package io.jans.as.server.authorize.ws.rs;

import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import io.jans.as.common.model.registration.Client;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.server.service.ScopeService;
import jakarta.ws.rs.WebApplicationException;
import jakarta.ws.rs.core.Response;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.testng.MockitoTestNGListener;
import org.slf4j.Logger;
import org.testng.annotations.Listeners;
import org.testng.annotations.Test;

@Listeners({MockitoTestNGListener.class})
/* loaded from: input_file:io/jans/as/server/authorize/ws/rs/AuthorizationChallengeValidatorTest.class */
public class AuthorizationChallengeValidatorTest {

    @InjectMocks
    private AuthorizationChallengeValidator authorizationChallengeValidator;

    @Mock
    private Logger log;

    @Mock
    private AppConfiguration appConfiguration;

    @Mock
    private ErrorResponseFactory errorResponseFactory;

    @Mock
    private ScopeService scopeService;

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateAccess_whenClientIsNull_shouldThrowError() {
        Mockito.when(this.errorResponseFactory.newErrorResponse(Response.Status.BAD_REQUEST)).thenCallRealMethod();
        this.authorizationChallengeValidator.validateAccess((Client) null);
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateAccess_whenClientDoesNotHaveRequiredScopes_shouldThrowError() {
        Mockito.when(this.errorResponseFactory.newErrorResponse(Response.Status.BAD_REQUEST)).thenCallRealMethod();
        Client client = new Client();
        client.setScopes(new String[]{"id1"});
        this.authorizationChallengeValidator.validateAccess(client);
    }

    @Test
    public void validateAccess_whenClientHasAuthorizationChallengeScope_shouldPass() {
        Mockito.when(this.scopeService.getScopeIdsByDns(Lists.newArrayList(new String[]{"id1"}))).thenReturn(Lists.newArrayList(new String[]{"authorization_challenge"}));
        Client client = new Client();
        client.setScopes(new String[]{"id1"});
        this.authorizationChallengeValidator.validateAccess(client);
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateGrantType_whenClientIsNull_shouldThrowError() {
        Mockito.when(this.errorResponseFactory.newErrorResponse(Response.Status.BAD_REQUEST)).thenCallRealMethod();
        this.authorizationChallengeValidator.validateGrantType((Client) null, (String) null);
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateGrantType_whenClientGrantTypesAreNull_shouldThrowError() {
        Mockito.when(this.errorResponseFactory.newErrorResponse(Response.Status.BAD_REQUEST)).thenCallRealMethod();
        this.authorizationChallengeValidator.validateGrantType(new Client(), (String) null);
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateGrantType_whenClientGrantTypesDoesNotHaveAuthorizationCode_shouldThrowError() {
        Mockito.when(this.errorResponseFactory.newErrorResponse(Response.Status.BAD_REQUEST)).thenCallRealMethod();
        Client client = new Client();
        client.setGrantTypes(new GrantType[]{GrantType.CLIENT_CREDENTIALS});
        this.authorizationChallengeValidator.validateGrantType(client, (String) null);
    }

    @Test(expectedExceptions = {WebApplicationException.class})
    public void validateGrantType_whenGrantTypeIsNotAllowedByConfig_shouldThrowError() {
        Mockito.when(this.errorResponseFactory.newErrorResponse(Response.Status.BAD_REQUEST)).thenCallRealMethod();
        Mockito.when(this.appConfiguration.getGrantTypesSupported()).thenReturn(Sets.newHashSet(new GrantType[]{GrantType.IMPLICIT}));
        Client client = new Client();
        client.setGrantTypes(new GrantType[]{GrantType.AUTHORIZATION_CODE});
        this.authorizationChallengeValidator.validateGrantType(client, (String) null);
    }

    @Test
    public void validateGrantType_whenGrantTypeIsAllowedByConfigAndClient_shouldPassSuccessfully() {
        Mockito.when(this.appConfiguration.getGrantTypesSupported()).thenReturn(Sets.newHashSet(new GrantType[]{GrantType.IMPLICIT, GrantType.AUTHORIZATION_CODE}));
        Client client = new Client();
        client.setGrantTypes(new GrantType[]{GrantType.AUTHORIZATION_CODE});
        this.authorizationChallengeValidator.validateGrantType(client, "state");
    }
}
