package io.jans.as.server.token.ws.rs;

import io.jans.as.common.model.registration.Client;
import io.jans.as.common.model.session.SessionId;
import io.jans.as.model.common.GrantType;
import io.jans.as.model.configuration.AppConfiguration;
import io.jans.as.model.crypto.AbstractCryptoProvider;
import io.jans.as.model.error.ErrorResponseFactory;
import io.jans.as.server.audit.ApplicationAuditLogger;
import io.jans.as.server.authorize.ws.rs.AuthzDetailsService;
import io.jans.as.server.service.SessionIdService;
import io.jans.as.server.util.TestUtil;
import org.apache.commons.lang.StringUtils;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.testng.MockitoTestNGListener;
import org.slf4j.Logger;
import org.testng.Assert;
import org.testng.annotations.Listeners;
import org.testng.annotations.Test;

@Listeners({MockitoTestNGListener.class})
/* loaded from: input_file:io/jans/as/server/token/ws/rs/TokenExchangeServiceTest.class */
public class TokenExchangeServiceTest {

    @Mock
    private Logger log;

    @Mock
    private AppConfiguration appConfiguration;

    @Mock
    private ApplicationAuditLogger applicationAuditLogger;

    @Mock
    private ErrorResponseFactory errorResponseFactory;

    @Mock
    private AbstractCryptoProvider cryptoProvider;

    @Mock
    private SessionIdService sessionIdService;

    @Mock
    private AuthzDetailsService authzDetailsService;

    @InjectMocks
    private TokenExchangeService tokenExchangeService;

    @Test
    public void createNewDeviceSecret_whenScopeIsNull_shouldNotGenerateDeviceSecretAndShouldNotThrowNPE() {
        SessionId sessionId = new SessionId();
        Client client = new Client();
        client.setGrantTypes(new GrantType[]{GrantType.AUTHORIZATION_CODE, GrantType.TOKEN_EXCHANGE});
        TestUtil.assertEmpty(this.tokenExchangeService.createNewDeviceSecret("sessionDn", client, (String) null));
        Assert.assertTrue(sessionId.getDeviceSecrets().isEmpty());
    }

    @Test
    public void createNewDeviceSecret_whenScopeDeviceSSOIsNotPresent_shouldNotGenerateDeviceSecret() {
        SessionId sessionId = new SessionId();
        Client client = new Client();
        client.setGrantTypes(new GrantType[]{GrantType.AUTHORIZATION_CODE, GrantType.TOKEN_EXCHANGE});
        TestUtil.assertEmpty(this.tokenExchangeService.createNewDeviceSecret("sessionDn", client, "openid"));
        Assert.assertTrue(sessionId.getDeviceSecrets().isEmpty());
    }

    @Test
    public void createNewDeviceSecret_whenTokenExchangeGrantIsNotPresent_shouldNotGenerateDeviceSecret() {
        SessionId sessionId = new SessionId();
        Client client = new Client();
        client.setGrantTypes(new GrantType[]{GrantType.AUTHORIZATION_CODE});
        TestUtil.assertEmpty(this.tokenExchangeService.createNewDeviceSecret("sessionDn", client, "openid device_sso"));
        Assert.assertTrue(sessionId.getDeviceSecrets().isEmpty());
    }

    @Test
    public void createNewDeviceSecret_whenAllConditionsMet_shouldGenerateDeviceSecret() {
        SessionId sessionId = new SessionId();
        Client client = new Client();
        client.setGrantTypes(new GrantType[]{GrantType.AUTHORIZATION_CODE, GrantType.TOKEN_EXCHANGE});
        Mockito.when(this.sessionIdService.getSessionByDn("sessionDn")).thenReturn(sessionId);
        String createNewDeviceSecret = this.tokenExchangeService.createNewDeviceSecret("sessionDn", client, "openid device_sso");
        TestUtil.assertNotEmpty(createNewDeviceSecret);
        Assert.assertTrue(sessionId.getDeviceSecrets().contains(createNewDeviceSecret));
    }

    @Test
    public void rotateDeviceSecret_whenRotationIsDisabled_shouldNotRotateDeviceSecret() {
        Mockito.when(this.appConfiguration.getRotateDeviceSecret()).thenReturn(false);
        SessionId sessionId = new SessionId();
        sessionId.getDeviceSecrets().add("a");
        Assert.assertNull(this.tokenExchangeService.rotateDeviceSecret(sessionId, "a"));
        Assert.assertTrue(sessionId.getDeviceSecrets().contains("a"));
        Assert.assertEquals(sessionId.getDeviceSecrets().size(), 1);
    }

    @Test
    public void rotateDeviceSecret_whenRotationIsEnabled_shouldRotateDeviceSecret() {
        Mockito.when(this.appConfiguration.getRotateDeviceSecret()).thenReturn(true);
        SessionId sessionId = new SessionId();
        sessionId.getDeviceSecrets().add("a");
        Assert.assertTrue(StringUtils.isNotBlank(this.tokenExchangeService.rotateDeviceSecret(sessionId, "a")) && !"a".equals(sessionId.getDeviceSecrets().get(0)));
        Assert.assertFalse(sessionId.getDeviceSecrets().contains("a"));
        Assert.assertEquals(sessionId.getDeviceSecrets().size(), 1);
    }
}
