package io.jans.as.server.ssa.ws.rs;

import io.jans.as.common.model.registration.Client;
import io.jans.as.common.model.ssa.Ssa;
import io.jans.as.common.model.ssa.SsaState;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.model.error.IErrorType;
import io.jans.as.model.ssa.SsaErrorResponseType;
import io.jans.as.model.ssa.SsaScopeType;
import io.jans.as.server.model.session.SessionClient;
import io.jans.as.server.security.Identity;
import io.jans.as.server.service.ScopeService;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.MediaType;
import jakarta.ws.rs.core.Response;
import java.time.ZonedDateTime;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import org.mockito.ArgumentMatchers;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.testng.MockitoTestNGListener;
import org.slf4j.Logger;
import org.testng.Assert;
import org.testng.annotations.Listeners;
import org.testng.annotations.Test;

@Listeners({MockitoTestNGListener.class})
/* loaded from: input_file:io/jans/as/server/ssa/ws/rs/SsaRestWebServiceValidatorTest.class */
public class SsaRestWebServiceValidatorTest {

    @InjectMocks
    private SsaRestWebServiceValidator ssaRestWebServiceValidator;

    @Mock
    private Identity identity;

    @Mock
    private Logger log;

    @Mock
    private ErrorResponseFactory errorResponseFactory;

    @Mock
    private ScopeService scopeService;

    @Mock
    private SsaService ssaService;

    @Test
    public void getClientFromSession_sessionClient_validClient() {
        SessionClient sessionClient = new SessionClient();
        Client client = new Client();
        client.setClientId("test_id");
        sessionClient.setClient(client);
        ((Identity) Mockito.doReturn(sessionClient).when(this.identity)).getSessionClient();
        Assert.assertNotNull(this.ssaRestWebServiceValidator.getClientFromSession(), "client is null");
        ((Logger) Mockito.verify(this.log)).debug(ArgumentMatchers.anyString(), ArgumentMatchers.anyString());
    }

    @Test
    public void getClientFromSession_sessionClientNull_invalidClientResponse() {
        Throwable webApplicationException = new WebApplicationException(Response.status(Response.Status.BAD_REQUEST).entity("Invalid client").type(MediaType.APPLICATION_JSON_TYPE).build());
        Mockito.when(this.identity.getSessionClient()).thenReturn((Object) null);
        Mockito.when(this.errorResponseFactory.createBadRequestException((IErrorType) Mockito.eq(SsaErrorResponseType.INVALID_CLIENT), ArgumentMatchers.anyString())).thenThrow(new Throwable[]{webApplicationException});
        try {
            this.ssaRestWebServiceValidator.getClientFromSession();
        } catch (WebApplicationException e) {
            Assert.assertNotNull(e, "WebApplicationException is null");
            Assert.assertNotNull(e.getResponse(), "WebApplicationException Response is null");
        }
        ((Identity) Mockito.verify(this.identity)).getSessionClient();
        Mockito.verifyNoInteractions(new Object[]{this.log});
    }

    @Test
    public void checkScopesPolicySingleScope_clientAndScopeContains_validScope() {
        Client client = new Client();
        client.setScopes(new String[0]);
        Mockito.when(this.scopeService.getScopeIdsByDns(Mockito.anyList())).thenReturn(Collections.singletonList("test_id"));
        this.ssaRestWebServiceValidator.checkScopesPolicy(client, "test_id");
        Mockito.verifyNoInteractions(new Object[]{this.errorResponseFactory});
    }

    @Test
    public void checkScopesPolicySingleScope_clientAndScopeNotContains_unauthorizedResponse() {
        Client client = new Client();
        client.setScopes(new String[0]);
        Throwable webApplicationException = new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).entity("Invalid client").type(MediaType.APPLICATION_JSON_TYPE).build());
        Mockito.when(this.scopeService.getScopeIdsByDns(Mockito.anyList())).thenReturn(Collections.singletonList("test_id_fail"));
        Mockito.when(this.errorResponseFactory.createWebApplicationException((Response.Status) Mockito.eq(Response.Status.UNAUTHORIZED), (IErrorType) Mockito.eq(SsaErrorResponseType.UNAUTHORIZED_CLIENT), ArgumentMatchers.anyString())).thenThrow(new Throwable[]{webApplicationException});
        WebApplicationException webApplicationException2 = null;
        try {
            this.ssaRestWebServiceValidator.checkScopesPolicy(client, "test_id");
        } catch (WebApplicationException e) {
            webApplicationException2 = e;
        }
        Assert.assertNotNull(webApplicationException2, "WebApplicationException is null");
        Assert.assertNotNull(webApplicationException2.getResponse(), "WebApplicationException Response is null");
    }

