package io.jans.as.server.model.authorize;

import io.jans.as.common.model.registration.Client;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.crypto.AbstractCryptoProvider;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.model.exception.InvalidJwtException;
import jakarta.ws.rs.WebApplicationException;
import java.util.Arrays;
import java.util.Collections;
import org.testng.annotations.Test;

/* loaded from: input_file:io/jans/as/server/model/authorize/JwtAuthorizationRequestTest.class */
public class JwtAuthorizationRequestTest {
    @Test(expectedExceptions = {InvalidJwtException.class})
    public void createJwtAuthorizationRequest_whenEncryptionIsRequiredForUnencryptedRequestObject_shouldThrowException() throws InvalidJwtException {
        AppConfiguration appConfiguration = new AppConfiguration();
        appConfiguration.setRequireRequestObjectEncryption(true);
        new JwtAuthorizationRequest(appConfiguration, (AbstractCryptoProvider) null, "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c", new Client());
    }

    @Test
    public void validateRequestUri_whichIsAllowedByClient_shouldBeOk() {
        Client client = new Client();
        client.setRequestUris(new String[]{"https://myrp.com/request_uri"});
        JwtAuthorizationRequest.validateRequestUri("https://myrp.com/request_uri", client, new AppConfiguration(), "", new ErrorResponseFactory());
    }

    @Test
    public void validateRequestUri_withNoRestrictions_shouldBeOk() {
        JwtAuthorizationRequest.validateRequestUri("https://myrp.com/request_uri", new Client(), new AppConfiguration(), "", new ErrorResponseFactory());
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateRequestUri_whichIsNotAllowedByClient_shouldRaiseException() {
        Client client = new Client();
        client.setRequestUris(new String[]{"https://myrp.com"});
        JwtAuthorizationRequest.validateRequestUri("https://myrp.com/request_uri", client, new AppConfiguration(), "", new ErrorResponseFactory());
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateRequestUri_whichIsBlockListed_shouldRaiseException() {
        AppConfiguration appConfiguration = new AppConfiguration();
        appConfiguration.setRequestUriBlockList(Arrays.asList("myrp.com", "evil.com"));
        JwtAuthorizationRequest.validateRequestUri("https://myrp.com/request_uri", new Client(), appConfiguration, "", new ErrorResponseFactory());
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateRequestUri_forLocalhost_shouldRaiseException() {
        AppConfiguration appConfiguration = new AppConfiguration();
        appConfiguration.setRequestUriBlockList(Collections.singletonList("localhost"));
        JwtAuthorizationRequest.validateRequestUri("https://localhost/request_uri", new Client(), appConfiguration, "", new ErrorResponseFactory());
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateRequestUri_forLocalhostIp_shouldRaiseException() {
        AppConfiguration appConfiguration = new AppConfiguration();
        appConfiguration.setRequestUriBlockList(Collections.singletonList("127.0.0.1"));
        JwtAuthorizationRequest.validateRequestUri("https://127.0.0.1/request_uri", new Client(), appConfiguration, "", new ErrorResponseFactory());
    }

    @Test
    public void validateRequestUri_whichIsNotBlockListed_shouldBeOk() {
        AppConfiguration appConfiguration = new AppConfiguration();
        appConfiguration.setRequestUriBlockList(Arrays.asList("evil.com", "second.com"));
        JwtAuthorizationRequest.validateRequestUri("https://myrp.com/request_uri", new Client(), appConfiguration, "", new ErrorResponseFactory());
    }
}
