package io.jans.as.client.ws.rs;

import com.fasterxml.jackson.databind.ObjectMapper;
import io.jans.as.client.AccessEvaluationClient;
import io.jans.as.client.AccessEvaluationClientRequest;
import io.jans.as.client.AccessEvaluationClientResponse;
import io.jans.as.client.BaseTest;
import io.jans.as.client.RegisterClient;
import io.jans.as.client.RegisterRequest;
import io.jans.as.client.RegisterResponse;
import io.jans.as.client.client.AssertBuilder;
import io.jans.as.model.common.AuthenticationMethod;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.common.ResponseType;
import io.jans.as.model.common.SubjectType;
import io.jans.as.model.register.ApplicationType;
import io.jans.as.model.util.StringUtils;
import io.jans.model.authzen.AccessEvaluationRequest;
import java.util.Arrays;
import java.util.List;
import org.testng.Assert;
import org.testng.AssertJUnit;
import org.testng.annotations.Parameters;
import org.testng.annotations.Test;

/* loaded from: input_file:io/jans/as/client/ws/rs/AccessEvaluationHttpTest.class */
public class AccessEvaluationHttpTest extends BaseTest {
    private static final ObjectMapper MAPPER = new ObjectMapper();

    @Parameters({"redirectUris"})
    @Test
    public void accessEvaluation_whenSubjectTypeIsAcceptedByScript_shouldGrantAccess(String str) throws Exception {
        showTitle("accessEvaluation_whenSubjectTypeIsAcceptedByScript_shouldGrantAccess");
        AssertJUnit.assertNotNull("access_evaluation_v1_endpoint is not set in discovery", this.accessEvaluationV1Endpoint);
        RegisterResponse registerClient = registerClient(str, Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN), Arrays.asList(GrantType.AUTHORIZATION_CODE, GrantType.REFRESH_TOKEN), Arrays.asList("access_evaluation", "openid", "profile", "address", "email", "phone", "user_name"));
        String clientId = registerClient.getClientId();
        String clientSecret = registerClient.getClientSecret();
        AccessEvaluationClientRequest accessEvaluationClientRequest = new AccessEvaluationClientRequest();
        accessEvaluationClientRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
        accessEvaluationClientRequest.setAuthUsername(clientId);
        accessEvaluationClientRequest.setAuthPassword(clientSecret);
        accessEvaluationClientRequest.setRequest((AccessEvaluationRequest) MAPPER.readValue("{\n  \"subject\": {\n    \"type\": \"super_admin\",\n    \"id\": \"alice@acmecorp.com\"\n  },\n  \"resource\": {\n    \"type\": \"account\",\n    \"id\": \"123\"\n  },\n  \"action\": {\n    \"name\": \"can_read\",\n    \"properties\": {\n      \"method\": \"GET\"\n    }\n  },\n  \"context\": {\n    \"time\": \"1985-10-26T01:22-07:00\"\n  }\n}", AccessEvaluationRequest.class));
        AccessEvaluationClient accessEvaluationClient = new AccessEvaluationClient(this.accessEvaluationV1Endpoint);
        AccessEvaluationClientResponse exec = accessEvaluationClient.exec(accessEvaluationClientRequest);
        showClient(accessEvaluationClient);
        AssertJUnit.assertNotNull(exec);
        Assert.assertTrue(exec.getResponse().isDecision());
    }

    @Parameters({"redirectUris"})
    @Test
    public void accessEvaluation_whenSubjectTypeIsNotAcceptedByScript_shouldDenyAccess(String str) throws Exception {
        showTitle("accessEvaluation_whenSubjectTypeIsNotAcceptedByScript_shouldDenyAccess");
        AssertJUnit.assertNotNull("access_evaluation_v1_endpoint is not set in discovery", this.accessEvaluationV1Endpoint);
        RegisterResponse registerClient = registerClient(str, Arrays.asList(ResponseType.CODE, ResponseType.ID_TOKEN), Arrays.asList(GrantType.AUTHORIZATION_CODE, GrantType.REFRESH_TOKEN), Arrays.asList("access_evaluation", "openid", "profile", "address", "email", "phone", "user_name"));
        String clientId = registerClient.getClientId();
        String clientSecret = registerClient.getClientSecret();
        AccessEvaluationClientRequest accessEvaluationClientRequest = new AccessEvaluationClientRequest();
        accessEvaluationClientRequest.setAuthenticationMethod(AuthenticationMethod.CLIENT_SECRET_BASIC);
        accessEvaluationClientRequest.setAuthUsername(clientId);
        accessEvaluationClientRequest.setAuthPassword(clientSecret);
        accessEvaluationClientRequest.setRequest((AccessEvaluationRequest) MAPPER.readValue("{\n  \"subject\": {\n    \"type\": \"user\",\n    \"id\": \"alice@acmecorp.com\"\n  },\n  \"resource\": {\n    \"type\": \"account\",\n    \"id\": \"123\"\n  },\n  \"action\": {\n    \"name\": \"can_read\",\n    \"properties\": {\n      \"method\": \"GET\"\n    }\n  },\n  \"context\": {\n    \"time\": \"1985-10-26T01:22-07:00\"\n  }\n}", AccessEvaluationRequest.class));
        AccessEvaluationClient accessEvaluationClient = new AccessEvaluationClient(this.accessEvaluationV1Endpoint);
        AccessEvaluationClientResponse exec = accessEvaluationClient.exec(accessEvaluationClientRequest);
        showClient(accessEvaluationClient);
        AssertJUnit.assertNotNull(exec);
        AssertJUnit.assertFalse(exec.getResponse().isDecision());
    }

    public RegisterResponse registerClient(String str, List<ResponseType> list, List<GrantType> list2, List<String> list3) {
        RegisterRequest registerRequest = new RegisterRequest(ApplicationType.WEB, "access_evaluation test", StringUtils.spaceSeparatedToList(str));
        registerRequest.setResponseTypes(list);
        registerRequest.setScope(list3);
        registerRequest.setGrantTypes(list2);
        registerRequest.setSubjectType(SubjectType.PUBLIC);
        RegisterClient newRegisterClient = newRegisterClient(registerRequest);
        RegisterResponse exec = newRegisterClient.exec();
        showClient(newRegisterClient);
        AssertBuilder.registerResponse(exec).created().check();
        return exec;
    }
}