    @Test
    public void checkScopesPolicyListScope_clientNull_unauthorizedResponse() {
        Mockito.when(this.errorResponseFactory.createWebApplicationException((Response.Status) Mockito.eq(Response.Status.UNAUTHORIZED), (IErrorType) Mockito.eq(SsaErrorResponseType.UNAUTHORIZED_CLIENT), ArgumentMatchers.anyString())).thenThrow(new Throwable[]{new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).entity("Invalid client").type(MediaType.APPLICATION_JSON_TYPE).build())});
        Client client = null;
        List singletonList = Collections.singletonList(SsaScopeType.SSA_ADMIN.getValue());
        Assert.assertThrows(WebApplicationException.class, () -> {
            this.ssaRestWebServiceValidator.checkScopesPolicy(client, singletonList);
        });
        ((ErrorResponseFactory) Mockito.verify(this.errorResponseFactory)).createWebApplicationException((Response.Status) Mockito.any(), (IErrorType) Mockito.any(), ArgumentMatchers.anyString());
        Mockito.verifyNoInteractions(new Object[]{this.scopeService});
        Mockito.verifyNoMoreInteractions(new Object[]{this.errorResponseFactory});
    }

    @Test
    public void checkScopesPolicyListScope_scopeListNull_unauthorizedResponse() {
        Mockito.when(this.errorResponseFactory.createWebApplicationException((Response.Status) Mockito.eq(Response.Status.UNAUTHORIZED), (IErrorType) Mockito.eq(SsaErrorResponseType.UNAUTHORIZED_CLIENT), ArgumentMatchers.anyString())).thenThrow(new Throwable[]{new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).entity("Invalid client").type(MediaType.APPLICATION_JSON_TYPE).build())});
        Client client = new Client();
        List list = null;
        Assert.assertThrows(WebApplicationException.class, () -> {
            this.ssaRestWebServiceValidator.checkScopesPolicy(client, list);
        });
        ((ErrorResponseFactory) Mockito.verify(this.errorResponseFactory)).createWebApplicationException((Response.Status) Mockito.any(), (IErrorType) Mockito.any(), ArgumentMatchers.anyString());
        Mockito.verifyNoInteractions(new Object[]{this.scopeService});
        Mockito.verifyNoMoreInteractions(new Object[]{this.errorResponseFactory});
    }

    @Test
    public void checkScopesPolicyListScope_scopeListEmpty_unauthorizedResponse() {
        Mockito.when(this.errorResponseFactory.createWebApplicationException((Response.Status) Mockito.eq(Response.Status.UNAUTHORIZED), (IErrorType) Mockito.eq(SsaErrorResponseType.UNAUTHORIZED_CLIENT), ArgumentMatchers.anyString())).thenThrow(new Throwable[]{new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).entity("Invalid client").type(MediaType.APPLICATION_JSON_TYPE).build())});
        Client client = new Client();
        ArrayList arrayList = new ArrayList();
        Assert.assertThrows(WebApplicationException.class, () -> {
            this.ssaRestWebServiceValidator.checkScopesPolicy(client, arrayList);
        });
        ((ErrorResponseFactory) Mockito.verify(this.errorResponseFactory)).createWebApplicationException((Response.Status) Mockito.any(), (IErrorType) Mockito.any(), ArgumentMatchers.anyString());
        Mockito.verifyNoInteractions(new Object[]{this.scopeService});
        Mockito.verifyNoMoreInteractions(new Object[]{this.errorResponseFactory});
    }

    @Test
    public void checkScopesPolicyListScope_clientAndScopeAdmin_valid() {
        String value = SsaScopeType.SSA_ADMIN.getValue();
        Client client = new Client();
        client.setScopes(new String[0]);
        Mockito.when(this.scopeService.getScopeIdsByDns(Mockito.anyList())).thenReturn(Collections.singletonList(value));
        ArrayList arrayList = new ArrayList();
        arrayList.add(SsaScopeType.SSA_ADMIN.getValue());
        this.ssaRestWebServiceValidator.checkScopesPolicy(client, arrayList);
        ((ScopeService) Mockito.verify(this.scopeService)).getScopeIdsByDns((List) Mockito.any());
        Mockito.verifyNoInteractions(new Object[]{this.errorResponseFactory});
    }

