package io.jans.as.server.authorize.ws.rs;

import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import io.jans.as.common.model.registration.Client;
import io.jans.as.common.model.session.SessionId;
import io.jans.as.common.util.RedirectUri;
import io.jans.as.model.common.Prompt;
import io.jans.as.model.common.ResponseType;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.server.audit.ApplicationAuditLogger;
import io.jans.as.server.ciba.CIBAPingCallbackService;
import io.jans.as.server.ciba.CIBAPushTokenDeliveryService;
import io.jans.as.server.model.authorize.ScopeChecker;
import io.jans.as.server.model.common.AuthorizationGrantList;
import io.jans.as.server.model.config.ConfigurationFactory;
import io.jans.as.server.security.Identity;
import io.jans.as.server.service.AttributeService;
import io.jans.as.server.service.AuthenticationFilterService;
import io.jans.as.server.service.ClientAuthorizationsService;
import io.jans.as.server.service.ClientService;
import io.jans.as.server.service.CookieService;
import io.jans.as.server.service.DeviceAuthorizationService;
import io.jans.as.server.service.RedirectUriResponse;
import io.jans.as.server.service.RequestParameterService;
import io.jans.as.server.service.SessionIdService;
import io.jans.as.server.service.UserService;
import io.jans.as.server.service.ciba.CibaRequestService;
import io.jans.as.server.service.external.ExternalCreateUserService;
import io.jans.as.server.service.external.ExternalPostAuthnService;
import io.jans.as.server.service.external.ExternalUpdateTokenService;
import jakarta.servlet.http.HttpServletRequest;
import java.util.HashSet;
import org.jboss.resteasy.spi.NoLogWebApplicationException;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.testng.MockitoTestNGListener;
import org.slf4j.Logger;
import org.testng.Assert;
import org.testng.annotations.Listeners;
import org.testng.annotations.Test;

@Listeners({MockitoTestNGListener.class})
/* loaded from: input_file:io/jans/as/server/authorize/ws/rs/AuthorizeRestWebServiceImplTest.class */
public class AuthorizeRestWebServiceImplTest {

    @InjectMocks
    private AuthorizeRestWebServiceImpl authorizeRestWebService;

    @Mock
    private Logger log;

    @Mock
    private ApplicationAuditLogger applicationAuditLogger;

    @Mock
    private ErrorResponseFactory errorResponseFactory;

    @Mock
    private AuthorizationGrantList authorizationGrantList;

    @Mock
    private ClientService clientService;

    @Mock
    private UserService userService;

    @Mock
    private Identity identity;

    @Mock
    private AuthenticationFilterService authenticationFilterService;

    @Mock
    private SessionIdService sessionIdService;

    @Mock
    private CookieService cookieService;

    @Mock
    private ScopeChecker scopeChecker;

    @Mock
    private ClientAuthorizationsService clientAuthorizationsService;

    @Mock
    private RequestParameterService requestParameterService;

    @Mock
    private AppConfiguration appConfiguration;

    @Mock
    private ConfigurationFactory configurationFactory;

    @Mock
    private AuthorizeRestWebServiceValidator authorizeRestWebServiceValidator;

    @Mock
    private CIBAPushTokenDeliveryService cibaPushTokenDeliveryService;

    @Mock
    private CIBAPingCallbackService cibaPingCallbackService;

    @Mock
    private ExternalPostAuthnService externalPostAuthnService;

    @Mock
    private CibaRequestService cibaRequestService;

    @Mock
    private DeviceAuthorizationService deviceAuthorizationService;

    @Mock
    private AttributeService attributeService;

    @Mock
    private ExternalUpdateTokenService externalUpdateTokenService;

    @Mock
    private AuthzRequestService authzRequestService;

    @Mock
    private HttpServletRequest servletRequest;

    @Mock
    private ExternalCreateUserService externalCreateUserService;

    @Test
    public void checkPromptCreate_whenDisabledPromptCreate_shouldNotThrowException() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setSessionId("some_id");
        authzRequest.addPrompt(Prompt.CREATE);
        Mockito.when(this.appConfiguration.getDisablePromptCreate()).thenReturn(true);
        this.authorizeRestWebService.checkPromptCreate(authzRequest);
        Assert.assertEquals(authzRequest.getSessionId(), "some_id");
    }

