package io.jans.as.client.ws.rs;

import com.google.common.collect.Lists;
import io.jans.as.client.AuthorizationRequest;
import io.jans.as.client.AuthorizationResponse;
import io.jans.as.client.AuthorizeClient;
import io.jans.as.client.BaseTest;
import io.jans.as.client.RegisterClient;
import io.jans.as.client.RegisterRequest;
import io.jans.as.client.RegisterResponse;
import io.jans.as.client.TokenClient;
import io.jans.as.client.TokenRequest;
import io.jans.as.client.TokenResponse;
import io.jans.as.client.UserInfoClient;
import io.jans.as.client.UserInfoResponse;
import io.jans.as.client.client.AssertBuilder;
import io.jans.as.model.common.AuthenticationMethod;
import io.jans.as.model.common.AuthorizationMethod;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.common.ResponseType;
import io.jans.as.model.common.SubjectType;
import io.jans.as.model.crypto.signature.SignatureAlgorithm;
import io.jans.as.model.register.ApplicationType;
import io.jans.as.model.util.StringUtils;
import java.util.Arrays;
import java.util.List;
import java.util.UUID;
import org.testng.Assert;
import org.testng.AssertJUnit;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;

/* loaded from: input_file:io/jans/as/client/ws/rs/AuthorizationChallengeHttpTest.class */
public class AuthorizationChallengeHttpTest extends BaseTest {
    @Parameters({"userId", "userSecret", "redirectUris", "redirectUri"})
    @Test
    public void authorizationChallengeFlow(String str, String str2, String str3, String str4) throws Exception {
        showTitle("authorizationChallengeFlow");
        List<ResponseType> asList = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
        List<GrantType> asList2 = Arrays.asList(GrantType.AUTHORIZATION_CODE, GrantType.REFRESH_TOKEN);
        List<String> asList3 = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
        RegisterResponse registerClient = registerClient(str3, asList, asList2, asList3);
        String clientId = registerClient.getClientId();
        String clientSecret = registerClient.getClientSecret();
        String uuid = UUID.randomUUID().toString();
        String uuid2 = UUID.randomUUID().toString();
        AuthorizationRequest authorizationRequest = new AuthorizationRequest((String) null);
        authorizationRequest.setClientId(clientId);
        authorizationRequest.setAcrValues(Lists.newArrayList());
        authorizationRequest.setScopes(asList3);
        authorizationRequest.setNonce(uuid);
        authorizationRequest.setState(uuid2);
        authorizationRequest.addCustomParameter("username", str);
        authorizationRequest.addCustomParameter("password", str2);
        authorizationRequest.setAuthorizationMethod(AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER);
        AuthorizeClient authorizeClient = new AuthorizeClient(this.authorizationChallengeEndpoint);
        authorizeClient.setRequest(authorizationRequest);
        AuthorizationResponse exec = authorizeClient.exec();
        showClient(authorizeClient);
        AssertJUnit.assertNotNull(exec);
        String code = exec.getCode();
        AssertJUnit.assertNotNull(code);
        System.out.println(String.format("Successfully obtained authorization code %s at Authorization Challenge Endpoint", code));
        TokenRequest tokenRequest = new TokenRequest(GrantType.AUTHORIZATION_CODE);
        tokenRequest.setCode(code);
        tokenRequest.setRedirectUri(str4);
        tokenRequest.setAuthUsername(clientId);
        tokenRequest.setAuthPassword(clientSecret);
        tokenRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
        TokenClient newTokenClient = newTokenClient(tokenRequest);
        newTokenClient.setRequest(tokenRequest);
        TokenResponse exec2 = newTokenClient.exec();
        showClient(newTokenClient);
        AssertBuilder.tokenResponse(exec2).notNullRefreshToken().check();
        String refreshToken = exec2.getRefreshToken();
        AssertBuilder.jwtParse(exec2.getIdToken()).validateSignatureRSAClientEngine(this.jwksUri, SignatureAlgorithm.RS256).claimsPresence("c_hash").notNullAuthenticationTime().notNullJansOpenIDConnectVersion().notNullAuthenticationContextClassReference().notNullAuthenticationMethodReferences().check();
        TokenClient tokenClient = new TokenClient(this.tokenEndpoint);
        tokenClient.setExecutor(clientEngine(true));
        TokenResponse execRefreshToken = tokenClient.execRefreshToken(exec2.getScope(), refreshToken, clientId, clientSecret);
        showClient(tokenClient);
        AssertBuilder.tokenResponse(execRefreshToken).notNullRefreshToken().notNullScope().check();
        String accessToken = execRefreshToken.getAccessToken();
        UserInfoClient userInfoClient = new UserInfoClient(this.userInfoEndpoint);
        userInfoClient.setExecutor(clientEngine(true));
        UserInfoResponse execUserInfo = userInfoClient.execUserInfo(accessToken);
        showClient(userInfoClient);
        AssertBuilder.userInfoResponse(execUserInfo).check();
    }

    @Parameters({"userSecret", "redirectUris", "redirectUri"})
    @Test
    public void authorizationChallengeFlow_withInvalidUsername_shouldGetError(String str, String str2, String str3) {
        showTitle("authorizationChallengeFlow");
        List<ResponseType> asList = Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN);
        List<GrantType> asList2 = Arrays.asList(GrantType.AUTHORIZATION_CODE, GrantType.REFRESH_TOKEN);
        List<String> asList3 = Arrays.asList("openid", "profile", "address", "email", "phone", "user_name");
        String clientId = registerClient(str2, asList, asList2, asList3).getClientId();
        String uuid = UUID.randomUUID().toString();
        String uuid2 = UUID.randomUUID().toString();
        AuthorizationRequest authorizationRequest = new AuthorizationRequest((String) null);
        authorizationRequest.setClientId(clientId);
        authorizationRequest.setAcrValues(Lists.newArrayList());
        authorizationRequest.setScopes(asList3);
        authorizationRequest.setNonce(uuid);
        authorizationRequest.setState(uuid2);
        authorizationRequest.addCustomParameter("username", "invalidUser");
        authorizationRequest.addCustomParameter("password", str);
        authorizationRequest.setAuthorizationMethod(AuthorizationMethod.FORM_ENCODED_BODY_PARAMETER);
        AuthorizeClient authorizeClient = new AuthorizeClient(this.authorizationChallengeEndpoint);
        authorizeClient.setRequest(authorizationRequest);
        AuthorizationResponse exec = authorizeClient.exec();
        showClient(authorizeClient);
        AssertJUnit.assertNotNull(exec);
        Assert.assertNull(exec.getCode());
        Assert.assertEquals(exec.getErrorTypeString(), "username_invalid");
    }

    public RegisterResponse registerClient(String str, List<ResponseType> list, List<GrantType> list2, List<String> list3) {
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "jans test app", StringUtils.spaceSeparatedToList(str));
        registerRequest.setResponseTypes(list);
        registerRequest.setScope(list3);
        registerRequest.setGrantTypes(list2);
        registerRequest.setSubjectType(SubjectType.PUBLIC);
        RegisterClient newRegisterClient = newRegisterClient(registerRequest);
        RegisterResponse exec = newRegisterClient.exec();
        showClient(newRegisterClient);
        AssertBuilder.registerResponse(exec).created().check();
        return exec;
    }
}
