package io.jans.as.server.service;

import com.google.common.collect.Lists;
import io.jans.as.common.model.common.User;
import io.jans.as.common.model.registration.Client;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.config.WebKeysConfiguration;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.model.jwt.Jwt;
import io.jans.as.server.model.common.AuthorizationGrant;
import io.jans.as.server.model.common.AuthorizationGrantType;
import jakarta.ws.rs.WebApplicationException;
import java.util.Date;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONObject;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.testng.MockitoTestNGListener;
import org.slf4j.Logger;
import org.testng.Assert;
import org.testng.AssertJUnit;
import org.testng.annotations.Listeners;
import org.testng.annotations.Test;

@Listeners({MockitoTestNGListener.class})
/* loaded from: input_file:io/jans/as/server/service/IntrospectionServiceTest.class */
public class IntrospectionServiceTest {

    @InjectMocks
    private IntrospectionService introspectionService;

    @Mock
    private AppConfiguration appConfiguration;

    @Mock
    private Logger log;

    @Mock
    private WebKeysConfiguration webKeysConfiguration;

    @Mock
    private ClientService clientService;

    @Mock
    private ErrorResponseFactory errorResponseFactory;

    @Test
    public void validateIntrospectionScopePresence_whenIntrospectionScopeCheckIsDisabled_shouldNotRaiseException() {
        Mockito.when(this.appConfiguration.getIntrospectionAccessTokenMustHaveIntrospectionScope()).thenReturn(false);
        this.introspectionService.validateIntrospectionScopePresence(getTestGrant());
    }

    @Test
    public void validateIntrospectionScopePresence_whenIntrospectionScopeCheckIsEnabledAndIntrospectionScopePresent_shouldNotRaiseException() {
        Mockito.when(this.appConfiguration.getIntrospectionAccessTokenMustHaveIntrospectionScope()).thenReturn(true);
        AuthorizationGrant testGrant = getTestGrant();
        testGrant.setScopes(Lists.newArrayList(new String[]{"introspection"}));
        this.introspectionService.validateIntrospectionScopePresence(testGrant);
    }

    @Test
    public void validateIntrospectionScopePresence_whenIntrospectionScopeCheckIsEnabledAndIntrospectionScopeIsNotPresent_shouldRaiseException() {
        Mockito.when(this.appConfiguration.getIntrospectionAccessTokenMustHaveIntrospectionScope()).thenReturn(true);
        AuthorizationGrant testGrant = getTestGrant();
        testGrant.setScopes(Lists.newArrayList(new String[]{"openid"}));
        try {
            this.introspectionService.validateIntrospectionScopePresence(testGrant);
            Assert.fail("Exception was not thrown however grant didn't have 'introspection' scope");
        } catch (WebApplicationException e) {
        }
    }

    @Test
    public void isJwtResponse_whenNoParameterAndNoAcceptHeader_shouldReturnFalse() {
        Assert.assertFalse(this.introspectionService.isJwtResponse((String) null, (String) null));
    }

    @Test
    public void isJwtResponse_whenParameterIsTrue_shouldReturnTrue() {
        Assert.assertTrue(this.introspectionService.isJwtResponse("true", (String) null));
    }

    @Test
    public void isJwtResponse_whenNoParameterButAcceptHasJwtValue_shouldReturnTrue() {
        Assert.assertTrue(this.introspectionService.isJwtResponse((String) null, "application/token-introspection+jwt"));
    }

    @Test
    public void fillPayload_whenCalled_shouldProduceCorrectStructure() throws Exception {
        ((AppConfiguration) Mockito.doReturn("https://example.as.com").when(this.appConfiguration)).getIssuer();
        Client client = new Client();
        client.setClientId("testClientId");
        AuthorizationGrant testGrant = getTestGrant(client);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("newClaim", "newValue");
        Jwt jwt = new Jwt();
        this.introspectionService.fillPayload(jwt, jSONObject, testGrant);
        AssertJUnit.assertNotNull(jwt);
        Assert.assertEquals(jwt.getClaims().getClaimAsString("iss"), "https://example.as.com");
        Assert.assertEquals(jwt.getClaims().getClaimAsString("aud"), "testClientId");
        Assert.assertTrue(StringUtils.isNotBlank(jwt.getClaims().getClaimAsString("iat")));
        Assert.assertEquals(jwt.getClaims().getClaimAsJSON("token_introspection").getString("newClaim"), "newValue");
    }

    private static AuthorizationGrant getTestGrant() {
        return getTestGrant(null);
    }

    private static AuthorizationGrant getTestGrant(Client client) {
        AuthorizationGrant authorizationGrant = new AuthorizationGrant() { // from class: io.jans.as.server.service.IntrospectionServiceTest.1
            public GrantType getGrantType() {
                return GrantType.AUTHORIZATION_CODE;
            }
        };
        authorizationGrant.init(new User(), AuthorizationGrantType.AUTHORIZATION_CODE, client, new Date());
        return authorizationGrant;
    }
}