    @Test(expectedExceptions = {NoLogWebApplicationException.class})
    public void checkPromptCreate_whenEnabledPromptCreate_shouldNotThrowException() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setSessionId("some_id");
        authzRequest.addPrompt(Prompt.CREATE);
        RedirectUri redirectUri = (RedirectUri) Mockito.mock(RedirectUri.class);
        Mockito.when(redirectUri.toString()).thenReturn("http://rp.com");
        authzRequest.setRedirectUriResponse(new RedirectUriResponse(redirectUri, "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class)));
        Mockito.when(this.identity.getSessionId()).thenReturn(new SessionId());
        Mockito.when(this.appConfiguration.getDisablePromptCreate()).thenReturn(false);
        Mockito.when(this.appConfiguration.getIssuer()).thenReturn("http://as.com");
        Mockito.when(this.servletRequest.getContextPath()).thenReturn("/path");
        this.authorizeRestWebService.checkPromptCreate(authzRequest);
    }

    @Test
    public void checkPromptLogin_whenDisablePromptLoginIsTrue_shouldNotClearSession() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setSessionId("some_id");
        authzRequest.addPrompt(Prompt.LOGIN);
        Mockito.when(this.appConfiguration.getDisablePromptLogin()).thenReturn(true);
        this.authorizeRestWebService.checkPromptLogin(authzRequest);
        Assert.assertEquals(authzRequest.getSessionId(), "some_id");
    }

    @Test(expectedExceptions = {NoLogWebApplicationException.class})
    public void checkPromptLogin_whenDisablePromptLoginIsFalse_shouldClearSession() {
        AuthzRequest authzRequest = new AuthzRequest();
        authzRequest.setSessionId("some_id");
        authzRequest.addPrompt(Prompt.LOGIN);
        RedirectUri redirectUri = (RedirectUri) Mockito.mock(RedirectUri.class);
        Mockito.when(redirectUri.toString()).thenReturn("http://rp.com");
        authzRequest.setRedirectUriResponse(new RedirectUriResponse(redirectUri, "", (HttpServletRequest) Mockito.mock(HttpServletRequest.class), (ErrorResponseFactory) Mockito.mock(ErrorResponseFactory.class)));
        Mockito.when(this.identity.getSessionId()).thenReturn(new SessionId());
        Mockito.when(this.appConfiguration.getDisablePromptLogin()).thenReturn(false);
        Mockito.when(this.appConfiguration.getIssuer()).thenReturn("http://as.com");
        Mockito.when(this.servletRequest.getContextPath()).thenReturn("/path");
        this.authorizeRestWebService.checkPromptLogin(authzRequest);
        Assert.assertNull(authzRequest.getSessionId());
    }

    @Test
    public void checkOfflineAccessScopes_whenOfflineAccessIsPresentAndConsentNot_shouldRemoveOfflineAccess() {
        HashSet newHashSet = Sets.newHashSet(new String[]{"offline_access"});
        this.authorizeRestWebService.checkOfflineAccessScopes(Lists.newArrayList(new ResponseType[]{ResponseType.CODE}), Lists.newArrayList(), new Client(), newHashSet);
        Assert.assertTrue(newHashSet.isEmpty());
    }

    @Test
    public void checkOfflineAccessScopes_whenOfflineAccessIsPresentAndConsentNotButAllowedByClient_shouldNotRemoveOfflineAccess() {
        HashSet newHashSet = Sets.newHashSet(new String[]{"offline_access"});
        Client client = new Client();
        client.getAttributes().setAllowOfflineAccessWithoutConsent(true);
        this.authorizeRestWebService.checkOfflineAccessScopes(Lists.newArrayList(new ResponseType[]{ResponseType.CODE}), Lists.newArrayList(), client, newHashSet);
        Assert.assertEquals((String) newHashSet.iterator().next(), "offline_access");
    }

    @Test
    public void checkOfflineAccessScopes_whenOfflineAccessIsPresentAndResponseTypeCodeAbsent_shouldRemoveOfflineAccess() {
        HashSet newHashSet = Sets.newHashSet(new String[]{"offline_access"});
        this.authorizeRestWebService.checkOfflineAccessScopes(Lists.newArrayList(new ResponseType[]{ResponseType.TOKEN}), Lists.newArrayList(), new Client(), newHashSet);
        Assert.assertTrue(newHashSet.isEmpty());
    }

    @Test
    public void checkOfflineAccessScopes_whenOfflineAccessIsPresentAndResponseTypeCodeAbsent_shouldRemoveOfflineAccessOnly() {
        HashSet newHashSet = Sets.newHashSet(new String[]{"openid", "offline_access"});
        this.authorizeRestWebService.checkOfflineAccessScopes(Lists.newArrayList(new ResponseType[]{ResponseType.TOKEN}), Lists.newArrayList(), new Client(), newHashSet);
        Assert.assertEquals((String) newHashSet.iterator().next(), "openid");
    }
}
