(JwtUtil.getMessageDigestSHA256(accessToken));
        DPoP dPoP = new DPoP(AsymmetricSignatureAlgorithm.PS512, jSONWebKey, DPoP.generateJti(), "POST", this.tokenEndpoint, str7, authCryptoProvider);
        dPoP.setAth(base64urlencode);
        requestAccessTokenWithRefreshToken(refreshToken, dPoP);
    }

    private void requestAccessTokenWithRefreshToken(String str, DPoP dPoP) {
        TokenRequest tokenRequest = new TokenRequest(GrantType.REFRESH_TOKEN);
        tokenRequest.setRefreshToken(str);
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.NONE);
        tokenRequest.setDpop(dPoP);
        TokenClient tokenClient = new TokenClient(this.tokenEndpoint);
        tokenClient.setRequest(tokenRequest);
        TokenResponse exec = tokenClient.exec();
        showClient(tokenClient);
        AssertBuilder.tokenResponse(exec).notNullRefreshToken().check();
        Assert.assertEquals(exec.getTokenType(), TokenType.DPOP);
    }

    private void thumbprintConfirmationMethod(String str, String str2) throws InvalidJwtException {
        Jwt parse = Jwt.parse(str2);
        Assert.assertNotNull(parse.getClaims());
        Assert.assertTrue(parse.getClaims().hasClaim("sub"));
        Assert.assertTrue(parse.getClaims().hasClaim("iss"));
        Assert.assertTrue(parse.getClaims().hasClaim("nbf"));
        Assert.assertTrue(parse.getClaims().hasClaim("exp"));
        Assert.assertTrue(parse.getClaims().hasClaim("cnf"));
        Assert.assertTrue(parse.getClaims().getClaimAsJSON("cnf").has("jkt"));
        Assert.assertEquals(parse.getClaims().getClaimAsJSON("cnf").get("jkt"), str);
    }

    private void tokenIntrospection(String str, String str2) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException, InvalidJwtException {
        Jwt parse = Jwt.parse(ClientFactory.instance().createIntrospectionService(this.introspectionEndpoint, clientEngine(true)).introspectTokenWithResponseAsJwt("Bearer " + str2, str2, true));
        Assert.assertNotNull(parse.getClaims());
        Assert.assertTrue(Boolean.parseBoolean(parse.getClaims().getClaimAsString("active")));
        Assert.assertTrue(parse.getClaims().hasClaim("sub"));
        Assert.assertTrue(parse.getClaims().hasClaim("iss"));
        Assert.assertTrue(parse.getClaims().hasClaim("nbf"));
        Assert.assertTrue(parse.getClaims().hasClaim("exp"));
        Assert.assertTrue(parse.getClaims().hasClaim("cnf"));
        Assert.assertTrue(parse.getClaims().getClaimAsJSON("cnf").has("jkt"));
        Assert.assertEquals(parse.getClaims().getClaimAsJSON("cnf").get("jkt"), str);
    }

    @NotNull
    private TokenResponse requestAccessToken(String str, String str2, DPoP dPoP) {
        TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setCode(str2);
        tokenRequest.setRedirectUri(str);
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.NONE);
        tokenRequest.setDpop(dPoP);
        TokenClient tokenClient = new TokenClient(this.tokenEndpoint);
        tokenClient.setRequest(tokenRequest);
        TokenResponse exec = tokenClient.exec();
        showClient(tokenClient);
        AssertBuilder.tokenResponse(exec).notNullRefreshToken().check();
        Assert.assertEquals(exec.getTokenType(), TokenType.DPOP);
        return exec;
    }

    private String requestAuthorizationCode(String str, String str2, String str3, List<ResponseType> list, String str4) {
        List singletonList = Collections.singletonList("openid");
        String uuid = UUID.randomUUID().toString();
        String uuid2 = UUID.randomUUID().toString();
        AuthorizationRequest authorizationRequest = new AuthorizationRequest(list, str4, singletonList, str3, uuid);
        authorizationRequest.setState(uuid2);
        AuthorizationResponse authenticateResourceOwnerAndGrantAccess = authenticateResourceOwnerAndGrantAccess(this.authorizationEndpoint, authorizationRequest, str, str2);
        AssertBuilder.authorizationResponse(authenticateResourceOwnerAndGrantAccess).check();
        return authenticateResourceOwnerAndGrantAccess.getCode();
    }

    private String dynamicRegistration(String str, String str2, String str3, List<ResponseType> list) {
        return dynamicRegistration(str, str2, str3, list, false);
    }

    private String dynamicRegistration(String str, String str2, String str3, List<ResponseType> list, boolean z) {
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(str));
        registerRequest.setContacts(Arrays.asList("javier@gluu.org", "javier.rojas.blum@gmail.com"));
        registerRequest.setResponseTypes(list);
        registerRequest.setJwksUri(str3);
        registerRequest.setSectorIdentifierUri(str2);
        registerRequest.setSubjectType(SubjectType.PAIRWISE);
        registerRequest.setAccessTokenAsJwt(true);
        registerRequest.setDpopBoundAccessToken(Boolean.valueOf(z));
        RegisterClient registerClient = new RegisterClient(this.registrationEndpoint);
        registerClient.setRequest(registerRequest);
        RegisterResponse exec = registerClient.exec();
        showClient(registerClient);
        AssertBuilder.registerResponse(exec).created().check();
        return exec.getClientId();
    }
}