    @Test
    public void checkScopesPolicyListScope_clientAndScopeNotContains_unauthorizedResponse() {
        String value = SsaScopeType.SSA_ADMIN.getValue();
        Client client = new Client();
        client.setScopes(new String[0]);
        Mockito.when(this.scopeService.getScopeIdsByDns(Mockito.anyList())).thenReturn(Collections.singletonList(value));
        Mockito.when(this.errorResponseFactory.createWebApplicationException((Response.Status) Mockito.eq(Response.Status.UNAUTHORIZED), (IErrorType) Mockito.eq(SsaErrorResponseType.UNAUTHORIZED_CLIENT), ArgumentMatchers.anyString())).thenThrow(new Throwable[]{new WebApplicationException(Response.status(Response.Status.UNAUTHORIZED).entity("Invalid client").type(MediaType.APPLICATION_JSON_TYPE).build())});
        ArrayList arrayList = new ArrayList();
        arrayList.add(SsaScopeType.SSA_PORTAL.getValue());
        Assert.assertThrows(WebApplicationException.class, () -> {
            this.ssaRestWebServiceValidator.checkScopesPolicy(client, arrayList);
        });
        ((ScopeService) Mockito.verify(this.scopeService)).getScopeIdsByDns(Mockito.anyList());
        ((ErrorResponseFactory) Mockito.verify(this.errorResponseFactory)).createWebApplicationException((Response.Status) Mockito.any(), (IErrorType) Mockito.any(), ArgumentMatchers.anyString());
        Mockito.verifyNoMoreInteractions(new Object[]{this.errorResponseFactory});
    }

    @Test
    public void getValidSsaByJti_validJti_validSsa() {
        Ssa ssa = new Ssa();
        ssa.setExpirationDate(Date.from(ZonedDateTime.now().plusHours(24L).toInstant()));
        ssa.setState(SsaState.ACTIVE);
        Mockito.when(this.ssaService.findSsaByJti("test-jti")).thenReturn(ssa);
        Assert.assertNotNull(this.ssaRestWebServiceValidator.getValidSsaByJti("test-jti"), "ssa is null");
        Mockito.verifyNoInteractions(new Object[]{this.log});
    }

    @Test
    public void getValidSsaByJti_ssaNull_422Status() {
        String str = "test-jti";
        Mockito.when(this.ssaService.findSsaByJti("test-jti")).thenReturn((Object) null);
        Assert.assertEquals(Assert.expectThrows(WebApplicationException.class, () -> {
            this.ssaRestWebServiceValidator.getValidSsaByJti(str);
        }).getResponse().getStatus(), 422);
        ((Logger) Mockito.verify(this.log)).warn(ArgumentMatchers.anyString(), Mockito.eq("test-jti"));
    }

    @Test
    public void getValidSsaByJti_ssaExpired_422Status() {
        String str = "test-jti";
        Ssa ssa = new Ssa();
        ssa.setExpirationDate(Date.from(ZonedDateTime.now().minusHours(24L).toInstant()));
        Mockito.when(this.ssaService.findSsaByJti("test-jti")).thenReturn(ssa);
        Assert.assertEquals(Assert.expectThrows(WebApplicationException.class, () -> {
            this.ssaRestWebServiceValidator.getValidSsaByJti(str);
        }).getResponse().getStatus(), 422);
        ((Logger) Mockito.verify(this.log)).warn(ArgumentMatchers.anyString(), Mockito.eq("test-jti"));
    }

    @Test
    public void getValidSsaByJti_ssaWithUsedStatus_422Status() {
        String str = "test-jti";
        Ssa ssa = new Ssa();
        ssa.setExpirationDate(Date.from(ZonedDateTime.now().plusHours(24L).toInstant()));
        ssa.setState(SsaState.USED);
        Mockito.when(this.ssaService.findSsaByJti("test-jti")).thenReturn(ssa);
        Assert.assertEquals(Assert.expectThrows(WebApplicationException.class, () -> {
            this.ssaRestWebServiceValidator.getValidSsaByJti(str);
        }).getResponse().getStatus(), 422);
        ((Logger) Mockito.verify(this.log)).warn(ArgumentMatchers.anyString(), Mockito.eq("test-jti"));
    }
}
